Why it will soon be harder to find out
Right now, someone is operating a website called [name-of-your-company-or-product-here] sucks.ca. Someone else has registered the name of a dot-ca website that is deceptively similar to your trade-mark. Still another person has anonymously published defamatory statements about you or your company on a dot-ca website. How do you identify the perpetrator so that you can take action?
In the past, a simple WHOIS search would yield the name and other co-ordinates of the person to whom the dot-ca website is registered. This information could be used to locate the person responsible for the website and, if necessary, take action against him or her.
Canadian privacy laws have changed all that. As of June 10, 2008 it will be extremely difficult to identify the registrants of dot-ca websites.
Privacy versus Accountability
The entity that controls the registration of dot-ca domain names (the Canadian Internet Registration Authority, or "CIRA") is implementing a new privacy policy on June 10, 2008. The policy significantly limits the amount of publically available information about the operators of dot-ca websites.
As of June 10, 2008, a WHOIS search performed on a dot-ca domain name registered to an individual will only return limited technical information including the date the site was registered and the date the registration expires. Created in response to Canadian privacy legislation, the purpose of CIRA's new policy is to protect the privacy rights of those who register dot-ca websites. The policy does not apply to domain names registered by corporations.
In shielding the names and addresses of domain registrants, however, the new policy will frustrate those who want to protect their rights against cybersquatters and other internet infringers. The policy will make it difficult to identify and contact prepetrators, as well as to prove that such sites were registered in "bad faith".
What Can You Do?
CIRA recognizes that the new policy will create problems for those who have complaints to make about dot-ca websites that infringe their intellectual property rights or are offensive for other reasons. To address this, CIRA has made changes to its Dispute Resolution Policy Rules. The Dispute Resolution Policy is used by the owners of intellectual property to have domain names that were improperly registered by someone else transferred to them.
The new rules make two significant changes to the way CIRA handles disputes between website registrants and third parties: (i) it implements an administrative system to pass correspondence between interested third parties and website operators; and (ii) it grants a complainant new rights to provide supplemental evidence that a website was registered in bad faith.
Interested Party Contact
Because the new privacy policy makes it harder for third parties to contact website operators, CIRA will establish an administrative system to pass communications between website operators and interested parties. CIRA will act as an intermediary, passing messages between the parties and preserving the site operator's anonymity. This is intended to strike a balance between protecting the website operator from unwanted exposure and facilitating communications with such persons. CIRA can offer no guarantee, however, that the operator of a vexatious website will respond to correspondence passed through this system. If the operator chooses to ignore you, CIRA provides no remedies.
New Rights Regarding Evidence of Bad Faith Registrations
To succeed in establishing that a website was registered in bad faith, complainants must prove that the person operating the website has no legitimate interest in the domain name. Under the new privacy policy, complainants are not able to determine the identity of individuals who operate websites by doing a WHOIS search. A website operator's identity will, however, be revealed when and if he or she files a response to a complaint. This puts rights holders in the difficult (and ironic) position of having to commence a proceeding in order to obtain the information necessary to determine whether they should be commencing a proceeding.
Previously, complainants had no right to make further submissions to a dispute resolution panel after filing their initial complaints. Under the new rules, complainants may now do so once the registrant's identity has been disclosed. This will allow complainants to submit evidence to establish that the registrant is operating in "bad faith".
Impact of the Privacy Policy
CIRA's new privacy policy will be heralded by operators of websites devoted to legitimate public criticism and political commentary and who wish to remain anonymous. The policy will also be applauded by those who wish to do others harm, and get away with it by remaining unidentifiable.
Indeed, these new rules will provide the dot-ca domain with a privacy "advantage" over other domains (such as the .com, .org and .net domains) who are unaffected by these changes. The dot-ca domain will accordingly become even more attractive to cybersquatters and operators of gripe sites. For those who want to misuse someone else's trade-mark or bash a product or company anonymously, Canada will be the place to do so.
The foregoing provides only an overview. Readers are cautioned against making any decisions based on this material alone. Rather, a qualified lawyer should be consulted.
© Copyright 2008 McMillan LLP
