Latest news of the domain name industry

Recent Posts

ICANN to host first-ever high-stakes dot-brand auction

Kevin Murphy, May 7, 2019, Domain Sales

Two companies that own trademark rights to the same brand are to fight it out at an ICANN auction for the first time.

Germany-based Merck Group will fight it out for .merck with American rival Merck & Co at an auction scheduled to take place July 17.

Because it’s an ICANN “last-resort” auction, the value of the winning bid will be disclosed and all the money will flow to ICANN.

It will be the first ICANN gTLD auction for three years, when a Verisign proxy agreed to pay $135 million for .web.

The two Mercks could still avoid the ICANN auction by resolving their contention set privately.

The German Merck is a chemicals company founded in 1668 (not a typo) and the US Merck was founded as its subsidiary in the late 19th century.

That division was seized by the US government during World War I and subsequently became independent.

The German company uses merckgroup.com as its primary domain today. The US firm, which with 2018 revenue of over $42 billion is by far the larger company, uses merck.com.

Both companies applied for .merck as “community” applicants and went through the Community Priority Evaluation process.

Neither company scored enough points to avoid an auction, but the German company had the edge in terms of points scored.

Both applications then found themselves frozen while ICANN reviewed whether its CPE process was fair. That’s the same process that tied up the likes of .gay and .music for so many years.

While the July auction will be the first all-brand ICANN auction, at least one trademark owner has had to go to auction before.

Vistaprint, which owns a trademark on the term “webs” was forced to participate in the .web auction after a String Confusion Objection loss, but due to the technicalities of the process only had to pay $1 for .webs.

Pricey .inc does quite well in sunrise

The new gTLD .inc, which goes into general availability today, had a better-than-average number of sales in its sunrise period.

Intercap Registry, which runs .inc, said today that it had “over 270” sunrise registrations.

It’s not a massive amount, but it’s probably enough to put the TLD into the top 50 sunrises to date.

There had been 491 sunrise periods as of December 2018, according to ICANN data. The average number of sunrise regs was 137. The median was 77.

The largest sunrise to date was Google’s .app, which sold 2,908 domains during its sunrise last year.

Only five new gTLDs have racked up more than 1,000 sunrise sales, and three of those were porn-related. The fifth was .shop.

Based on 270 domains .inc would rank alongside similarly themed .llc, but also the likes of .solutions, .world and .team, where the case for a defensive reg is less clear.

While one can see a clear risk for companies whose names end in “Inc”, the expected retail price of .inc will be around $2,000, which Intercap says will deter cybersquatters.

Sunrise registrants will have paid a substantial markup on this regular price.

For those without zone file access, Intercap is actually posting the names and logos of the companies that have registered on its web site.

.CLUB to let brands block “trillions” of domains for $2,000

.CLUB Domains has launched a service for trademark owners that will enable them to block an essentially infinite number of potential cybersquats for a $2,000 payment every three years.

But the restrictions in place to avoid false positives mean that some of the world’s most recognizable brands would not be eligible to use it.

The service is called Trademark Sentry. In February, .CLUB asked ICANN for approval to launch it under the name Unlimited Name Blocking Service.

It’s cast by the registry roughly as a kind of clone of Donuts’ five-year-old Domain Protected Marks List, which enables brands to block their marks across Donuts’ entire portfolio of 242 gTLDs for far less than they would pay defensively registering 242 domains individually.

But while Donuts has a massive stable of TLDs, .CLUB is a one-horse town, so what’s going on?

Based on promotional materials .CLUB sent me, it appears that Trademark Sentry is primarily a way to reduce not defensive registration costs but rather UDRP costs.

Instead of blocking a single trademarked string across a broad portfolio of TLDs — for example google.ninja, google.bike, google.guru, google.charity… — the .CLUB service allows brands to block any domain that contains that string in a single TLD.

For example, Google could pay .CLUB $2,000, and for the next three years it would be impossible for anyone to register any .club domain that contained the substring “google”.

Any potential cybersquatter who went to a registrar and tried to register domains such as “mygooglesearch.club” or “googlefootball.club” or “bestgoogle.club” or “xreegtegooglefwrreed.club” would be told by the registrar that the domain was unavailable.

It would be blocked at the registry level, because it contained the blocked string “google”.

Customers will be able to add typos to the blocklist for a 50% discount.

To the best of my knowledge, this is not a service currently offered by any other gTLD registry.

It’s precisely the kind of thing that the IP lobby at ICANN was crying out for — albeit without the obligation to pay for it — prior to the 2012 application round.

.CLUB reckons it’s a money-saver for brand owners who find themselves filing lots of UDRP complaints.

UDRP complaints cost at least $1,500, just for the filing fees with outfits such as WIPO. They can cost many hundreds more in lawyers fees.

Basically, if you expect your brand will be hit by at least one UDRP in .club in the next three years, $2,000 might look like a decent investment.

.club domains have been subject to 279 UDRP complaints over the last five years, according to UDRPSearch.com.

But .CLUB has put in place a number of restrictions that are likely to seriously restrict its potential customer base.

First, the trademark will have to be “fanciful”. The registry says:

To qualify for Unlimited Name Blocking a trademark must be fanciful as defined by the USPTO and meet the .CLUB Registry’s additional requirements and subject to the .CLUB Registry’s discretion. Marks that are not fanciful but when combined with another word become sufficiently unique may be allowed.

“Apple” would not be permitted, but “AppleComputer” might be.

.CLUB told me that any trademark that, if blocked, would prevent non-infringing uses of the string would also not qualify for the service.

If you look at a UDRP-happy brand like Lego, which has already filed several complaints about alleged cybersquats in .club, it would certainly not qualify. Too many words end in “le” and begin with “go” for .CLUB to block every domain containing “lego”.

Similarly, Facebook would likely not qualify because one can imagine non-infringing uses such as facetofacebookmakers.club. Twitter is a dictionary word, as is Coke. Pepsi is a substring of dyspepsia. Amazon is primarily a geographic term. McDonald’s is derived from a common surname, as are Cartier and Heinz.

For at least half of the famous brands that pop into my head, I can think of a reason they will probably not be allowed to use this service.

.CLUB also won’t allow trademarks shorter than five characters.

Still, for those brands that do qualify, and do have an aggressive UDRP-based enforcement policy, the service seems to be priced at a point where an ROI case can be made.

Like Donuts’ DPML domains, anything blocked under Trademark Sentry is not going to show up in zone files, so we’re not going to have any objective data with which to monitor its success.

Karklins beats LaHatte to chair ICANN’s Whois privacy team

Kevin Murphy, April 25, 2019, Domain Policy

Latvian diplomat and former senior WIPO member Janis Karklins has been appointed chair of the ICANN working group that will decide whether to start making private Whois records available to trademark owners.

Karklins’ appointment was approved by the GNSO Council last week. He beat a single rival applicant, New Zealand’s Chris LaHatte, the former ICANN Ombudsman.

He replaces Kurt Pritz, the former ICANN Org number two, who quit the chair after it finished its “phase one” work earlier this year.

Karklins has a varied resume, including a four-year stint as chair of ICANN’s Governmental Advisory Committee.

He’s currently Latvia’s ambassador to the United Nations in Geneva, as well as president of the Arms Trade Treaty.

Apparently fighting for Latvia’s interests at the UN and overseeing the international conventional weapons trade still gives him enough free time to now also chair the notoriously intense and tiring Expedited Policy Development Process on Whois, which has suffered significant burnout-related volunteer churn.

But it was Karklins’ one-year term as chair of the general assembly of WIPO, the World Intellectual Property Organization, that gave some GNSO Council members pause.

The EPDP is basically a big bloodless ruck between intellectual property lawyers and privacy advocates, so having a former WIPO bigwig in the neutral hot seat could be seen as a conflict.

This issue was raised by the pro-privacy Non-Commercial Stakeholders Group during GNSO Council discussions last week, who asked whether LaHatte could not also be brought on as a co-chair.

But it was pointed out that it would be difficult to find a qualified chair without some connection to some interested party, and that Karklins is replacing Pritz, who at the time worked for a new gTLD registry and could have had similar perception-of-conflict issues.

In the end, the vote to confirm Karklins was unanimous, NCSG and all.

The EPDP, having decided how to bring ICANN’s Whois policy into compliance with the General Data Protection Regulation, is now turning its attention to the far trickier issue of a “unified access model” for private Whois data.

It will basically decide who should be able to request access to this data and how such a system should be administered.

It will not be smooth sailing. If Karklins thinks international arms dealers are tricky customers, he ain’t seen nothing yet.

Italian bank is the latest dot-brand to bow out

Kevin Murphy, April 10, 2019, Domain Registries

Banca Nazionale del Lavoro, Italy’s sixth-largest bank, has become the latest new gTLD owner to tell ICANN it no longer wishes to run its dot-brand.

It’s the 47th new gTLD to request termination of its registry contract. The affected TLD is .bnl.

ICANN has already decided not to transition the contract to a new owner, as usual.

Also as usual, the gTLD has never been used above and beyond the obligatory nic. site.

What makes this termination somewhat noteworthy is that BNL is a subsidiary of French bank BNP Paribas, which is one of the most enthusiastic dot-brand owners out there.

BNP Paribas dumped its .fr and .net domains in favor of its domains under .bnpparibas back in 2015 and currently has roughly 250 domains in its zone file and dozens of live sites.

The domain mabanque.bnpparibas, used for its French retail banking services, was for some time a top 10 most-visited new gTLD domain names, per Alexa rankings, but that has slipped as new gTLDs’ popularity have increased overall.

UDRP complaints hit new high at WIPO

Kevin Murphy, March 19, 2019, Domain Policy

The World Intellectual Property Organization handled 3,447 UDRP cases in 2018, a new high for the 20-year-old anti-cybersquatting policy.

The filings represent an increase of over 12% compared to the 3,074 UDRP cases filed with WIPO in 2017. There were 3,036 cases in 2016

But the number of unique domains complained about decreased over the same period, from 6,370 in 2017 to 5,655 domains in 2018, WIPO said today.

The numbers cover only cases handled by WIPO, which is one of several UDRP providers. They may represent increases or decreases in cybersquatting, or simply WIPO’s market share fluctuating.

The numbers seem to indicate that the new policy of redacting Whois information due to GDPR, which came into effect mid-year, has had little impact on trademark owners’ ability to file UDRP claims.

UPDATE: This post was updated a few hours after publication to remove references to the respective shares of the UDRP caseload of .com compared to new gTLDs. WIPO appears to have published some wonky math, as OnlineDomain noticed.

At eleventh hour, most .uk registrants still don’t own their .uk names

Less than a quarter of all third-level .uk registrants have taken up the opportunity to buy their matching second-level domain, just a few months before the deadline.

According to February stats from registry Nominet, 9.76 million domains were registered under the likes of .co.uk and .org.uk, but only 2.27 million domains were registered directly under .uk, which works out at about 23%.

Nominet’s controversial Direct.uk policy was introduced in June 2014, with a grandfathering clause that gave all third-level registrants five years to grab their matching .uk domain before it returns to the pool of available names.

So if you own example.co.uk, you have until June 25 this year, 110 days from now, to exercise your exclusive rights to example.uk.

Registrants of .co.uk domains have priority over registrants of matching .org.uk and .me.uk domains. Nominet’s Whois tool can be used to figure out who has first dibs on any given string.

At least two brand protection registrars warned their clients this week that they will be at risk of cybersquatting if they don’t pick up their direct matches in time. But there’s potential for confusion here, after the deadline, whether or not you own a trademark.

I expect we could see a spike in complaints under Nominet’s Dispute Resolution Service (the .uk equivalent of UDRP) in the back half of the year.

Nominet told DI in a statement today:

The take up right now is roughly in line with what we envisaged. We knew from the outset that some of the original 10 million with rights would not renew their domain, some would decide they did not want the equivalent .UK and some would leave it to the last minute to decide or take action. The feedback from both registrants and registrars, and the registration data, bears this out.

The statement added that the registry has started “ramping up” its outreach, and that in May it will launch “an advertising and awareness campaign” that will include newspapers, radio and trade publications.

Court rules generic dictionary domains CAN be trademarked

Kevin Murphy, February 11, 2019, Domain Policy

A US appeals court has ruled that generic, dictionary domain names can be trademarked.

The hotel-booking web site Booking.com was told last week that it is in fact eligible to have “Booking.com” registered as a trademark, over the objections of the US Patent and Trademark Office.

The ruling could have a chilling effect on domain name choices in the hotel-booking market.

USPTO had denied the company’s trademark application in 2012 because “Booking.com” was considered too generic.

Under US trademark law, you can’t register a trademark if it merely generically describes the product or service you offer rather than its source.

You couldn’t register “Beer” as a brand of beer, for example, though you might be able to register “Beer” as a brand of shoes.

Booking.com sued to have the USPTO ruling overturned in 2016, and in 2017 a district court judge ruled that “although ‘booking’ was a generic term for the services identified, BOOKING.COM as a whole was nevertheless a descriptive mark”.

USPTO appealed, saying that “Booking.com” is too generic to be trademarked, but last week it lost.

In a 2-1 majority decision, the appeals court ruled:

We hold that the district court, in weighing the evidence before it, did not err in finding that the USPTO failed to satisfy its burden of proving that the relevant public understood BOOKING.COM, taken as a whole, to refer to general online hotel reservation services rather than Booking.com the company… we reject the USPTO’s contention that adding the
top-level domain (a “TLD”) .com to a generic second-level domain (an “SLD”) like booking can never yield a non-generic mark.

Key evidence was a survey Booking.com had submitted that indicated that almost three quarters of consumers understood “Booking.com” to be a brand name, rather than a generic term to describe hotel-booking web sites.

Here are some other extracts of the appeals court majority’s thinking, as they relate to domain names:

Merely appending .com to an SLD does not render the resulting domain name non-generic because the inquiry is whether the public primarily understands the term as a whole to refer to the source or the proffered service.

We… conclude that when “.com” is combined with an SLD, even a generic SLD, the resulting composite may be non-generic where evidence demonstrates that the mark’s primary significance to the public as a whole is the source, not the product

because trademarks only protect the relevant service — here, the district court granted protection as to hotel reservation services but not travel agency services — protection over BOOKING.COM would not necessarily preclude another company from using, for example, carbooking.com or flightbooking.com

In sum, adding “.com” to an SLD can result in a non-generic, descriptive mark upon a showing of primary significance to the relevant public. This is one such case.

The ruling does not appear to protect all uses of a generic dictionary word combined with a TLD, but rather only “rare circumstances” where there’s evidence of a secondary, non-generic meaning.

One judge on the case, James Wynn, was not convinced by the majority’s thinking. He warned that the ruling goes against years of legal precedent and could enable Booking.com to subject competitors to expensive litigation.

In his dissenting opinion, he wrote:

BOOKING.COM is a run-of-the-mill combination of a generic term with a Top Level Domain that creates a composite mark concerning the subject or business encompassed by the generic term—precisely the type of mark that the courts in Hotels.com, Reed Elsevier Properties, 1800Mattress.com, and Advertise.com found did not amount to the “rare circumstance” that warranted affording the domain name trademark protection.

Presumptively allowing protection of domain names composed of a generic Secondary Level Domain and Top Level Domain conflicts with the law’s longstanding refusal to permit registration of generic terms as trademark

Wynn added that he was “not convinced” that Booking.com’s competitors that use the word “booking” in their domains will be protected by the “fair use” defense, and that the existence of such a defense will not prevent Booking.com from suing them out of business regardless.

Put simply, putative competitors may — and likely will — choose not to operate under domain names that include the word “booking” — even if that term best describes the service they offer — because they do not want to incur the expense and risk of defending an infringement action.

The full ruling can be read here (pdf).

Uniregistry working on bulk trademark blocking service

Kevin Murphy, November 21, 2018, Domain Registries

Uniregistry is planning to launch a bulk trademark block service, along the same lines as Donuts’ Domain Protected Marks List.

But it’s going to be roughly 50% more expensive than DPML, on a per-TLD basis.

The company has applied to ICANN to run what it calls “Uni EP” across its whole portfolio of 26 gTLDs.

Uni EP would be “largely identical” to DPML, according to Uniregistry’s Registry Service Evaluation Requests.

This means that anyone who has their trademark registered in the Trademark Clearinghouse will be able to block the matching string in all of Uniregistry’s TLDs.

Nobody else would be able to register that mark unless they also had a TMCH-validated trademark for the same string.

The pricing would be lower than if the brand owner individually defensively registered in each of the 26 TLDs.

With Donuts, which manages a portfolio almost 10 times as large, DPML tends to be priced around the $6,000 mark retail for a five-year block. That works to about $5 per TLD per year.

Uniregistry CEO Frank Schilling said Uni EP could be priced as low as $200 per year. That would work out to about $7.70 per TLD.

The relatively higher pricing might make sense when you consider the larger variation in regular pricing for Uniregistry TLDs, compared to Donuts.

It has several that retail for around $100 a year, and three — .cars, .car and .auto — that sell for close to $3,000 a year.

Still, the Uni EP price is obviously going to be a lot cheaper than regular defensive registrations.

Companies that have already purchased defensively would get to add their domains to the block service after the current registration expires, the RSEP states.

Like DPML, Uni EP would also have a “Plus” version, in which confusingly similar strings in eight scripts would also be blocked.

Uniregistry says it consulted with three brand protection registrars — CSC, MarkMonitor and Safenames — about the service and that their reactions were “favorable”.

Uniregistry’s current portfolio comprises .country, .audio, .car, .blackFriday, .auto, .cars, .christmas, .click, .diet, .flowers, .game, .gift, .guitars, .help, .hiphop, .hiv, .hosting, .juegos, .link, .lol, .mom, .photo, .pics, .property, .sexy, and .tattoo.

This is how AppDetex works

Kevin Murphy, October 25, 2018, Domain Services

A small brand-protection registrar with a big friend caused quite a stir at ICANN 63 here in Barcelona this week, after accusing registrars for the second time of shirking their duties to disclose private Whois data to trademark owners.

AppDetex, which has close ties to Facebook, has sent something like 9,000 Whois requests to registrars over the last several months, then complained to ICANN last week that it only got a 3% response rate.

Registrars cried foul, saying that the company’s requests are too vague to action and sometimes seem farcical, suggesting an indiscriminate, automated system almost designed to be overly burdensome to them.

In chats with DI this week, AppDetex CEO Faisal Shah, general counsel Ben Milam and consultant Susan Kawaguchi claimed that the system is nowhere near as spammy as registrars think, then showed me a demo of their Whois Requester product that certainly seemed to support that claim.

First off, Whois Requester appears to be only partially automated.

Tucows had noted in a letter to ICANN that it had received requests related to domains including lincolnstainedglass.com and grifflnstafford.com, which contain strings that look a bit like the “Insta” trademark but are clearly not cybersquatting.

“That no human reviewed these domains was obvious, as the above examples are not isolated,” Tucows CEO Elliot Noss wrote.

“It is abundantly clear to us that the requests we received were generated by an automated system,” Blacknight CEO Michele Neylon, who said he had received similarly odd requests, wrote in his own letter.

But, according to AppDetex, these assumptions are not correct.

Only part of its service is automated, they said. Humans — either customers or AppDetex in-house “brand analysts” — were involved in sending out all the Whois requests generated via its system.

AppDetex itself does not generate the lists of domains of concern for its clients, they said. That’s done separately, using unrelated tools, by the clients themselves.

It’s possible these could be generated from zone files, watch services, abuse reports or something else. The usage of the domain, not just its similarity to the trademark in question, would also play a role.

Facebook, for example, could generate its own list of domains that contain strings matching, partially matching, or homographically similar to its trademarks, then manually input those domains into the AppDetex tool.

The product features the ability to upload lists of domains in bulk in a CSV file, but Kawaguchi told me this feature has never been used.

Once a domain has been input to main Whois Requester web form, a port 43 Whois lookup is automatically carried out in the background and the form is populated with data such as registrar name, Whois server, IANA number and abuse email address.

At this point, human intervention appears to be required to visually confirm whether the Whois result has been redacted or not. This might require also going to the registrar’s web-based Whois, as some registrars return different results over port 43 compared to their web sites.

If a redacted record is returned, users can then select the trademark at issue from a drop-down (Whois Requestor stores its’ customers trademark information) and select a “purpose” from a different drop-down.

The “purposes” could include things like “trademark investigation” or “phishing investigation”. Each generates a different piece of pre-written text to be used in the template Whois request.

Users can then choose to generate, manually approve, and send off the Whois request to the relevant registrar abuse address. The request may have a “form of authorization” attached — a legal statement that AppDetex is authorized to ask for the data on behalf of its client.

Replies from registrars are sent to an AppDetex email address and fed into a workflow tool that looks a bit like an email inbox.

As the demo I saw was on the live Whois Requester site with a dummy account, I did not get a view into what happens after the initial request has been sent.

Registrars have complained that AppDetex does not reply to their responses to these initial requests, which is a key reason they believe them frivolous.

Shah and Milam told me that over the last several months, if a registrar reply has included a request for additional information, the Whois Requester system has been updated with a new template for that registrar, and the request resent.

This, they said, may account for duplicate requests registrars have been experiencing, though two registrars I put this to dispute whether it fits with what they’ve been seeing.

The fact that human review is required before requests are sent out “just makes it worse”, they also said.