On 5 August 2022, the administrative panel of the World Intellectual Property Organization (WIPO) ordered an individual, Zhi Chao Yang, the holder of more than 70 fraudulent domain names, to transfer such domain names to the company Verizon.(1)
Verizon is an American telecoms company specialising in mobile services. Zhi Chao Yang had registered more than 70 domain names, including:
- "myverizonbenefitsconnection.com";
- "verizonbenefitsvonnection.com";
- "verizonbenefitsconnection.com";
- "verizonbenefitsconnectino.com"; and
- "vverizonbenefitsconnection.com".
Such domain names constituted "typosquatting" of the domain name "verizonbenefitsconnection.com", which belonged to Verizon. "Typosquatting" is one of the best-known forms of cybersquatting, which consists of reserving domain names that are very close to existing brand or domain names and that contain typing or spelling errors.
Verizon initiated a uniform domain-name dispute-resolution policy (UDRP) proceeding against Zhi Chao Yang, seeking to have the domain names transferred to it. Verizon demonstrated that the disputed domain names were similar to its trademark, VERIZON, and showed that Zhi Chao Yang had no legitimate interest in registering them. Finally, Verizon demonstrated that the domain names had been registered and used in bad faith. In fact, some of the domain names had been used for parking sites with pay-per-click links.
Based on the evidence submitted by Verizon, the WIPO administrative panel:
- found that Zhi Chao Yang had fraudulently reserved the domain names; and
- ordered the transfer of more than 70 domain names to Verizon.
Verizon is involved in two other cases against cybersquatters that are still pending.
This decision demonstrates the importance of the UDRP procedure, both in terms of the fight against the infringement of IP rights and also in terms of cost control, since only one procedure is necessary when a fraudster reserves several domain names. In such cases, it is essential to establish whether the person reserving the fraudulent domain names has a record of convictions, since this could work in the complainant's favour. This decision raises various questions for domain name registrants.
Why monitor domain name registrations if the UDRP system exists?
The monitoring system and the UDRP system are two complementary mechanisms. The first intervenes upstream and allows fraud risks to be detected. The second makes it possible to effectively neutralise any domain name that infringes the rights holder.
It is common for a company's computer systems to be infected via an email sent from an address created from a fraudulent domain name, or for such domain names to fraudulently seek to obtain customers' personal data by creating a mirror site. Awareness of the existence of such reservations through appropriate monitoring is therefore a crucial tool in the fight against cybercrime and the protection of companies. Some insurance companies even take this monitoring into account when setting their rates.
Why take action against fraudulent domain names?
When domain names are inactive, the cyber risk remains theoretical. However, the owner of the legitimate brand must remain on permanent alert (ie, for the creation of a website or for the activation of mail exchange servers, through which email addresses can be created) by continuing to monitor such domain names. When domain names are activated, a rapid reaction is required. The main purpose of UDRP proceedings is to freeze the domain names concerned. Such domain names can no longer be transferred to a third party once the complaint has been lodged.
For further information on this topic please contact Elodie Garreau at INLEX IP Expertise by telephone (+33 1 56 59 70 90) or email (e[email protected]). The INLEX IP Expertise website can be accessed at inlex.com.
Endnotes