Domain Name Breaches and Cyber Crimes
As technology becomes a part of daily life, it affects the individual and social aspects of it. It often changes it in a positive way with new possibilities that is produced and provided by every day technology.
These technological improvements are embraced by everyone, however, the same technology can be used with bad intentions, and its results can be catastrophic. In this article, we will have a brief look at domain name breaches and the regulations concerning cyber-crimes.
DOMAIN NAME BREACHES
- What is a domain name?
Every website has its own IP address. IP addresses are used for packing data during the communication between computers. One address is a 32-bit*number divided into 4 parts, for example 188.8.131.52. As users might have difficulty keeping IP addresses in mind, IP addresses are symbolised as Domain Name Systems (DNS). IP addresses could be thought of as telephone numbers. Bit, a portmanteau of binary digit, is the basic unit of information in computing, used to state two values such as yes/no, 0/1, on/off, true/false…
- How did the domain name breaches start?
The “first come first served” principle applies to top-level domains (TLD) such as “.com , .net, .org”. Taking advantage of this principle, people or companies have bought domains in names of popular people and brands, and tried to sell them to their respective owners or others.
ICANN (Internet Corporation for Assigned Names and Numbers) deals with domain names. It is a non-profit organization consisting of internet users from business, technical and academic groups. ICANN is responsible for coordinating the technical and administrative duties, and developing policies. ICANN was tasked with technical management of domain names, determination of the protocol parameters and control of root servers, and officially started to operate on 30 September 1998. On 25 November 1998, an agreement was signed between United States Department of Commerce (DOC) and ICANN, and ICANN was officially recognized by the US government. The legal foundation for ICANN is its original bylaws, effective as of 6 November 1998). Uniform Domain Name Dispute Resolution Policy (UDRP) was developed and under these procedures, some international institutions were authorized to make decisions of judicial nature. The most prominent of these institutions is World Intellectual Property Organisation (WIPO). In Turkey, domain names are provided by a METU-based DNS group.
- Sample Cases
Like everywhere else in the world, there has been many attempts to breach domains in Turkey. Some of the best known examples among the many are “www.tarkan.com, cemyilmaz.com, akbank.com, galatasaray.net, turkcell.com, yapikredionline.com”.
- In our legal system, Turkish Code of Commerce gives the right to apply to courts of commerce and intellectual property under the regulations of unfair competition. In this article the main subject is prevention of domain abuses by applying to WIPO in accordance to Uniform Domain Name Dispute Resolution Policy (UDRP).All applications under UDRP are reviewed by WIPO administrative panel and a decision is reached in approximately 3 months. If an abuse or breach is detected, the domain in question is either transferred to the applicant or shut down. Which means the decision not only determines the breach, but also sees to the transfer or cancellation of the domain name. This decision is binding for national and international domain name registrars. Considering the work load and procedures of the courts, it could take years to make and enforce a decision, therefore, a WIPO application under UDRP regulations, which takes approximately three months would obviously be more effective.
- Recent Regulations
New Turkish Penal Code, which entered into force on 01.06.2005 (some regulations have entered into force on different dates!) not only regulates the cyber-crimes under a different section, it also states that using information systems to commit some crimes (such as larceny and fraud) constitutes the qualified form of those crimes. Turkish Penal Code provides legal protection for the information systems, considers hindrance of information systems a crime and foresees penalties for offenders. For those interested, the related articles are below:
ENTERING TO INFORMATION SYSTEMS
ARTICLE 243-(1) Any person who unlawfully enters a partor whole of data processing system or remains there is punished with imprisonment up to one year, or imposed punitive fine.
(2) In case the offenses defined in above subsection involve systems which are benefited against charge, the punishment to be imposed is increased up to one half.
(3) If such act results with deletion or alteration of data within the content of the system, the person responsible from such failure is sentenced to imprisonment from six months up to two years.
SYSTEM INHIBITATION OR BREAKDOWN, EXCLUDING OR REPLACING DATA
ARTICLE 244-(1) Any person who hinders or destroys operation of a data processing system is punished with imprisonment from one year to five years.
(2) Any person who garbles, deletes changes or prevents access to data, or installs data in the system or sends the available data to other places is punished with imprisonment from six months to three years.
(3) The punishment to be imposed is increased by one half in case of commission of these offenses on the data processing systems belonging to a bank or credit institution, or public institutions or corporations.
(4) Where the execution of above mentioned acts does not constitute any other offense a part from unjust benefit secured by a person for himself for in favor of third parties, the offender is sentenced to imprisonment from two years to six years, and also imposed punitive fine up to five thousand day
The offences against information systems are punished with harsh penalties, as seen above. These regulations ensure the prevention of the abuse of technology (like committing larceny and fraud using information systems), and also protects the technical data in the same manner as ownership of property, or the right to bodily integrity. Also as mentioned above, some cyber crimes have solutions and punishment beyond a national scope and in an international scale. This stems from the international nature of technology. In that case, like the international use of technology and informatics, knowing how to resolve disputes caused by this on an international level, and commonly applying those methods to fields of commerce and intellectual property is a requirement of commerce savviness.
Att. Bülent KAPTAN
Patent & Marka Attorney