Latest news of the domain name industry

Recent Posts

.sucks registry probably “connected” to mass cybersquatter, panel rules

Kevin Murphy, August 19, 2021, Domain Registries

Vox Populi, the .sucks registry, is probably affiliated with and financially benefiting from a mass cybersquatter, a panel of domain experts has said.

In the UDRP case of Euromaster v Honey Salt, a three-person panel handed the complainant the domain euromaster.sucks, ruling that it was a case of cybersquatting.

It’s one of 21 .sucks UDRP complaints filed against Honey Salt, a Turks & Caicos company operating under unknown ownership believed to own hundreds or thousands of brand-match .sucks domains.

It’s lost 17 of the 19 so-far decided cases. It also won one case on a technicality and another early case on the merits after mounting a free-speech defense that subsequent panels have not bought.

What’s new about this one is that the WIPO panel — Lawrence Nodine, Douglas Isenberg and Stephanie Hartung — is the first to follow the money and openly infer a connection between Honey Salt and Vox Pop.

The panel said that it “infer[s] that the Respondent [Honey Salt] and Registry [Vox Pop] are connected”, and that Vox is probably trying to make money by charging trademark owners premium fees for their own brands.

Vox Pop has previously denied such a connection, when I first made the same inference last October.

Regular readers will recall that Honey Salt has registered hundreds of .sucks domains and pointed them to a wiki-style web site called Everything.sucks, ostensibly run by a third-party, US-based non-profit.

Rather than containing original “gripe” content, which could easily enable it to win a free-speech UDRP defense, Everything.sucks simply populates its site with poor-quality, context-free content scraped by bots from social media and third-party web sites such as TrustPilot and GlassDoor.

Originally, each page carried a banner linking to a secondary market page at Uniregistry or Sedo where the domains could be purchased, often at cost price.

That quickly disappeared when the first UDRP cases started rolling in, and earlier this year Everything.sucks said on each page that it refused to sell its domains to anyone, instead offering a free transfer.

It even published the pre-authorized transfer codes on each page, meaning literally anyone could seize control of the domain in question without asking permission from or negotiating with Honey Salt in advance.

The problem with that is that transfers are not free. Some domains are flagged as premium — including lots of brand-matches — and have transfer fees in the thousands of dollars. Even the cheapest still carry the base registry fee.

Many registrars steer well clear of this model, disallowing any .sucks transfers.

One registrar that reliably does allow .sucks transfers is Rebel, which is sister company to Vox Pop under the Momentous group of companies. It offers .sucks domains at the registry wholesale fee, which is $200 for an non-premium.

It’s been painfully obvious since the outset that the only parties that stand to make a profit on the Everything.sucks business model are the registry and its affiliated companies — it simply doesn’t make sense that Honey Salt would invest hundreds of thousands of dollars in trademark-infringing domains, simply to hand them over at cost.

But the Euromaster panel is the first to infer the connection, or at least the first to publicly infer the connection.

Euromaster had filed a supplemental document in its complaint pointing out that the “free” transfer of euromaster.sucks would in fact cost a “premium” fee of $2418.79. The registrar quoting that fee is not revealed.

The WIPO panel asked Honey Salt for an explanation and it sounds like it got a bunch of procedural waffle in response.

This led to the following discussion, to which I’ve added some emphasis:

The Panel also finds that Respondent [Honey Salt] has failed to show that it has no financial interest in the Disputed Domain Name. Complainant’s Supplemental submissions demonstrate that Complainant’s chosen registrar quoted a fee of USD 2418.79 to transfer the Disputed Domain Name. Complainant’s report is consistent with M and M Direct Limited v. Pat Honey Salt, Honey Salt Limited, WIPO Case No. D2020-2545, where a different panel conducted an independent investigation and reported that the domain name at issue in that case was not offered “free” as promised, but instead that registrars classified the domain names at issue as “premium” and quoted transfer fees of USD 3,198 and USD 4,270 respectively.

This directly contradicts any claim to be offering a free and noncommercial service, and given that any registration would result in a fee being paid to the Registry by a registrar, leads the Panel to infer that the Respondent [Honey Salt] and Registry [Vox Pop] are connected.

Given the prior decision in M and M Direct, and the evidence that Complainant’s Supplemental submissions, the Panel afforded Respondent an opportunity to submit additional argument and evidence to explain the inconsistency. Respondent made no effort to do so, but instead only opposed consideration of Complainant’s supplemental evidence and repeated its previous contentions. The Panel rejects the objections to Complainant’s Supplemental submission, and emphasizes that Respondent was given an opportunity fully to respond.

The Panel finds that Complainant’s evidence raises substantial questions about the credibility of Respondent’s assertion that it has no financial interest in the Disputed Domain Name and whether Respondent’s offer to transfer the Disputed Domain might, directly or indirectly, financially benefit Respondent. Accordingly, the Panel finds that Respondent has not carried its burden to show that its use is noncommercial

In other words, the panel suspects that Vox Pop is in on Honey Salt’s bulk-cybersquatting game.

The closest any other UDRP panel has come to making this link was in a recent case filed by multiple, unrelated trademark owners, where the panel, while denying the complaint on procedural grounds, suggested that aggrieved trademark owners instead invoke ICANN’s Trademark Post Delegation Dispute Resolution Procedure.

The Trademark PDDRP is a mechanism — so far unused and untested — that allows trademark owners to allege registry complicity in cybersquatting schemes. Think of it like UDRP for cybersquatting registries.

Frankly, I’m amazed it hasn’t been used yet.

Panel hands .sucks squatter a WIN, but encourages action against the registry

A UDRP panel has denied a complaint against .sucks cybersquatter Honey Salt on a technicality, but suggested that aggrieved trademark holders instead sic their lawyers at the .sucks registry itself.

The three-person World Intellectual Property Organization panel threw out a complaint about six domains — covestro.sucks, lundbeck.sucks, rockwool.sucks, rockfon.sucks, grodan.sucks, tedbaker.sucks, tedbaker-london.sucks, and tedbakerlondon.sucks — filed jointly by four separate and unrelated companies.

The domains were part of the same operation, in which Turks & Caicos-based Honey Salt registers trademarks as .sucks domains and points them at Everything.sucks, a wiki-style site filled with content scraped from third-party sites.

Honey Salt has lost over a dozen UDRP cases since Everything.sucks emerged last year.

But the WIPO panel dismissed the latest case without even considering the merits, due to the fact that the four complainants had consolidated their grievances into a single complaint in an apparent attempt at a “class action”.

The decision reads:

although the Complainants may have established that the Respondent has engaged in similar conduct as to the individual Complainants, which has broadly-speaking affected their legal rights in a similar fashion, the Complainants do not appear to have any apparent connection between the Complainants. Rather it appears that a number of what can only realistically be described as separate parties have filed a single claim (in the nature of a purported class-action) against the Respondent, arising from similar conduct. As the Panel sees it, the Policy does not support such class actions

The panel decided that to force the respondent to file a common response to these complaints would be unfair, even if it is on the face of it up to no good.

Making a slippery-slope argument, the panel suggested that to allow class actions might open up the possibility of mass UDRP complaints against, for example, domain parking companies.

So the case was tossed without the merits being formally considered (though the panel certainly seemed sympathetic to the complainants).

But the sting in the tale comes at the end: the panel allowed that the complainants may re-file separate complaints, but also suggested they invoke the Trademark Post Delegation Dispute Resolution Procedure.

That’s interesting because the Trademark PDDRP, an ICANN policy administered by WIPO and others, is a way to complain about the behavior of the registry, not the registrant.

It’s basically UDRP for registries.

The registry for .sucks domains is Vox Populi, part of the Momentous group of companies. It’s denied a connection to Honey Salt, which uses Vox sister company Rebel for its registrations.

According to ICANN: “The Trademark PDDRP generally addresses a Registry Operator’s complicity in trademark infringement on the first or second level of a New gTLD.”

Complainants under the policy much show by “clear and convincing evidence” that the registry operator or its affiliates are either doing the cybersquatting themselves or encouraging others to do so.

There’s no hiding behind shell companies in tax havens — the policy accounts for that.

The trick here would be to prove that Honey Salt is connected to Vox Pop or the Momentous group.

Nothing is known about the ownership of Honey Salt, though Whois records and UDRP decisions identify a person, quite possibly a bogus name, as one “Pat Honeysalt”, who has no digital fingerprint to speak of.

The most compelling piece of evidence linking Honey Salt to Vox is gleaned by following the money.

The current business model is for Everything.sucks to offer Honey Salt’s domains for “free” by publishing transfer authorization codes right there on the squatted domain.

But anyone attempting to claim these names will still have to pay a registrar — such as Rebel — a transfer/registration fee that could be in excess of $2,000, most or all of which flows through to Vox Pop.

If we ignore the mark-up charged by non-Rebel registrars, the only party that appears to be profiting from Honey Salt’s activities appears to be the .sucks registry itself, in other words.

On its web site, Everything.sucks says it’s a non-profit and makes the implausible claim that it’s just a big fan of .sucks domains. Apparently it’s a fan to the extent that it’s prepared to spend millions registering the names and giving them away for free.

An earlier Everything.sucks model saw the domains listed at cost price on secondary market web sites.

The Trademark PDDRP, which appears to be tailor-made for this kind of scenario, has not to my knowledge been used to date. Neither WIPO nor ICANN have ever published any decisions delivered under it.

It costs complainants as much as $30,500 for a three-person panel with WIPO and has a mandatory 30-day period during which the would-be complainant has to attempt to resolve the issue privately with the registry.

The six domains in the UDRP case appear to have all gone into early “pending delete” status since the decision was delivered and do not resolve.

Honey Salt stops responding to .sucks cybersquatting complaints

Kevin Murphy, May 27, 2021, Domain Policy

.sucks cybersquatter Honey Salt has stopped responding to UDRP and URS complaints related to the affiliated Everything.sucks web site.

Three UDRP decisions and one URS decisions resolved since early April have stated that the shadowy Turks & Caicos company defaulted or did not respond to the complaints.

It lost all four cases, all on pretty much the same grounds, losing its domains or having them suspended as a result.

Panelists concluded that while Everything.sucks presents itself as a grassroots free-speech wiki populated by user-generated content, in reality it’s just stuffed with undated, anonymous, context-free comments scraped from third-party web sites and designed to pressure brand owners into buying their .sucks domains.

Honey Salt has been hit with 19 UDPR and URS complaints covering 27 .sucks domains since last September. It’s lost all bar one of those that have been decided, an early UDRP in which the panelist bought its free-speech defense.

With the precedent that Everything.sucks is a cybersquatting enterprise pretty solidly set, it presumably doesn’t make much sense for Honey Salt to pay expensive lawyers to put up a defense any more.

In earlier cases, when Honey Salt was still responding, the company was represented by Orrick, Herrington & Sutcliffe, the US law firm that has also worked for .sucks registry Vox Populi.

Locked-down .music could launch this year

One of the most heavily contested new gTLDs, .music, could launch this year after new registry DotMusic finally signed its Registry Agreement with ICANN.

The contract was signed over two years after DotMusic prevailed in an auction against Google, Amazon, Donuts, Radix, Far Further, Domain Venture Partners and MMX.

It seems the coronavirus pandemic, along with ICANN bureaucracy, was at least partly to blame for the long delay.

I speculated in April 2019 that .music could launch before year’s end, but this time DotMusic CEO Constantinos Roussos tells me a launch in 2021 is indeed a possibility.

The contract the company has signed with ICANN contains some of the most stringent restrictions, designed to protect intellectual property rights, of any I’ve seen.

First off, there’s going to be a Globally Protected Marks List, which reserves from registration the names of well-known music industry companies and organizations, and platinum-selling recording artists.

Second, registrants are going to have to apply for their domains, proving they are a member of one of the registry’s pre-approved “Music Community Member Organizations”, rather than simply enter their credit card and buy them.

DotMusic will verify both the email address and phone number of the registrant before approving applications.

There’s also going to be a unique dispute resolution process, a UDRP for copyright, administered by the National Arbitration Forum, called the .MUSIC Policy & Copyright Infringement Dispute Resolution Process (MPCIDRP).

Basically, any registrant found to be infringing .music’s content policies could be slung out.

The content policies cover intellectual property infringement as you’d expect, but they also appear to cover activities such as content scraping, a rule perhaps designed to capture those sites that aggregate links to infringing content without actually infringing themselves.

The registry is also going to ban second-level domains that have been used to infringe copyright in other TLDs, to prevent the kind of “TLD-hopping” outfits like The Pirate Bay have engaged in in the past.

In short, it’s going to be one of the least rock-n-roll TLDs out there.

Tightly controlled TLDs like this tend to be unpopular with registrars. Despite the incredibly strong string, my gut feeling is that .music is going to be quite a low-volume gTLD. There’s no word yet on pricing, but I’d err towards the higher end of the spectrum.

Everything.sucks publishes transfer auth codes for thousands of domains in latest .sucks pimpage

Kevin Murphy, April 19, 2021, Domain Registries

Everything.sucks, which is quickly emerging as one of the world’s most prominent organized cybersquatting projects, has a novel new way to sell .sucks domains without, technically, selling them.

The company, which casts itself as a “non-profit organization and communications forum for social activism” has published the transfer authorization codes for what appears to be the thousands of .sucks domains in its portfolio.

This means that anyone can transfer any of the company’s .sucks domains into their own registrar account with just a few clicks and without asking the current registrant — if they can afford the exorbitant transfer fee and don’t mind legal exposure.

You may recall that Everything.sucks is a Wikipedia-style web site that is fed by traffic from thousands of .sucks domains that, as the company freely admits, match the trademarks of famous companies.

Typing poptarts.sucks into your browser address bar will take you to the Everything.sucks wiki pages for Pop-Tarts, which contains content critical of the brand scraped from third-party web sites.

Everything.sucks emerged last year, and in October I reported that hundreds of .sucks domains were pointing there.

At the time, the web site carried banner ads on each brand’s page that took visitors to secondary-market sales pages at Sedo or Uniregistry, where the price was usually the same as the .suck’s registry’s wholesale price of $200.

I thought it was weird that a registrant at the very least flirting with cybersquatting would put up their domains at cost price, but Vox Populi, the registry, denied any involvement with the domains.

The registrant of these names, according to several UDRP decisions that it lost, is a probably fictitious individual named Pat Honeysalt, from a company called Honey Salt Ltd based in either Turks & Caicos or the UK.

Honey Salt has told UDRP panels that it registers the names on behalf of Everything.sucks. Given the volume of registrations, it must have spent many millions of dollars.

In any event, shortly after the UDRP cases started trickling in and not long after DI’s initial coverage, the banner ads on the .sucks pages disappeared.

And now, the auth codes have appeared. It looks like this:

Poptarts

Publishing auth codes right there on its web site appears to be the latest stage in a cat-and-mouse game Everything.sucks is playing with the trademark lawyers pursuing it through the UDRP process.

The boilerplate reads:

We occasionally buy a dot sucks domain and point it at a specific page. We do this to bring awareness to our site and because, well, we love the dot sucks domain. If you ask us if we would sell the domain, our answer is simple. Absolutely not. We will give it to you.

It’s not technically offering to sell these domains any more, right? As far as this nominal non-profit is concerned, it’s giving them away for free to anyone who wants them, including the brand’s owner.

But if you want the names, you’ve still got to pay for the transfer, of course. In the case of poptarts.sucks, it’s $2,399 at the registrar screen-capped below. Another registrar has the same name priced at $2,599.99.

Poptarts

If we’re following the money here, the only beneficiaries that spring to mind are Vox Pop, which gets its fat-margin registry fee, and the hapless registrar, which gets whatever its markup on a .sucks domain transfer is.

I tried these auth codes at six leading registrars and found that four of their shopping carts informed me point-blank that they do not support .sucks transfers at all.

.sucks mystery deepens. Who the hell is Pat Honeysalt?

Kevin Murphy, March 24, 2021, Domain Registries

Another two .sucks domain names registered by the gTLD’s most prolific registrant have been found to be cases of cybersquatting, but now the squatter’s true identity is becoming more opaque.

In two recently decided UDRP cases before WIPO, registrant Honey Salt Ltd was found to have cybersquatted by registering and offering for sale bfgoodrich.sucks, uniroyal.sucks and tetrapak.sucks.

While earlier cases filed with the Czech Arbitration Forum had identified Honey Salt as a Turks & Caicos company, the latest few WIPO cases say it is a UK-based company.

However, searches at UK Companies House do not reveal any company matching that name.

The latest WIPO cases also identify an individual allegedly behind said company as a respondent, one “Pat Honeysalt”.

That’s either a pseudonym, or we’ve found one of those people who have somehow managed to keep their name out of Google’s index despite being well-funded and tech-savvy.

Honey Salt is believed to be the registrant of thousands of .sucks domains, all matching the trademarks of big companies, which all point to Everything.sucks, a wiki-style web site comprising scraped third-party criticism targeting the brands in question.

Its defense in its UDRP cases to date has been that it is providing non-commercial free speech criticism, and that the inclusion of “.sucks” in the domain means users could not possibly believe the site is officially sanctioned by the brand.

All but one UDPR panel has so far not believed this defense, with panelists pointing out that the domains in question are usually listed for sale on the secondary market (sometimes at cost, sometimes at an inflated price).

They further point out that the criticism displayed on the Everything.sucks site was written by third parties, often prior to the registration of the domain in question, so Honey Salt cannot claim to be exercising its own free-speech rights.

Honey Salt is represented in its UDRP cases by the very large US-based law firm Orrick, Herrington & Sutcliffe, which also represents .sucks registry Vox Populi.

Security firm sues Facebook to overturn UDRP loss of “good faith” typo domains

Kevin Murphy, February 11, 2021, Domain Services

Security company Proofpoint has sued Facebook in order to keep hold of several typo domains that are deliberately intended to look like its Facebook and Instagram brands.

Proofpoint wants an Arizona court to declare that facbook-login.com, facbook-login.net, instagrarn.ai, instagrarn.net and instagrarn.org are not cases of cybersquatting because they were not registered in bad faith.

Proofpoint — a $7 billion company that certainly does not phish — uses the domains in anti-phishing employee training services, as it describes in its complaint:

Proofpoint uses intentionally domain names that look like typo-squatted versions of recognizable domain names, such as , and the other Domain Names at issue in these proceedings.

By using domain names similar to those of well-known companies, Proofpoint is able to execute a more effective training program because the workforce is more likely to learn to distinguish typo-squatted domains, which are commonly abused by bad actors to trick workers, from legitimate domain names.

Employees who click the bogus links are taken to harmless web pages describing how they were duped.

The court case comes shortly after Facebook prevailed in a UDRP case filed with WIPO.

In that case, the panelist decided that Proofpoint had no legitimate interest in the domains because they led to web sites that linked to Proofpoint’s web site, where commercial services are offered.

He therefore found that the names had been registered in bad faith, because visitors could assume that Facebook or Instagram in some way endorsed these services.

Proofpoint wants the court to reverse that decision and allow it to keep the names. Here’s the complaint (pdf).

It strikes me as at the very least bad form for Facebook to go after these domains, given that Proofpoint is tackling the Facebook phishing problem at source — user idiocy — rather than the reactive, interminable UDRP whack-a-mole Facebook seems to be engaging in.

WIPO handles 50,000th UDRP case as coronavirus drives complaints

Kevin Murphy, November 30, 2020, Domain Policy

The World Intellectual Property Organization handled its 50,000th UDPR case on November 20, the organization has announced.

It’s taken WIPO, which designed the policy and was the first to administer it back in 1999, over two decades to reach this milestone.

WIPO said that the 50,000 cases cover almost 91,000 domains, with complaints and respondents from over 180 countries.

The organization believes the coronavirus pandemic this year has driven growth, with an 11% increase in cases recorded between January and October. There were 3,405 cases over this period.

Erik Wilbers, director of the WIPO Arbitration and Mediation Center, said in a press release:

With a greater number of people spending more time online during the pandemic, cybersquatters are finding an increasingly target-rich environment. Rights owners, meantime, are stepping up their brand enforcement on the Internet as they further shift to marketing and selling online.

Free speech, or bad faith? UDRP panels split on Everything.sucks domains

Kevin Murphy, October 22, 2020, Domain Policy

The first wave of UDPR cases targeting domains used by Everything.suck have seen split decisions by the panels.

At least four .sucks domains, all owned by the same Turks and Caicos company, have been hit by UDRP complaints recently, and two have already been decided.

One case, over the domain miraplex.sucks, resulted in victory for the registrant while the other, over bioderma.sucks, led to defeat and a transfer.

Both domains are owned by Honey Salt Ltd, and both redirect to a page on Everything.sucks, a Wikipedia-style site that uses content scraped from third-party sites and social media to present a scrappy form of gripe microsite.

In both UDRP cases, Honey Salt chose to mount a “free speech” defense, claiming that it had rights to the names because they were being used to publish criticism of the brands in question.

As I noted last week, UDRP panels have historically been divided on when this defense should be successful. WIPO guidance suggests that gripe sites should be permitted as long as the criticism is genuine and non-commercial.

But Everything.sucks was decidedly commercial at the time these two complaints were filed. Each site featured a banner leading to a page on Sedo or Uniregistry where the domain could be purchased (usually at registry wholesale prices).

Miraplex is a brand of Parkinson’s disease medicine. In this case, the panel decided that the complainant, a pharmaceuticals company, failed to make the case that Honey Salt had no legitimate interests in the domain, writing:

the Complainant argues that the website linked to the disputed domain name displays information about the Complainant and its MIRAPEX medicines, but failed to explain (let alone substantiate) why this should be regarded as a lack of rights or legitimate interests in the disputed domain name (which seems to have a criticism purpose). Also, the Panel finds that the offering for sale of a domain name is not by itself a proof of lack of rights or legitimate interests.

The panel seems to have given special consideration to the fact that it’s a .sucks domain, where one might expect to see criticism.

Given the nature of the “.sucks” domain name gTLD, and given the evidence (or lack of evidence) submitted by the parties, the Panel finds that the Complainant did not prove that the Respondent lacks rights or legitimate interests in the disputed domain name. In particular, the Panel would have expected the Complainant to target its arguments and evidence to the specific criticism-nature of “.sucks” domain names (which the Complainant failed to do).

The decision is written in such a way as to suggest that it is the complainant’s lack of substantiating evidence, rather than the panel’s gullibility, that is to blame for the complaint failing.

The Panel finds that the Respondent’s claim that the website available through the disputed domain name has a criticism purpose is not devoid of credibility. The Panel would have expected the Complainant to argue (and corroborate) why it considers this “.sucks” domain name and its purported free expression character as a “smoke screen” and why it is of the opinion that the predominant purpose of the Respondent is to sell this domain name rather than to provide a forum for discussion and criticism. The Complainant did not explain nor substantiate why it considers the criticism character of this website as a pretext. The Panel also finds that the offering of a domain name for sale is not by itself evidence of bad faith.

The bioderma.sucks case is an entirely different story, with the panel writing that Honey Salt’s “entire endeavour seems to the Panel to be a pretext for commercial activity”.

Honey Salt’s “pretext” is that it registers domain names on behalf of a non-profit entity called Everything Sucks Inc, which appears to have been formed in Delaware this April. It told the Miraplex panel that whenever a wiki page is created at Everything.sucks, it registers the corresponding domain name.

Given that over two thousand .sucks domains were registered in June in the space of a couple days, that seems unlikely to me.

The Bioderma panel wasn’t buying it either.

The process by which the disputed domain name was registered seems to be automatic and, importantly, took place before any criticism whatsoever was even present on the website (as may be inferred from the Parties’ evidence, namely the Complainant’s screenshot of June 24, 2020). The alleged criticism seems to have been added as an afterthought between that date and the date when the Response was filed, further calling its genuineness into question.

It also noted that the content of the site comes from third parties, rather than the registrant, again calling its genuineness into question. The panel added:

Even assuming a third party generated the page on the Respondent’s website in order to engage in non-commercial criticism, rather than the Respondent itself, the Respondent immediately proceeds to exploit the position commercially by registering and offering the disputed domain name for sale.

This blatant commercial use was important to the panel in establishing a lack of legitimate interests and also bad faith.

Respondent’s approach was to take unfair commercial advantage of the Complainant’s name and trademark while having no actual criticism or free speech of its own in which to engage. It looked to sell the disputed domain name on the open market before any criticism had even been published. The fact that the disputed domain name is used for a web page not containing genuine criticism content but only automatically generated links loosely related to the Complainant’s product (as demonstrated by the Complainant’s screenshot dating from before the filing of the present Complaint) constitutes further evidence of bad faith. The fact that the disputed domain name is used in a page containing links to other companies and where the relevant domain names (to which the links point) are systematically put on sale by the Respondent is additional evidence of cybersquatting.

The panel ordered bioderma.sucks transferred.

Two cases, two very different outcomes.

Both complaints were filed at the Czech Arbitration Court by the same lawyer within a few days of each other, and were decided within a week of each other, but by different three-person panels.

With this in mind, it seems likely that both panels were presented with a very similar set of facts and evidence, and that the make-up of the panel was important to which party emerged victorious.

Two additional cases, bfgoodrich.sucks and mandmdirect.sucks, both Honey Salt domains, are currently active at WIPO. It’s unclear whether they were filed before or after Everything.sucks removed its banner ads, which happened about a week ago.

That .sucks weirdness? Worse than I thought

Kevin Murphy, October 16, 2020, Domain Registries

A business plan to turn .sucks into a massive Wikipedia-style gripe site, described by trademark lawyers five years ago as a “shakedown”, has reared it ugly head again.

You may recall that earlier this week I reported how somebody had registered many hundreds of .sucks domain names and listed them for sale on secondary market web sites at cost price. It looked weird, almost as if the registry or an affiliate was the registrant, which the registry denied.

It turns out I only told you half the story, for which I can only apologize.

At the time, the domains in question were not resolving for me, probably due to my terrible, block-happy ISP. But now they are resolving, and they reveal the return of Everything.sucks, a plan first floated by the .sucks registry in 2015.

It’s a network of hundreds of .sucks micro gripe-sites, each targeted to a specific brand and each each populated with content scraped, usually without citation, from Wikipedia, social media, and consumer-review aggregator web sites.

Here’s where jackdaniels.sucks takes you, for example (click to enlarge).

Jack Daniels sucks

The description of the company is taken from Wikipedia. The customer comments below are taken from reviews of an apparently unrelated company called The Whisky Exchange published by TrustPilot, and the social media posts have been pulled from Instagram users deploying the hashtag #jackdanielssucks.

Other pages on the site seem to scrape content from GlassDoor, a site where employees review their employers.

While there’s nothing wrong with gripe sites, automating their creation over hundreds or even thousands of brands that you don’t genuinely have gripes with seems, charitably, churlish.

And these gripe sites are — or at least were — being monetized.

You’ll see a banner ad in the top-right corner of the above screen-grab, offering jackdaniels.sucks for sale. The link took you to a page on Sedo that offers the domain for sale with a buy-now price of $199 (the same as the registry’s wholesale fee).

Banners on other pages led to landers on GoDaddy-owned Uniregistry.com with prices of $599.

These banners, which appeared on every brand’s page that I checked, seem to have disappeared at some point over the last two days. I’m sure the change is unrelated to the fact that I started asking .sucks registry Vox Populi and parent Momentous difficult questions about these trademark-match domains on Wednesday.

While UDRP panels have disagreed over the years, there’s precedent dating back two decades that “trademarksucks.tld” domains with sites that contain genuine, non-commercial criticism can confer legitimate rights to the registrant and are therefore NOT cybersquatting.

I doubt a site that actively tries to sell the domain name in question for above out-of-pocket costs could be considered non-commercial.

Still, it looks like those banners are gone now, and I can’t find any other examples of obvious monetization.

I use jackdaniels.sucks as an example here as it’s the site I took a screenshot of before the changes, but there are many hundreds of similar trademark-match domains being used to feed traffic to Everything.sucks.

I note that unitedinternet.sucks, named after the parent company of Sedo, is for sale for $199 on Sedo and leads to a gripe site on Everything.sucks containing less-than-complimentary remarks. It’s for sale at $599 on Uniregistry.

But who is Everything.sucks?

The concept itself originates with the .sucks registry itself. Before the TLD launched in 2015, it floated the idea to a tsunami of criticism from trademark owners.

The plan back then was to sell .sucks domains for .com prices — a discount of a couple hundred dollars — but only to registrants unaffiliated with the trademark owner. These registrants would have had to forward their domains to an Everything.sucks-branded discussion forum.

Back then, Vox Pop said it planned to work with a non-for-profit third party on this initiative.

That third party never materialized, and later in 2015 appeared to mutate into a system called This.sucks, operated by a company called This.sucks Ltd, which took over the Everything.sucks domain name.

This.sucks sold .sucks domains for $12 a year, with the domains pointing to a forum/blogging platform that the company hoped to monetize.

Both This.sucks and Vox Pop denied there was any link between the two companies, but I later uncovered a lot of compelling circumstantial evidence linking the two companies, including the fact that Rob Hall, CEO of Vox Pop parent Momentous, paid for This.sucks’ web site design.

This.sucks appears to have fizzled out in the intervening years, but now Everything.sucks is back with a mystery registrant snapping up thousands of domains, at a cost of at least half a million bucks, under the Everything.sucks brand.

Public Whois is useless nowadays, of course.

But the front page of Everything.sucks describes it as “a non-profit organization and communications forum for social activism”.

Many of the domains that redirect to its site appear to be registered to a Turks and Caicos company called Honey Salt Ltd, a name that does not naturally suggest a non-profit entity.

Others use Momentous’ domain privacy service. All appear to be registered via Momentous-owned registrar Rebel, which sells .sucks domains at cost and is therefore one of the cheapest registrars on the market.

Back in 2015, intellectual property interests expressed doubt that the proposed Everything.sucks third party and the This.sucks third party were not in fact just smokescreens, fronts for the registry itself.

Vox Pop CEO John Berard on Wednesday denied to DI that the company had any involvement in the recent spurt of trademark-match registrations being used by Everything.sucks and expressed a lack of knowledge about the registrant’s intent.

I’ve not yet received comment from Momentous, but I’d be very surprised if the company does not know who is behind Everything.sucks.

At the very least, Vox Pop and Rebel are both privy to the unexpurgated Whois and/or customer records for whoever is running Everything.sucks and whoever it is that has grown the .sucks zone file by about 50% since June.