Facebook has sued a Chinese cybersquatter for trying to renege on a five-year-old deal that saw it buy the domain instagram.com for $100,000.
The lawsuit, filed in California last week, claims that a family of known cybersquatters, based in Guangdong, is trying to have the purchase invalidated by a Chinese court.
The company, which acquired Instagram for $1 billion in 2012, wants the court to rule that the domain deal was legal, preventing the cybersquatters retaking control of the domain.
Photo-sharing app Instagram launched in October 2010 using the domain instagr.am.
At that time, instagram.com was owned by a US-based domain investor, but it was bought by Zhou Weiming about a month later.
Zhou, Facebook says, was the now-dead father of three of the people it is suing, and the husband of the fourth.
When Zhou purchased the domain, Instagram had become wildly popular, well on the way to hitting the million-user mark in December 2010.
Instagram had applied for the US trademark on its name in September 2010, less than a month before its launch.
The company made the decision to pay $100,000 for the domain in January 2011.
The Whois information for instagram.com changed from Zhou Weiming to Zhou Murong, apparently his daughter, around about the same time, though the registrant email address did not change.
The purchase was processed by Sedo, according to a copy of the deal filed as evidence (pdf).
Now, Murong’s mother and sisters are suing her and Instagram in China, claiming she did not have the authority to sell the domain, according to Facebook’s complaint.
Facebook claims the Chinese suit is a “sham” and that the whole Zhou family is acting in concert.
The company wants the California court to declare that the sale was valid, and that registrar MarkMonitor should not be forced to transfer the domain back to the Zhous.
Facebook in 2014 won a 22-domain UDRP case against Murong Zhou, related to typos of its Instagram trademark.
Read the full California complaint as a PDF here.
“Cybersquatting” registrar OpenTLD, part of the Freenom group, has had its accreditation un-suspended by ICANN while the two parties slug it out in arbitration.
Filed three weeks ago by OpenTLD, it’s the first complaint to head to arbitration about under the 2013 Registrar Accreditation Agreement.
ICANN suspended the registrar for 90 days in late June, claiming that it “engaged in a pattern and practice of trafficking in or use of domain names identical or confusingly similar to a trademark or service mark of a third party”.
But OpenTLD filed its arbitration claim day before the suspension was due to come in to effect, demanding a stay.
ICANN — voluntarily, it seems — put the suspension on hold pending the outcome of the case.
The suspension came about due to OpenTLD being found guilty of cybersquatting its competitors in two UDRP cases.
In both cases, the UDRP panel found that the company had cybersquatted the trademarks of rival registrars in an attempt to entice their resellers over to its platform.
But OpenTLD claims that ICANN rushed to suspend it without giving it a chance to put forward its side of the story and without informing it of the breach.
It further claims that the suspension is “disproportionate and unprecedented” and that the public interest would not be served for the suspension to be upheld.
This is not an Independent Review Process proceeding, so things are expected to move forward relatively quickly.
The arbitration panel expects to hear arguments by phone August 14 and rule one way or the other by August 24.
Read the OpenTLD complaint here.
Former Spice Girl Victoria Beckham has used UDRP to take down a porn site bearing her name.
victoria-beckham.biz was owned by a Ukrainian, who had set up a site “at which adult and/or pornographic images and services are offered”, according to the UDRP panelist.
It was pretty much a slam-dunk case.
While not all celebrities own trademarks on their names, Beckham does. The squatter, who registered the name in December 2014, did not even attempt a response.
Based on archived screenshots and Whois records, it looks like victoria-beckham.biz has been around as a rather harmless fan site since about 2006.
It was only after the domain expired late last year and was re-registered did it become a porn site, attracting the attention of Beckham’s lawyers.
If you register a .sucks domain matching a brand, could you survive a subsequent UDRP complaint? Opinion is mixed.
In my view, how UDRP treats .sucks registrants will be a crucial test of Vox Populi Registry’s business model.
Vox Populi Registry clearly envisages — and is actively encouraging with its policies — genuine critics, commentators and consumer advocates to register .sucks domains that match famous trademarks.
I really like this idea. Power to the people and all that.
But will UDRP panelists agree with me and Vox Pop? Cybersquatting case law under UDRP says, very firmly: “It depends.”
Statistics generally favor mark owners
To date, there have been exactly 100 resolved UDRP complaints against domains that end in “sucks.com”.
Of those, 47 cases ended up with a full transfer of the domain to the trademark owner. Only 30 resulted in a the complaint being denied.
Another 19 cases were withdrawn or terminated; the remainder were split decisions.
So it seems, based on historical “sucks” cases, that the odds favor trademark owners.
But each case is, theoretically at least, judged on its merits. So it does not necessarily hold that most .sucks UDRP complaints will be successful.
What does WIPO say?
The World Intellectual Property Association, which administers most UDRP cases, published a set of guidelines for its panelists.
Some guidelines specifically addresses “sucks” sites, but the advice is not always clear-cut.
There are three elements to UDRP. First, the complainant must show that the domain name in question is identical or confusingly similar to its trademark.
According to WIPO, it’s the “consensus view” of UDRP panelists that adding “sucks” to a trademark at the second level does NOT stop a domain being confusiningly similar. WIPO says:
Generally, a domain name consisting of a trademark and a negative or pejorative term (such as [trademark]sucks.com) would be considered confusingly similar to the complainant’s trademark for the purpose of satisfying the standing requirement under the first element of the UDRP (with the merits of such cases typically falling to be decided under subsequent elements). Panels have recognized that inclusion of a subsidiary word to the dominant feature of a mark at issue typically does not serve to obviate confusion for purposes of the UDRP’s first element threshold requirement, and/or that there may be a particular risk of confusion among Internet users whose first language is not the language of the domain name
Some panels have disagreed with this prevailing view, however.
It remains to be seen whether moving the string “sucks” to the right of the dot would affect the outcome, but it’s established UDRP case law that the dot in a domain can be pretty much ignored when testing for similarity.
The TLD a domain uses can be taken into account if it’s relevant or disregarded if it is not, according to precedent.
The second test under UDRP is whether the registrant of the domain has legitimate rights or interests.
Panelists disagree on this point. WIPO says:
The right to criticize does not necessarily extend to registering and using a domain name that is identical or confusingly similar to the complainant’s trademark. That is especially the case if the respondent is using the trademark alone as the domain name (i.e., [trademark.tld]) as that may be understood by Internet users as impersonating the trademark owner.
That view would seem to apply specifically to the use cases Vox Pop has in mind — the registry wants critics to own [trademark].sucks domains in order to criticize the trademark owner.
Respondents’ can very well achieve their objective of criticism by adopting a domain name that is not identical or substantially similar to Complainants’ marks. Given the free nature of the media which is the Internet and the chaotic spamming that has become epidemic, it does not appear that one can be at full liberty to use someone else’s trade name or trademark by simply claiming the right to exercise a right to freedom of expression”.
In other words: you may have a right to free speech on the internet, but you do not have the right to exercise it simply by adding “sucks” to a famous trademark.
But other UDRP panelists have disagreed. WIPO says that some panelists have found:
Irrespective of whether the domain name as such connotes criticism, the respondent has a legitimate interest in using the trademark as part of the domain name of a criticism site if such use is fair and noncommercial.
The third element of UDRP is bad faith. Complainants have to show that the registrant is up to something dodgy.
Some panelists have a pretty low threshold for what constitutes bad faith. Merely having the page parked — even if you did not park it yourself — can point to bad faith, especially in “sucks” cases.
WIPO says that “tarnishment” of a trademark — such as posting porn, which is banned under Vox Pop’s AUP anyway — can be bad faith, but legitimate criticism would not usually:
While it would not normally extend to the mere posting of information about a complainant, or to the posting of genuine, non-commercial criticism regarding the trademark holder, it may extend to commercially motivated criticism by (or likely on behalf of) a competitor of such trademark holder.
So, with all that in mind, here are some tips for improving your odds of surviving a .sucks UDRP.
How to beat a .sucks UDRP
Poring over dozens of “sucks.com” decisions, it quickly becomes clear that there are certain things you should definitely do and not do if you want to keep a hold of your brand-match .sucks domain.
Given the volume of precedent, you’ll have a hard time showing that your domain is not identical or confusingly similar to the trademark in question — strike one — but there are ways to show legitimate interests and rebut claims of bad faith.
To show you lack legitimate interests, the complainant only needs to make a face-value argument that you do not. Then the burden of proof to show rights switches to you.
If you don’t respond to the UDRP, the panel will find you lack rights. Panelists rarely try to fight the corner of a registrant who has not responded.
That’s strike two.
2. Don’t allow your domain to be parked
If a domain is parked, UDRP panelists in “sucks.com” cases invariably find that the registrant lacks legitimate interests and has shown bad faith.
Parking is considered a commercial activity, so you won’t be able to argue convincingly that you’re exercising your right to non-commercial free speech if your domain is splashed with links to the trademark owner’s competitors.
This holds true even if the domain was automatically parked by your registrar.
Dozens (hundreds?) of UDRP cases have been lost because Go Daddy parked the newly registered domain automatically, enabling the complainant to show commercial use.
Panelists are usually happy to overlook the lack of direct bad faith action by the registrant in such cases.
Parking will usually lead to strikes two and three.
In the case of .sucks, parking is actually banned by Vox Populi’s acceptable use policies (pdf).
But the registry will only enforce this policy if it receives a complaint. I don’t know if the Registry-Registrar Agreement, which isn’t public, prohibits registrars auto-parking new domains.
3. Develop a site as soon as possible
In some “sucks.com” cases, respondents have argued that they had intended to put up a criticism site, but could not provide evidence to back up the claims.
If you register a .sucks matching a trademark, you’ll want to put up some kind of site ASAP.
In the case of kohlersucks.com, the registrant had merely framed a Better Business Bureau web page, which was found to show non-commercial criticism use.
4. Don’t offer to sell the domain
It should go without saying that offering to sell the domain to the trademark owner shows bad faith; it looks like extortion.
Panelists regularly also find that registrants give up their legitimate rights to a domain as soon as they make it available to buy.
5. Don’t make any money whatsoever
The second you start making money from a domain that matches a trademark, you’re venturing into the territory of commercial use and are much more likely to fail the WIPO test of “genuine, non-commercial criticism”.
6. Be American
Depressingly, you stand a better chance of fighting off a UDRP on free speech grounds if both the case involves US-based parties and a US-based panelist.
Panelists are more likely to draw on the US Constitution’s First Amendment and associated non-UDRP case law when determining rights or legitimate interests, when the registrant is American.
Merely registering with a US-based registrar is not enough to confer First Amendment rights to a registrant living outside of the US, according to UDRP panels.
Even though freedom of speech is a right in most of the world, in the universe of UDRP it seems the rest of us are second-class citizens compared to the yanks.
It will soon be much harder for cybersquatters to take flight to another registrar when they’re hit with a UDRP complaint.
From July 31 next year, all ICANN-accredited registrars will be contractually obliged to lock domain names that are subject to a UDRP and trademark owners will no longer have to tip off the registrant they’re targeting.
Many major registrars lock domain names under UDRP review already, but there’s no uniformity across the industry, either in terms of what a lock entails or when it is implemented. Under the amended UDRP policy, a “lock” is now defined as:
a set of measures that a registrar applies to a domain name, which prevents at a minimum any modification to the registrant and registrar information by the Respondent, but does not affect the resolution of the domain name or the renewal of the domain name.
Registrars will have two business days from the time they’re notified about the UDRP to put the lock in place.
Before the lock is active, the registrants themselves will not be aware they’ve been targeted by a complaint — registrars are banned from telling them and complainants no longer have to send them a copy of the complaint.
If the complaint is dismissed or withdrawn, registrars have one business day to remove the lock.
Because these change reduce the 20-day response window, registrants will be able to request an additional four calendar days (to account for weekends, I assume) to file their responses and the request will be automatically granted by the UDRP provider.
The new policy was brought in to stop “cyberflight”, a relatively rare tactic whereby cybersquatters transfer their domains to a new registrar to avoid losing their domains.
The policy was approved by the Generic Names Supporting Organization in August last year and approved by the ICANN board a month later. Since then, ICANN staff has been working on implementation.
The time from the first GNSO preliminary issue report (May 27, 2011) to full implementation of the policy (July 31, 2015) will be 1,526 days.
You can read a redlined version of the UDRP rules here (pdf).