Ping Service
Feedback Forms

What’s in a Name? Domain Name Disputes for Dummies

Never underestimate the value of a good domain name! As any website owner will tell you, http://www.rose.com, by any other name, is likely to lose customers.

About a week ago, my colleague’s nephew, Kevin Bortnick, found himself in a domain name predicament. His plight is interesting and he has graciously permitted us to blog about his situation, which provides some useful context for a discussion about domain name disputes.

Kevin is a talented website developer who used the name “KBortnick” or “KB” for his internet business. In November of 2005, he registered the domain name kbortnick.com for a period of four years, at a cost of about $10 per year. Although the domain name expired in November, 2009, he explained that “I was moving out & had a bit of a money crunch, so I figured I’d renew it in about a month, because it really wasn’t worth anything & I figured it would be fine….”

A couple of weeks ago, he attempted to re-register the name, only to discover that someone else had purchased it. That unknown ‘someone’ had immediately put it up for sale on a website that auctions off domain names, http://seto.com, subject to a minimum bid of $480. As you can imagine, Kevin was livid. “The highest I’ve ever seen my domain name appraised at was about $30”, he exclaimed, “and most places didn’t even give it that!”

(I empathized with Kevin’s situation. Over Canadian Thanksgiving, while I was sitting before the computer in a state of turkey-induced lethargy, I was suddenly roused from my stupor by the discovery that the domain name “pamelapengelley.com” could be registered for the low, low price of just $10 a year. I may soon write a post that is entitled “How I learned the hard way that just because you can make a hideously tacky personal flash website dedicated to your glorious self doesn’t mean that you should make one.” But I digress…)

Kevin’s dilemma got me thinking – is this what is known as “cybersquatting”? Is there any remedy for this sort of thing? Does Kevin have any recourse?

In fact, there are a couple of different mechanisms for resolving a cybersquatting dispute, and my understanding of them was greatly assisted by some basic knowledge about the development of the Internet and some tech-related acronyms like “DNS”, “IP” and “ccTLD”. If these terms are unfamiliar to you, then I ask for your indulgence while I lay out some of the basic IT background. It’s a bit lengthy so if you are computer-savvy, you may just want to skip part 1. Read the rest of this entry »

Cyber/Tech Underwriters Build Their Portfolios…As Corporate Executives Fret

j0283561The risk of cyberattacks is real and growing. While many of us theorize and speak in hypotheticals about the possibility of a major and potentially devastating cyberattack (or twenty), those considered most “in the know” are taking these risks seriously. And for good reason.

A January 29, 2010 study commissioned by McAfee, Inc and authored by the Center for Strategic and International Studies (CSIS) reports that over one-third (37%) of the IT security executives surveyed believe that critical infrastructure such as electrical grids, oil and gas production, water supply, telecommunications and transportation networks has become increasingly vulnerable to a cyberattack. Moreover, 40% of the 600 executives from 14 countries who responded predict a major security incident in their sector within the next year. Only 20% believe their sector is secure and will successfully avoid a serious cyberattack over the next five years.

The respondents work in critical infrastructure enterprises across seven sectors in 14 countries (including the US, UK, Japan, China, Germany, France, Italy, Russia, Spain, Brazil, Mexico, Australia and Saudi Arabia). Most problematic, over half of the respondents admitted that their concerns are not without foundation. Indeed, 54% acknowledged that their companies already have experienced infiltrations or large-scale cyberattacks from terrorists, organized crime gangs, and/or nation-states. The average cost of resultant downtime is estimated to be $6.3 million per day. Not chump-change by any means.

The recent cyberattack on Google is just one example. According to CSIS’s report, however, there have been scores more. With additional attacks to come. Of most concern, perhaps, over half of those surveyed believe that the U.S., China and Russia as the three most vulnerable countries.

The report, entitled “In the Crossfire: Critical Infrastructure in the Age of Cyberwar,” goes on to state that more than one-third of the executives who responded feel their respective sectors are unprepared for a major attack and that two-thirds believe the ongoing recession has caused companies to reduce resources devoted to cyber protection.

This situation harkens back to the adage “one man’s suffering is another man’s gain.” The opportunities for cyber/tech underwriters are there. Go get ‘em, ladies and gentlemen.

Fax Online    Send article as PDF   

The Globalization of Cyber/Tech Risks and the Implications for Worldwide Insurance Coverage

j0254490As recognized below in Pamela’s post discussing whether the loss of computer data is “property damage” in the eye of tort law, the issues surrounding cyber/tech/privacy liability and the attendant insurance coverages are not the exclusive province of the United States or U.S. courts.

To the contrary, virtually every country worldwide is increasingly faced with the problem of having to deal with the hard social and legal issues presented by a rapidly evolving cyber world. So too, policyholders and the insurers who typically grant worldwide coverage under their policies must recognize that the risks faced are not exclusive to the U.S. or our Canadian cousins. The risks are global in nature and policyholders and insurers alike need to stay current with what’s happening outside our cocoon of the Western Hemisphere.

I am certain every reader is aware of the socio-political dispute whereby Google has threatened to withdraw from China amid claims that the Chinese government has hacked into Google’s and other third-parties’ databases, spied on Google email accounts, and tightened blocks on tens of thousands of internet sites, including Facebook, Twitter and YouTube. U.S. Secretary of State Hillary Clinton has spoken on the subject, advocating that companies such as Google refuse to support “politically motivated censorship.” Secretary Clinton also accused China, Tunisia and Uzbekistan of boosting censorship and called on Beijing to investigate the recent cyber attacks on Google and others. (On a side note, just last week, Europe’s principal security and human rights watchdog accused Turkey of blocking 3700 internet sites for “arbitrary and political reasons.”).

Read the rest of this entry »

Online Banking and “Reasonable Security” Under the Law: Breaking New Ground?

j0300523With the report of another data security-related lawsuit involving online banking (another 2009 lawsuit referenced here involved an alleged loss of over $500,000), and a recent victory for a plaintiff on a summary judgment motion in a similar online banking data security breach case, the question arises whether online banking breaches will yield some substantive case law on the issue of “reasonable” security procedures as a matter of law.

Ironically, this question may be answered by reference to a 20 year old model code (UCC 4A) originally drafted to address technological advances from that era. This post explores two complaints recently filed against banks for online banking (Patco Construction Co. v. People’s United Bank (“PATCO”) and JM Test Systems, Inc. v. Capital One Bank (“JMT”)) and a court’s ruling on a motion for summary judgment in similar lawsuit (Shames-Yeakel v. Citizens Bank Memo and Memo Order on Motion for Summary Judgment – “Shames-Yeakel” case). In short, since the Shames-Yeakel case proceeded past the “damages” pleading phase, it (and possibly these other online breach suits) reveals how some courts view security “standards” and approach the question of whether a company has achieved “reasonable security.” I also believe they demonstrate the difficulty defendants face if they have to defend their security measures in a litigation context after a security breach.

Read the rest of this entry »

Loss of Computer Data: Is it Property Damage?

j0236341Let us say, speaking hypothetically, that a grossly negligent individual (who, since we are speaking hypothetically, is named…”Mr. X”) has accidentally uninstalled my favorite computer game, “Sid Meyers Civilization IV” (for which, by the way, I paid good money and patiently waited three whole hypothetical hours to legally download onto my computer).

Let us further hypothesize that I was twelve hours into a very successful game which has now gone the way of the passenger pigeon. Is the loss of my computer software considered “damage to property” for the purpose of a negligence action, or is it just a form of pure economic loss? “Of course it’s property damage!” I thought to myself, “and a most egregious form at that!”

Yet, in law, as in life, few things are certain. I was compelled to learn more, and so I conducted a brief review of the case law from Canada, the United States and Australia to satisfy my curiosity. What I have learned is that, notwithstanding that we live in the age of the internet, it is far from clear whether we can sue for the loss of electronic data in a negligence action.

Read the rest of this entry »

Cloud Computing: What Every Underwriter Should Know. And Why They Should Care. Now. Today. This Minute.

j0284068Emailing. Instant messaging. Texting. On-line gaming. Ten years ago, even five years ago, such words and concepts were alien to the typical luddite. Now, these terms are not just parts of the common parlance; a vast majority of us actually use these resources on a daily basis (in some cases, with our childrens’ guidance and assistance).

Consider, then, the relatively new concept of “cloud computing.” In lay terms, cloud computing is the on-line or internet-based use of a third-party vendors’ or service providers’ off-site (and hopefully secure) servers for data storage and/or management. Hotmail, Facebook, LinkedIn, YouTube and Google all use cloud computing to serve their members, often at no cost. At the same time, there are a growing number of vendors (like Apple) which “host” or “back-up” at-home and business computer systems by storing a consumer’s data or facilitating their use of cost-effective business solutions for a monthly or annual fee. Users typically do not have to incur fixed costs or purchase hardware or even software programs. All they need is access to a computer and the internet. And with that, voila! Cloud computing is just a click away.

Needless to say, the advent of cloud computing has opened up a world of opportunity for entrepreneurial software developers, hardware providers, and data storage companies around the globe. At the same time, it has created new business segments with a keen need for insurance products. Cyber insurance. Tech insurance. Property/All-Risk insurance. Business Interruption insurance. Professional Services/E&O insurance. Fidelity/Crime insurance. And, in some cases, personal injury/advertising injury coverage.

The potential third-party exposures are endless. Consider, for example, the legal (and regulatory) implications (and concomitant need for insurance) when an unauthorized user hacks into a “cloud” database storing personally identifiable or proprietary business information. Or think about the possibility of liability for a software developer or data storage vendor who has a customer that uses the cloud to host viruses or illegal content. Or who simply release information about their clients to marketers, advertisers or other third-parties without considering the impact or legal ramifications of their doing so. And how about power outages or other crises or service interruptions that prevent customers from accessing their accounts or critical business information that may be the key to closing an all-important business deal (resulting in privacy claims, claims of lost income, lost profits and business interruption expense and other alleged third-party injury).

So too, first-party cyber/tech risks are well known in other contexts and would apply with equal force and effect to cloud computing. The threat of service interruptions, data corruption and the like all necessitate the need for insurance.

The bottom line, as always, is that underwriters need to constantly stay ahead of the curve and tailor their products (and marketing strategies) to address the ever-changing landscape of new and innovative technology resources. Today cloud computing. Tomorrow? Ask me tomorrow night….


PDF Printer    Send article as PDF