Generic top-level domains (gTLDs) are a new and soon-to-be-huge feature of the internet. New websites using a wide variety of newly created domain names will soon be springing up like weeds. Owners of brands and trademarks need to be aware of the threats, and of their options and the tools that are available to protect their intellectual property on the web.

This huge expansion of internet real estate also brings a new wave of speculators and cybersquatters. New gTLDs open up a world of possibilities for speculators and cybersquatters to claim popular words and marks for their own profit. Trademark holders need to be proactive in order to protect their marks from being exploited by vultures on the web by taking advantage of ICANN’s new trademark protections, including legal rights objections to gTLD’s and the newly-created Trademark Clearinghouse.


The dot-com era was the wild west of the internet. In the land rush to the west, the plains went on forever, and land could be bought cheap. Bold and enterprising pioneers might head west to buy the land that would eventually become Silicon Valley, or Los Angeles, or Seattle.

In much the same fashion, in the dot-com era it seemed like there were an infinite number of domains available, and domains could be bought for nothing. Domains that would eventually be developed into the websites Google, Amazon, Facebook, and others.

But for every pioneer pushing the frontier, there were a hundred swindlers and horse thieves trying to turn an easy profit at someone else’s expense. On the internet, these vultures take many forms, but one of the most lucrative and enduring types is the cybersquatter. Cybersquatters deliberately prey upon trademarks, company names, famous people, or other domain names to profit from consumer confusion.

Cybersquatters are clever. A tremendous variety of profitable cybersquatting techniques have arisen, such as “typosquatting,” which is buying up likely typographic errors in domain names. For example, the URL “” might be typosquatted by purchasing the domains “”, “”, “” (“c” is close to “x” on a keyboard), and other variations or permutations.

In the most extreme cases, cybersquatting becomes akin to identity theft, an activity known as “brandjacking.”[1] Brandjackers attempt to steal another person’s or business’s brand equity by impersonating them. Brandjackers could use a website to impersonate a brand in order to damage the reputation of the brand, collect data about the brand’s customers or consumer opinion, or capitalize on consumer confusion in some way. High-profile examples include a Twitter account, @ExxonCares, by a fake Exxon employee mocking the company’s response to the Pegasus pipeline oil spill in Arkansas.

Modern Cybersquatting

Cybersquatting is still a serious problem today. Even after the dot-com boom died down, and even after federal legislation specifically to cut down on cybersquatting, cybersquatters still persist. A study of the hotel industry by MarkMonitor determined that the hotel industry alone loses $2.2 billion per year to competitive brandjacking.[2] More than 580 million visits are siphoned away from the brands’ online bookings sites.[3] The same study also identified over 2,100 cybersquatted domains using the five brands surveyed, together generating more than 57 million visits that would otherwise be going to the hotels’ official sites.[4]

There are many recent examples of huge cybersquatting cases. In 2007 Dell filed a major cybersquatting lawsuit against several companies using a wide variety of domain names to siphon millions of dollars from Dell and dozens of other Fortune 500 companies.[5] Among many other domain names, Dell objected to the domain name “”, containing an extra “c” in the name, which appears to be a common typo for Dell’s “” website.[6]

Verizon filed suit in 2008 against cybersquatters using the domains “”, “”, and “”, seeking $66.3 million in damages.[7] In addition to the domains cybersquatting against Verizon the defendant, OnlineNic, had registered more than 900,000 domain names that are quite similar to many famous marks and names of large companies.[8] In a default judgment the court awarded Verizon $50,000 for each of 663 infringing domain names.[9] The defendant, OnlineNic, did not show up in court, and no lawyers were listed for the defendant on the court docket.

Cybersquatting is a large-scale, omnipresent, and sophisticated effort at predatory domain name acquisition. Cybersquatters will buy domains for trademarks, company names, famous people’s names, common words, and any other domain names that can be used to turn a quick profit.

And the availability of an unlimited number of custom gTLDs is ringing the dinner bell on the largest smorgasbord for the domain name vultures since the invention of the internet.

Legal Rights Objections

ICANN’s new gTLD program has permanently changed the game for protecting brands and trademarks on the web. Buying your mark under the .COM top-level domain is no longer enough to protect your mark. Domain name registrants can get any domain name from any gTLD. Even if you own all the potentially problematic domains around “”, there are now an unlimited number of possible domain names under different gTLDs, as well as your .BRAND gTLD to worry about.

The new gTLDs open up an almost infinite amount of space for new domains, including the possibility that the top-level domain itself might be a registered mark. Fortunately, this time around ICANN has taken steps to protect trademarks, unlike the wild west days of the 1990’s domain name gold rush.

To protect the rights of trademark holders, the new gTLD program includes an objection period. If someone tries to register your mark as a gTLD, you can lodge an objection called a “legal rights objection” to a proposed gTLD.

ICANN’s objection process is intended to provide an opportunity to argue against certain new gTLDs. Businesses, individuals, government entities, etc. can object to a specific new gTLD and advance arguments as to why it should be terminated. The legal rights objection is one of several types of objections also including string confusion, limited public interest, and community objections.

The legal rights objection is essentially a claim that the applied-for gTLD string violates the legal rights of the objector.[10] In each legal rights objection proceeding WIPO’s Arbitration and Mediation Center (“WIPO Center”) appoints an expert panel to determine whether the potential use of the applied-for gTLD would be likely to infringe the objector’s existing Intergovernmental Organizations (IGO) trademark, name, or acronym.[11] Specifically:

[T]he expert panel would consider whether such potential use of the applied-for gTLD:

  1. “takes unfair advantage of the distinctive character or the reputation of the objector’s registered or unregistered trademark or service mark […] or IGO name or acronym”, or
  2. “unjustifiably impairs the distinctive character or the reputation of the objector’s mark or IGO name or acronym”, or
  3. “otherwise creates an impermissible likelihood of confusion between the applied-for gTLD and the objector’s mark or IGO name or acronym.”[12]

The decision by the panel will determine whether the applied-for gTLD is granted or terminated.[13]

Legal rights objections are filed in response to an ongoing application for a new gTLD. Because applications for new gTLDs proceed on a scheduled basis, legal rights objections can only be filed during an open gTLD objection filing window which follows the application filing window.[14] The previous application filing window closed on May 30, 2012. The objection filing window opened soon after on June 13, 2012, and lasted nine months before closing on March 13, 2013. The next gTLD application window has not yet been scheduled, but ICANN has indicated that it will begin the next application process “as expeditiously as possible.”[15]

After the objection filing window closes, legal rights objections for the preceding application filing window can no longer be filed. As a result, trademark holders who do not pay attention to new gTLD applications will be unable to contest the grant of a gTLD after the window to object closes. Instead, after the gTLD is granted the objector can only request Post-Delegation Dispute Resolution Procedure (PDDRP).[16] The dispute resolution process post-delegation is highly complex and has yet to be tested, but it is highly probable that the objector will find it very difficult to terminate a gTLD post-delegation.[17]

Filing a legal rights objection will involve fees to WIPO for arbitration. For example, filing an objection to one gTLD to be decided by one expert will cost $10,000 for both parties, with $8,000 being refunded to the prevailing party.[18] Different fee arrangements apply to different panels and consolidation scenarios.[19] ICANN and WIPO encourage parties to settle.

The Trademark Clearinghouse

The Trademark Clearinghouse helps trademark holders protect their trademarks from use by others in domain names. The Trademark Clearinghouse is a centralized repository of trademarks on the web which will warn both domain name registrants as well as trademark holders of possible infringement.[20] Trademark holders can register a mark at the Trademark Clearinghouse for $150 per year.[21]

The Trademark Clearinghouse confers two key protections to trademark holders; priority registration during a gTLDs Sunrise period, and notification when a domain name registrant uses the mark.

First, if you register your trademark with the Trademark Clearinghouse then you get validated trademark first priority in registration during each gTLDs Sunrise period. As a result, during every sunrise period, you will have the opportunity to purchase the domain under that gTLD before any other person or business.

Every gTLD must undergo a Sunrise period of at least 30 days before selling domain names to the public. The Sunrise dates for every gTLD are listed publicly on the Trademark Clearinghouse website.[22] A trademark holder only needs to register a mark once with the Trademark Clearinghouse to take advantage of priority registration in the Sunrise periods of every new gTLD.[23]

For example, on June 25, 2014, Afilias announced the sunrise period of its .BLACK top-level domain would begin on July 22, 2014.[24] For at least 30 days, Afilias must accommodate requests by trademark holders who have registered their marks with the Trademark Clearinghouse to obtain their trademarks as domain names.

For example, suppose Porsche had registered the mark “Porsche” with the Trademark Clearinghouse. Porsche would then be able to obtain priority registration from Afilias for the domain name “” before any .BLACK domains are sold to the general public. After the sunrise period, anyone in the general public can obtain any domain name under that gTLD, including potentially infringing domain names. For .BLACK, this means that starting on August 26, 2014, domain name registrants could obtain a tremendous variety of domain names ending in .BLACK, much like current domains ending in .COM. Thus, if Porsche chose not to purchase the domain during the Sunrise period, anyone in the world could purchase the “” domain.

Registration with the Trademark Clearinghouse gives the same priority registration protection across every top-level domain. Trademark holders should strongly consider registration with the Trademark Clearinghouse to obtain domain names matching their mark before anyone else can.

Second, registrants with the Trademark Clearinghouse will receive notification if a third party registers a domain using the registered mark. A domain name registrant seeking to use a domain name matching a registered mark will receive a warning when they attempt to register a domain.[25] If the domain name registrant accepts the notice and proceeds with registration anyway, then the trademark owner will be notified of the domain name registrant’s use of the mark.[26]

For example, suppose some third party tried to register the domain name “” from the owner of the .CAR top-level domain, or any other gTLD. First, that party would be notified that the mark “Porsche” is already registered with the Trademark Clearinghouse. And if that party proceeds with the domain name registration anyway, then Porsche will be sent a notification that the domain was registered. As a result, Porsche can take any action the company deems appropriate to deal with the domain registrant.

Domain names you choose not to own under other gTLDs can be used by other people and companies, and potentially by cybersquatters. However, if your mark is registered with the Trademark Clearinghouse then when someone registers your mark as a domain name you will at least be notified and can take appropriate action at that time.

Limitations of the Trademark Clearinghouse

The Trademark Clearinghouse is an enormous improvement over the completely unprotected internet of the dot-com era. However, the protections provided by the Trademark Clearinghouse are not absolute.

The most serious limitation of the Trademark Clearinghouse is that each registration only protects one string, and exactly that string. For example, if Porsche registers the mark “Porsche” with the Trademark Clearinghouse, only that exact sequence of letters benefits from the protections of the Clearinghouse. Slight variations will not be detected, such as “porche”, “porsches”, or “p0rsche” using a zero instead of an “o.” Clever manipulations like third-level domains “por.sche”, “po.rsche”, or even “” will also escape notice. To combat this, the Trademark Clearinghouse allows registrants 10 domains with a single registration, with the option to register more for additional fees.[27] The Trademark Clearinghouse is a powerful tool to receive notification when someone uses the registered string exactly, but trademark holders must still be vigilant about clever cybersquatters deliberately eluding the system.

Second, the Trademark Clearinghouse does not enforce any marks or perform any legal analysis of whether domains are infringing. The system does not actually block domain registrants from obtaining domain names that might infringe the mark you register. The domain name registrant will receive a warning, but can choose to proceed with registering the domain name. The trademark registrant will then receive a notification that the new domain was registered.

After the notification the trademark holder may take action if desired, but the Trademark Clearinghouse will not enforce the registered mark against domain names. Unlike purchasing the domain itself, registration with the Trademark Clearinghouse provides the trademark holder with notification about use of the domain, not control over the domain. In order to categorically prevent anyone from using the domain name, the trademark holder must actually purchase it.

As a result, the Trademark Clearinghouse does not directly stop cybersquatting. However the Trademark Clearinghouse does empower trademark holders to better defend themselves by giving trademark holders an earlier opportunity to purchase the domain, and by sending notifications about possible infringement.


New gTLDs also create a new universe of possible lower-level domains. Owners of existing trademarks and domains should be paying close attention. Trademark holders need to pay attention to the appearance of new gTLDs, and should consider a legal rights objection if another entity applies for an infringing gTLD.

Also, trademark holders probably should register with the Trademark Clearinghouse to help protect their mark against an infinite number of new and potentially infringing domains. Registration with the Trademark Clearinghouse gives a trademark owner strong priority to buy their name before anyone else can, as well as notification if anyone buys a domain using the registered mark.

Trademark holders should be keeping an eye on the new gTLD system, particularly because the new system encourages proactive trademark protection. Proactively protecting your trademarks means keeping an eye on new gTLD registrations, registration with the Trademark Clearinghouse, monitoring Sunset periods, checking notifications about possible infringement from the Clearinghouse, and vigilance about other domains the Clearinghouse might not identify.