ICA teams up with WIPO on UDRP reform
The Internet Commerce Association and WIPO are jointly chairing an off-the-books review of the UDRP, ahead of a likely ICANN review of the anti-cybersquatting policy next year.
WIPO said today that the review is being coordinated by Brian Beckham of WIPO and Zak Muscovitch of the ICA, and comprises another 16 participants, mostly UDRP lawyers, panelists, and WIPO itself.
ICANN is being represented by director Sarah Deutsch. Domainers are represented by Telepathy’s Nat Cohen. The brand owner representative is Mette Andersen of regular UDRP complainant Lego.
The team is also drawing on the expertise of a couple dozen experts, a who’s who drawn from all sectors of the industry from registrars to domainers to IP interests to the UDRP providers themselves.
The composition looks very much like what an ICANN policy working group on this topic would look like, but the talks are being held outside of the usual policy development process.
WIPO says: “The core aim of this project is to maintain the UDRP as an efficient and predictable out-of-court dispute resolution mechanism for clear trademark-based disputes.”
But the organization seems to be engaging in some expectation management aimed at those who believe UDRP needs to be gutted. WIPO said:
Any recommendations should be borne out by a demonstrated compelling need for a change, and must be considered against this background, as any perceived case-specific or anecdotal faults of the UDRP do not warrant a wholesale revision of this industry best practice.
The group is expected to produce a report early next year for public input, and share a final report with ICANN thereafter, when the GNSO community is expected to kick off its owner formal Policy Development Process looking at UDRP.
UDRP review has been on the back-burner for the last couple of years since an initial public comment period, mainly due to workload issues faced by ICANN staff and community volunteers.
The GNSO was expected to open its PDP preparations more or less now, but the GNSO Council is expected to vote this Thursday to delay the start of the project for another six months, due to delays implementing other rights protection mechanism reviews.
Given how long PDPs typically take, by my estimate you’re looking at at least three years before any changes to UDRP are approved.
Investing in .ad domains may be risky
Domain investors may shoulder additional risk when they register domains in the relaunching .ad TLD, judging by the registry’s new cybersquatting policy.
Andorra Telecom, which will make .ad names generally available globally October 22, has signed up with WIPO to implement an adapted version of the UDRP that is a lot less friendly to domainers.
The new adDRP specifically calls out domaining as an example of “bad faith”, something a complainant must prove if they want to seize a domain matching their trademark. Panels can find bad faith if they see:
circumstances indicating that you have registered or you have acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to another person for valuable consideration in excess of your documented out-of-pocket costs directly related to the domain name
The adDRP also tweaks the usual three-pronged cybersquatting test found in UDRP to make it easier for complainants to get a win, by lowering the evidential bar on registrants’ rights.
Instead of having to prove the registrant has “no rights or legitimate interests” to the domain, adDRP complainants merely need to “declare” that, “to the best of the Complainant’s knowledge”, the registrant has no rights or legitimate interests.
The adDRP also broadens the types of intellectual property rights complainants must have from registered trademarks to, for example, famous personal names and geographical names related to Andorra.
Andorra Telecom announced its relaunch, assisted by Fundació puntCAT and CORE Association, a few months ago. GA pricing is expected to be €15 ($16) a year.
While Andorra is among the world’s smallest nations, its ccTLD is of course an abbreviation of “advertisement” or “advertising” in English and therefore may have broader appeal.
The registry recently launched an English language version of its web site and a bunch of registrars serving the Anglophone market are already signed up.
The plural gTLD version, .ads, belongs to Google but has not yet launched.
Donald Trump loses second UDRP case
Former US president Donald Trump has lost a second cybersquatting case related to his Mar-a-Lago resort, where he lives in Florida.
A three-person WIPO panel late last month ruled that DTTM Holdings, which has owned a trademark on the term Mar-a-Lago since 1997, had failed to show that the registrant of maralago.com, Michael Gargiulo, did not have a legitimate interest in the domain.
Gargiulo, an investor who bought the domain from a third party in 2021, had argued that “mar a lago” is a generic term, meaning “sea to lake” in Spanish and other languages. He also said it could mean the personal name “Mara Lago”.
DTTM failed to convince the WIPO panel otherwise. It ruled (pdf) that “the Complainant was unable to provide persuasive specific evidence to overcome the Respondent’s arguments”. It did not rule on whether the registration was made in bad faith.
It’s the second Mar-a-Lago case DTTM has lost recently. Late last year it lost a UDRP complaint against a company called Marq Quarius (from which Gargiulo acquired maralago.com) over the domain mar-a-lago.com.
The single panelist in the earlier case (pdf) ruled that while the registrant’s defense (that the three words in the domain corresponded to the names of dead pets) strained credulity, there was no evidence of bad-faith cybersquatting.
Trump uses maralagoclub.com for the club’s official web site.
.ai helps UDRP cases rise in 2023, WIPO says
The number of cybersquatting cases filed with the World Intellectual Property Organization increased 7% in 2023, WIPO said this week.
The total UDRP filings, 6,192, includes national ccTLD variations that WIPO handles but not UDRP filings with other providers.
WIPO said that 82% of cases resulted in the domain being transferred to the complainant, with the complaint being denied in just 3% of cases.
The organization does not publish data on Reverse Domain Name Hijacking findings, but RDNH.com, which tracks these things, shows 31 RDNH finding at WIPO in 2023.
.com accounted for 80% of complaints. WIPO said that the most complained-about ccTLDs were .co (Colombia), .cn (China), .mx (Mexico), .au (Australia) and .ai (Anguilla).
Perhaps unsurprisingly, given its rapid growth in registrations, Anguilla’s .ai saw a sharp uptick in UDRP filings last year, up from just four in 2022 to 43 in 2023, according to the WIPO web site.
Ukrainian domains slide as war becomes the new normal
Ukraine’s ccTLD is starting to see a decline in its total domains under management as emergency policies related to Russia’s full-scale invasion in February 2022 are relaxed.
According to local registry Hostmaster, .ua’s total was down 1.5% at the end of the first quarter at 612,778 domains, due to the fact that expiring domains that were frozen in 2022 have now started to drop.
Hostmaster said the effect will become more noticeable in coming quarters. Stats show a decline of about a thousand domains since the end of June.
When the war started, .ua had about 558,000 domains. It peaked at around 614,000 in early June.
Early in the conflict, Hostmaster had said that expired domains would be held in a redemption period status. Many registrants were assumed to have been drafted into the military or refugees.
Since then, the registry says a “significant number” of expired domains have been restored.
However, the policy was rolled back this June; expired domains now have the antebellum standard 30 days to be restored. Domains that were not renewed in 2022 still have a November deletion date, Hostmaster said.
Meanwhile, WIPO has recently restarted its UDRP services for Ukraine, having paused them in May 2022 in response to the war. Decisions that were paused in early 2022 have now been executed and published.
UDRPs up in 2022, firm says
The World Intellectual Property Organization saw an increase in cybersquatting disputes this year, according to WIPO data compiled by VPN maker AtlasVPN.
There were 5,616 UDRP complaints filed with WIPO, up almost 10% from 2021, the company said.
The report does not appear to include data from the several other UDRP providers, so may not reflect the state of the system as a whole.
WIPO has processed 61,284 UDRP cases since the system was founded over two decades ago, the company said.
You can’t appeal a UDRP appeal, ICANN Ombudsman says
ICANN’s independent Ombudsman has called an Indian vaccine maker’s second Request for Reconsideration over a failed UDRP case a “misuse” of the Org’s appeals process.
Zydus Lifesciences lost its UDRP over the domain zydus.com earlier this year, with a finding of Reverse Domain Name Hijacking, then used the RfR process to try to get ICANN’s board of directors to overturn the WIPO decision.
The Board Accountability Mechanisms Committee dismissed the complaint because Reconsideration is designed for challenging ICANN’s actions and WIPO is not ICANN.
Zydus immediately filed a second RfR, calling WIPO “an extension of ICANN itself” and that BAMC’s inaction on the first RfR meant the case was now subject to the board’s jurisdiction.
In a rare intervention, Ombudsman Herb Waye poo-poos that notion, writing: “Decisions by the WIPO Panel in a domain name dispute are not sufficient basis for an RfR (hence the BAMC had no ‘jurisdiction’ other than the jurisdiction necessary to dismiss the Request).”
I feel that [the second RfR] has placed the BAMC in the awkward position of policing itself; hence perhaps, its hesitancy to summarily dismiss a Request concerning its own actions. A clear attempt by the requestor to appeal the decision in [the first RfR]. An unfortunate situation that, to me, amounts to misuse of this accountability mechanism.
He concluded that for the BAMC to consider the complaint would be a “waste of resources” and that it should be dismissed.
Zydus will still be able to appeal the UDRP in court, but that of course will be much more expensive.
RDNH loser files second appeal
A big drug company has appealed to ICANN for a second time over a Reverse Domain Name Hijacking ruling against it, claiming ICANN should be responsible for the decisions of the World Intellectual Property Organization.
India-based Zydus Lifesciences, which among other things makes Covid-19 vaccines, lost a UDRP complaint against the owner of zydus.com in June. To add insult to injury, WIPO made a RDNH finding against it.
Rather that go to court, Zydus filed a Request for Reconsideration with ICANN in July, but this was summarily dismissed because the Reconsideration mechanism only applies to the actions or inactions of the ICANN board or staff.
Now Zydus has filed a second RfR, in which its lawyers claim ICANN is responsible for WIPO’s UDRP decisions and failure to address the first RfR amounts to board inaction. The latest claim states:
when a dispute resolution service provider is accredited by ICANN to conduct mandatory administrative policy, as prescribed by the UDRP adopted by ICANN, such service providers are extension of ICANN itself
Zydus claims the WIPO panel erred by relying on what it claims were false and misleading statements by the zydus.com registrant. It wants the decision reversed and the three panelists forever barred.
I doubt the RfR will get anywhere. ICANN’s Board Accountability Mechanisms Committee is not about to make itself the de facto court of appeals for every UDRP party who thinks they got stiffed.
Vox Pop defends its favorite cybersquatter
The .sucks registry, Vox Populi has complained to ICANN about the fact that its biggest customer keeps losing cybersquatting cases.
In its submission to ICANN’s recently closed public comment period on UDRP reform, Vox Pop bemoans the fact that panels keep finding that Honey Salt, a shell company based in a tax haven, isn’t really engaging in non-commercial free speech.
Honey Salt was the registrant of thousands of .sucks domains, all matching famous trademarks, that redirected visitors to a wiki-style gripe site, populated with content scraped from third-parties, at Everything.sucks.
After a long series of lost UDRP cases, Honey Salt started allowing its domains to expire and zone files suggest only a couple hundred or so remain today.
Neither Honey Salt nor Everything.sucks responded to ICANN’s public comment period, which was seeking input on possible changes to UDRP.
But Vox Pop did on their behalf, complaining bitterly that “forum shopping and bias obstruct free speech” and citing mostly Honey Salt’s lost UDRP cases to evidence its arguments:
Despite 4(c)(iii) of the UDRP stating “noncommercial or fair use” is legitimate use of a domain name – numerous UDRP decisions contradict the Policy’s express recognition of fair use and free speech rights in favor of trademark owners. Several recent UDRP decisions have jeopardized free speech rights for all domain name registrants because of the lack of guidance from ICANN and/or a misapplication of free speech rights and/or bias as it relates to criticism sites.
Honey Salt had consistently argued, UDRP decisions show, that Everything.sucks was non-commercial free speech and as such was not cybersquatting under UDRP precedent and WIPO guidance.
But panels repeatedly pointed out that Everything.sucks was in fact commercial.
At first, the site hosted banners linking directly to sales landers for the domains in question — basically asking the brand owners or others to fork out hundreds or thousands of dollars to claim their matching domains.
When panelists got wise to that, the site started instead publishing the transfer authorization codes for the domains in question, so literally anyone could initiate a transfer and take ownership of the name without even asking Honey Salt’s permission — if they were willing to pay the transfer fee.
Everything.sucks and Honey Salt would not have benefited financially from these transfer fees, which often were thousands of dollars, but Vox Pop, and sometimes its registrar sister company Rebel, which sells .sucks names at cost, would.
Everything.sucks has removed the AuthCodes, but in the most-recent .sucks UDRP case Eutelsat v Honey Salt, the panel called the AuthCode scheme “little more than a ruse to generate registration fees in the thousands of dollars range”.
Vox Pop is now complaining to ICANN, I’m guessing with a straight face, that transfer fees are ICANN-mandated and therefore registrants cannot be blamed if registrars charge for transfers:
The panelist, in an unfounded grasp, used the ICANN-mandated transfer fee, charged by the registrar as rationale to find commercial use by the registrant and hence bad faith by the registrant. Other UDRP panels have similarly disingenuously blamed registrants for ICANN-mandated transfer and renewal fees imposed by registrars; panelists argue that the ICANN-mandated transfer is bad faith even though the registrant has no say or participation.
It’s an incredibly ballsy complaint by Vox Pop, given that it is Vox Pop, as the registry, that sets the price for transfers and renewals in .sucks, and that it is Vox Pop, as the Eutelsat panel noted, that has flagged many trademarks as “premium”-tier names that costs thousands of dollars to transfer and renew.
Vox also argues that it is possible for trademark-owners to “forum shop” between the various UDRP providers, in the hope of finding a panel more favorable to intellectual property interests over free speech rights.
It’s certainly not the only ICANN commenter to make this point, but it’s a pretty thin argument in the case of Honey Salt and .sucks.
Vox argues that WIPO repeatedly favors IP rights over free speech rights, and the outcome of Honey Salt’s UDRP cases may indicate why it holds that view.
Of the 20-odd UDRP cases Honey Salt has defended, most were filed with WIPO and all those filed with WIPO resulted in a complainant win. Three were filed with the National Arbitration Forum and three were filed with the Czech Arbitration Court.
The only case Honey Salt won on the merits was Miraplex v Honey Salt, one of the first cases, filed with the Czech Arbitration Court. That panel bought the defense that Everything.sucks was non-commercial free speech.
But one of the panelists in that case later sat on another Czech Arbitration Court case, Cargotec v Honey Salt, which decided in favor of the complaint. The same guy ruling two different ways on almost identical facts does not suggest panelist bias.
While at least one UDRP panel has suggested Honey Salt is just a front for the .sucks registry, Vox Populi has previously denied any connection exists.
UDRP cases soar at WIPO in 2021
The World Intellectual Property Organization has released statistics for cybersquatting cases in 2021, showing one of the biggest growth spurts in UDRP’s 22-year history.
Trademark owners filed 5,128 UDRP complaints last year, WIPO said, a 22% increase on 2020.
There have been almost 56,000 cases since 1999, covering over 100,000 domains names, it said.
The number of annual cases has been growing every year since 2013, its numbers show.
WIPO took a punt that the increase last year might be related to the ongoing coronavirus pandemic, but didn’t really attempt to back up that claim, saying in a release:
The accelerating growth in cybersquatting cases filed with the WIPO Center can be largely attributed to trademark owners reinforcing their online presence to offer authentic content and trusted sales outlets, with a greater number of people spending more time online, especially during the COVID-19 pandemic.
The number of domains hit by UDRP that include strings such as “covid” or “corona” or “vaccine” are pretty small, amounting to just a few dozen domains across all providers, searches show.
The growth does not necessarily mean the total number of UDRP cases has increased by a commensurate amount — some of it might be accounted for by WIPO winning market share from the five other ICANN-approved UDRP providers.
It also does not indicate an increase in cybersquatting. WIPO did not release stats on the number of cases that resulted in a domain name being transferred to the complaining trademark owner.
Recent Comments