Investing in .ad domains may be risky
Domain investors may shoulder additional risk when they register domains in the relaunching .ad TLD, judging by the registry’s new cybersquatting policy.
Andorra Telecom, which will make .ad names generally available globally October 22, has signed up with WIPO to implement an adapted version of the UDRP that is a lot less friendly to domainers.
The new adDRP specifically calls out domaining as an example of “bad faith”, something a complainant must prove if they want to seize a domain matching their trademark. Panels can find bad faith if they see:
circumstances indicating that you have registered or you have acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to another person for valuable consideration in excess of your documented out-of-pocket costs directly related to the domain name
The adDRP also tweaks the usual three-pronged cybersquatting test found in UDRP to make it easier for complainants to get a win, by lowering the evidential bar on registrants’ rights.
Instead of having to prove the registrant has “no rights or legitimate interests” to the domain, adDRP complainants merely need to “declare” that, “to the best of the Complainant’s knowledge”, the registrant has no rights or legitimate interests.
The adDRP also broadens the types of intellectual property rights complainants must have from registered trademarks to, for example, famous personal names and geographical names related to Andorra.
Andorra Telecom announced its relaunch, assisted by Fundació puntCAT and CORE Association, a few months ago. GA pricing is expected to be €15 ($16) a year.
While Andorra is among the world’s smallest nations, its ccTLD is of course an abbreviation of “advertisement” or “advertising” in English and therefore may have broader appeal.
The registry recently launched an English language version of its web site and a bunch of registrars serving the Anglophone market are already signed up.
The plural gTLD version, .ads, belongs to Google but has not yet launched.
First registry gets breach notice over new abuse rules
.TOP Registry allegedly ignored reports about phishing attacks and has become the first ICANN contracted party to get put on the naughty step over DNS abuse rules that came into effect a few months ago.
ICANN has issued a public breach notice claiming that the registry, which runs .top, has also been ignoring the results of Uniform Rapid Suspension cases, enabling cybersquatting to take place.
The notice says that .TOP breached new rules, which came into effect April 5, that require it to act on reports of DNS abuse (such as malware or phishing attacks) by suspending the domains or referring them to the responsible registrar.
The registry didn’t do this with respect to a report of April 18, concerning “multiple .top domain names allegedly used to conduct phishing attacks”. It didn’t even read the report until contacted by ICANN, according to the notice.
As of yesterday, only 33% of the phishing domains have been suspended by their registrars, some three months after the attacks were reported, ICANN says.
Compliance is also concerned that .TOP seems to be ignoring notices from Forum, the company that processes URS cases, requiring domains to be locked within 24 hours when they’ve been hit with a charge of cybersquatting.
The registry “blatantly and repeatedly violated” these rules, according to ICANN.
.TOP has been given until August 15 to get its act together or risk having its Registry Agreement suspended or terminated.
The registry has about three million .top domains under management, having long been one of the most successful new gTLDs of the 2012 round in volume terms. It typically sells domains very cheaply, which of course attracts bad actors.
GoDaddy’s GlobalBlock supports blockchain names
GoDaddy’s Brand Safety Alliance has finally released the list of TLDs supported by its new GlobalBlock brand protection service, and it’s notable for including a couple dozen extensions that aren’t real TLDs at all.
Formally announcing its launch today, the company said GlobalBlock will initially allow trademark owners and others to block their marks and variants in about 600 “extensions” and published the list on its web site.
The term “extension”, as opposed to “TLD”, is important, as the headline number seems to count zones where names are registerable at the third level — so .bar.pro and .cpa.pro and .com.cx and .net.cx, for examples, are individually counted.
I count a total of 457 TLDs on the currently published list, of which 27 are distinct ccTLDs.
But I also about 20 strings that aren’t real TLDs. As well as pseudo-gTLD .it.com, a lot of supported extensions appear to on blockchain naming systems such as Unstoppable Domains (proving, once again, that Unstoppable chose entirely the wrong brand for its service).
The blockchain TLDs currently listed are: .altimist, .anime, .binanceus, .bitcoin, .blockchain, .crypto, .dao, .go, .hi, .klever, .kresus, .manga, .nft, .polygon, .pudgy, .unstoppable, .wallet, .x and .zil.
About 270 of the real gTLDs on the list belong to Identity Digital, with GoDaddy Registry accounting for about 35.
Google Registry has 28 gTLDs on the list, seven of which aren’t even publicly available yet, such as .search and .map. This in either incredibly cheeky — selling blocks in TLDs in which cybersquatting is literally impossible — or a sign that Google plans to release more of its dormant gTLD inventory soon.
Other registries with multi-TLD representation on the list include Global Registry Services, GMO Registry, Internet Naming Co, ZACR and Nominet (though, while .wales and .cymru are currently listed, .uk is not).
Notable by their absence are portfolio registries Radix, XYZ and ShortDot.
UPDATE: This story was updated several hours after publication to remove the reference to Handshake. Unstoppable Domains is the only blockchain naming system to so far be in the GlobalBlock ecosystem.
Dueling domain blocking services to launch at ICANN 79
Norwegian startup NameBlock is set to launch its suite of brand protection and domain security services later this week, with a somewhat different take on the market to its primary competitor.
Recently appointed CEO Pinky Brand tells me the company plans to formally launch March 1, the day before the ICANN 79 public meeting begins in Puerto Rico.
The company is coming out with two services to begin with — BrandLock, which allows trademark owners to block their marks across multiple TLDs, and AbuseShield, which blocks hundreds of variant domains that are considered at the most risk of abuse.
BrandLock is perhaps most directly comparable to the DPML service offered by Identity Digital, GoDaddy’s AdultBlock, and the multi-registry GlobalBlock service that is also due to formally launch in San Juan next week.
The service requires the buyer to own a verified trademark, and the exact match of that mark will be blocked over a multitude of ccTLDs and gTLDs. Brand said reseller partners may choose to bundle different TLDs thematically or offer them as one-offs.
He said he expects it to retail for $40 to $50 per domain per year, so presumably makes the most sense for the more-expensive TLDs or for buyers who have other reasons to want a block rather than a defensive registration.
The value proposition seems a lot clearer for AbuseShield, which is notable for not requiring a trademark to get protection — it’s more of a security pitch than a brand-protection story.
Under AbuseShield, when a registrant buys a name in a participating TLD, they will be given the option to pay to block a couple hundred potentially abusive variant domains in that same TLD, for a far lower cost than they’d pay to defensively register them individually.
Using data from NameBlock’s majority shareholder iQ Global, the company identifies homographic variants and common “abuse prefixes” — strings such as “login” and “https” — to compile a list of domains to be blocked. A feature called VariantCatcher will automatically block already-registered risky domains at the registry when they expire, for no extra cost.
“We want to make the abuse prevention market much, much wider than it has been before,” Brand said. “You’d pay $89 to $129 a year the block the 100 to 250 variations that we know are most likely to be used by someone to do you harm.”
At first, the service will be available through NameBlock resellers, currently those registrars focused on corporate services, but the company plans to make an API available in a few months that will let retail registrars offer the service as an up-sell in their storefront.
At launch, NameBlock has around 15 resellers, such as MarkMonitor, CSC, 101Domain, Encirca and Gandi, Brand said. Registries for about a dozen TLDs will be on board, but Brand said he expects this to grow to 40 to 50 in a couple months.
CoCCA which makes registry software used by 57 ccTLDs, has already announced its support for NameBlock’s services.
Elsewhere at ICANN 79, you’ll find the Brand Safety Alliance, a GoDaddy-led initiative purveying the new GlobalBlock service, which is more of brand-protection play
As I’ve previously blogged, because portfolio registries GoDaddy and Identity Digital are involved, GlobalBlock can provide blocking coverage in hundreds of TLDs — over 560 at the current count — with prices starting at about $6,000 a year retail.
While GlobalBlock and NameBlock are certainly operating in the same space, there appears to be enough variation between the two services that the market might be able to support both.
UK gov takes its lead from ICANN on DNS abuse
The UK government has set out how it intends to regulate UK-related top-level domain registries, and it’s taken its lead mostly from existing ICANN policies.
The Department for Science, Innovation and Technology said last year that it was to activate the parts of the Digital Economy Act of 2010 that allow it to seize control of TLDs such as .uk, .london, .scot, .wales and .cymru, should those registries fail to tackle abuse in future.
It ran a public consultation that attracted a few dozen responses, but has seemingly decided to stick to its original definitions of abuse and cybersquatting, which were cooked up with .uk registry Nominet and others and closely align to industry norms.
DSIT plans to define abuse in the same five categories as ICANN does — phishing, pharming, botnets, malware and vector spam (spam that is used to serve up the first four types of attack) — in its response to the consultation, published yesterday (pdf).
But it’s stronger on child sexual abuse material than ICANN. While registries and registrars have developed a “Framework to Address Abuse” that says they “should” take down domains publishing CSAM, ICANN itself has no contractual prohibitions on such content.
DSIT said it will require UK-related registries to have “adequate policies and procedures” to combat CSAM in their zones. The definition of CSAM follows existing UK law in being broader than elsewhere in the world, including artworks such as cartoons and manga where no real children are harmed.
DSIT said it will define cybersquatting as “the pre-emptive, bad faith registration of trade marks as domain names by third parties who do not possess rights in such names”. The definition omits the “and is being used in bad faith” terminology used in ICANN’s UDRP. DSIT’s definition includes typosquatting.
In response to the new document, Nominet tweeted:
The response highlights that Government recognises the work registries already do to support law enforcement agencies prevent the registration of domains to carry out illegal activity and "expect the existing voluntary arrangements to be used as the first port of call".
— Nominet (@Nominet) February 23, 2024
DSIT said it will draft its regulations “over the coming months”.
Freenom settles $500 million Meta lawsuit and will exit domain business
Facebook has claimed another domain industry scalp. Freenom said this week it has settled the cybersquatting lawsuit filed against it by Meta last year, and that it is getting out of the domain name business.
The registry/registrar said in a brief February 12 statement (pdf) that it will pay Meta an undisclosed sum and has “independently decided to exit the domain name business”.
Just how “independent” that decision was is debatable. The company lost its ICANN registrar accreditation last year and is believed to have lost its government contracts to run the ccTLDs for Equatorial Guinea, Central African Republic, Mali, Gabon, and possibly also Tokelau, its flagship .tk domain.
Meta had claimed in its complaint that Freenom had typosquatted its trademarks thousands of times, including domains such as faceb00k.ga. It sued for 5,000 counts under US anti-cybersquatting law, seeking $100,000 for each infringement, for a cool half-billion bucks in total.
Freenom and its network of co-defendant affiliates said in their defense that Meta had access to an abuse API that allowed it to turn off such domains, but had never used it. It also claimed many of the cited typosquats had already been shut down by the time the suit was filed.
It seems the names in question were likely those registered by abusive third-parties that were reclaimed and monetized by Freenom under its widely criticized free-domains business model, which made its TLDs some of the world’s most-abused.
But the claims on both sides evidently will not be tested at trial. The last court filing, dated late December, showed the two parties were to enter mediation, and Freenom put out the following statement this week:
Freenom today announced it has resolved the lawsuit brought by Meta Platforms, Inc. on confidential monetary and business Terms. Freenom recognizes Meta’s legitimate interest in enforcing its intellectual property rights and protecting its users from fraud and abuse.
Freenom and its related companies have also independently decided to exit the domain name business, including the operation of registries. While Freenom winds down its domain name business, Freenom will treat the Meta family of companies as a trusted notifier and will also implement a block list to address future phishing, DNS abuse, and cybersquatting.
Meta said in its Q4 Adversarial Threat Report this week that the settlement showed its approach to tackling DNS abuse is working.
Freenom’s gTLD domains have been transferred to Gandi. It’s less clear what’s happening to its ccTLD names, though social media chatter this week suggests the company has been giving registrants in affected ccTLDs nine-year renewals at no cost.
First GlobalBlock prices revealed — they ain’t cheap
Trademarks owners, organizations and celebrities could find themselves paying the thick end of ten grand for the “peace of mind” offered by the new GoDaddy-led GlobalBlock trademark protection service.
101domain, which often has some of the least-expensive pricing, has become the first registrar to publish its prices for the domain-blocking service, which entered beta this week.
The base GlobalBlock service, which offers single-string blocking in 560 gTLDs and ccTLDs, is going for $5,999 per year, according to the 101domain storefront. The GlobalBlock+ version, which covers potentially tens of thousands of variants and typos, starts at $8,999 a year.
None of the other 20 approved GlobalBlock resellers I checked are currently publishing prices.
Some simple division shows us that the basic service works out to roughly $10.71 per domain per year — a bit more than Verisign will charge for a wholesale .com when its prices go up later this year — but the average per-domain cost should go down as more registries sign up to GlobalBlock.
With the GlobalBlock+ service offering to block 50,000 domains or more, the per-domain price obviously shrinks to pennies.
GlobalBlock is offered by the Brand Safety Alliance, a GoDaddy initiative, but it has support from the likes of Identity Digital, which has hundreds of gTLDs in its stable. Dozens of gTLD registry operators have recently asked ICANN’s permission to offer GlobalBlock and rival offering NameBlock.
The BSA has previously said it expects to launch with over 650 TLDs on board. A calculator on its web site suggests 511 are currently operational, but it has not yet named the participating TLDs.
Donald Trump loses second UDRP case
Former US president Donald Trump has lost a second cybersquatting case related to his Mar-a-Lago resort, where he lives in Florida.
A three-person WIPO panel late last month ruled that DTTM Holdings, which has owned a trademark on the term Mar-a-Lago since 1997, had failed to show that the registrant of maralago.com, Michael Gargiulo, did not have a legitimate interest in the domain.
Gargiulo, an investor who bought the domain from a third party in 2021, had argued that “mar a lago” is a generic term, meaning “sea to lake” in Spanish and other languages. He also said it could mean the personal name “Mara Lago”.
DTTM failed to convince the WIPO panel otherwise. It ruled (pdf) that “the Complainant was unable to provide persuasive specific evidence to overcome the Respondent’s arguments”. It did not rule on whether the registration was made in bad faith.
It’s the second Mar-a-Lago case DTTM has lost recently. Late last year it lost a UDRP complaint against a company called Marq Quarius (from which Gargiulo acquired maralago.com) over the domain mar-a-lago.com.
The single panelist in the earlier case (pdf) ruled that while the registrant’s defense (that the three words in the domain corresponded to the names of dead pets) strained credulity, there was no evidence of bad-faith cybersquatting.
Trump uses maralagoclub.com for the club’s official web site.
UK cybersquatting complaints hit record low
There were fewer cybersquatting complaints filed against .uk domain holders in 2023 than in any other year since Nominet started reporting its annual stats, according to the latest annual Nominet DRS report.
There were just 511 complaints filed last year, down from 568 in 2022, according to the latest report. That’s the lowest number for at least the last 14 years Nominet has been reporting its annual DRS stats. The highest number was 728, in 2015.
Just 48% of cases resulted in a domain being transferred to the complainant (compare to the 82% WIPO reported for its UDRP cases in 2023), up from 43% in 2022, Nominet said.
The number of disputed domains was 680, down from 745 in 2022, but the number of domains in .uk complained about rocketed from 26 to 122, the second-highest level since Nominet opened the second level for direct registrations a decade ago.
The number of disputed .co.uk domains was down from 686 in 2022 to 538 in 2023.
The decline in cybersquatting complaints come as .uk as a whole continues to shrink. The second and third levels combined lost a net 366,778 domains in 2023, ending December at 10,732,479 domains, according to Nominet stats.
.ai helps UDRP cases rise in 2023, WIPO says
The number of cybersquatting cases filed with the World Intellectual Property Organization increased 7% in 2023, WIPO said this week.
The total UDRP filings, 6,192, includes national ccTLD variations that WIPO handles but not UDRP filings with other providers.
WIPO said that 82% of cases resulted in the domain being transferred to the complainant, with the complaint being denied in just 3% of cases.
The organization does not publish data on Reverse Domain Name Hijacking findings, but RDNH.com, which tracks these things, shows 31 RDNH finding at WIPO in 2023.
.com accounted for 80% of complaints. WIPO said that the most complained-about ccTLDs were .co (Colombia), .cn (China), .mx (Mexico), .au (Australia) and .ai (Anguilla).
Perhaps unsurprisingly, given its rapid growth in registrations, Anguilla’s .ai saw a sharp uptick in UDRP filings last year, up from just four in 2022 to 43 in 2023, according to the WIPO web site.
Recent Comments