Latest news of the domain name industry

Recent Posts

Another single-TLD brand protection service planned

BestTLD is planning to introduce a trademark-blocking service covering its single new gTLD, .best.

The company has asked ICANN for permission to launch what it calls the Best Protection service, which would provide domain blocks in lieu of defensive registrations in .best.

The service is similar to Donuts’ Domain Protected Marks List and other industry offerings, but is perhaps most comparable to the Trademark Sentry offering .CLUB Domains came up with a few years ago.

While DPML lets brands block their marks as domains across Donuts’ entire stable of almost 300 TLDs, BestTLD’s offering, like .CLUB’s, focuses instead on blocking marks as a substring in a single TLD.

In other words, Facebook could subscribe to the service for the string “facebook” and it would block domains such as “facebook-login.best”.

A good thing about such services from a registry’s perspective is that, unlike domains, the same string can be sold multiple times to different owners of the same trademarked string.

The registry has filed a Registry Services Evaluation Process request with ICANN and said it is ready to launch with back-end provider CentralNic whenever it gets approval.

Pricing was not disclosed, but if .CLUB’s $2,000 tag is any guide one might expect a super-premium fee.

Regular .best domains sell for about $20 a year and over 30,000 have been registered to date.

UDRP comments reveal shocking lack of trust in ICANN process

Kevin Murphy, April 26, 2022, Domain Policy

Is trust in the ICANN community policy-making process on the decline? Submissions to a recent public comment period on UDRP reform certainly seem to suggest so.

Reading through the 41 comments filed, it’s clear that while many community members and constituencies have pet peeves about UDRP as it stands today, there’s a disturbing lack of trust in ICANN’s ability to reform the policy without breaking it, and very little appetite for a full-blown Policy Development Process.

It’s one area where constituencies not traditionally allied or aligned — such as domain investors and intellectual property interests — seem to be on the same page.

Both the Intellectual Property Constituency and the Internet Commerce Association are among those calling for any changes to UDRP to be drafted rapidly by subject-matter experts, rather than being opened to full community discussion.

The IPC called the UDRP “a vital and fundamental tool that has a long and proven track record”, saying it has “generally been consistently and predictably applied over the course of its more than 20-year history”. Its comment added:

it is critically important that future policy work regarding the UDRP not diminish, dilute, or otherwise undermine its effectiveness. Such policy work should be extremely deferential to and reliant on the input of experts who have actual experience working with and within the UDRP system, and resistant to efforts that would weaken the UDRP system; any such work should be based on facts and evidence of problems in need of a systematic policy-level solution, and not merely to address specific edge cases, differences of opinion, or pet issues.

That’s pretty much in line with the ICA’s comments, which state that participants in future UDRP reform talks “should be experts… individuals who have extensive personal and practical knowledge of the UDRP through direct personal involvement”.

That language — in fact several paragraphs of endorsement for an expert-driven effort — appears almost verbatim in the separately filed comments of the Business Constituency, of which the ICA is a member.

The ICA’s reluctance to endorse a full-blown PDP appears to come from the experience of the Review of all Rights Protection Mechanisms in all gTLDs PDP, or “Phase 1”, which ran from 2016 to 2020.

That working group struggled to reach consensus on even basic stuff, and at one point frictions reached a point where allegations of civility rules breaches caused warring parties to lawyer up.

“Phase 1 was lengthy, unproductive, inefficient, and an unpleasant experience for all concerned,” the ICA wrote in its comments.

“Perhaps the biggest problem with Phase 1 was that structurally it was inadvertently set up to encourage disagreements between interest groups rather than to facilitate collaboration, negotiation, and problem solving,” it said.

The BC arguable goes further in its deference to experts, calling on ICANN to invoke section 13.1 of its bylaws and drag the World Intellectual Property Organization — leading UDRP provider and drafter of the original 1999 policy — as an expert consultant.

The BC also wrote:

It is imperative that stakeholders do not unnecessarily open up a can of worms with the UDRP through destabilizing changes; rather, they should take a focused and targeted approach, only entertaining improvements and enhancements which stand a reasonable chance of gaining consensus amongst stakeholders

WIPO itself is thinking along the same lines:

If the choice is made to review the UDRP, the process should be expert-driven and scoped

To avoid undoing the UDRP’s success, ICANN needs to give serious consideration to the weight to be accorded to the various opinions expressed. So-called “community feedback” referred to, for example, in section 4 of the PSR seems to lack specific depth and can seem more ideological or anecdotal

Comments from ICANN’s contracted parties also expressed concerns about a PDP doing more harm than good.

The Registries Stakeholder Group has almost nothing to say about ICANN’s report, but the Registrars Stakeholder Group expressed concerns that “any updates could have unintended consequences resulting in a less effective UDRP”.

It uniquely brought up the issue of volunteer fatigue and ICANN’s cumbersome backlog of work, writing:

Although the RrSG recognizes that there are some minor areas for improvement in the UDRP, it is the position of the RrSG that a full policy development process (PDP) is not necessary. The UDRP was adopted in 1999, and has been utilized for over 60,000 UDRP cases. The RrSG is not aware of any major issues with the UDRP, and is concerned that any updates could have unintended consequences resulting in a less effective UDRP. Additionally, not only is there a backlog of policy recommendations waiting for ICANN Board approval or implementation, but the RrSG is also aware of substantial community volunteer fatigue even for high-priority issues.

These comments were filed in response to a public comment period on an ICANN-prepared policy status report.

Not every comment expressed skepticism about the efficacy of a PDP. Notably, the Non-Commercial Stakeholders Group — the constituency arguably most likely to upset the apple cart if a Phase 2 PDP goes ahead — appears to fully expect that such work will take place.

There were also many comments from individuals, mostly domainers, recounting their own experiences of, and reform wish-lists for, UDRP.

ICANN’s report will be revised in light of these comments and submitted to the GNSO, which will decide what to do with it.

Vox Pop defends its favorite cybersquatter

Kevin Murphy, April 22, 2022, Domain Registries

The .sucks registry, Vox Populi has complained to ICANN about the fact that its biggest customer keeps losing cybersquatting cases.

In its submission to ICANN’s recently closed public comment period on UDRP reform, Vox Pop bemoans the fact that panels keep finding that Honey Salt, a shell company based in a tax haven, isn’t really engaging in non-commercial free speech.

Honey Salt was the registrant of thousands of .sucks domains, all matching famous trademarks, that redirected visitors to a wiki-style gripe site, populated with content scraped from third-parties, at Everything.sucks.

After a long series of lost UDRP cases, Honey Salt started allowing its domains to expire and zone files suggest only a couple hundred or so remain today.

Neither Honey Salt nor Everything.sucks responded to ICANN’s public comment period, which was seeking input on possible changes to UDRP.

But Vox Pop did on their behalf, complaining bitterly that “forum shopping and bias obstruct free speech” and citing mostly Honey Salt’s lost UDRP cases to evidence its arguments:

Despite 4(c)(iii) of the UDRP stating “noncommercial or fair use” is legitimate use of a domain name – numerous UDRP decisions contradict the Policy’s express recognition of fair use and free speech rights in favor of trademark owners. Several recent UDRP decisions have jeopardized free speech rights for all domain name registrants because of the lack of guidance from ICANN and/or a misapplication of free speech rights and/or bias as it relates to criticism sites.

Honey Salt had consistently argued, UDRP decisions show, that Everything.sucks was non-commercial free speech and as such was not cybersquatting under UDRP precedent and WIPO guidance.

But panels repeatedly pointed out that Everything.sucks was in fact commercial.

At first, the site hosted banners linking directly to sales landers for the domains in question — basically asking the brand owners or others to fork out hundreds or thousands of dollars to claim their matching domains.

When panelists got wise to that, the site started instead publishing the transfer authorization codes for the domains in question, so literally anyone could initiate a transfer and take ownership of the name without even asking Honey Salt’s permission — if they were willing to pay the transfer fee.

Everything.sucks and Honey Salt would not have benefited financially from these transfer fees, which often were thousands of dollars, but Vox Pop, and sometimes its registrar sister company Rebel, which sells .sucks names at cost, would.

Everything.sucks has removed the AuthCodes, but in the most-recent .sucks UDRP case Eutelsat v Honey Salt, the panel called the AuthCode scheme “little more than a ruse to generate registration fees in the thousands of dollars range”.

Vox Pop is now complaining to ICANN, I’m guessing with a straight face, that transfer fees are ICANN-mandated and therefore registrants cannot be blamed if registrars charge for transfers:

The panelist, in an unfounded grasp, used the ICANN-mandated transfer fee, charged by the registrar as rationale to find commercial use by the registrant and hence bad faith by the registrant. Other UDRP panels have similarly disingenuously blamed registrants for ICANN-mandated transfer and renewal fees imposed by registrars; panelists argue that the ICANN-mandated transfer is bad faith even though the registrant has no say or participation.

It’s an incredibly ballsy complaint by Vox Pop, given that it is Vox Pop, as the registry, that sets the price for transfers and renewals in .sucks, and that it is Vox Pop, as the Eutelsat panel noted, that has flagged many trademarks as “premium”-tier names that costs thousands of dollars to transfer and renew.

Vox also argues that it is possible for trademark-owners to “forum shop” between the various UDRP providers, in the hope of finding a panel more favorable to intellectual property interests over free speech rights.

It’s certainly not the only ICANN commenter to make this point, but it’s a pretty thin argument in the case of Honey Salt and .sucks.

Vox argues that WIPO repeatedly favors IP rights over free speech rights, and the outcome of Honey Salt’s UDRP cases may indicate why it holds that view.

Of the 20-odd UDRP cases Honey Salt has defended, most were filed with WIPO and all those filed with WIPO resulted in a complainant win. Three were filed with the National Arbitration Forum and three were filed with the Czech Arbitration Court.

The only case Honey Salt won on the merits was Miraplex v Honey Salt, one of the first cases, filed with the Czech Arbitration Court. That panel bought the defense that Everything.sucks was non-commercial free speech.

But one of the panelists in that case later sat on another Czech Arbitration Court case, Cargotec v Honey Salt, which decided in favor of the complaint. The same guy ruling two different ways on almost identical facts does not suggest panelist bias.

While at least one UDRP panel has suggested Honey Salt is just a front for the .sucks registry, Vox Populi has previously denied any connection exists.

TMCH turning off some brand-blocking services

Kevin Murphy, April 13, 2022, Domain Services

The Trademark Clearinghouse is closing down two of its brand protection services after apparently failing to attract and retain registry partners.

The company announced recently that TREx, its Trademark Registry Exchange, will shut down after its customers’ existing subscriptions expire, saying:

The communication that we receive from our agents, resellers, clients and other registries that we have reached out to around improving the product shows that there is currently little appetite for such a service.

TMCH said it may revive the service after the new round of new gTLDs happens.

TREx was a service similar to Donuts’ Domain Protected Marks List and others, whereby trademark owners can block their brands across a multitude of TLDs for a substantial discount on the cost of defensive registrations.

But the TMCH offering was not restricted to one registry’s portfolio. Rather, it consolidated TLDs from multiple smaller operators, including at least one ccTLD — .de — into one service.

It seems to have peaked at 43 TLDs, but lost three when XYZ.com pulled out a couple years ago.

Its biggest partner was MMX, which sold its 22 gTLDs to GoDaddy Registry last year. I’d be very surprised if this consolidation was not a big factor in the decision to wind down TREx.

I’d also be surprised if we don’t see a DPML-like service from GoDaddy before long. It already operates AdultBlock on its four porn-themed gTLDs.

The news follows the announcement late last year that TMCH will also close down its BrandPulse service, which notified clients when domains similar to their brands were registered in any TLD, when its existing subscriptions expire.

Both services leveraged TMCH’s contractual relationship with ICANN, under which it provides functions supporting mandatory rights protection mechanisms under the new gTLD program rules, but neither are ICANN-mandated services.

Cybersquatting cases down in .uk

Kevin Murphy, February 23, 2022, Domain Policy

The number of cybersquatting complaints, and the number of successful cybersquatting complaints, were down in .uk last year, according to new data from local registry Nominet.

Nominet said that its Dispute Resolution Service, which has a monopoly on .uk disputes, handled just 548 cases in 2021, the lowest number in the 20-year history of the DRS.

Only 43% of the complaints resulted in the domain being transferred, Nominet said. That’s down from 46% in 2020, 47% in 2019 and 49% in 2018, it said.

The trends fly in contrast to the UDRP, as least in WIPO’s experience in 2021, where cases were soaring.

General counsel Nick Wenban-Smith said in a press release:

Despite the worldwide shift towards online activity during the pandemic, and WIPO disputes on the increase, we haven’t seen a parallel pick up in the number of .UK domain name disputes for the past two years, but instead are reporting a record low in Complaints filed since the DRS launched back in 2001. We hope this is a result of our continued efforts to make .UK a safe place to be online.

Nominet has some pretty strict takedown practices in place — it will suspend a domain if the police’s intellectual property crime unit tells it to, which could clearly have an impact on the need to employ the DRS.

Is the .sucks mass-cybersquatting experiment over?

Kevin Murphy, February 4, 2022, Domain Registries

The Everything.sucks experiment is mass-cybersquatting .sucks domains may be over and done with.

Thousands of .sucks domains have been deleted in a huge junk drop, newly created domains at Everything.sucks’ registrar of choice have dried up, and there have been no new UDRP cases filed in months.

Everything.sucks, you may recall, is a wiki-style web site where thousands of famous brands and public figures have pages populated by content scraped from third-party sites discussing, on the rare occasion when the scraping works, how terrible they are.

When the site emerged in 2020, it was a redirect destination for around 2,000 .sucks domains that exactly matched those brands. You typed jackdaniels.sucks into your browser, you wound up at the Jack Daniels page at Everything.sucks.

Various attempts were made at monetizing these names by persuading the brand owners to purchase or transfer them for fees measured in the hundreds, or more usually thousands, of dollars.

The domains were registered to a Turks & Caicos company called Honey Salt and a likely fictitious individual named Pat Honeysalt or Pat Collins. The registrant has fought 21 UDRP cases, most of which it lost, since July 2020.

There hasn’t been a UDRP complaint filed against a .sucks domain since November 2021, and this may be because most of Honey Salt’s domains were only registered for one year and have since expired and dropped.

Registry transaction reports filed with ICANN by .sucks registry Vox Populi show the registrar Rebel.com — Vox’s sister company and Honey Salt’s registrar of choice — deleted 2,179 .sucks domains in September 2021.

That’s very close to the 2,184 one-year adds Rebel recorded in June 2020.

The most likely interpretation of this data, in my view, is that it’s Honey Salt’s first junk drop — the company let the domains go on expiry having failed to sell them to the brand owners and failed to convince UDRP panels that it wasn’t cybersquatting.

At least couple thousand more .sucks domains were registered via Rebel over the year to June 2021, most likely to Honey Salt, but since then the registrar has been selling no more than two or three new .sucks domains per month.

It looks like Honey Salt stopped buying .sucks domains in bulk several months ago.

And zone files show that the total number of active .sucks domains has continued to decline by the thousands since Vox’s last transaction report, from an August 2021 peak of over 13,000, to fewer than 9,000 today.

If these trends continue, it looks like the experiment in mass cybersquatting might be over by the third quarter, when Honey Salt’s last remaining .sucks domains drop.

UDRP panelists and yours truly have speculated that Vox/Rebel and Honey Salt are probably affiliated, because the registry/registrar are the only parties that stood to benefit from Everything.sucks’ monetization techniques, but Vox has denied a connection.

If you guessed Facebook’s “Meta” rebrand, you’re probably still a cybersquatter

Kevin Murphy, November 3, 2021, Domain Policy

Guessing that Facebook was about to rebrand its corporate parent “Meta” and registering some domain names before the name was officially announced does not mean you’re not a cybersquatter.

Donuts this week reported that its top-trending keyword across its portfolio of hundreds of TLDs was “meta” in October. The word was a new entry on its monthly league table.

We’re almost certainly going to see the same thing when Verisign next reports its monthly .com keyword trends.

The sudden interest in the term comes due to Facebook’s October 28 announcement that it was calling its company Meta as part of a new focus on “metaverse” initiatives.

The announcement was heavily trailed following an October 19 scoop in The Verge, with lots of speculation about what the name change could be.

Many guessed correctly, no doubt leading to the surge in related domain name registrations.

Unfortunately for these registrants, Facebook is one of the most aggressive enforcers of its trademark out there, and it’s pretty much guaranteed that Meta-related UDRP cases will start to appear before long.

While Facebook’s “Meta” trademark was only applied for in the US on October 28, the same date as the branding announcement, the company is still on pretty safe ground, according to UDRP precedent, regardless of whether the domain was registered before Facebook officially announced the switch.

WIPO guidelines dating back to 2005 make it clear that panelist can find that a domain was registered in bad faith. The latest version of the guidelines, from 2017, read:

in certain limited circumstances where the facts of the case establish that the respondent’s intent in registering the domain name was to unfairly capitalize on the complainant’s nascent (typically as yet unregistered) trademark rights, panels have been prepared to find that the respondent has acted in bad faith.

Such scenarios include registration of a domain name: (i) shortly before or after announcement of a corporate merger, (ii) further to the respondent’s insider knowledge (e.g., a former employee), (iii) further to significant media attention (e.g., in connection with a product launch or prominent event), or (iv) following the complainant’s filing of a trademark application.

Precedent for this cited by WIPO dates back to 2002.

So, if you’re somebody who registered a “meta” name after October 19, the lawyers have had your number for the better part of two decades, and Facebook has a pretty good case against you. If your name contains strings such as “login” or similar, Facebook’s case for bad faith is even stronger.

Of course, “meta” is a dictionary word, and “metaverse” is a term Facebook stole from science fiction author Neal Stephenson, so there are likely thousands of non-infringing domains, dating back decades, containing the string.

That doesn’t mean Facebook won’t sic the lawyers on them anyway, but at least they’ll have a defense.

UDRP respondent has name hidden on mental health grounds

Kevin Murphy, October 22, 2021, Domain Policy

An accused cybersquatter has had his or her name redacted from the UDRP record on mental health grounds in what appears to be an unprecedented decision.

The case of Securian Financial Group v [redacted] resulted in the transfer of securian.contact to the complainant, but the ADR Forum panelist did not make a determination on the merits.

Rather, the registrant had asked for the domain to be transferred free of charge and for their personal details to be kept out of the public record, telling the panelist:

I have a documented mental health history. I want to request ICANN and/or the complainant to at least redact my personal information from this case on medical grounds… I do not want to submit or reveal my medical documents to anyone, but if required by ICANN, I will do so.

The registrant said that the case had proved “mentally impactful” and that they did not want their name appearing in search results as it could affect their job and university applications.

The panelist found UDRP precedent of personal information being redacted in cases of identity theft and applied it to these apparently novel circumstances.

Because the respondent offered to freely give up the domain, the panelist did not decide on what would presumably have been a fairly cut-and-dried case.

Guy fills exact-match domain with porn, wins UDRP anyway

Kevin Murphy, October 19, 2021, Domain Policy

A Chinese registrant has managed to survive a UDRP over an exact-match domain name, despite not responding to the complaint and filling the associated web site with porn.

An ADR Forum panelist yesterday ruled the registrant could keep the domain boltonmenk.com (NSFW) despite Bolton & Menk, a Minnesota engineering firm that says it was founded in 1949, claiming infringement of common-law trademark.

Bolton & Menk has used the hyphenated version, bolton-menk.com, since 1996.

The non-hyphenated version at issue in this case has been in the hands of third-party registrants for at least 15 years, with at least 13 drops, according to DomainTools.

It seems to have been mostly parked with regular, inoffensive ads, and it was presumably only the recent addition of hard-core pornography that caught the complainant’s attention.

But the UDPR panelist ruled that Bolton & Menk, which has only a pending US trademark application, had failed to provide enough evidence that its brand also operates as a common-law trademark.

The complaint was therefore dismissed for the complainant’s lack of rights without even considering the registrant’s bad faith or legitimate interests.

It looks like a case of the bad guy getting away with it due to a less-than-comprehensive complaint.

Man with broken shift key sues ICANN and GoDaddy over Bitcoin domain

Kevin Murphy, October 13, 2021, Domain Policy

Sometimes I wonder if all they teach you at American law schools is how to correctly use upper-case letters.

A Georgia man who lost a cybersquatting case with Sotheby’s, concerning his registration of sothebysauctionbitcoin.com, has taken the auction house, along with ICANN, GoDaddy, and ADR Forum to court.

Harris’ case is filed pro se, which is Latin for “he doesn’t have a lawyer, his complaint makes no sense, and the case is going to get thrown out of court”.

He claims a UDRP decision that went against him recently was incorrect, that ADR Forum is corrupt and biased, and that the UDRP itself is flawed.

The domain was registered with GoDaddy, and ADR Forum was the UDRP provider.

He wants his domain back, along with root-and-branch reform of the UDRP and “self-regulating lumbering Monopolistic Behemoth” ICANN, which is apparently still working under the auspices of the US Department of Commerce.

Here’s a flavor of the filing (pdf), which was filed in a Georgia District Court yesterday:

We are ASKING THE Court to find the UDRP (Uniform Dispute Resolution Procedure) #FA2108001961598 (Sotheby’s and SPTC v Harris) Arbitration process and resulting ruling was Fatally Flawed; whereas ICANN failed to properly parse the “Provider” and we believe allowed Sotheby’s Counsel of Record in those proceeding to have specifically chosen ADR Form ADR FORUM whose history is tainted by a Consent Decree in their previous corporate iteration as an arbitration Provider for bad behavior and is also known to be a pro Claimant Provider.

In the version published to PACER, the complaint ends abruptly mid-sentence and seems to have one or more pages missing.

The decision in the original UDRP case is equally enlightening. Harris apparently sent nine responses to the complaint, many of which seemed to argue that Sotheby’s should have made an offer for the domain instead of “intimidating and bullying” him.

Harris apparently argued that the registration was a “legitimate investment”, thereby conferring rights to the domain.

Sole panelist Neil Anthony Brown seems to have taken pity on Harris, who had declared that Sotheby’s citation of previous UDRP cases was “irrelevant”, by deciding the case (against him, of course) without direct reference to prior precedent.

It was basically a slam-dunk decision, as I expect this lawsuit will also be.