Latest news of the domain name industry

Recent Posts

EFF becomes second to appeal new .org contract

Kevin Murphy, August 7, 2019, Domain Registries

The Electronic Frontier Foundation has appealed ICANN’s decision to add stronger trademark protection rules to .org.

The civil liberties organization has filed a Request for Reconsideration with ICANN, saying that the new .org contract should not oblige Public Interest Registry to implement the Uniform Rapid Suspension policy.

URS is a swifter, cheaper version of the anti-cybersquatting UDRP policy. It can lead to clear-cut cases of trademark-infringing domains being relatively quickly suspended, but not transferred.

But the EFF is worried that it could be abused to curtail free speech.

It said URS is “particularly dangerous for the many .org registrants who are engaged in an array of noncommercial work, including criticism of governments and corporations”.

URS was created via ICANN’s bottom-up, community-led policy-making process to apply to new gTLDs applied for in 2012, not legacy gTLDs such as .org, EFF argues,

Adding more rights protection to a legacy gTLD “should be initiated, if at all, through the multistakeholder policy development process, not in bilateral negotiations between a registry operator and ICANN staff”, the RfR states.

The EFF is also concerned that the new contract allows PIR to unilaterally create its own additional rights protection mechanisms.

I don’t think this is a new power, however. Remember when PIR proposed a “Copyright UDRP” a couple of years ago, evidently as a way to turf out The Pirate Bay? That plan was swiftly killed off after protests from, among others, the EFF.

The EFF’s reconsideration request (pdf) does not address the issue of price increase caps, which were removed in the new contract.

That more-controversial provision is already the subject of an RfR, filed by NameCheap last month.

Both RfRs will be dealt with by ICANN’s Board Accountability Mechanisms Committee before being passed to the full board.

Cybersquatting cases down a bit in the UK

The number of cybersquatting complaints filed with Nominet declined slightly in 2018, according to the registry.

Nominet’s Dispute Resolution Service, which is a bit like the UDRP, handled 671 cases last year, compared to 712 in 2017.

The number of domains at issue was down from 783 to 763.

The slight decline appears to be because fewer complaints were filed against .org.uk, .me.uk and plain .uk domains.

The number of .co.uk registrations challenged was flat between 2017 and 2018 at 617 domains.

Only 49% of cases resulted in the disputed domain being transferred, according to the registry’s annual report (pdf).

.CLUB to let brands block “trillions” of domains for $2,000

.CLUB Domains has launched a service for trademark owners that will enable them to block an essentially infinite number of potential cybersquats for a $2,000 payment every three years.

But the restrictions in place to avoid false positives mean that some of the world’s most recognizable brands would not be eligible to use it.

The service is called Trademark Sentry. In February, .CLUB asked ICANN for approval to launch it under the name Unlimited Name Blocking Service.

It’s cast by the registry roughly as a kind of clone of Donuts’ five-year-old Domain Protected Marks List, which enables brands to block their marks across Donuts’ entire portfolio of 242 gTLDs for far less than they would pay defensively registering 242 domains individually.

But while Donuts has a massive stable of TLDs, .CLUB is a one-horse town, so what’s going on?

Based on promotional materials .CLUB sent me, it appears that Trademark Sentry is primarily a way to reduce not defensive registration costs but rather UDRP costs.

Instead of blocking a single trademarked string across a broad portfolio of TLDs — for example google.ninja, google.bike, google.guru, google.charity… — the .CLUB service allows brands to block any domain that contains that string in a single TLD.

For example, Google could pay .CLUB $2,000, and for the next three years it would be impossible for anyone to register any .club domain that contained the substring “google”.

Any potential cybersquatter who went to a registrar and tried to register domains such as “mygooglesearch.club” or “googlefootball.club” or “bestgoogle.club” or “xreegtegooglefwrreed.club” would be told by the registrar that the domain was unavailable.

It would be blocked at the registry level, because it contained the blocked string “google”.

Customers will be able to add typos to the blocklist for a 50% discount.

To the best of my knowledge, this is not a service currently offered by any other gTLD registry.

It’s precisely the kind of thing that the IP lobby at ICANN was crying out for — albeit without the obligation to pay for it — prior to the 2012 application round.

.CLUB reckons it’s a money-saver for brand owners who find themselves filing lots of UDRP complaints.

UDRP complaints cost at least $1,500, just for the filing fees with outfits such as WIPO. They can cost many hundreds more in lawyers fees.

Basically, if you expect your brand will be hit by at least one UDRP in .club in the next three years, $2,000 might look like a decent investment.

.club domains have been subject to 279 UDRP complaints over the last five years, according to UDRPSearch.com.

But .CLUB has put in place a number of restrictions that are likely to seriously restrict its potential customer base.

First, the trademark will have to be “fanciful”. The registry says:

To qualify for Unlimited Name Blocking a trademark must be fanciful as defined by the USPTO and meet the .CLUB Registry’s additional requirements and subject to the .CLUB Registry’s discretion. Marks that are not fanciful but when combined with another word become sufficiently unique may be allowed.

“Apple” would not be permitted, but “AppleComputer” might be.

.CLUB told me that any trademark that, if blocked, would prevent non-infringing uses of the string would also not qualify for the service.

If you look at a UDRP-happy brand like Lego, which has already filed several complaints about alleged cybersquats in .club, it would certainly not qualify. Too many words end in “le” and begin with “go” for .CLUB to block every domain containing “lego”.

Similarly, Facebook would likely not qualify because one can imagine non-infringing uses such as facetofacebookmakers.club. Twitter is a dictionary word, as is Coke. Pepsi is a substring of dyspepsia. Amazon is primarily a geographic term. McDonald’s is derived from a common surname, as are Cartier and Heinz.

For at least half of the famous brands that pop into my head, I can think of a reason they will probably not be allowed to use this service.

.CLUB also won’t allow trademarks shorter than five characters.

Still, for those brands that do qualify, and do have an aggressive UDRP-based enforcement policy, the service seems to be priced at a point where an ROI case can be made.

Like Donuts’ DPML domains, anything blocked under Trademark Sentry is not going to show up in zone files, so we’re not going to have any objective data with which to monitor its success.

UDRP complaints hit new high at WIPO

Kevin Murphy, March 19, 2019, Domain Policy

The World Intellectual Property Organization handled 3,447 UDRP cases in 2018, a new high for the 20-year-old anti-cybersquatting policy.

The filings represent an increase of over 12% compared to the 3,074 UDRP cases filed with WIPO in 2017. There were 3,036 cases in 2016

But the number of unique domains complained about decreased over the same period, from 6,370 in 2017 to 5,655 domains in 2018, WIPO said today.

The numbers cover only cases handled by WIPO, which is one of several UDRP providers. They may represent increases or decreases in cybersquatting, or simply WIPO’s market share fluctuating.

The numbers seem to indicate that the new policy of redacting Whois information due to GDPR, which came into effect mid-year, has had little impact on trademark owners’ ability to file UDRP claims.

UPDATE: This post was updated a few hours after publication to remove references to the respective shares of the UDRP caseload of .com compared to new gTLDs. WIPO appears to have published some wonky math, as OnlineDomain noticed.

Claims UDRP has cost over $360 million so far

Kevin Murphy, February 13, 2019, Domain Policy

Trademark owners have splashed out over $360 million on UDRP cases over the 20 years the policy has been active, according to an intellectual property trade group.

Marques, a European body representing trademark owners, reckons $360 million is a “conservative” estimate.

It reached the figure by multiplying the number of UDRP complaints filed to the end of 2018 — 72,038 — by the $5,000 estimated total cost of each complaint.

The World Intellectual Property Organization, which handles well over half of all UDRP cases, charges at least $1,500 per case, but trademark owners have other fees, such as paying lawyers to draft the complaints.

WIPO, which basically designed and wrote the UDRP back in 1998, has been paid at least $63.8 million in filing fees to date, Marques calculates.

Across all UDRP providers, well over 100,000 individual domain names have been subject to UDRP. It’s likely much more, but the National Arbitration Forum does not publish data on unique domains.

The Marques claims were made in a letter (pdf) from council member (and Com Laude managing director) Nick Wood to ICANN last week, part of IP lobbying efforts in the face of UDRP reform efforts. He wrote:

This lowest-case estimate of $360m is a very significant financial burden. Registrants, on the other hand, pay only for their own defence, if any. They do not pay damages, or even contribute to the provider fees, if they lose – which across the five active panel providers appears to be majority of the time.

One proposal that has been put forward by IP owners is for registrants to pay a $500 fee when they are hit by a UDRP complaint, which would be refundable if they prevail.

I can see this idea going down like a cup of iced sick in the domainer community.

Rather than lobbying for any specific proposal, however, Marques is asking ICANN to create an “independent expert group” outside of the usual Policy Development Process, to highlight “priority issues and possible solutions” for the PDP to consider.

Marques thinks the group should comprise a small number of trademark interests, registries and registrars, and registrant rights groups. It wants WIPO to chair it.

It also wants ICANN to coordinate UDRP providers in the creation of a unified set of data on UDRP cases processed to date, to help with future reform discussions.

ICANN community volunteers have been working on the “PDP Review of All Rights Protection Mechanisms in All gTLDs” — the RPM WG — since March 2016.

The RPM WG expects to put out its “Phase One” initial report, comprising recommendations for reform of the Trademark Clearinghouse, Trademark Claims and Sunrise policies, in early June this year.

Only then will it turns its attention to UDRP, in “Phase Two”, with talks due to begin at the ICANN 65 meeting in Marrakech later that month.

The working group has been beset by all kinds of personal drama among volunteers recently, which continues to add friction to discussions.

Cybersquatting cases up because of .com

Kevin Murphy, March 23, 2018, Domain Services

The World Intellectual Property Organization handled cybersquatting cases covering almost a thousand extra domain names in 2017 over the previous year, but almost all of the growth came from complaints about .com names, according to the latest WIPO stats.

There were 3,074 UDRP cases filed with WIPO in 2017, up about 1.2% from the 3,036 cases heard in 2016, WIPO said in its annual roundup last week.

That’s slower growth than 2016, which saw a 10% increase in cases over the previous year.

But the number domains complained about in UDRP was up more sharply — 6,370 domains versus 5,374 in 2016.

WIPO graph

WIPO said that 12% of its 2017 cases covered domains registered in new gTLDs, down from 16% in 2016.

If you drill into its numbers, you see that 3,997 .com domains were complained about in 2017, up by 862 domains or 27% from the 3,135 seen in 2016.

.com accounted for 66% of UDRP’d domains in 2016 and 70% in 2017. The top four domains in WIPO’s table are all legacy gTLDs.

As usual when looking at stats for basically anything in the domain business in the last few years, the tumescent rise and meteoric fall of .xyz and .top have a lot to say about the numbers.

In 2016, they accounted for 321 and 153 of WIPO’s UDRP domains respectively, but they were down to 66 and 24 domains in 2017.

Instead, three Radix TLDs — .store, .site and .online — took the honors as the most complained-about new gTLDs, with 98, 79, and 74 domains respectively. Each of those three TLDs saw dozens more complained-about domains in 2017 than in 2016.

As usual, interpreting WIPO’s annual numbers requires caution for a number of reasons, among them: WIPO is not the only dispute resolution provider to handle UDRP cases, rises and falls in UDRP filings do not necessarily equate to rises and falls in cybersquatting, and comparisons between .com and new gTLDs do not take into account that new gTLDs also have the URS as an alternative dispute mechanism.

Now the DNA backpedals on “Copyright UDRP”

Kevin Murphy, February 27, 2017, Domain Policy

The Domain Name Association has distanced itself from the Copyright ADRP, a key component of its Healthy Domains Initiative, after controversy.

The anti-piracy measure would have given copyright owners a process to seize or suspend domain names being used for massive-scale piracy, but it appears now to have been indefinitely shelved.

The DNA said late Friday that it has “elected to take additional time to consider the details” of the process, which many of us have been describing as “UDRP for Copyright”.

The statement came a day after .org’s Public Interest Registry announced that it was “pausing” its plan for a Systemic Copyright Infringement Alternative Dispute Resolution Policy modeled on UDRP.

PIR was the primary pen-holder on the DNA’s Copyright ADRP and the only registry to publicly state that it intended to implement it.

It’s my view that the system was largely created as a way to get rid of the thepiratebay.org, an unwelcome presence in the .org zone for years, without PIR having to take unilateral action.

The DNA’s latest statement does not state outright that the Copyright ADRP is off the table, but the organization has deleted references to it on its HDI web page page.

The HDI “healthy practices” recommendations continue to include advice to registries and registrars on handling malware, child abuse material and fake pharmaceuticals sites.

In the statement, the DNA says:

some have characterized [Copyright ADRP] as a needless concession to ill-intentioned corporate interests, represents “shadow regulation” or is a slippery slope toward greater third party control of content on the Internet.

While the ADR of course is none of these, the DNA’s concern is that worries over these seven recommendations have overshadowed the value of the remaining 30. While addressing this and other illegalities is a priority for HDI, we heard and listened to various feedback, and have elected to take additional time to consider the details of the ADR recommendations.

Thus, the DNA will take keen interest in any registrar’s or registry’s design and implementation of a copyright ADR, and will monitor its implementation and efficacy before refining its recommendations further.

The copyright proposal had been opposed by the Electronic Frontier Foundation, the Internet Commerce Association and other members of ICANN’s Non-Contracted Parties House.

In a blog post over the weekend, ICA counsel Phil Corwin wrote that he believed the proposal pretty much dead and the issue of using domains to enforce copyright politically untouchable:

While the PRI and DNA statements both leave open the possibility that they might revive development of the Copyright UDRP at some future time, our understanding is that there are no plans to do so. Further, notwithstanding the last sentence of the DNA’s statement, we believe that it is highly unlikely that any individual registrar or registry would advance such a DRP on its own without the protective endorsement of an umbrella trade association, or a multistakeholder organization like ICANN. Ever since the U.S. Congress abandoned the Stop Online Privacy Act (SOPA) in January 2012 after millions of protesting calls and emails flooded Capitol Hill, it has been clear that copyright enforcement is the third rail of Internet policy.

Angry reactions to “UDRP for copyright”

Kevin Murphy, February 10, 2017, Domain Policy

The Electronic Frontier Foundation and Internet Commerce Association are among those expressing initial concern about the introduction of a new “UDRP for copyright” mechanism by the Domain Name Association.

The EFF said the DNA’s new proposals want registries to become “private arbiters of online speech”, while the ICA expressed concern that the proposals could circumvent the usual ICANN policy-making process.

As we reported earlier in the week, the DNA has set out a set of four “healthy practices” (the term “best practices” was deliberately avoided, I’m told) for registries and registrars, under the banner of its Healthy Domains Initiative.

The first three sets of recommendations cover malware, child abuse material and fake pharmacies and are relatively non-controversial.

However, the surprising fourth proposal seeks to give copyright holders a means to suspend or seize control of domain names where they have “clear and convincing evidence” of “pervasive and systemic copyright infringement”.

While the details have yet to be finalized, it appears to be targeted at sites such as The Pirate Bay, which are used for pretty much nothing but copyright infringement.

“This is a terrible proposal,” the EFF’s Jeremy Malcolm and Mitch Stoltz wrote yesterday:

The content that happens to be posted within [a] website or service has nothing to do with the domain name registrar, and frankly, is none of its business. If a website is hosting unlawful content, then it is the website host, not the domain registrar, who needs to take responsibility for that

They added:

it seems too likely that any voluntary, private dispute resolution system paid for by the complaining parties will be captured by copyright holders and become a privatized version of the failed Internet censorship bills SOPA and PIPA

Those are references to two proposed US laws, the Stop Online Piracy Act and Protect IP Act, that attracted lots of criticism and never saw the light of day.

The ICA, in a separate post on its own site, expressed concerns that private initiatives such as the HDI could give trademark holders another way to route around ICANN policies they do not like.

Noting that trademark protection mechanisms are already under review in a ICANN working group, ICA counsel Phil Corwin wrote:

What if the final consensus decision of that WG is that the URS remedy should remain domain suspension and not transfer, or that the UDRP standard of “bad faith registration and use” should remain as is? Are TM owners then free to develop their own “best practices” that include domain transfer via URS, or a bad faith registration or use standard? What’s the point of going through a multi-year exercise if those dissatisfied with the result can seek stiffer private policies? Just how many bites at the apple should trademark holders get

Both ICA and EFF expressed concern that the new DNA proposals seemed to have been developed without the broad input of members.

Stoltz and Malcolm wrote:

In any purported effort to develop a set of community-based principles, a failure to proactively reach out to affected stakeholders, especially if they have already expressed interest, exposes the effort as a sham.

Corwin wrote:

ICA had no advance knowledge of the details of HDI and no opportunity to provide substantive input. So our fingerprints are nowhere on it.

The Copyright ADRP proposal appears to be the brainchild of Public Interest Registry, the .org registry.

PIR general counsel Liz Finberg told DI earlier this week that PIR is working with arbitration provider Forum to finalize the rules of the process and hopes to implement it in .org before the end of the first quarter.

No other registry has publicly stated similar plans to my knowledge.

The HDI recommendations are completely voluntary and registries/ars are free to adopt them wholly, partially or not at all. They are not ICANN policies.

GNSO faces off with governments over IGO cybersquatting

Kevin Murphy, January 27, 2017, Domain Policy

A defiant ICANN working group looking at cybersquatting rules for intergovernmental organizations is sticking to its guns in an ongoing face-off with the Governmental Advisory Committee.

In a report published for public comment this week, the GNSO working group recommended that IGOs should be given the right to use the UDRP and URS rights protection mechanisms, despite not being trademark owners.

But the recommendations conflict with the advice of the GAC, which wants ICANN to create entirely new mechanisms to deal with IGO rights.

I explored a lot of the back story of this argument in two posts a few months ago, which I will not rehash here.

The latest development is the publication of the proposed initial report of the GNSO IGO-INGO Access to Curative Rights Protection Mechanisms Initial Report (pdf) for comment.

The WG was tasked with deciding whether changes should be made to UDRP and URS to help protect the names and acronyms of IGOs and INGOs (international non-governmental organizations).

For INGOs, including the special cases of the International Olympic Committee and the Red Cross/Red Crescent, it decided no changes and no new mechanisms are required, concluding:

Many INGOs already have, and do, enforce their trademark rights. There is no perceivable barrier to other INGOs obtaining trademark rights in their names and/or acronyms and subsequently utilizing those rights as the basis for standing in the existing dispute resolution procedures (DRPs) created and offered by ICANN as a faster and lower cost alternative to litigation. For UDRP and URS purposes they have the same standing as any other private party.

The case with IGOs is different, because using UDRP and URS requires complainants to agree that the panel’s decisions can be challenge in court, and IGOs by their nature have a special legal status that allows them to claim jurisdictional immunity.

The WG recommends that these groups should be allowed access to UDRP and URS if they have protection under Article 6ter of the Paris Convention, a longstanding international intellectual property treaty.

This rule would actually extend UDRP and URS to hundreds more IGO names and acronyms than the GAC has requested protection for, which is just a few hundred. WIPO’s 6ter database by contrast currently lists 925 names and 399 abbreviations.

To deal with the jurisdictional immunity problem, the WG report recommends that IGOs should be allowed to file cybersquatting complaints via a third-party “assignee, agent or licensee”.

It further recommends that if an IGO manages to persuade a court it has special jurisdictional immunity, having been sued by a UDRP-losing registrant, that the UDRP decision be either disregarded or sent back to the arbitration for another decision.

The recommendations with regard IGOs are in conflict with the recommendations (pdf) of the so-called “small group” — a collection of governments, IGOs, INGOs and ICANN directors that worked quietly and controversially in parallel with the WG to come up with alternative solutions.

The small group wants ICANN to create separate but “functionally equivalent” copies of the UDRP and URS to deal with cybersquatting on IGO name and acronyms.

These copied processes would be free for IGOs to use and, to account for the immunity issue, would not be founded in trademark law.

The WG recommendations are now open for public comment and are expected to be the subject of some debate at the March ICANN meeting in Copenhagen.

As Trump sworn in, CADNA returns to lobby for stronger cybersquatting laws

Kevin Murphy, January 23, 2017, Domain Policy

Remember the Coalition Against Domain Name Abuse? The lobby group that campaigned for stronger cybersquatting laws and against new gTLDs?

It’s back.

CADNA on Thursday used the imminent inauguration of new US president Donald Trump to announce that it’s back in the game, hoping a Republican-dominated government will be friendlier to its agenda.

It told its supporters on “the 2016 general elections outcomes for both the U.S. Congress and the White House present a unique and timely opportunity to push through legislation”.

It wants new federal laws modeled on 2010 Utah state legislation, the E-Commerce Integrity Act, which creates liability for non-registrant third-parties including domain name registrars.

The Utah law is closely modeled on the federal Anticybersquatting Consumer Protection Act of 1999, but has some crucial differences.

CADNA noted at the time the law was up for a vote that it:

expands the liability for cybersquatting activity to include the registrant’s authorized licensee, agent, affiliate, representative, domain name registrar, domain name registry, or other domain name registration authority that knowingly and actively assists a violation

That’s something ACPA does not allow for, and CADNA wants the federal law amended to include provisions such as this. It said:

The Coalition Against Domain Name Abuse (CADNA) is now mobilizing the global business community to promote and pass legislation that will greatly enhance the available protection mechanisms for online trademark protection and limit the appeal of cybersquatting.

The last time US cybersquatting laws came close to being amended was with the Anti-Phishing Consumer Protection Act of 2008, aka the Snowe Bill, which ultimately did not pass.

The Internet Commerce Association, which lobbies on behalf of domain investors, expressed concern with CADNA’s new efforts to revive its noughties lobbying tactics, telling members:

for now this is more of a CADNA recruiting effort than an active legislative natter. As you can see, CADNA announced a similar Federal effort in 2010, which went nowhere. Nonetheless, we should proceed on the assumption that CADNA will secure a sponsor and have such legislation introduced in the new Congress and that such legislation may well gain traction in the current political environment.

The ICA also expressed concern about the amount of statutory damages the Utah law permits compared to the ACPA.

While both Utah and ACPA allow damages of $1,000 to $100,000 per domain, the Utah law assumes the highest amount if a “pattern or practice” of cybersquatting can be demonstrated.

CADNA has been pretty quiet for the last few years.

Before the US elections last November, its most recent press release dated from October 2013.

The group is managed by the same people who run Fairwinds Partners, a new gTLD consultancy specializing in managing dot-brand gTLDs for some of the world’s biggest names.

Its gTLD clients include L’Oreal, Marriott and Walmart.

Fairwinds used its links to CADNA and its staunch opposition to the new gTLD program to pitch for these clients back in 2012.