Protecting domain names

Domain names are alpha-numeric addresses that direct users to websites.  Unlike other rights regarding other property, domain name registration rights are limited and revocable.  As a result, protecting domain name rights is critical to any business with a web presence.  In today’s environment, that includes most businesses.

Real property has a title associated with it, and the owner of the real property has the exclusive right to use the property, sell the property and further develop the property.  The property rights never terminate.  Although the property may be subject to the rights of a lender, an easement holder or the government for taxes and assessments, the fundamental property rights vest in the owner.

Domain name rights are very different.  Domain names are registered to a registrant by a registrar, such as GoDaddy or Network Solutions.  The domain name registrant does not have property rights, but instead has contract rights.  When a domain name is registered, the registrant agrees to comply with the contractual terms and conditions established by the registrar for the use of the domain name.  The terms and conditions will include a specific time that the domain name will be registered, and it will include terms under which disputes over domain names may be resolved.

With these basics in mind, protecting domain names is different from protecting rights in real property.  Domain name rights are only as valuable as the rights of the registrant under the contract whereby a domain name is issued or registered.  Here are some practical tips on protecting your domain names:

1.  When a domain name is registered, the registrant is required to provide the name of the registrant, and the administrative and technical contacts.  These are the people who may exercise the rights of the domain name registrant.  If the name of the registrant and the administrative and technical contacts are not accurate, the domain name registrant may lose value rights in the domain name.  Make sure the name of the registrant, administrative contact, and technical contacts are persons controlled by the domain name registrant.  Failure to take this step could lead to the inability to change where the domain name is directed or to otherwise maintain the domain name.  Websites are moved from time to time to different hosts or servers.  If the registration information is not correct, the owner of the website may not be able to move the website, and may in fact, never have rights to the domain name.

2.  Domain names usually become trademarks and trademarks are used as or in domain names.  It is critical to make sure the registrant has cleared the domain name for trademark use and registration, and for potential infringement.  If a domain name infringes on the trademark of another, the registrant could be forced to shut down the website associated with the domain name, or adopt a new domain name.  Like trademarks, substantial goodwill can become associated with domain names.

3.  Obtain federal trademark registration for the domain name, or at least the domain part of the domain name.  The Anti-Cybersquatting Consumer Protection Act and the Uniform Dispute Resolution Policy both provide remedies for trademark owners where domain names are registered in bad faith in connection with such trademarks.

4.  Typosquatting is the practice of registering domain names by third parties which are off by a letter or two from the original domain name.  The typosquatter then derives traffic from the original domain name.  If the typosquatted name is infringing, the registrant may be able to force a transfer of the domain name, but another way to avoid having to take action is to register a variety of iterations of the domain name to help avoid typosquatting.  It would be impossible to avoid any potential typosquatting, but the more similar domain names that are registered, the lower the risk of typosquatting.

5.  Purchase long-term contract rights.  Not only are longer-term contracts less expensive on an annual basis, but they reduce the risk of the domain name expiring without being renewed.

Unfortunately there is no easy way to protect domain names from the many possible challenges that can arise.  Generally speaking, each domain name owner should adopt a practice for protecting domain names and avoid the potentially catastrophic results of failing to take appropriate action.

Early trademark registration is significant for protecting trademarks in domain names according to a UDRP decision denying transfer of musicmaker.com

Early trademark registration is significant for protecting trademarks in domain names according to a UDRP decision denying transfer of musicmaker.com. The respondent in the UDRP (Uniform Domain Name Dispute Resolution Policy) proceeding, The Music Connection, located in Reston, VA, offers custom music CDs and digital downloads. The company registered the domain name musicmaker.com on November 11, 1996.

The complainant in this case, MAGIX Software, a German company, offers software, mobile apps, and online services for music and video hobbyists. The most successful product of the company is MUSIC MAKER, a digital audio stream workstation. The product is now internationally known and used. The complainant registered the trademark MUSIC MAKER in Germany in 1994, and in the United States in 1997, with a date of first use in the United States of June 4, 1995. However, the mark was not published for opposition, and therefore made a matter of public record, until July 15, 1997, after musicmaker.com was registered.

The panelist in its decision to deny the complaint to transfer the domain name said that because the trademark MUSIC MAKER was not published in the United States until after musicmaker.com was registered, he was unable to infer that The Music Connection should have been on notice of any rights that would have prevented the registration of musicmaker.com.

The complainant likely could have prevailed on the complaint if its mark had been distinctive and federally registered prior to the registration of the domain name. Although the panelist ultimately made his decision based on the lack of bad faith registration and use, early trademark registration may have been sufficient to overcome that part of the decision as well. (MAGIX Software GmgH v The Music Connection, D2015-1216).

Watch for employee registration of domain names using employer trademarks

According to one source (http://www.statisticbrain.com/employee-theft-statistics/), the annual amount of employee theft from US businesses is $50 billion, and seventy five percent of employees have stolen at least once from their employer. It’s no surprise that employers have security cameras in stores, and policies in place to reduce the amount of employee theft. What is surprising is that employers are not more careful with other assets.

Although perhaps not technically theft, there is a new employee risk
relating to employer assets in the online world. Some seemingly clever employees have chosen to register their employe
r’s trademarks as second level domain names to enhance the value of the domain names. With registration of the domain names in hand, the employee’s intent may be to sell the domain names back to the employer, offer them on the domain name market to someone seeking a high traffic domain name, or hold them for some misguided leverage against the employer in the future. Any of these  strategies should not be acceptable to an employer as a trademark owner, and appropriate action should be taken.

Trademarks, and the associated goodwill, are valuable assets of employers. Many employer trademarks have been in existence for years, and based on extensive use and effort, have become significant tools for consumer awareness, brand loyalty, and quality consistency. Misappropriation and misuse of trademarks can be very costly for employers, and can damage the valuable goodwill associated with the marks. Having employees compromise the value of the trademarks should be taken seriously.

Although employees owe a general duty of loyalty to their employers, it is not always clear whether the rules for employees registering domain names are different than for an independent third-party registering domain names that include the employers trademarks. Attempting to discipline an employee for using a trademark in a domain name may not be an easy case. Probably the best course of action is for employers to adopt broad policies relating to employee use of trademarks, specifically as they relate to domain names. Also, employers need to be vigilant in monitoring the use of their trademarks in domain names, and in any other way that might impact or compromise the integrity of the goodwill of the marks.

New domain names: strategies for brand owners to protect their trademarks

Introduction

In the online business world, trademarks and domain names have become irrevocably interconnected.  Having a web presence is a natural extension of business branding efforts in a bricks and mortar environment.  Although not all businesses benefit significantly from a web presence, it is pretty clear that not having a web presence is damaging to a business.  Having a web presence means having a domain name, and domain names become part of the business’ brand.  Domain names by themselves can carry a message, and they control the ability to direct a consumer, or millions of consumers, to websites that will have a message, for better or for worse.  No business should be started, and no existing business should move to the internet without  first adopting one or more domain names that incorporate the applicable brand of the business.

Brands developed in bricks and mortar environments extend to the internet.  It would make no sense to have one brand in a store, and another brand online, unless there were a strategic purpose in doing so.  Brand owners have traditionally protected their brands offline.  They monitor the use of their brands, and if a competitor started using a trademark confusingly similar to the business owner’s mark, they act.  The business owner would likely send a demand letter, or pursue litigation to stop the infringing behavior, and protect the goodwill associated with the business owner’s brand.  The need for protecting brands should be no different in the online world.  The issues are different, but the need for vigilance and action are the same.

For years, domain names of choice included .com as the extension.  However, with the maturing of the internet, if .com domain names on the internet were vacant lots in a new residential subdivision, the lots would be virtually gone.  The internet was so saturated with .com domain names that it was becoming virtually impossible for internet users to register desired domain names using .com.

Recognizing the problem, the Internet Corporation for Assigned Names and Numbers (ICANN), a nonprofit organization responsible for managing internet domain names, made the decision to create more virtual land for more virtual building lot addresses, or opportunities for the adopting of new domain names.  The decision was made to add substantially more top level domain names, thus users to adopt and register domain names that were already taken under .com.  Top level domain names are the part of the domain name to the right of the dot, for example, cnmlaw.com.  The part of the domain name to the left of the dot is the second level domain name, or in this example, cnmlaw.

On January 12, 2012, ICANN opened the window to applications for new generic top level domain names (ngTLDs), similar to .com.  ICANN received 1,930 applications for ngTLDs.  To provide some context to what is involved in submitting an application for a ngTLD, the filing fee alone was $185,000 per ngTLD.  In addition there were potentially hundreds of thousands of dollars of costs associated with preparing the application, and building the infrastructure necessary to operate a registry that would own a ngTLD.  Successful applicants for ngTLDs must operate a registry which manages all of the domain names registered under the successfully applied for ngTLDs.  As of August 21, 2015, 741 ngTLDs had been introduced and made available for new domain names on the internet.  There are another 597 still working their way through the application process.  ICANN has left the door open to more rounds of applications in the future.  Examples of ngTLDs that have launched are .law, .tickets, .jewelry, .cafe, .sucks, .pharmacy, .bank., .samsung, and many others.

Concerns

Trademarks are source identifiers.  In order to develop strong trademarks, brand owners often spend significant amounts of money, and expend significant efforts for consumers to associate specific products and services with their brands.  These trademarks become very valuable, and bring significant goodwill to the brand owner.  As extreme examples, the APPLE and GOOGLE brands are valued at approximately $100 billion each.

The introduction of ngTLDs will make it easier for internet users to adopt and register domain names without having to rely exclusively on .com, or the other more popular top level domains, such as .net, .biz, and .info.  In addition, having ngTLDs could change the way businesses market online.  For example, .sony may become the go to ngTLD for anything Sony.  The introduction of .bank and .pharmacy could lead to greater consumer confidence in using online banking and pharmacy products.

However, this is also a brand owner’s potential nightmare.  Prior to the introduction of the ngTLDs, cybersquatters were active and misusing and abusing trademarks in domain names.  Now that there are hundreds of ngTLDs, under which each could have countless numbers of domain names, the potential for cybersquatting and trademark misuse will grow exponentially.

Here are a few examples of potential risks with ngTLDs:

1.  Pharming, spoofing, and other fraudulent activity.  Pharming is the redirection of an individual to an illegitimate website through technical means, or in this case, a domain name.  Even given right data security procedures, it is possible for a domain name registrant to create a website using a cybersquatted domain name, and capture sensitive information from a consumer.  For example, a website could be created that has windows asking for a consumer’s bank or other website user ID and password.  A less sophisticated or distracted consumer may enter the information before recognizing that the website is fraudulent. The obvious conclusion is that the website owner could take the information and use it to access the accounts of consumers who were misled by a typosquatted domain name.

2.  Loss of goodwill.  Brand owners spend considerable time and money developing their brands and the associated goodwill.  They need to address any activity that degrades that goodwill and devalues the brand.  For example, a domain name that includes a brand that leads to a parking or landing page may lead consumers to believe that the business is dead.  Domain names that lead to poor quality sites may create a bad first or lasting impression for a consumer.  Domain names and websites can be used to destroy goodwill.  Websites associated with cybersquatted domain names can use trademarks in a way that injures the brand owner.  It is possible that other information and materials could be posted on a website that negatively affects the brand owner’s brand.

3.  Tarnishment.  Denigration of goodwill is a problem, but tarnishment is a separate and more destructive problem.  Tarnishment involves websites that are not just poor quality, but also promote products or services, or encourage discussions or views about activities that misuse and tarnish a brand.  For example, one typosquatted domain name directed traffic to a website that displayed provocative images, and discussed gaming and prostitution.  There is no data on how many users or potential customers may have visited the page, and hopefully the consumer would understand that the website is not affiliated with or sponsored by brand owner, but there is the potential for tarnishment of the brand owner’s brands.  Allowing the use of a brand in a domain name that leads to a site inconsistent with the brand is a little like giving someone a street address to a box building, telling them it is a Costco or Target store, and when they walk in, they find gaming tables and the open sale of illegal substances.

4.  Regulatory.  Although there may not be much regulatory activity in this arena now, it is critical to be vigilant in watching for new regulatory guidance on how to manage issues with domain names.  This is particularly true in highly regulated industries, such as banking and healthcare.

Strategies in general.

There are two potential categories of strategies for brand owners to address concerns.  One, an offensive strategy or how to use ngTLDs to their benefit, and two, a defensive strategy or how to defend against trademark misuse.  It is still too early to tell how the ngTLDs will change the internet,marketing strategies, and consumer behavior.  It is safe to assume with the economic investment made in ngTLDs they are here to stay, and there will be changes, but how they will be accepted by internet users, and how registrants of the domain names use the ngTLDs, are still not clear.  However, it’s not too early to know that the protection of brands needs to be addressed.  Appropriate offensive and defensive strategies need to be considered and addressed.

Brand owners may make the decision to watch and monitor as time passes, and not spend any significant time or money on domain name management.  However, there should be a strategy.  Ignoring the problem and hoping it will go away is not a strategy.

Offensive strategies

Again, it is not yet clear how the introduction of ngTLDs will change marketing strategies and consumer behavior, so an extended discussion of offensive strategies is beyond the scope of this discussion.  However, there is one offensive strategy that should be adopted by all brand owners:

1.  Identify ngTLDs on a watch list.  Identify the brand owner’s core brands.  Register the core brands as second level domain names under ngTLDs on the watch list.

a.  Not all of the ngTLDs will be relevant to most businesses, but some will be.  For example, real estate brokers and agents will want to register under .realtor, banks under .bank, wedding planners under .wedding, and the list goes on.  The brand owner should create a watch list for registration of core brands under the ngTLDs on the list, but also for monitoring purposes, as discussed later.

b.  Core brands are trademarks which are the most widely used and recognized brands of the company.  There may be only one.  The overall brand or name of the company under which products and services are sold is a core brand.  The trademarks on the most popular or highest selling products or services are core brands.  Taglines and slogans may be core brands if they are widely recognized, and add significantly to the marketing efforts of the company.  Trademarks that may not be considered core brands are those for products or services that are secondary, and not part of the main group of products and services offered by the company.  Other source identifiers that are not prominent, or that are not perceived to have significant economic value are not core brands.

c.  Registration of domain names under ngTLDs is generally inexpensive, and if domain names are not registered now, it may be too late in the future.  Although the jury is still out on what the introduction of ngTLDs will mean to the world of internet marketing and sales, it is clear that inaction will quickly wipe out potential options for adopting domain names using core brands under relevant ngTLDs in the future.

Defensive strategies

In addition to existing strategies available prior to the launch of ngTLDs, ICANN recognized that the protection of brands is an issue, so several new brand protection mechanisms have been made available.  The following are recommended strategies to minimize the potential negative impact of the introduction of ngTLDs.  The strategies generally apply to core brands or trademarks.

1.  Register all core brand or trademarks in the Patent and Trademark Office.  Federally registered trademarks provide several benefits to brand owners, including the exclusive right to use the trademark in all fifty states, and to enjoin the use of infringing trademark by others.  Generally the use of a trademark in a domain name does not constitute use in commerce, so a trademark infringement action is not a recommended strategy.  However, federal registration of a trademark is a condition, or substantially helps on implementing the other defensive strategies identified below.

2.  Register all federally registered trademarks in the trademark clearinghouse (TMCH).  The TMCH is a new creation with the introduction of ngTLDs.  Registration of a trademark in the TMCH provides several potential benefits:

a.  When a new domain name is registered under a ngTLD that includes a second level domain name that is identical to a trademark registered in the TMCH, the TMCH will give notice to the domain name registrant that the registered domain name includes a federally registered trademark of another.  If the domain name registrant proceeds with the registration, the TMCH will give notice to the trademark owner of the registration, which will then provide the trademark owner with an opportunity to take appropriate action.  That action may include monitoring the website to which the domain name resolves, or pursuing another strategy identified below.

b.  When a ngTLD is launched, there is a sunrise period during which domain names may be registered on a priority basis with a trademark registered in the TMCH.  This allows the domain name to be controlled at a minimal cost before registration is open to the public.  This may be coupled with the offensive strategy discussed above to take domain names with a brand owner’s trademark essentially out of circulation before others register them.

c.  Other brand protection mechanisms require registration in the TMCH as a condition to using the other mechanisms.

3.  Register abused domain name labels.  Typosquatting is intentionally misspelling a trademark, or otherwise creating a typographical error in a domain name, to draw traffic from users who unintentionally misspell a domain name for a site where the user wants to go.  The TMCH will not give notice to the domain name registrant or the brand owner if the trademark included in the domain name is not the identical trademark, which means typosquatting is not covered by TMCH registrations.  However, if the brand owner files and is successful on a UDRP action so that the domain name is transferred to the brand owner, the TMCH will allow that string or domain name which is slightly different from the registered trademark to be registered in the TMCH, and be treated as if the modified domain name were registered in the TMCH as a federally registered trademark.

4.  Register all TMCH registered trademarks under the domain protected marks list (DPML).  As indicated previously, ngTLDs are managed by domain name registries.  Within limits, the registries establish the rules and guidelines for the registration of domain names under the ngTLDs.  Some registries have applied for and been awarded several ngTLDs.  For example, the Donuts registry has approximately 200 ngTLDs and the Rightside registry has approximately 40.  Both of these registries will allow trademarks that are registered in the TMCH to be registered with the registries.  Whenever an applicant seeks to register a new domain name under a ngTLD managed by the registry, and if the second level domain name is the registered trademark of a brand owner that has registered under DPML, the registry will block registration of the domain name.  This means that by simply registering a trademark under DPML, potentially hundreds or thousands of problematic domain names could be blocked.

5.  File Uniform Domain Name Dispute Resolution Policy (UDRP) actions when a core brand is being misused, and the ngTLD is on a list of predetermined ngTLDs.  The UDRP provides a mechanism for forcing a transfer of a domain name to a brand owner.  If a domain name is registered and used in bad faith, the brand owner may be able to have an approved arbitration forum force a transfer of the domain name to the brand owner.  The process is handled by an arbitration forum, such as World Intellectual Property Organization or National Arbitration Forum, and generally takes less than three months for a decision.  The cost is substantially less than litigation.  The biggest challenge with UDRP actions is deciding when to file.  There are potentially countless iterations of typosquatted brands that can occur with domain names.  Obviously, it makes no sense, economically or otherwise, to pursue all of them.  But if the typosquatting is close to a core trademark, the ngTLD is on the watch list, and the risk of consumers being directed to an inappropriate site is high, serious consideration should be given to filing an action.

6.  Consider actions under the Uniform Rapid Suspension System (URS).  The URS is a less expensive alternative to UDRP actions, and decisions are rendered more quickly.  However, the downside to a successful URS action is suspension of blocking of the domain name.  Control or registration of the domain name is not transferred to the brand owner.  In cases where a quicker resolution is necessary, and the brand owner simply needs time to consider other options, this may be a good course of action.

7.  File a lawsuit under the federal Anti-Cybersquatting Consumer Protection Act (ACPA).  Litigation is expensive and time consuming, and can be very destructive to a business.  Often the only winners are the lawyers.  However, sometimes litigation is necessary, and sometimes statutes such as the ACPA can be helpful in reaching a quick resolution to a domain name dispute.  Under the ACPA a person is liable to the owner of a mark, if the domain name registrant has a bad faith intent to profit from the brand owner’s trademark, and the registrant registers, traffics in, or uses a domain name confusingly similar to the brand owner’s mark.  There are several factors courts may use to determine if the registrant of the domain name had the requisite bad faith intent.  Available remedies include transfer or forfeiture of the domain name, and statutory damages of up to $100,000 per domain name, in the court’s discretion.  For negotiating purposes, that number may get the attention of a domain name registrant.

8.  Defensive registration of offensive or risky domain names, including .sex, .porn, .adult, .xxx, .sucks, and others on the watch list.  Usually the cost of registering a domain name is not significant.  Sometimes instead of waiting for someone else to register a domain name, and then having to take affirmative steps to deal with the problem, it is much easier and much less expensive to simply register domain names using core brands under the ngTLDs where brands may be abused or misused.  There are several ngTLDs that most brand owners would not want associated with their brands.  For example, most brand owners would likely not want to have their core trademarks associated with .sex, .porn, .adult, or .sucks, all ngTLDs, so it would be better to register the core brands under these ngTLDs, and control the domain names.  The cost of registration for most of these is less than $100 per year, and is inexpensive insurance.  Generally registration information for domain names is publicly available, so it also makes sense to register the domain names using a proxy service, so that the core brand is not associated in any way with the offending ngTLD.

9.  Monitor domain name registrations for potentially abusive domain name registrations.  There are services available to monitor for domain name registrations.  The TMCH will provide some notices, but the scope of monitoring should be broader than what is provided by the TMCH alone.  Without monitoring, brand owners will not know what potential activity is occurring, and whether any of the risks identified above are being realized.  Without knowing about risks, meaningful decisions cannot be made about how to address and manage the risk.

10.  Prepare and follow a budget.  Because of the exponential growth in ngTLDs it is critical to establish and follow a budget for domain name management.  It would be very easy for domain name management to get away, and start consuming more of the marketing or other budget than was intended, or would be appropriate.

There are several options for strategies, but the key is to consider the potential risks of having core brands used in domain names in ways that are damaging to those core brands, and the goodwill associated with the core brands.  Making strategic decisions about how to proceed should follow the consideration of risks.  Waiting for the dust to settle is probably not a great strategy.  Generally brand owners spend considerable resources on building goodwill, and the effort should not stop when it comes to the new world of brands on the internet.

Protect your brands – It’s time to register trademarks in the trademark clearinghouse

It’s time to start thinking more seriously about protecting your brands and trademarks in the online world.  Businesses expend significant time and resources developing and protecting brands in the physical world, but are not as careful in the online world.  Brands are frequently included in domain names, and are often the dominant part of domain names.  Although domain names may not by themselves communicate a strong message, because they are simply an address for a website, they are the gate through which consumers get to your business, and they directly impact the goodwill of your brand.  

Cybersquatting is as active today as ever, and it is going to get much worse.  Under the old regime of a few top level domain names (the name to the right of the dot, such as .com or .org), cybersquatting was a concern.  But with the introduction of thousands of new generic top level domain names (ngTLDs), the potential for misuse of brands will increase exponentially.

There were 1,930 applications submitted for ngTLDs (prior blog post) in the first round, and of those 1,930 applications, 417 ngTLDs have launched, and almost 1,200 are in the contracting stage, which means they will be available for launch soon.  Some of the ngTLDs that have launched include .homes, .auto, .loans, .global, and .toys.  It is anticipated there will be additional rounds of applications for ngTLDs.

Some of the risks to your brand if you do not protect against cybersquatting include sale of counterfeit goods, phishing, loss of goodwill, and brand tarnishment.  Recently thousands of websites were forced down because they were selling counterfeit Oakley products.  The websites in many cases included the brands of others.  In the complaint filed by Oakley Products, the plaintiff alleged that bogus websites are estimated to receive tens of millions of visits per year and to generate over $135 billion in annual online sales. The U.S. government seized over $1.26 billion in counterfeit goods in 2012, up from $1.11 billion in 2011.  The magnitude of the problem is huge.

Phising occurs when a cybersquatter posts a bogus website using a domain name similar to a brand owner’s trademark, and collects data and personally identifiable confidential information.  Loss of goodwill can occur in many ways including having a variation of a brand or trademark used on multiple websites that are not owned or controlled by you, the brand owner.  Cybersquatters do not only display brands in domain names, but they display the brands on bogus websites.  Tarnishment can occur when a website is posted using a brand, or variation of a brand, and the website displays inappropriate and or provocative images or content inconsistent with the goodwill associated with that brand.

Part of any strategy dealing with cybersquatting should include registering, in the trademark clearinghouse, federally registered trademarks.  I have viewed this as so critical that our law firm has become a trademark agent of the trademark clearinghouse, so we can submit trademarks to the clearinghouse without having to use a third party service.  When a trademark is accepted in the trademark clearinghouse, the brand owner may register domain names under ngTLDs during the sunrise period.  The sunrise period is a period for registration of domain names before the general public can register domain names.

In addition, following the sunrise period, there is a claims period.  During the claims period trademark holders will receive notice of any domain names that are registered under a ngTLD by a third party.  This will provide an opportunity to take appropriate action early in the process.  The person registering the domain name will also receive notice that the domain name being registered is the trademark of another person or business.  Hopefully, this will have some deterrent effect, although that is not likely.

There are other strategies available as well, but for now, the best action to take is to file valuable federally-registered trademarks in the trademark clearinghouse to obtain some protection against cybersquatters under the potentially millions of new domain names under the ngTLD that are increasing weekly.  Although not all brand owners will want or need to take aggressive steps, filing in the trademark clearinghouse should be part of a good domain name management strategy.  Unfortunately, doing nothing and hoping for the best is naïve and will weaken the value of your trademark.