Brand dilution, missed revenue, diverted online traffic and negative brand awareness are just a few examples of the significant damage that domain name infringement can have on your brand. In a world where more than 7.2 million domains have been registered using the new generic top-level domains (gTLDs) since the Internet Corporation for Assigned Names and Numbers (ICANN) launched the programme in 2013, how can you effectively manage domain names and stay on top of all potential issues?

Detection

There are many solutions and tactics to consider, but first you should have a strong detection process. This means running a domain name watch or assessment report on your marks and brands across all legacy gTLDs, new gTLDS and country-code TLDs. Your watch efforts must include not only exact match variations of your brand, but also misspellings, typos and the inclusion of your brand within a longer domain name string (ie, your trademark with a keyword). A watch report should also include a parsed version of all available information from the ICANN WHOIS search service, screenshots of the landing pages for the domain names discovered and visibility into brand-owned domain names (in order to validate WHOIS information and landing pages). A report of this size and scope can be overwhelming to view and difficult and time consuming to manage. For that reason, you should find a solution which supports an online platform where you can view the data, manipulate and filter it to fit your needs, easily act against infringing domain names and set up ongoing monitoring efforts.

Prioritisation

Once you have obtained a view of the overall landscape for your brand in the domain name space, the next step is to prioritise all enforcement and recovery efforts. The following prioritisation tactics can be very effective.

Validate what is truly owned by the brand

Different employees within different departments often register domain names separately, which makes it important to consolidate domain information and keep a regularly updated WHOIS record under one registrar. If domain name information is scattered around your organisation, there is a good chance that you will end up losing a domain name due to lack of payment or through the ICANN WHOIS verification policy.

Prioritise by traffic, squatter and infringement

Domains using typos and infringing domains with high traffic are most likely to affect your brand, so it is recommended that you pursue these infringements first. The next target is well-known squatters with numerous Uniform Domain Name Dispute Resolution Policy (UDRP) filings against them. Finally, you should target competitor redirects, since they can have a negative effect on your brand’s market share.

Once you have completed the prioritisation process, there are simple ways to enforce and recover domain names or stop the infringing behaviour quickly. Here are some of the most effective methods:

  • Check auction sites to see whether the domain name is listed for sale;
  • Where the registrar uses a privacy service, submit a privacy lift to determine the true owner of the domain name; and
  • Reach out to cooperative squatters to request an immediate transfer (many domain name providers keep a database of these squatters and their contact information).

The easiest, fastest way to pursue enforcement against a domain name is to send the current registrant a demand letter or simply contact it by telephone. Both of these methods can result in a low-cost resolution, but both can be challenging. Published WHOIS information on the domain name (where it is even published) is not always 100% accurate. Confirming the true owner of a domain name may seem like a daunting task, but there are several ways to proceed, including:

  • submitting a privacy lift to the privacy service;
  • checking the historical WHOIS information using a provider; or
  • filing a case under the UDRP.

In addition, you may consider using an experienced investigator to identify a domain name’s true owner.

If a demand letter does not result in a response or the transfer of the domain name, you can file a case under the UDRP if the TLD is supported with an ICANN-approved provider (eg, the World Intellectual Property Organisation or the National Arbitration Forum (NAF)). Under the rules for a UDRP filing, the claimant must prove the following three elements, supported by evidence and arguments:

  • The domain name is identical or confusingly similar to a trademark or service mark in which the claimant has rights;
  • The respondent (ie, the domain name registrant) has no rights or legitimate interests in respect of the domain name in question; and
  • The domain name has been registered and is being used in bad faith.

The rules may differ depending on whether the domain name that you seek to recover is in a gTLD or a country-code TLD.

Another option for dealing with infringement in a new gTLD is to file a complaint under the Uniform Rapid Suspension (URS) system. The criteria for filing a URS complaint are similar to those for the URDP, with some key differences:

  • URS complaints can be filed only with the NAF.
  • The trademark must be nationally registered or recognised through a court order or treaty (the URS does not support common law trademarks).
  • URS remediation involves only cancellation of the domain name registration. The domain name is not made available or transferred until after the registration has expired. In other words, if the domain name is due to lapse in two years, it will not be available for registration until the current registration has expired. However, the domain name is frozen by the registrar and the content of the page is removed immediately, effectively stopping the infringing behaviour. (By contrast, the UDRP process includes the option to transfer the domain name to the claimant).
  • A URS complaint is less expensive than a UDRP complaint.
  • URS decisions are issued faster than UDRP decisions.

Remember: URS remediation involves cancellation only. If your goal is to move a domain name into your portfolio or take over possession, or if you are dealing with a domain name outside of the new gTLD space, the UDRP is most likely your only option (although use of the URS system was recently approved for three legacy gTLDs – ‘.travel’, ‘.pro’ and ‘.cat’).

When you have a domain name that meets neither the UDRP nor URS filing criteria and a demand letter is not an option, you may choose to purchase the name from the registrant or through an auction service. To avoid the risk of an inflated price, brand owners should work with a representative to acquire the domain name anonymously. It is also beneficial to use an escrow service for domain name acquisitions after the purchase price has been agreed, in order to assist with the transfer of funds and ensure that the domain name is actually transferred.

Throughout your enforcement and recovery actions, keep these recommendations in mind:

  • Choose a provider that can provide you with the data you need and that offers a platform whereby you can manage your domain name enforcement and recovery efforts.
  • Prioritise your enforcement. It is best to pursue the domain names and infringers that could cause the most harm to your brand and to stop the harmful behaviour as quickly as possible.
  • Being nice goes a long way. Although you have been tasked with protecting a brand and preventing its dilution, it is best to send a soft demand letter and not immediately threaten legal action. Many domain name owners simply do not understand IP rights and sometimes it is necessary (and well worth your time) to pick up the phone and educate them.
  • Choose the most cost-effective solution. When you seek to stop the infringing behaviour, waiting for a UDRP decision (which can take up to 75 days) can delay the process, whereas purchasing a domain name or making a reasonable purchase offer can stop the infringement immediately.
  • Send a strong message to known squatters. Filing UDRP complaints is the only way to send the message that you will pursue enforcement, regardless of cost, in the hope of forcing the squatter to move elsewhere.

Choose a dedicated corporate domain manager to help you to facilitate domain name transfers on recovery so that you do not lose contact with a cooperative domain name owner or lose the domain name altogether (which would mean starting the enforcement process all over again).

Domain management in the context of new gTLDs

Since the advent of ICANN’s new gTLD programme, the size of corporate domain name portfolios has grown dramatically – especially in terms of the number of names requiring management, registration and renewal. This increased activity requires extra vigilance to ensure that recovered domain names:

  • are not dropped and subsequently picked up by a third party;
  • comply with the ICANN WHOIS verification policy;
  • carry consistent WHOIS information;
  • reflect a generic email address; and
  • resolve correctly.

After successfully recovering a domain name, you should transfer it to your preferred registrar, where it can reside with your complete domain name portfolio. Consolidating domain names under one registrar helps you to manage users, renewals and costs, view regional gaps and move forward with defensive registrations more easily. It also prevents a domain name from being accidentally dropped from the previous registrar for lack of payment after an enforcement action is complete.

Once you have recovered a domain name, stay on top of any tasks relating to the recovery process. Remember to review your domain portfolio regularly in order to manage transferred domain names and watch for pending transfers and any requirements necessary to complete a transfer (eg, the lift of a transfer lock, the 10-day hold after a UDRP filing or any other mandated locking period). It is also good practice to keep track of authorisation codes (or EPP keys) and their dates, since some may expire, leading to further transfer delays.

Another best practice to expedite the transfer process is to align all of the departments that are involved (eg, the legal, IT, marketing and compliance teams). Domain names can fall through the cracks when two departments are supposed to be working together on a solution, but may not be aware of their specific role or responsibility in the process. For example, if the legal team is responsible for enforcing and recovering domain names and receives an authorisation code that is not forwarded to the IT team or domain manager, the transfer will be delayed. Similarly, if the IT team or domain manager does not expect a transfer request, it may be unable to accept the transfer, resulting in delay. Finally, if the registrar of the recovered domain name chooses to turn off the auto-renew function or lacks a formal structure to auto-renew names, a domain name could be dropped and be registered again by a third party, starting the enforcement process all over again.

Keeping domain name recovery and domain management in sync

Keep your domain name enforcement/recovery and management processes in sync with each other in order to prevent unnecessary delays and additional costs. The following is a list of best practices:

  • If you are familiar with the registrar, request that the domain name be moved into your account. This allows you to take ownership faster and then transfer the domain to your preferred registrar later. This method prevents transfer fees and any registrant holds (which can delay the process by another 60 days).
  • If the domain name owner is cooperative, request the email address to be updated so that when a transfer needs to be validated by the domain name owner, you can accomplish this on its behalf.
  • If the above circumstances do not apply, transfer names that you have recovered to your preferred registrar quickly in order to reduce the risk of a domain name residing with an unfamiliar registrar. This eliminates the need to deal with multiple registrars, multiple registrar costs and credit card accounts.
  • Keep cross-departmental lines of communication open so that domain names do not fall through the cracks as they move from recovery through transfer to use. Use one standard company email address for domains (eg, domains@company.com) in WHOIS, so that in the event of employee turnover, you do not risk losing any domain names.
  • Ensure that recovered domain names are properly used by updating the domain name system settings to forward visitors to a working website, in order to capture all incoming website traffic. It is also important to continue monitoring these sites monthly to ensure that they are resolving correctly.
  • Review the WHOIS information and ensure that your current registrar updates the domain’s contact details to match your corporate profile whenever a newly recovered or acquired name is transferred into your portfolio.
  • Adopt a case management approach to help teams to get organised and prioritise all domain name enforcement and recovery efforts. This approach helps to maintain focus on which activities are most important and under what circumstances it is necessary to act quickly. A clear, transparent process for conducting reviews and validation of WHOIS information and landing pages is necessary in order to ensure that ownership is compliant with organisational and ICANN standards.
  • A third-party or internal tool can help keep track of recovered domain names and numbers and types of enforcement action, including:
    • UDRP and URS complaints;
    • types of infringement;
    • commonalities in an action;
    • annual budget allocations on actions and domain name management; and
    • pending transfers from third-party registrars.
  • Lastly, ensure that domain names resolve correctly in order to improve the customer experience and increase brand awareness.

A comprehensive brand protection and management service should aim to help a brand or mark to derive real value by making smarter decisions. In this new age of the Internet, these decisions may seem complex; however, with careful planning and prioritisation, your domain name recovery and management policies should work together to secure and protect your intellectual property online.

Robert Kriner, Emely Romero-Littrell, Brian Conchuratt

This article first appeared in World Trademark Review. For further information please visit www.worldtrademarkreview.com.