After receiving several questions from the Ethereum community regarding this topic, Bern Weiss LLP spent the last week producing an in-depth analysis of ENS-name cybersquatting and the legal and pragmatic considerations surrounding the practice. This three-part series contemplates this scenario. Part One is an introduction for newcomers to the nature of cyber-squatting and why the ENS system presents new challenges in curbing the phenomenon. Part Two explains how laws developed for the legacy DNS system will likely to apply to squatters in the decentralized web. And Part Three considers the difficulties in enforcing courts’ decisions over these matters given the decentralized nature of Ethereum, and elaborates on different perspectives and solutions offered by key players in the ENS community on how the situation may unfold over the next few years.


3. But Can the Courts Enforce Such a Decision?

Establishing a method to combat cyber-squatting is necessary for any system like DNS or ENS to achieve mainstream success. Users will only use a network if they can reliably reach a desired website by easily navigating to it via a domain name. However, the holders of protected marks are likely only willing to pay to litigate against a squatter for the rights to a domain name if they are losing a significant amount of revenue or other interest as a result of the misdirected name.[39] Thus, without some sort of anti-cybersquatting mechanism, any name registration system might never have a sufficient number of accurately-registered names necessary to attract large numbers of users, who in turn attract more content providers.

The overseers of the DNS system resolved this issue via litigation (as outlined above), which helped the process of attracting content-providers and users to the DNS system. However, ENS’s technical features limit courts’ effectiveness in fighting cyber-squatting.

  1. Jurisdictional Issues Involved in Litigating against a Pseudonymous Ethereum Wallet

In order to successfully litigate against an adversary, the Constitution and jurisdictional rules require that the plaintiff notify the defendant of the action to ensure it has a fair opportunity to protect its rights. This usually requires that a plaintiff identify the defendant so that she can properly serve the defendant with the requisite notice. Under the legacy DNS system, this process is aided by ICANN’s requirement that a domain name registrant provide its name and contact information before it can register. The registration record is then publicly listed on ICANN’s “WhoIs” service, which can be used to identify an alleged cyber-squatting defendant. But, unlike the ICANN  system, the ENS system only requires a pseudonymous Ethereum address to register an ENS name without any other identification records. While some cyber-squatters who send tokens between a cryptocurrency exchange and an impermissibly used ENS name’s registered owner’s wallet may potentially be identified using that exchange’s Know Your Customer compliance records attached to an associated account, others will likely find ways to skirt this type of tracking.

Difficulty in identifying a domain name registrant is not entirely absent in the DNS system either, as there have been instances where a party’s DNS registration information was incorrect, outdated,[40] or registered to someone outside the U.S. However, the ACPA allows for in rem jurisdiction – litigation against a specific piece of property (including domain names) to determine its ownership if its apparent owner cannot be found – to apply in these circumstances. In rem jurisdiction requires that a plaintiff send notice of an alleged violation to the registrant on record with a domain name registry (possibly by mail and email), and that notice be published in a newspaper or other publication as a court directs – often one that is well-circulated in the geographical jurisdiction where the DNS registrar is located. As the ENS registrar contract does not record names, emails, or addresses like DNS authorities, establishing in rem jurisdiction in this manner might not be possible. Further, the ENS registrar contract exists across the entire Ethereum blockchain and cannot be pinpointed to a single relevant geographical location to determine in which jurisdiction to serve notice.

While establishing in rem jurisdiction for ENS names does not appear viable under traditional procedural rules, there is an opportunity to allow for new technological methods to meet the goals of these procedural requirements. For example, a court could approve notice through apps like Token, which enable message-sending directly to Ethereum addresses. Further, courts could allow for the in rem publication requirement to be met by posting notice in a relevant subreddit, the Ethereum Stack Exchange, the Ethereum blockchain itself, or another medium that is frequently inspected by Ethereum users, as it is potentially more likely to reach the desired recipient than the legacy method of publishing notice in a print newspaper. Establishing geographically-based standing and jurisdiction over online matters continues to present challenges for courts in the digital age, but those issues may be overcome as they pertain to ENS issues if courts are flexible in considering new methods that reflect the realities of the decentralized web.

  1. Technical Enforcement Issues – A Major Challenge for ENS Mass-Adoption

Even if in rem jurisdiction could be established over an ENS name, there are currently insurmountable technical barriers to transferring control/ownership of an ENS name to a prevailing party. The major distinction between ENS and legacy DNS is that ENS lacks a central human authority that controls the ownership of ENS names. Issues relating to internet domain names are typically resolved in the legacy system when a court orders a DNS registry to change the account holder on record, but there is no central authority with such a power for an EDCC like the ENS registrar. This technical limitation on a court’s authority currently renders any decision requiring the transfer of an ENS name useless unless the squatter volunteers to comply.

However, Ethereum developers have offered their thoughts on why this problem might not be as dramatic as it seems and may be alleviated without any court intervention. Richard Moore, Ledger Labs developer and longtime Ethereum contributor, suggested that owners of popular, generic second-layer ENS domain names could offer newcomers the ability to register subdomains derived from those second-layer domain names. He explained that he believed this will be more than enough to attract a critical mass of users and content providers to the ENS system, possibly similar to the role AngelFire and GeoCities played in attracting new users and content providers to Web 2.0 in the early days of the internet (e.g., how users used to be able to create their own website with a hypothetical address of [mypage].geocities.com). Apparently following this reasoning, Aragon announced last week that it won the bid for “company.eth” and will be offering users of their services the ability to build sites on its derivative subdomains (an offering that would allow Samsung, for example, to build a website on Samsung.company.eth) rather than having to pay an exorbitant fee to the apparent squatter on its associated domain. However, larger companies with strong brand identities may be hesitant to register a name that would require reconditioning users accustomed to simply typing the company or brand name followed by “.com” or “.net” to reach a website.

Lead Ethereum Foundation developer Nick Johnson suggested to Berns Weiss LLP that there is no evidence yet that cyber-squatting is rampant enough in ENS to cause such a concern. His belief aligns with the idea that critical mass may still be achievable due to other positive features (such as direct Ether transmissions and messaging to human-readable Ethereum addresses or the general draw of decentralized web overall), and that attracting large-scale content-providers might not be necessary to create the requisite critical mass for ENS to succeed. ENS contributor Alex Van de Sande offered another perspective, suggesting that large companies interested in registering an ENS name can register one similar to its straightforward spellings (such as Samsung1.eth). However, this method raises the same issues as the technique suggested by Richard Moore.

Van de Sande also explained that the ENS system is designed to economically disincentivize squatters through its automatic burning of 0.5% of failed bids and its year-long “lock” time for the large amounts of Ether required to reserve those names (e.g., the owner of Samsung.eth will not be able to use the Ether it committed to the name for a year, making it susceptible to price fluctuation, lost private keys, and high opportunity costs during that time). He believed that the ENS system will not see mass adoption for at least a year, and hoped that most cyber-squatters would recognize the economic loss they are incurring for such high-cost registrations, opting to eventually release their registered ENS names and allow the system to progress towards critical mass. This perspective is interesting in that it relies on the rationality of cyber-squatters looking to profit by selling the name to the owner of protected marks to recognize that this early-stage registration will not likely be profitable. However, this solution does not address other types of squatters who might be looking to profit by exploiting a protected mark’s fame to direct traffic to sites featuring their own goods and services or to unfairly tarnish a competitor’s brand, rather than by selling the name back to a protected mark’s holder.  

  1. Automated Dispute Resolution Procedures

One possible alternative to litigation is to create a decentralized adjudication method similar to Proof of Stake or other consensus-based identification mechanisms. For example, a party claiming that it has a greater entitlement to an ENS name than an alleged cyber-squatter could choose to pay a “jury” of Ethereum users to hear its claim. Jury members could then stake an amount of Ether towards an “agree” or “disagree” vote, with those who vote with the majority of Ether claiming the tokens staked by those in the minority. Reputational tags can be attached to users who are consistently in the majority, allowing them to ask for higher fees from claimants due to their apparent impartiality. If successfully executed, this system could replace the role of courts in these (and other) types of disputes in ways that are totally native to the Ethereum blockchain. This “decentralized jury” system does not need to be unique to ENS, and could be used by any community based on specific EDCCs that wish to have dispute resolution mechanisms built into the core of their services.

Whether this or any other method to help resolve ENS name disputes is viable remains to be seen. In the meantime, as Van de Sande pointed out, cyber-squatting seems to be in its own bubble; the high prices used to reserve some of these names are probably unjustified considering the unlikelihood of a similar or higher payoff over the next several years. Given that it is economically unfavorable to engage in squatting in most of these cases, that doing so hurts the technology in the long run, and that ENS name cyber-squatting likely violates the ACPA, the Ethereum community and those at Berns Weiss LLP are hopeful that there will be substantially less squatting with ENS names as opposed to DNS names.  


 

[39] For example, there have been anecdotal reports in the ENS Gitter discussion that the CEO’s of both Kaspersky Lab and Fortinet opted to decline bidding for their associated ENS names because they did not understand the value of controlling an ENS name or recognize the justification for competing with potentially large bids placed by cyber-squatters.

[40] ICANN provides a complaint form for individuals to report apparently incorrect WhoIs identity records to a sponsoring register and to seek more accurate information, but even this procedure can sometimes prove fruitless. See David Kravets, Domain Name WHOIS Anonymity Hangs in the Balance under ICANN Proposal, Ars Technica, June 25, 2015, https://arstechnica.com/tech-policy/2015/06/domain-name-whois-anonymity-hangs-in-the-balance-under-icann-proposal/?comments=1&post=29272825.