Latest news of the domain name industry

Recent Posts

Free speech, or bad faith? UDRP panels split on Everything.sucks domains

Kevin Murphy, October 22, 2020, Domain Policy

The first wave of UDPR cases targeting domains used by Everything.suck have seen split decisions by the panels.

At least four .sucks domains, all owned by the same Turks and Caicos company, have been hit by UDRP complaints recently, and two have already been decided.

One case, over the domain miraplex.sucks, resulted in victory for the registrant while the other, over bioderma.sucks, led to defeat and a transfer.

Both domains are owned by Honey Salt Ltd, and both redirect to a page on Everything.sucks, a Wikipedia-style site that uses content scraped from third-party sites and social media to present a scrappy form of gripe microsite.

In both UDRP cases, Honey Salt chose to mount a “free speech” defense, claiming that it had rights to the names because they were being used to publish criticism of the brands in question.

As I noted last week, UDRP panels have historically been divided on when this defense should be successful. WIPO guidance suggests that gripe sites should be permitted as long as the criticism is genuine and non-commercial.

But Everything.sucks was decidedly commercial at the time these two complaints were filed. Each site featured a banner leading to a page on Sedo or Uniregistry where the domain could be purchased (usually at registry wholesale prices).

Miraplex is a brand of Parkinson’s disease medicine. In this case, the panel decided that the complainant, a pharmaceuticals company, failed to make the case that Honey Salt had no legitimate interests in the domain, writing:

the Complainant argues that the website linked to the disputed domain name displays information about the Complainant and its MIRAPEX medicines, but failed to explain (let alone substantiate) why this should be regarded as a lack of rights or legitimate interests in the disputed domain name (which seems to have a criticism purpose). Also, the Panel finds that the offering for sale of a domain name is not by itself a proof of lack of rights or legitimate interests.

The panel seems to have given special consideration to the fact that it’s a .sucks domain, where one might expect to see criticism.

Given the nature of the “.sucks” domain name gTLD, and given the evidence (or lack of evidence) submitted by the parties, the Panel finds that the Complainant did not prove that the Respondent lacks rights or legitimate interests in the disputed domain name. In particular, the Panel would have expected the Complainant to target its arguments and evidence to the specific criticism-nature of “.sucks” domain names (which the Complainant failed to do).

The decision is written in such a way as to suggest that it is the complainant’s lack of substantiating evidence, rather than the panel’s gullibility, that is to blame for the complaint failing.

The Panel finds that the Respondent’s claim that the website available through the disputed domain name has a criticism purpose is not devoid of credibility. The Panel would have expected the Complainant to argue (and corroborate) why it considers this “.sucks” domain name and its purported free expression character as a “smoke screen” and why it is of the opinion that the predominant purpose of the Respondent is to sell this domain name rather than to provide a forum for discussion and criticism. The Complainant did not explain nor substantiate why it considers the criticism character of this website as a pretext. The Panel also finds that the offering of a domain name for sale is not by itself evidence of bad faith.

The bioderma.sucks case is an entirely different story, with the panel writing that Honey Salt’s “entire endeavour seems to the Panel to be a pretext for commercial activity”.

Honey Salt’s “pretext” is that it registers domain names on behalf of a non-profit entity called Everything Sucks Inc, which appears to have been formed in Delaware this April. It told the Miraplex panel that whenever a wiki page is created at Everything.sucks, it registers the corresponding domain name.

Given that over two thousand .sucks domains were registered in June in the space of a couple days, that seems unlikely to me.

The Bioderma panel wasn’t buying it either.

The process by which the disputed domain name was registered seems to be automatic and, importantly, took place before any criticism whatsoever was even present on the website (as may be inferred from the Parties’ evidence, namely the Complainant’s screenshot of June 24, 2020). The alleged criticism seems to have been added as an afterthought between that date and the date when the Response was filed, further calling its genuineness into question.

It also noted that the content of the site comes from third parties, rather than the registrant, again calling its genuineness into question. The panel added:

Even assuming a third party generated the page on the Respondent’s website in order to engage in non-commercial criticism, rather than the Respondent itself, the Respondent immediately proceeds to exploit the position commercially by registering and offering the disputed domain name for sale.

This blatant commercial use was important to the panel in establishing a lack of legitimate interests and also bad faith.

Respondent’s approach was to take unfair commercial advantage of the Complainant’s name and trademark while having no actual criticism or free speech of its own in which to engage. It looked to sell the disputed domain name on the open market before any criticism had even been published. The fact that the disputed domain name is used for a web page not containing genuine criticism content but only automatically generated links loosely related to the Complainant’s product (as demonstrated by the Complainant’s screenshot dating from before the filing of the present Complaint) constitutes further evidence of bad faith. The fact that the disputed domain name is used in a page containing links to other companies and where the relevant domain names (to which the links point) are systematically put on sale by the Respondent is additional evidence of cybersquatting.

The panel ordered bioderma.sucks transferred.

Two cases, two very different outcomes.

Both complaints were filed at the Czech Arbitration Court by the same lawyer within a few days of each other, and were decided within a week of each other, but by different three-person panels.

With this in mind, it seems likely that both panels were presented with a very similar set of facts and evidence, and that the make-up of the panel was important to which party emerged victorious.

Two additional cases, bfgoodrich.sucks and mandmdirect.sucks, both Honey Salt domains, are currently active at WIPO. It’s unclear whether they were filed before or after Everything.sucks removed its banner ads, which happened about a week ago.

That .sucks weirdness? Worse than I thought

Kevin Murphy, October 16, 2020, Domain Registries

A business plan to turn .sucks into a massive Wikipedia-style gripe site, described by trademark lawyers five years ago as a “shakedown”, has reared it ugly head again.

You may recall that earlier this week I reported how somebody had registered many hundreds of .sucks domain names and listed them for sale on secondary market web sites at cost price. It looked weird, almost as if the registry or an affiliate was the registrant, which the registry denied.

It turns out I only told you half the story, for which I can only apologize.

At the time, the domains in question were not resolving for me, probably due to my terrible, block-happy ISP. But now they are resolving, and they reveal the return of Everything.sucks, a plan first floated by the .sucks registry in 2015.

It’s a network of hundreds of .sucks micro gripe-sites, each targeted to a specific brand and each each populated with content scraped, usually without citation, from Wikipedia, social media, and consumer-review aggregator web sites.

Here’s where jackdaniels.sucks takes you, for example (click to enlarge).

Jack Daniels sucks

The description of the company is taken from Wikipedia. The customer comments below are taken from reviews of an apparently unrelated company called The Whisky Exchange published by TrustPilot, and the social media posts have been pulled from Instagram users deploying the hashtag #jackdanielssucks.

Other pages on the site seem to scrape content from GlassDoor, a site where employees review their employers.

While there’s nothing wrong with gripe sites, automating their creation over hundreds or even thousands of brands that you don’t genuinely have gripes with seems, charitably, churlish.

And these gripe sites are — or at least were — being monetized.

You’ll see a banner ad in the top-right corner of the above screen-grab, offering jackdaniels.sucks for sale. The link took you to a page on Sedo that offers the domain for sale with a buy-now price of $199 (the same as the registry’s wholesale fee).

Banners on other pages led to landers on GoDaddy-owned Uniregistry.com with prices of $599.

These banners, which appeared on every brand’s page that I checked, seem to have disappeared at some point over the last two days. I’m sure the change is unrelated to the fact that I started asking .sucks registry Vox Populi and parent Momentous difficult questions about these trademark-match domains on Wednesday.

While UDRP panels have disagreed over the years, there’s precedent dating back two decades that “trademarksucks.tld” domains with sites that contain genuine, non-commercial criticism can confer legitimate rights to the registrant and are therefore NOT cybersquatting.

I doubt a site that actively tries to sell the domain name in question for above out-of-pocket costs could be considered non-commercial.

Still, it looks like those banners are gone now, and I can’t find any other examples of obvious monetization.

I use jackdaniels.sucks as an example here as it’s the site I took a screenshot of before the changes, but there are many hundreds of similar trademark-match domains being used to feed traffic to Everything.sucks.

I note that unitedinternet.sucks, named after the parent company of Sedo, is for sale for $199 on Sedo and leads to a gripe site on Everything.sucks containing less-than-complimentary remarks. It’s for sale at $599 on Uniregistry.

But who is Everything.sucks?

The concept itself originates with the .sucks registry itself. Before the TLD launched in 2015, it floated the idea to a tsunami of criticism from trademark owners.

The plan back then was to sell .sucks domains for .com prices — a discount of a couple hundred dollars — but only to registrants unaffiliated with the trademark owner. These registrants would have had to forward their domains to an Everything.sucks-branded discussion forum.

Back then, Vox Pop said it planned to work with a non-for-profit third party on this initiative.

That third party never materialized, and later in 2015 appeared to mutate into a system called This.sucks, operated by a company called This.sucks Ltd, which took over the Everything.sucks domain name.

This.sucks sold .sucks domains for $12 a year, with the domains pointing to a forum/blogging platform that the company hoped to monetize.

Both This.sucks and Vox Pop denied there was any link between the two companies, but I later uncovered a lot of compelling circumstantial evidence linking the two companies, including the fact that Rob Hall, CEO of Vox Pop parent Momentous, paid for This.sucks’ web site design.

This.sucks appears to have fizzled out in the intervening years, but now Everything.sucks is back with a mystery registrant snapping up thousands of domains, at a cost of at least half a million bucks, under the Everything.sucks brand.

Public Whois is useless nowadays, of course.

But the front page of Everything.sucks describes it as “a non-profit organization and communications forum for social activism”.

Many of the domains that redirect to its site appear to be registered to a Turks and Caicos company called Honey Salt Ltd, a name that does not naturally suggest a non-profit entity.

Others use Momentous’ domain privacy service. All appear to be registered via Momentous-owned registrar Rebel, which sells .sucks domains at cost and is therefore one of the cheapest registrars on the market.

Back in 2015, intellectual property interests expressed doubt that the proposed Everything.sucks third party and the This.sucks third party were not in fact just smokescreens, fronts for the registry itself.

Vox Pop CEO John Berard on Wednesday denied to DI that the company had any involvement in the recent spurt of trademark-match registrations being used by Everything.sucks and expressed a lack of knowledge about the registrant’s intent.

I’ve not yet received comment from Momentous, but I’d be very surprised if the company does not know who is behind Everything.sucks.

At the very least, Vox Pop and Rebel are both privy to the unexpurgated Whois and/or customer records for whoever is running Everything.sucks and whoever it is that has grown the .sucks zone file by about 50% since June.

ICANN throws out “Ugly Houses” UDRP appeal

Kevin Murphy, July 20, 2020, Domain Policy

ICANN has rejected an unprecedented attempt to get a UDRP decision overturned using the Reconsideration process.

The Board Accountability Mechanisms Committee late last week summarily dismissed a Request for Reconsideration filed by a group called the Emily Rose Trust.

Emily Rose had lost a UDRP case in May concerning the domain name uglyhousesri.com, which it had been using for the last couple of years to run a home renovation-and-resale service in Rhode Island.

The complainant was a company called HomeVestors, which has been running a near-identical service called We Buy Ugly Houses (a phrase it has trademarked) for substantially longer.

The National Arbitration Forum panelist had decided that the domain was confusingly similar to the mark, and that the similarity of the services constituted bad faith use.

In filing the rather poorly-written RfR, Emily Rose argued among other things that “Ugly Houses” is a generic term not protected by the mark.

But ICANN did not consider the merits of its request, instead rejecting the RfR for being outside the scope of the process.

The BAMC said that UDRP decisions do not involved the action or inaction of the ICANN board or staff, and are therefore not subject to board Reconsideration.

While UDRP decisions are often contested in court, this RfR makes it clear that ICANN is not an avenue for appeal in individual cases.

Facebook WILL sue more registrars for cybersquatting

Kevin Murphy, March 13, 2020, Domain Registrars

Facebook has already sued two domain name registrars for alleged cybersquatting and said yesterday that it will sue again.

Last week, Namecheap became the second registrar in Facebook’s legal crosshairs, sued in in its native Arizona after allegedly failing to take down or reveal contact info for 45 domains that very much seem to infringe on its Facebook, Instagram and WhatsApp trademarks.

In the complaint (pdf), which also names Namecheap’s Panama-based proxy service Whoisguard as a defendant, the social media juggernaut claims that Whoisguard and therefore Namecheap is the legal registrant for dozens of clear-cut cases of cybersquatting including facebo0k-login.com, facebok-securty.com, facebokloginpage.site and facebooksupport.email.

In a brief statement, Facebook said these domains “aim to deceive people by pretending to be affiliated with Facebook apps” and “can trick people into believing they are legitimate and are often used for phishing, fraud and scams”.

Namecheap was asked to reveal the true registrants behind these Whoisguard domains between October 2018 and February 2020 but decline to do so, according to Facebook.

The complaint is very similar to one filed against OnlineNIC (pdf) in October.

And, according to Margie Milam, IP enforcement and DNS policy lead at Facebook, it won’t be the last such lawsuit.

Speaking at the second public forum at ICANN 67 yesterday, she said:

This is the second in a series of lawsuits Facebook will file to protect people from the harm caused by DNS abuse… While Facebook will continue to file lawsuits to protect people from harm, lawsuits are not the answer. Our preference is instead to have ICANN enforce and fully implement new policies, such as the proxy policy, and establish better rules for Whois.

Make no mistake, this is an open threat to fence-sitting registrars to either play ball with Facebook’s regular, often voluminous requests for private Whois data, or get taken to court. All the major registrars will have heard her comments.

Namecheap responded to its lawsuit by characterizing it as “just another attack on privacy and due process in order to strong-arm companies that have services like WhoisGuard”, according to a statement from CEO Richard Kirkendall.

The registrar has not yet had time to file its formal reply to the legal complaint, but its position appears to be that the domains in question were investigated, found to not be engaging in nefarious activity, and were therefore vanilla cases of trademark infringement best dealt with using the UDRP anti-cybersquatting process. Kirkendall said:

We actively remove any evidence-based abuse of our services on a daily basis. Where there is no clear evidence of abuse, or when it is purely a trademark claim, Namecheap will direct complainants, such as Facebook, to follow industry-standard protocol. Outside of said protocol, a legal court order is always required to provide private user information.

UDRP complaints usually take several weeks to process, which is not much of a tool to be used against phishing attacks, which emerge quickly and usually wind down in a matter of a few days.

Facebook’s legal campaign comes in the context of an ongoing fight about access to Whois data. The company has been complaining about registrars failing to hand over customer data ever since Europe’s GDPR privacy regulation came into effect, closely followed by a new, temporary ICANN Whois policy, in May 2018.

Back then, its requests showed clear signs of over-reach, though the company claims to have scaled-back its requests in the meantime.

The lawsuits also come in the context of renewed attacks at ICANN 67 on ICANN and the domain industry for failing to tackle so-called “DNS abuse”, which I will get to in a follow-up article.

EFF becomes second to appeal new .org contract

Kevin Murphy, August 7, 2019, Domain Registries

The Electronic Frontier Foundation has appealed ICANN’s decision to add stronger trademark protection rules to .org.

The civil liberties organization has filed a Request for Reconsideration with ICANN, saying that the new .org contract should not oblige Public Interest Registry to implement the Uniform Rapid Suspension policy.

URS is a swifter, cheaper version of the anti-cybersquatting UDRP policy. It can lead to clear-cut cases of trademark-infringing domains being relatively quickly suspended, but not transferred.

But the EFF is worried that it could be abused to curtail free speech.

It said URS is “particularly dangerous for the many .org registrants who are engaged in an array of noncommercial work, including criticism of governments and corporations”.

URS was created via ICANN’s bottom-up, community-led policy-making process to apply to new gTLDs applied for in 2012, not legacy gTLDs such as .org, EFF argues,

Adding more rights protection to a legacy gTLD “should be initiated, if at all, through the multistakeholder policy development process, not in bilateral negotiations between a registry operator and ICANN staff”, the RfR states.

The EFF is also concerned that the new contract allows PIR to unilaterally create its own additional rights protection mechanisms.

I don’t think this is a new power, however. Remember when PIR proposed a “Copyright UDRP” a couple of years ago, evidently as a way to turf out The Pirate Bay? That plan was swiftly killed off after protests from, among others, the EFF.

The EFF’s reconsideration request (pdf) does not address the issue of price increase caps, which were removed in the new contract.

That more-controversial provision is already the subject of an RfR, filed by NameCheap last month.

Both RfRs will be dealt with by ICANN’s Board Accountability Mechanisms Committee before being passed to the full board.

Cybersquatting cases down a bit in the UK

The number of cybersquatting complaints filed with Nominet declined slightly in 2018, according to the registry.

Nominet’s Dispute Resolution Service, which is a bit like the UDRP, handled 671 cases last year, compared to 712 in 2017.

The number of domains at issue was down from 783 to 763.

The slight decline appears to be because fewer complaints were filed against .org.uk, .me.uk and plain .uk domains.

The number of .co.uk registrations challenged was flat between 2017 and 2018 at 617 domains.

Only 49% of cases resulted in the disputed domain being transferred, according to the registry’s annual report (pdf).

.CLUB to let brands block “trillions” of domains for $2,000

.CLUB Domains has launched a service for trademark owners that will enable them to block an essentially infinite number of potential cybersquats for a $2,000 payment every three years.

But the restrictions in place to avoid false positives mean that some of the world’s most recognizable brands would not be eligible to use it.

The service is called Trademark Sentry. In February, .CLUB asked ICANN for approval to launch it under the name Unlimited Name Blocking Service.

It’s cast by the registry roughly as a kind of clone of Donuts’ five-year-old Domain Protected Marks List, which enables brands to block their marks across Donuts’ entire portfolio of 242 gTLDs for far less than they would pay defensively registering 242 domains individually.

But while Donuts has a massive stable of TLDs, .CLUB is a one-horse town, so what’s going on?

Based on promotional materials .CLUB sent me, it appears that Trademark Sentry is primarily a way to reduce not defensive registration costs but rather UDRP costs.

Instead of blocking a single trademarked string across a broad portfolio of TLDs — for example google.ninja, google.bike, google.guru, google.charity… — the .CLUB service allows brands to block any domain that contains that string in a single TLD.

For example, Google could pay .CLUB $2,000, and for the next three years it would be impossible for anyone to register any .club domain that contained the substring “google”.

Any potential cybersquatter who went to a registrar and tried to register domains such as “mygooglesearch.club” or “googlefootball.club” or “bestgoogle.club” or “xreegtegooglefwrreed.club” would be told by the registrar that the domain was unavailable.

It would be blocked at the registry level, because it contained the blocked string “google”.

Customers will be able to add typos to the blocklist for a 50% discount.

To the best of my knowledge, this is not a service currently offered by any other gTLD registry.

It’s precisely the kind of thing that the IP lobby at ICANN was crying out for — albeit without the obligation to pay for it — prior to the 2012 application round.

.CLUB reckons it’s a money-saver for brand owners who find themselves filing lots of UDRP complaints.

UDRP complaints cost at least $1,500, just for the filing fees with outfits such as WIPO. They can cost many hundreds more in lawyers fees.

Basically, if you expect your brand will be hit by at least one UDRP in .club in the next three years, $2,000 might look like a decent investment.

.club domains have been subject to 279 UDRP complaints over the last five years, according to UDRPSearch.com.

But .CLUB has put in place a number of restrictions that are likely to seriously restrict its potential customer base.

First, the trademark will have to be “fanciful”. The registry says:

To qualify for Unlimited Name Blocking a trademark must be fanciful as defined by the USPTO and meet the .CLUB Registry’s additional requirements and subject to the .CLUB Registry’s discretion. Marks that are not fanciful but when combined with another word become sufficiently unique may be allowed.

“Apple” would not be permitted, but “AppleComputer” might be.

.CLUB told me that any trademark that, if blocked, would prevent non-infringing uses of the string would also not qualify for the service.

If you look at a UDRP-happy brand like Lego, which has already filed several complaints about alleged cybersquats in .club, it would certainly not qualify. Too many words end in “le” and begin with “go” for .CLUB to block every domain containing “lego”.

Similarly, Facebook would likely not qualify because one can imagine non-infringing uses such as facetofacebookmakers.club. Twitter is a dictionary word, as is Coke. Pepsi is a substring of dyspepsia. Amazon is primarily a geographic term. McDonald’s is derived from a common surname, as are Cartier and Heinz.

For at least half of the famous brands that pop into my head, I can think of a reason they will probably not be allowed to use this service.

.CLUB also won’t allow trademarks shorter than five characters.

Still, for those brands that do qualify, and do have an aggressive UDRP-based enforcement policy, the service seems to be priced at a point where an ROI case can be made.

Like Donuts’ DPML domains, anything blocked under Trademark Sentry is not going to show up in zone files, so we’re not going to have any objective data with which to monitor its success.

UDRP complaints hit new high at WIPO

Kevin Murphy, March 19, 2019, Domain Policy

The World Intellectual Property Organization handled 3,447 UDRP cases in 2018, a new high for the 20-year-old anti-cybersquatting policy.

The filings represent an increase of over 12% compared to the 3,074 UDRP cases filed with WIPO in 2017. There were 3,036 cases in 2016

But the number of unique domains complained about decreased over the same period, from 6,370 in 2017 to 5,655 domains in 2018, WIPO said today.

The numbers cover only cases handled by WIPO, which is one of several UDRP providers. They may represent increases or decreases in cybersquatting, or simply WIPO’s market share fluctuating.

The numbers seem to indicate that the new policy of redacting Whois information due to GDPR, which came into effect mid-year, has had little impact on trademark owners’ ability to file UDRP claims.

UPDATE: This post was updated a few hours after publication to remove references to the respective shares of the UDRP caseload of .com compared to new gTLDs. WIPO appears to have published some wonky math, as OnlineDomain noticed.

Claims UDRP has cost over $360 million so far

Kevin Murphy, February 13, 2019, Domain Policy

Trademark owners have splashed out over $360 million on UDRP cases over the 20 years the policy has been active, according to an intellectual property trade group.

Marques, a European body representing trademark owners, reckons $360 million is a “conservative” estimate.

It reached the figure by multiplying the number of UDRP complaints filed to the end of 2018 — 72,038 — by the $5,000 estimated total cost of each complaint.

The World Intellectual Property Organization, which handles well over half of all UDRP cases, charges at least $1,500 per case, but trademark owners have other fees, such as paying lawyers to draft the complaints.

WIPO, which basically designed and wrote the UDRP back in 1998, has been paid at least $63.8 million in filing fees to date, Marques calculates.

Across all UDRP providers, well over 100,000 individual domain names have been subject to UDRP. It’s likely much more, but the National Arbitration Forum does not publish data on unique domains.

The Marques claims were made in a letter (pdf) from council member (and Com Laude managing director) Nick Wood to ICANN last week, part of IP lobbying efforts in the face of UDRP reform efforts. He wrote:

This lowest-case estimate of $360m is a very significant financial burden. Registrants, on the other hand, pay only for their own defence, if any. They do not pay damages, or even contribute to the provider fees, if they lose – which across the five active panel providers appears to be majority of the time.

One proposal that has been put forward by IP owners is for registrants to pay a $500 fee when they are hit by a UDRP complaint, which would be refundable if they prevail.

I can see this idea going down like a cup of iced sick in the domainer community.

Rather than lobbying for any specific proposal, however, Marques is asking ICANN to create an “independent expert group” outside of the usual Policy Development Process, to highlight “priority issues and possible solutions” for the PDP to consider.

Marques thinks the group should comprise a small number of trademark interests, registries and registrars, and registrant rights groups. It wants WIPO to chair it.

It also wants ICANN to coordinate UDRP providers in the creation of a unified set of data on UDRP cases processed to date, to help with future reform discussions.

ICANN community volunteers have been working on the “PDP Review of All Rights Protection Mechanisms in All gTLDs” — the RPM WG — since March 2016.

The RPM WG expects to put out its “Phase One” initial report, comprising recommendations for reform of the Trademark Clearinghouse, Trademark Claims and Sunrise policies, in early June this year.

Only then will it turns its attention to UDRP, in “Phase Two”, with talks due to begin at the ICANN 65 meeting in Marrakech later that month.

The working group has been beset by all kinds of personal drama among volunteers recently, which continues to add friction to discussions.

Cybersquatting cases up because of .com

Kevin Murphy, March 23, 2018, Domain Services

The World Intellectual Property Organization handled cybersquatting cases covering almost a thousand extra domain names in 2017 over the previous year, but almost all of the growth came from complaints about .com names, according to the latest WIPO stats.

There were 3,074 UDRP cases filed with WIPO in 2017, up about 1.2% from the 3,036 cases heard in 2016, WIPO said in its annual roundup last week.

That’s slower growth than 2016, which saw a 10% increase in cases over the previous year.

But the number domains complained about in UDRP was up more sharply — 6,370 domains versus 5,374 in 2016.

WIPO graph

WIPO said that 12% of its 2017 cases covered domains registered in new gTLDs, down from 16% in 2016.

If you drill into its numbers, you see that 3,997 .com domains were complained about in 2017, up by 862 domains or 27% from the 3,135 seen in 2016.

.com accounted for 66% of UDRP’d domains in 2016 and 70% in 2017. The top four domains in WIPO’s table are all legacy gTLDs.

As usual when looking at stats for basically anything in the domain business in the last few years, the tumescent rise and meteoric fall of .xyz and .top have a lot to say about the numbers.

In 2016, they accounted for 321 and 153 of WIPO’s UDRP domains respectively, but they were down to 66 and 24 domains in 2017.

Instead, three Radix TLDs — .store, .site and .online — took the honors as the most complained-about new gTLDs, with 98, 79, and 74 domains respectively. Each of those three TLDs saw dozens more complained-about domains in 2017 than in 2016.

As usual, interpreting WIPO’s annual numbers requires caution for a number of reasons, among them: WIPO is not the only dispute resolution provider to handle UDRP cases, rises and falls in UDRP filings do not necessarily equate to rises and falls in cybersquatting, and comparisons between .com and new gTLDs do not take into account that new gTLDs also have the URS as an alternative dispute mechanism.