Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Panel doesn’t consider TLD in the first-ever new gTLD UDRP case
The first new gTLD domain name has been lost to a UDRP complaint.
The famous German bike maker Canyon Bicycles won canyon.bike from a registrant who said he’d bought the name — and others — in order to protect the company from cybersquatters.
The panelist in the case, WIPO’s Andrew Lothian, declined to consider the fact that the TLD was related to Canyon’s business in making his decision. Finding confusing similarity, he wrote:
The Panel finds that, given the advent of multiple new gTLD domain names, panels may determine that it is appropriate to include consideration of the top-level suffix of a domain name for the purpose of the assessment of identity or similarity in a given case, and indeed that there is nothing in the wording of the Policy that would preclude such an approach. However, the Panel considers that it is not necessary to do so in the present case.
Canyon had argued that the fact that it’s a .bike domain reinforced the similarity between the domain and the mark, but it’s longstanding WIPO policy that the TLD is irrelevant when determining confusing similarity.
The domain was registered under Whois privacy but, when it was lifted, Canyon looked the registrant up on social media and discovered he was very familiar with the world of bikes.
The registrant told WIPO that he’s registered Canyon’s mark “with the best of intentions”.
Apparently, he’s registered more than one famous brand in a new gTLD in the belief that the existence of the program was not wildly known, in order to transfer the domains to the mark holders.
He claimed “that many companies have been content with his actions” according to the decision.
But the fact that he’d asked for money from Canyon was — of course — enough for Lothan to find bad faith.
He also chose to use the fact that the registrant had made no attempt to remove the default Go Daddy parking page — which the registrar monetizes with PPC — as further evidence of bad faith.
The domain is to be transferred.
ICANN to crack down on UDRP “cyberflight”
ICANN has moved closer to cracking down on cybersquatters who try to flip their domains when they discover they’ve been hit with a UDRP complaint.
Under recommendations approved by the GNSO Council yesterday, registrars would be bound by a much stricter set of UDRP-related domain locking rules in future.
So-called “cyberflight” — where squatters transfer their domains to a new registrar or registrants — appears to be a relatively infrequent problem, but when it does happen it causes big headaches for UDRP providers and trademark owners.
A survey of UDRP providers carried out as part of the GNSO’s policy development process discovered that the vast majority of registrars already lock domains hit by UDRP.
The problem is, they said, that locking practices are not uniform. Some registrars take well over a week to lock domains, and what the “lock” entails differs by registrar.
The recommendations of the GNSO’s Final Report on the Locking of a Domain Name Subject to UDRP Proceedings Policy Development Process, adopted by the Council yesterday, seek to standardize the process.
After being told about a complaint against one of its domains, the registrar in future would have a maximum of two business days to put a lock — preventing any changes in registrant or registrar — in place.
The lock would remain until the UDRP was resolved, but there would be various safeguards in place to enable complainants and respondents to settle their differences outside of the UDRP.
The lock would not prevent registrars or proxy/privacy services revealing the true identity of the registrant — that wouldn’t count as a change of registrant.
To prevent registrants abusing the two-day window to sell their domains or switch registrars, they would not be told about the existence of the UDRP until the domain had been locked.
The UDRP rules currently require the complainant to send a copy of their complaint to the domain owner at the same time it is filed with the UDRP provider.
But the GNSO has now recommended getting rid of this rule, stating: “as a best practice, complainants need not inform respondents that a complaint has been filed to avoid cyberflight.”
The registrant would be informed later by the UDRP provider instead.
Registrars would be prohibited from tipping off the registrant until the lock was in place.
The July 2013 recommendations (pdf) came out of a working group that was formed in April 2012, in response to policy ideas floated in 2011.
The GNSO’s resolution calls for ICANN staff to work with members of the working group on an implementation plan, which would eventually be put to the ICANN board for approval.
Once through the board, the new policy would become binding on all ICANN-accredited registrars.
ICANN backtracks on URS contracts
ICANN seems to have changed its mind about requiring Uniform Rapid Suspension providers to sign enforceable contracts, angering the Internet Commerce Association.
As we reported in May, the ICA claimed a victory when ICANN said in a written answer to its persistent inquiries that URS providers would be bound by contract.
An ICANN Q&A, referring to a question the ICA’s Phil Corwin asked at the ICANN meeting in Beijing, said:
[Q] As regards Uniform Rapid Suspension (URS) providers, will there be a contract developed that goes beyond the non-enforceable memorandum of understanding? Will there be other URS providers?
[A] Yes, a contract is being developed and additional URS providers will be added.
It’s difficult to interpret that as anything other than “Yes, a contract is being developed.” The fact that the question draws the distinction between a contract and an MoU seems to remove any ambiguity.
But at the ICANN 47 meeting in Durban last week, ICANN appeared to backtrack on this position.
During a URS demo session, gTLD registry services director Krista Papac said that URS providers will only have to agree to an MoU.
“This breach of a written commitment is unacceptable,” Corwin later said at the Public Forum on Thursday.
In response, ICANN deputy general counsel Amy Stathos said:
An MoU is a contract. I recognize that you don’t necessarily recognize that as the full contract that you were contemplating or that had been contemplated. But that is a contract. And it calls and requires the URS providers to comply with all the rules and procedures that are in the Guidebook.
On Friday, ICANN then published a (hastily written?) document that sought to spell out its position on contracts for URS and UDRP providers. It says:
ICANN has carefully considered whether the introduction of contracts is feasible or useful in the scope of UDRP proceedings, and has determined that contracts would be a cumbersome tool to assert to reach the same outcome that exists today.
It goes on to address some of the concerns that the ICA and others have put forward in the past. The organization, which represents big-volume domainers, is worried that some UDRP providers find more often in favor of complainants in order to secure their business. Enforceable contracts, it says, would help prevent that.
ICANN said in its new position statement (pdf) that it has never seen behavior from UDRP providers that would require it to take action, but added:
Of course, there is always the future possibility that an issue of non-compliance will arise that will require corrective action. In recognition of that potential, ICANN commits that substantiated reports of UDRP provider non‐compliance with the UDRP or the Rules will be investigated.
Contracts, it said, would not stop forum shopping.
ICANN won’t say how Demand Media passed its new gTLD background check
After badgering ICANN for a few weeks, I’ve finally got a firm “no comment” on the question of how new gTLD applicant Demand Media managed to pass its background checks.
The question of whether it’s possible for serial cybersquatters to bypass ICANN screening and be awarded new gTLDs just by setting up shell companies is still open, it seems.
As DI and other blogs have been reporting for the past few years, there was a question mark over Demand Media’s eligibility for the new gTLD program due to its history of cybersquatting.
Under ICANN rules, any company that lost three or more UDRP decisions with at least one loss in the last three years would not pass its background screening. The Applicant Guidebook states:
In the absence of exceptional circumstances, applications from any entity with or including any individual with convictions or decisions of the types listed in (a) – (m) below will be automatically disqualified from the program.
…
m. has been involved in a pattern of adverse, final decisions indicating that the applicant or individual named in the application was engaged in cybersquatting as defined in the Uniform Domain Name Dispute Resolution Policy (UDRP), the Anti-Cybersquatting Consumer Protection Act (ACPA), or other equivalent legislation, or was engaged in reverse domain name hijacking under the UDRP or bad faith or reckless disregard under the ACPA or other equivalent legislation. Three or more such decisions with one occurring in the last four years will generally be considered to constitute a pattern.
Demand Media subsidiary Demand Domains has lost over 30 UDRP cases, most recently in 2011, but its United TLD Holdco subsidiary has sailed through its Initial Evaluations.
Technically, shouldn’t it have failed screening and therefore IE?
Domain Name Wire speculated in November 2010 that ICANN had deliberately introduced loopholes in order to let Demand — and, at the time, Go Daddy — into the new gTLD program.
At that time, ICANN had just removed references to “any person or entity owning (or beneficially owning) fifteen percent or more of the applicant” in the background screening section of the Guidebook.
That might have introduced a loophole allowing subsidiaries of cybersquatters to apply.
But Demand Media seemed to think it was still at risk, asking ICANN in December 2010 to change the background check rules.
ICANN did. In the next version of the Guidebook, published in April 2011, it added the “In the absence of exceptional circumstances” qualifying language.
It’s also possible that this was the loophole that allowed Demand to pass screening.
Judging by the UDRP complaints it was involved in in the past, the company usually argued against the “bad faith” element of the policy. It often said it didn’t know about the complainant’s trademark and/or said it had offered to transfer the domain at no charge.
But more than 30 UDRP panelists didn’t buy that argument and still found against Demand. The company lost far more complaints than it won.
The fact that the company apparently managed to clean its act up a few years ago — not being hit with any complaints since 2011 — suggests that its act wasn’t all that clean to begin with.
Either way, neither ICANN nor Demand wants to talk about how the company passed screening, so I guess we’re still left wondering whether this section of the Guidebook is worth the PDF it’s written on.
Blow to domainers as Arab center approved to settle cybersquatting disputes
ICANN has approved a new UDRP resolution provider, the first to be based in the Arab region, despite the objections of domainers.
The Arab Center for Dispute Resolution will now be able to service UDRP complaints. But it won’t be bound to an ICANN contract, as had been demanded by the Internet Commerce Association and others.
The ACDR was approved by the ICANN board last week, almost three years after it originally applied for the privilege.
The board said in its rationale that the move would be good for geographic diversity and that its rigorous community review process highlighted community accountability.
On the issue of UDRP provider contracts, it merely noted:
commenters suggested that ICANN develop contracts with each of its UDRP providers as a means to require uniformity among providers. Contracts have never been required of UDRP providers.
…
the proposal now includes an affirmative recognition that if ICANN imposes further requirements on providers, the ACDR will follow those requirements
The ACDR will come as a knock to the ICA, which recently celebrated the fact that ICANN intends to have formal contracts with providers of Uniform Rapid Suspension services.
Asian outfit named second URS provider
The Asian Domain Name Dispute Resolution Centre has been approved by ICANN as a provider of Uniform Rapid Suspension services.
The two organizations signed a memorandum of understanding last week, ICANN said.
ADNDRC is the second URS resolution provider to be named, after the US-based National Arbitration Forum. It’s got offices in Beijing, HongKong, Seoul and Kuala Lumpur and tends to hand local cases.
While it’s been a UDRP provider since 2001, it’s only handled about 1,000 cases in that time, according to DI’s records. That’s about 16 times fewer than NAF and 17 times fewer than WIPO.
ICANN said that more providers will be appointed in future.
URS is a faster, cheaper version of UDRP that allows obviously trademark-infringing domains to be suspended — not transferred — for about $500 a pop. It will only apply to new gTLDs at first.
Twitter files UDRP over twitter.org
Twitter has filed a cybersquatting complaint over the domain name twitter.org, which is currently being used for one of those bogus survey scam sites.
The domain has been registered since October 2005 — six months before Twitter was created — but appears to have changed hands a number of times since then.
It’s been under Whois privacy since mid-2011, but the last available unprotected record shows the domain registered to what appears to be Panama-based law firm.
Hiding ownership via offshore shell companies is a common tactic for people cybersquatting high-profile brands.
The UDRP complaint, which looks like a slam-dunk to me, has been filed with WIPO.
ICANN publishes RFI for URS provider
ICANN has issued an open call for dispute resolution providers interested in running its Uniform Rapid Suspension system.
In a request for information published last night, ICANN says it expects to pick a provider or providers by February 28, 2013.
If you’re not already running a dispute resolution service at scale there seems to be little point in applying. The RFI states that respondents must, at a minimum:
Have a track record in competently handling clerical aspects of Alternative Dispute Resolution or UDRP proceedings
…
Have a team of globally diverse and highly qualified neutrals, with experience handling UDRP or similar complaints, to serve as panelists.
With that in mind, will the RFI help sort out the problems with the URS?
What ICANN needs right now is a provider happy to administer proceedings for $300 to $500 per case.
ICANN has already asked WIPO and the National Arbitration Forum for their pricing expectations and neither apparently thinks they can do it much cheaper than UDRP. Hence the RFI.
Could the Czech Arbitration Court be in with a shot?
CAC already has UDRP experience and a stable of trademark experts on hand, and some say its level of automation is superior to — and presumably more cost-efficient than — both WIPO and NAF.
Is .city confusingly similar to .citi? UDRP says yes
In one of the more surprising twists to hit the new gTLD program, Citigroup has claimed that its proposed dot-brand gTLD, .citi, is not “confusingly similar” to the proposed generic gTLD .city.
The company appears to be trying to avoid getting into a contention set with the three commercial applicants for .city, which would likely put it into an expensive four-way auction.
It’s a surprising move because you’d expect a financial services company to want to at least try to mitigate the risk of future .city/.citi typo-based phishing attacks as much as possible.
Indeed, its .citi application states that the mission of the gTLD “is to further assist Applicant in accomplishing its mission of providing secure online banking and financial services”.
Nevertheless, the company is now arguing, in a few comments filed with ICANN today, this:
CITI and CITY are not so similar in an Internet context as to create a probability of user confusion if they are both delegated into the root zone. Thus, the .CITI application should not be placed into a contention set with the .CITY application.
The new Citigroup position is especially bewildering given that it has argued the exact opposite — and won — in at least two UDRP cases.
In the 2009 UDRP decision Citigroup Inc. v. Domain Deluxe c/o Domain Administrator, Citigroup contended that:
Respondent’s citywarrants.com domain name is confusingly similar to Complainant’s CITIWARRANTS mark.
The panelist in the case concluded that the Y variant of the name was merely a “mistyped variation” of and “substantively identical” to the Citigroup trademark.
A similar finding appears to have been handed down in Citigroup v Yongki, over the arguably generic citycard.com, but the decision is written in Korean so I can’t be certain.
The company’s current view, which I’m going to go out on a limb on and characterize as expedient, is that ICANN has delegated multiple ccTLDs that have only one character of variation in the past (it hasn’t — the ccTLDs it cites all pre-date ICANN) without causing confusion.
It also states in its comments that the meaning and proposed usage of the two strings is “very different” (which one commenter has already suggested is historically dubious).
So what’s going on here?
Is Citigroup really willing to risk potential phishing problems down the line to save a few measly bucks today? On the face of it, it looks that way.
If it is put in a contention set with the three .city applicants, it could wind up at auction against Donuts ($100m funding), TLD Registry Ltd (apparently backed by the Vision+ fund) and Directi.
Will Citigroup’s gambit pay off?
That’s down to a) the String Similarity Panel and b) whether any of the .city applicants tries to force the company into the contention set via a String Confusion Objection, which seems unlikely.
(Former) Donuts director hit with cybersquatting claim over Disney and Olympic domains
Donuts, the massive new gTLD applicant, has been hit by another set of cybersquatting claims, this time aimed at one of the company’s original directors.
Graham Stirling, who is listed as a Donuts Inc director in the company’s only Securities and Exchange Commission filing, seems to own several domain names containing Disney and Olympics trademarks.
(UPDATE: Donuts has confirmed that Stirling is no longer with the company, and hasn’t been since November 2011. Read the company’s full statement at the bottom of this post.)
The information emerged in a comment filed with ICANN on several Donuts applications by somebody called James Oliver Warner.
These are some of the domains Gibraltar-based Stirling allegedly owns:
2016juegosolimpicos.com
2016olimpicos.com
2020juegosolimpicos.com
2020olimpicos.com
2024olimpicos.com
andaluciadisney.com
costadelsoldisney.com
disneyandalucia.com
disneylandmalaga.com
disneymalaga.com
disneyworldmalaga.com
juegosolimpicos2008.com
juegosolimpicos2016.com
juegosolimpicos2020.com
juegosolimpicos2024.com
juegosolimpicoslondres.com
londresjuegosolimpicos.com
malagadisney.com
malagadisneyland.com
malagadisneyworld.com
olimpicos2016.com
olimpicos2020.com
olimpicos2024.com
soldisney.com
spaindisneyland.com
spaindisneyworld.com
teleubbies.com
You don’t need to be a trademark lawyer to know that these domains would not pass a UDRP challenge.
The domains all seem to have been registered to a Graham Stirling of Gibraltar for some years. Gibraltar’s a pretty small place, suggesting that it’s very probably the same guy.
It’s the second serious cybersquatting claim to hit Donuts in the last couple of weeks.
As we reported last week, a lawyer who apparently doesn’t want his client’s identity to be known has written to ICANN’s Governmental Advisory Committee to warn that Demand Media, Donuts’ back-end partner and its founders’ former employer, has a history of adverse UDRP findings.
That letter fingered Stirling as an employee of Gibraltar-based investment company Veddis Ventures, whose other executives allegedly have ties to online gambling scandals in the US.
Veddis Ventures recently removed Stirling’s full name from its web site. He’s now just listed as “Graham S”, adding to the intrigue.
The latest set of cybersquatting allegations are directed to ICANN’s background screening panel, which is tasked with weeding likely ne’er-do-wells out of the new gTLD program.
The panel looks at not only the corporate history of the applicant, but also at its directors and officers.
Stirling is not named on any of Donuts applications. For that matter, Donuts itself is not named as an official applicant on any of its 307 applications either.
Each of its applications has been filed by a different shell company, most of which are owned by another company, Dozen Donuts LLC, which we assume (but do not know) is in turn owned by Donuts.
The only individual named in the background check part of the applications (at least the portions published by ICANN) is Donuts CEO Paul Stahura.
Stirling is not currently listed as a director on Donuts’ web site.
If Stirling is still involved with Donuts, it might not impact the results of Donuts background screening, if the panel only looks at UDRP or court cases for evidence of cybersquatting.
Stirling does not appear to have ever been named in, never mind lost, a UDRP complaint.
That said, I don’t think ICANN’s background screening process will be over for a while yet…
August 7 Update:
Donuts has provided the following statement:
Graham Stirling is not a member of the Donuts Board of Directors and has not been since November 2011. Our list of board members as documented on our web site at www.donuts.co is current.
It’s disappointing to see Donuts’ contributions to new gTLD expansion attacked by those (including some unwilling to disclose their identities) who attempt to portray the company or those associated with it as bad actors. The company is and will continue to be committed to the legitimate interests of rights holders. As described in our applications, Donuts will implement rights protection mechanisms in its new gTLDs that substantially exceed those mandated by ICANN.
We have engaged the intellectual property community, law enforcement and others in the community about IP protection and believe our intentions and actions are clear and well understood. Infringement of legitimate rights is not tolerated by Donuts, in any capacity. Our collaboration with the community on IP protections will be an ongoing priority as the new gTLD program continues.
Recent Comments