ISC2 v. Degraphenreed Update

By Eric Goldman

I previously blogged on ISC2 v. Degraphenreed. This case involves an individual (Degraphenreed) who was formerly certified as a CISSP and, after losing the certification, developed and used a new title with the same acronym. Not only did the certification mark holder (ISC2) sue the individual, but it sued Google and Yahoo for various hosting activities. Some developments in that case, based in part of a series of email exchanges with Dorsey Morrow, ISC2’s general counsel:

1) ISC2’s TRO request was denied. Subsequently, ISC2 withdrew its preliminary injunction motion against Google and Yahoo. However, it does not appear that ISC2 has dismissed Google or Yahoo from the case (at least, not yet).

2) Dorsey gave me two explanations for why ISC2 sued Google and Yahoo.

First, he said that Google and Yahoo refused to take down Degraphenreed’s content without a court order. However, this rationale didn’t make sense to me because ISC2 can get a satisfactory court order against Degraphenreed without suing Google or Yahoo.

Second, Dorsey said that Degraphenreed is the real target but he is allegedly very difficult to serve. Therefore, in order to get the case into court, it needed a findable defendant to serve (Google and Yahoo). I’m not a civil procedure expert but this doesn’t sound right. In order to obtain a legally binding judgment against Degraphenreed, I believe he ultimately needs to be served, so merely being in court with him as a named but unserved defendant doesn’t seem to be solving the problem. However, this rationale may help explain why ISC2 dropped the PI motions against Google and Yahoo; now that they are in court, they can focus on chasing down Degraphenreed.

3) In my previous post, I misdescribed the title Degraphenreed was claiming–he’s using the term “Chief Information Systems Security Practitioner.” You can find some of his activities using that term here. Interestingly, some of Blogspot usages are now unavailable. Did Google take them down?