ICANN has slapped .feedback operator Top Level Spectrum with a contract breach notice after a huge complaint about alleged fraud filed by a gang of big brands.
The company becomes the third new gTLD to be hit by a breach notice, and the first to receive one as a result of losing a Public Interest Commitments Dispute Resolution Process case.
While TLS dodged the “fraud” charges on a technicality, the breach is arguably the most serious found by ICANN in a new gTLD registry to date.
The three-person PICDRP panel found TLS was in violation of the following commitment from its registry agreement:
Registry Operator will operate the TLD in a transparent manner consistent with general principles of openness and non-discrimination by establishing, publishing and adhering to clear registration policies.
But TLS dodged the more serious charges of “fraudulent” behavior, which it denied, largely on the technicality that its PICs only require it to bar its registrants from such behavior.
There’s nothing in the PICs preventing the registry from behaving fraudulently, so the PICDRP panel declined to rule on those allegations, saying only that they “may be actionable in another forum”.
The complainants, which filed their 1,800-page complaint in October, were MarkMonitor and a bunch of its clients, including Adobe, American Apparel, Best Buy, Facebook, Levi and Verizon.
They’d claimed among other things that 70% of .feedback domains were trademarked names actually registered by the registry, and that TLS had stuffed each site with reviews either paid for or scraped from services such as Yelp!.
They claimed that Free.Feedback, a free domains service hosted by an affiliated entity, had been set up to auto-populate Whois records with the names of brand owners (or whoever owned the matching .com domain) even when the registrant was not the brand owner.
This resulted in brand owners receiving “phishing” emails related to domains they’d never registered, the complainants stated.
TLS denied all all the allegations of fraud, but the PICDRP panel wound up not ruling on many of them anyway, stating:
the Panel finds that Respondent’s Registry Operator Agreement contains no covenant by the Respondent to not engage in fraudulent and deceptive practices.
The only violations it found related to the transparency of .feedback’s launch policies.
The panel found that TLS had not given 90 days notice of policy changes and had not made its unusual pricing model (which included an extra fee for domains that did not resolve to live sites) transparent.
The registry had a number of unusual launch programs, which I outlined in December 2015 but which were apparently not adequately communicated to registrars and registrants.
The panel also found that Free.Feedback had failed to verify the email addresses of registrants and had failed to make it easy for trademark owners to cancel domains registered in their names without their consent.
Finally, it also found that TLS had registered a bunch of trademark-match domain names to itself during the .feedback sunrise period:
self-allocating or reserving domains that correspond to the trademark owners’ marks during the Sunrise period constitutes a failure by the Respondent to adhere to Clause 6 of its Registration and Launch policies, versions 1 and 2. According to the policies, Sunrise period is exclusively reserved for trademark owners
TLS, in its defense, denied that it had self-allocated these names and told the panel it had “accidentally” released them into the zone file temporarily.
As a result of the PIC breaches found by the panel, ICANN Compliance has issued a breach notice (pdf) against the company.
To cure the breach, and avoid having its Registry Agreement taken away, TLD has to, by April 15:
Provide ICANN with corrective and preventative action(s), including implementation dates and milestones, to ensure that Top Level Spectrum will operate the TLD feedback in a transparent manner consistent with general principles of openness and nondiscrimination by establishing, publishing and adhering to clear registration policies;
That seems to me like it’s probably vague enough to go either way, but I’d be surprised if TLS doesn’t manage to comply.
Top Level Spectrum has been accused today of running the gTLD .feedback in a “fraudulent and deceptive” manner.
Over a dozen famous brands, corralled by corporate registrar MarkMonitor, today formally complained to ICANN that .feedback is a “complete sham”.
They reckon that the majority of .feedback domains belong to entities connected to the registry, violate trademarks, and have been stuffed with bogus and plagiarized reviews.
TLS denies any involvement.
MarkMonitor clients Adobe, American Apparel, Best Buy, Facebook, Levi and Verizon are among those that today filed a Public Interest Commitments Dispute Resolution Policy complaint with ICANN.
PICDRP is the mechanism third parties can use to complain about new gTLD registries they believe are in breach of the Public Interest Commitments found in their registry contracts.
The 50-page complaint (pdf), which comes with hundreds of pages of supporting documentation spread over 36 exhibits, purports to show TLS engaging in an “escalating pattern of discriminatory, fraudulent and deceptive registry misconduct”.
While the allegations of wrongdoing are fairly broad, the most interesting appears to be the claim that TLS quietly registered thousands of .feedback names matching trademarks to itself and then filled them with reviews either ripped off from Yelp! or supplied by overseas freelancers working for pennies.
TLS denies that it did any of this.
The .feedback registry is closely tied to the affiliated entity Feedback SAAS, which offers a hosted social platform for product/company reviews. Pricing for .feedback domains is dependent on whether registrants use this service or not.
The complaint states:
the overwhelming majority of domain names registered and activated within the .FEEDBACK TLD — over seventy percent (70%) — are currently owned and operated by Respondent [TLS], and parties working in concert with Respondent
Respondent has solicited and paid numerous third parties, including professional freelance writers who offer to post a set number of words for a fee, to write fabricated reviews regarding Complainants’ products and services.
These ostensibly independent reviews from ordinary consumers are intended to give the appearance of legitimate commentary within .FEEDBACK sites, when, in fact, the reviews are a complete sham.
An investigation carried out by MarkMonitor (pdf) showed that of the 2,787 .feedback domains registered up to July 31, 73% were registered to just five registrants.
The top registrant, Liberty Domains LLC of Las Vegas, owned 47% of these domains.
MarkMonitor believes this company (which it said does not show up in Nevada company records) and fourth-biggest registrant Core Domains LLC (based at the same Vegas mail forwarding service) are merely fronts for TLS, though it has no smoking gun proving this connection.
TLS CEO Jay Westerdal denies the company is affiliated with Liberty.
The MarkMonitor investigation counted 27,573 reviews on these sites, but 22% of them purported have been written prior to the date the domain was registered, in some cases by years.
The company reckons hundreds of reviews can be traced to five freelance writers who responded to February job ads looking for people who could write and post 10 150-word reviews per hour.
Other reviews appear to have been copied wholesale from Yelp! (this can be easily verified by visiting almost any .feedback site and searching for exact-match content on Google).
Westerdal told DI last week that registrants can use an API to import reviews.
The brands’ complaint goes on to criticize TLS for its Free.feedback offering, a very odd, bare-bones web site which seems to offer free .feedback domains.
When you type a domain or email address into the form on Free.feedback, it offers to give you the equivalent .feedback domain for free, automatically populating a second form with the Whois record of the original domain.
According to the complaint, after somebody registers a free .feedback domain, Feedback SAAS starts contacting the person listed in the Whois about their “free trial registration” regardless of whether they were actually the person who signed up the the domain. The complaint states:
Complainants and multiple other trademark owners who received such email notifications from Feedback SAAS and TLS registrars never visited the FREE.FEEDBACK website, and they never requested a free trial registration in the .FEEDBACK TLD
I’ve been unable to fully replicate this experience in attempts to test Free.feedback.
The complaint alleges multiple breaches of the PICs in the .feedback ICANN Registry Agreement.
The brands want ICANN Compliance to conduct a thorough investigation of .feedback, for all Free.feedback domains with phony Whois to be terminated, and for affected trademark owners to get refunds. They also want their legal costs paid by TLS.
ICANN does not typically publish the outcome of PICDRP complaints. Indeed, this is only the second one I’m aware of. It’s difficult to judge what MarkMonitor’s posse’s chances of success are.
The first cybersquatting complaint against a .feedback domain name has resulted in a transfer, despite registry claims that the gTLD was “UDRP-proof”.
De Beers, the diamond merchant, won a UDRP case against the registrant of debeers.feedback earlier this month.
The registrant, who used a privacy service, registered the name back in January, when .feedback was in its unusual “Free Speech Partner Program” phase.
That took the place of an Early Access Program, but saw domains deeply discounted instead of premium-priced.
Buyers had to agree to point their domain to a registry-hosted social media platform and there was a $5,000 fee if they later decided to change name servers.
The registrant of debeers.feedback lost the UDRP largely because there wasn’t much actual feedback on the site until De Beers sent him a nastygram.
On March 24, the site only contained a single two-word post. Five more were added with apparently false earlier dates at a later time, the panelist found.
If the website were genuinely operating as a feedback forum, one would ordinarily expect the reviews to have appeared at or close to their respective dates. That they were not on the website on March 24 and did not appear until after the letter of demand was sent calls for explanation.
The panelist doesn’t mention it, but the reviews all seem to have been copied directly from Yelp!.
Basically, the registrant lost his domain for filling the site with bogosity rather than genuine free-speech griping.
It’s not a terribly surprising or worrying result, perhaps, but it does run counter to what Jay Westerdal, CEO of registry Top Level Spectrum, told us back in January.
“It is a great opportunity for domainers to register domains that will be UDRP proof,” he said at the time. “As free speech sites they are going to improve the world and let anyone read reviews on any subject.”
“I think they are UDRP proof,” he added back then, offering the services of his lawyers to registrants who found themselves served with UDRP complaints.
Today, Westerdal qualified his earlier remarks, telling DI: “I don’t think having a privacy service and also having a .feedback domain will hold up in the current UDRP system.”
Privacy services are discouraged by the registry, though explicitly permitted in its terms of service.
Westerdal said that because De Beers obtained the domain via UDRP, the company will not have to pay the $5,000 unlocking fee if it wants to point debeers.feedback’s name servers elsewhere.
Top Level Spectrum plans to make its .feedback domains dirt cheap for domainers during its forthcoming Early Access Period, and is claiming that its domains will be “UDRP-proof”.
CEO Jay Westerdal told DI today that the registry will even hire lawyers to defend its registrants if and when UDRP cases arise.
The company has also introduced a new $5,000 “claims” service that is guaranteed to drive the intellectual property community nuts.
.feedback is shaping up to be one of the most fascinating new gTLD launches to date.
The company’s original plan, to sell 5,000 trademark-match domains to a single entity after its sunrise period ends has been tweaked.
Now, it will instead offer huge rebates during its Early Access Period next month, which will bring the price to registrants down from as much as $1,815 to as little as $5.
It’s called the “Free Speech Partner Program”.
To qualify for the program rebate, registrants will have to agree to stick to using TLS’s specially designated name servers, which point to a hosted feedback service managed by the registry.
That commitment will be passed on if the domain ever changes hands, and a $5,000 fee will be applicable if the registrant wants to switch to their own name servers.
A registry charging a lower fee during EAP than GA is unheard of, but that’s what TLS is planning.
Rebates will not be available during the first three days of EAP, which starts January 6 at $14,020 per name. Days two and three see domains priced at $7,020 and $3,520.
From January 9 to January 18, rebates will bring the prices down to $5 per domain.
That’s a quarter of the $20 registry fee it plans to charge during general availability.
“Our plan is to sell thousands of domains before normal GA,” Westerdal said.
“It is a great opportunity for domainers to register domains that will be UDRP proof,” he said. “As free speech sites they are going to improve the world and let anyone read reviews on any subject.”
“I think they are UDRP proof,” he said. “As a registry we will hire lawyers to fight cases that arise.”
Asked to confirm that TLS would pay for lawyers to defend its registrants in UDRP cases, he said: “Hell yes we will.”
The registry plans to give trademark owners a way to avoid UDRP, however, if they’re willing to pay $5,000 for the privilege.
“Free Speech” registrants will have to agree not only to use TLS’s feedback platform, but also to allow the owners of trademarks matching their domains to more or less unilaterally seize those domains for up to two years after registration.
This “claims period” is also unprecedented in new gTLD launches. It’s described like this:
The registry will accept trademarks for a period of 2 years after the initial registration on a “Free Speech Partner Program” domains. The cost is $5,000 to have the mark validated, if the trademark is found to be the first to successfully make a claim against a domain in the program the domain will be transferred to the mark holder. The mark holder will be allowed to change name servers and is not subject to the “Free Speech Partner Program” terms of service.
Domain registrants of the “Free Speech Partner Program” agree the outcome of a validated mark by the Registry have no further claim to the domain if it is transferred to a new registrant.
If TLS is trying to design a system that will enrage the trademark community to the maximum extent possible, it’s doing a fantastic job.
It even introduced a new clause (2.9, here) to its registration agreement earlier this month, obliging registrants to point their domains to a web page that collects feedback. That means nobody will be allowed to leave their .feedback domains dark.
Are these measures justifiable disincentives, or plain old extortion? Opinion will no doubt be split along the usual lines.
Top Level Spectrum, the new .feedback registry, has painted a second gigantic target on itself by registering to itself a .feedback domain matching one of the world’s largest media brands.
The company has registered fox.feedback and put up a web site soliciting comment on Fox Broadcasting Company.
This has happened whilst .feedback is still in its sunrise period.
The intellectual property community is, I gather, not particularly happy about the move.
The domain fox.feedback points to a web site that uses TLS’ standard feedback platform, enabling visitors to rate and comment on Fox.
The site has a footnote: “Disclaimer: This site is provided to facilitate free speech regarding fox. No direct endorsement or association should be conferred.”
Fox had no involvement with the registration, which Whois records show is registered to Top Level Spectrum itself.
Registry CEO Jay Westerdal said that the domain is one of the 100 “promotional” domains that new gTLD registries are allowed to set aside for their own use under the terms of their ICANN contracts.
Registries usually register names like “buy.example” or “go.example”, along with the names of early adopter anchor tenant registrants, using this mechanism.
I’m not aware of any case where a registry has consciously registered a famous brand, without permission, as part of its promotional allotment.
“The website is hosted automatically by the Feedback platform,” Westerdal said. “Fox Television Network has raised no concerns and has not applied for the domain during sunrise. We are testing out promotion of the TLD with the domain as per our ICANN contract.”
Fox may still be able to buy the domain during sunrise, he said.
“This is a Registry Operation name. During sunrise, If we receive an application from a sunrise-eligible rights holders during sunrise for a Registry Operations name we may release the name for registration,” he said.
Fox’s usual registrar is MarkMonitor. Matt Serlin, VP there, said in an email that the TLS move could be raised with ICANN Compliance:
I find it curious that this branded domain name would have been registered to the registry prior to the sunrise period which is restricted to the 100 registry promotional names. The fact that the domain is actually resolving to a live site soliciting feedback for The Fox Broadcasting Company is even more troubling. MarkMonitor may look to raise this to ICANN Compliance once the registry is able to confirm how this domain was registered seemingly outside of the required process.
The IP community originally fought the introduction of the 100-domain pre-sunrise exception, saying unscrupulous registries would use it to stop trademark owners registering their brands.
While there have been some grumblings about registries reserving dictionary terms that match trademarks, this may be the first case of a registry unambiguously targeting a brand.
Top Level Spectrum courted controversy with the trademark community last week when it told DI that it plans to sell 5,000-brand match domains to a third party company after .feedback goes into general availability in January.
Westerdal told us this is not “cybersquatting”, as the sites contain disclaimers and are there to facilitate free speech.
What do you think about this use of brands as “promotional” domains?
It’s indisputably pushing the envelope of what is acceptable, but is it fair? Should registries be allowed to do this?