Reverse domain name hijacking

Written by Dreyfus09/07/2021

Reverse domain name hijacking constitutes an abuse of procedure. On this topic, the WIPO issued on April 4, 2021 a decision reminding Complainants of their failings: it was their duty to proceed to relevant checks before initiating the complaint and to build their case properly. The examiner was all the more severe given that Complainants were represented by counsel.

The complaint in question was filed by three applicants.

First Complainant is an Indian company notably specializing in the manufacture and sale of sanitary products and kitchen appliances. First Complainant was originally known as Hindustan Twyfords, but later changed its name to HSIL Ltd. in 2009. Second Complainant, Somany Home Innovation Limited, was incorporated in 2017. It manufactures and sells, among other goods, air and water purifiers, water heaters, air coolers. Like Second Complainant, Third Complainant, Brilloca Ltd, results from the split of First Complainant.

Having detected the registration of the domain names <hsil.com> registered on November 16, 1999 and <shil.com> on December 9, 1999, Complainants filed a complaint with the WIPO Arbitration and Mediation Center to request the transfer of the domain names.

Respondent is a UK registered company, established on October 7, 1998, which provides web development services to help small businesses gain visibility on the Internet, initially focusing on the health club and leisure equipment market. In addition to the main site « health-club.net », Respondent has registered a number of short acronymic domain names.

First Complainant owns trademarks for the sign « HSIL », the first of which dates from 2004. Complainants further argue that Somany Home Innovation is widely known by the sign « SHIL », the acronym that corresponds to its corporate name.

First and foremost, the panelist notes that the applicants have not submitted any evidence showing the use of the sign « SHIL » to the point of making it a distinctive identifier for their benefit. Therefore, the latter considers that they are in default concerning the proof of likelihood of confusion between the <shil.com> domain name and an earlier trademark in which they potentially have rights. On the other hand, the likelihood of confusion was recognized for the name <hsil.com>.

Then, regarding the issue of legitimate interest and/or rights in the domain names, the panelist takes into account the fact that Respondent registered the disputed domain names in 1999, before the alleged filing and use of Complainants’ « HSIL » and « SHIL » marks. As opposed to Complainants, Respondent has provided evidence to support its claims that the names were used as acronyms for « Sports / Health in London » and « Health / Sports in London ».

Besides, the disputed domain names were registered in 1999, many years before the filing of the HSIL marks and the registration of domain names containing « HSIL ». In addition, the Complainants have no trademark rights for the sign « SHIL ».

Also, Respondent has demonstrated a use of the disputed domain names in connection to a bona fide offering of goods and services.

The complaint is therefore dismissed.

In addition, the panelist found that the complaint constituted reverse domain name hijacking, an attempt to obtain a domain name by artificially proving infringement.

Complainants, who are represented by counsel, should have anticipated the weakness of their argument and the fact that the acronyms « Hsil » and « Shil » could not refer exclusively to them, as alleged in the complaint without any evidence.

The panelist also notes that Complainants tried to make it look like trademarks were rejected in India because of the « well-known status and enormous goodwill » acquired by their earlier marks. This, despite the fact that the defendant has proven that third parties have been able to obtain registration of trademarks for the sign « SHIL » in India.

The panelist also targets Complainants’ representative and denounces an « unfamiliarity with the UDRP » and raises the fact that the latter has listed the registrar as respondent simply because it had allowed the registration of an available domain name, even though it is not in its power to decide whether or not to allow a registration.

Source: WIPO, Arbitration and Mediation Center, April 4, 2021, Case No. D2020-3416, HSIL Limited, Somany Home Innovation Limited v. SHIL Ltd, Brilloca Limited v. GOTW Hostmaster, Get on The Web Limited, India

What are the suggested modifications to the UDRP?

Written by Dreyfus06/07/2021

Following the UDRP ‘s new gTLD program, new Rights Protection Review Mechanisms (RPM) have been implemented to protect trademark holders, such as the Uniform Rapid Suspension System (URS) procedure.

ICANN has now decided to address changes suggested by trademark holders and intellectual property experts regarding the UDRP. For instance, one of these suggestions is that a domain name should be considered abusive if it is registered OR if it is used in bad faith, instead of requiring that both these conditions are met. The idea is to lighten the burden of proof on the rights owner to take into account a more up-to-date reality. Another suggestion is to provide for an accelerated procedure in case of abusive conduct and to get a decision more rapidly if the defendant fails to respond to the complaint.

It has also been proposed to provide for a presumption of bad faith if the registrant has lost three UDRP complaints and to require any repeat offender to pay a response fee to defend the case. The central issue at this stage of the study is to understand the extent to which the UDRP principles should be changed in favour of trademark owners, while knowingt hat it may weaken the UDRP principles.

Sources:

Overview: The Rights Protection Mechanisms (RPM) Review https://newgtlds.icann.org/en/reviews/cct/rpm

Phase: 1 Initial Report of the Review of All Rights Protection Mechanisms in All gTLDs Policy Development Process :

https://www.icann.org/public-comments/rpm-initial-report-2020-03-18-en

The Vinci’s case: how to set up an effective domain name strategy?

Written by Dreyfus29/06/2021

On November 22, 2016, at 4:05 p.m. sharp, the Vinci group is the victim of identity theft. Several media receive a false press release reporting a review of Vinci’s consolidated accounts for fiscal year 2015 and the first half of 2016 following alleged accounting embezzlement.

In 2019, the US news agency Bloomberg appealed a decision of the AMF’s sanctions commission. The hearing before the court of appeal will be held this Thursday. Bloomberg was sentenced to 5 million euros for relaying information from a false Vinci press release.

A fake press release from Bloomberg

The American news agency Bloomberg is accused of having disseminated, in 2016, false information about Vinci without having verified it.

On November 22, 2016, at 4:05 p.m. sharp, the Vinci group is the victim of identity theft. Several media receive a false press release reporting a review of Vinci’s consolidated accounts for fiscal year 2015 and the first half of 2016 following alleged accounting embezzlement.

The false statement also indicates that the chief financial officer was fired. Less than a minute later, between 4:06 p.m. and 4:07 p.m., Bloomberg picked up the information and disclosed it on his terminal.

This press release had even been signed with the name of the real person in charge of Vinci’s press relations, while referring to a false cell phone number.

In defense, the defendants point out before the commission that the tone, the absence of spelling errors, the careful layout, the exact references to certain directors of Vinci or to its auditors, the mention of the real spokesperson for Vinci as well as the plausibility of the foot of the press release, which contained a link to unsubscribe from the Vinci mailing list and alerted the recipient to the automated processing of data, mentioning the contact details of the real correspondent Cnil de Vinci , did not differentiate this press release from a real press release established by Vinci.

The domain name issue in the false press release

The only inaccuracies in the false press release: the domain name of the false Vinci site to which the press release referred and the false mobile phone number of the “media contact”.

The fraudulent press release was also received by AFP, which did not follow up after realizing that this document had been posted on a mirror website, very similar to the real site but with a separate address (vinci.group and not vinci.com).

How to protect your domain name?

Domain names represent an essential intangible asset for companies since they allow access to websites related to their activity. Now, protecting the domain names associated with the trademark or the business of the company has become almost as important to the company as the protection of its brands.

In addition, domain names are the preferred medium for cyber-attacks which calls for increased vigilance on the part of owners and Internet users.

Phishing, fake president fraud, identity theft, fake job offers, theft of personal or banking data, whaling… frauds are numerous and are constantly adapting to technological progress;

Fraud is facilitated by the very protective provisions of the GDPR, which prevent the direct identification of the domain name registrant; technical service providers tend to rely upon the provisions of the GDPR and the LCEN to justify their inaction and allow fraud to continue;

There is a great risk of damage to the company’s image and reputation. Such fraud also has a significant financial impact, given the risk of embezzlement and money laundering.

The AMF’s Guide to Periodic Disclosure for Listed Companies (dated June

To protect your domain name from cybersquatters or competitors, it is recommended to also register the domain name as a trademark in addition to the reservation of the domain name.

It is possible, before making a domain name reservation and trademark registration, to check its availability, to avoid conflicts between domain names, trademarks or corporate names.

Domain names are now an integral part of the international economic landscape. Like industrial property rights and traditional distinctive signs, they are instruments of competition and intangible assets of companies. It is of course essential to have it for anyone who wants to exist in a market.

But care must be taken not to come into conflict with one’s competitors by using, even in good faith, distinctive signs close to theirs. Conversely, it is also necessary to enforce its own distinctive signs by not allowing third parties to appropriate signs close to its own in order to offer the same or similar services.

How to mitigate the risks regarding domain names ?

– Proceed to an audit of the corporate trademark and the company’s flagship trademarks among domain names, in order to map the risks;

– Set up a 7/7 watch of the corporate trademark among domain names, and a 7/7 or at least weekly watch on the company’s trademarks dedicated to goods or services;

– Set up watches on social networks such as Facebook, Instagram, Twitter and LinkedIn;

– Proceed with the preventive registration of domain names in risky extensions (such as .COM, .CO, .CM, .GROUP);

– Take preventive action(s) against potentially dangerous domain names;

– Define procedures and set up a crisis management unit to quickly react to infringements in case of emergency;

– Draft or update the company’s domain name policy (registration procedures, compliance with legal obligations, best practices) to be shared internally and with the company’s service providers and suppliers.

Cyber threats are more numerous and more complex and it has also become increasingly difficult to take action against registrants of disputed domains. More than ever, monitoring is required with the implementation of risk mapping and a defense strategy.

Dreyfus advise you in setting up the appropriate strategy to limit the risks related to domain names and to integrate industrial property assets in your compliance plans.

Domain name right : bona fide offer of goods or services

Written by Dreyfus18/06/2021

A right or legitimate interest in a domain name may be demonstrated by its use in the context of a bona fide offer of goods or services. This assessment requires to take into account how the domain name has been used, but also the space-time framework: When was the domain name registered? By whom? In which country?

Founded in 2003, Ba & sh is a French company operating in the field of design, manufacturing and distribution of women’s ready-to-wear clothing and fashion accessories.

Having detected the registration of the domain names <bashshitever.com> registered in 2014 and <bashclothing.co> in 2020, Ba & sh filed a complaint with the WIPO Arbitration and Mediation Center in order to obtain the transfer of these domain names.

While the construction of the <bashshitever.com> domain name is somewhat intriguing, the fact that the <bashclothing.co> name contains the term “clothing” may have led Ba & sh to consider that its rights were being infringed.

In any event, since the domain names include the sign “BASH” except for the ampersand, the panellist acknowledges a likelihood of confusion.

Nevertheless, the panellist deems that Respondent has chosen these domain names independently of Complainant’s trademark and has used them in the context of a bona fide offer of its goods on the corresponding websites.

Indeed, Respondent is from Malaysia, where the company was founded in 2015, while Ba & sh has provided no evidence of actual use of its BA & SH mark in that territory. Khor Xin Yu, Respondent, explains that he co-founded “BASH CLOTHING” in 2013 when he was 18 years old and that the mark was also used in Singapore in 2017. Initially, the sign used was “Bash Shit Ever”, later changed in 2020 to “Bash Clothing” as part of a branding update.

Similarly, Respondent provided an explanation and documentation justifying the selection of the sign BASH because of the meaning of the dictionary term “bash”. Finally, Respondent used a logo that differs from that of Complainant.

Complainant has not shown that Respondent registered and used the disputed domain names in bad faith.

Indeed, when the first disputed domain name <bashshitever.com> was acquired by Respondent, Complainant had been operating in France and worldwide for about 11 years and had owned an international trademark for about 7 years, designating Malaysia. However, Complainant has not presented any evidence of actual use of its BA & SH trademark in Malaysia at the time of registration of the first disputed domain name.

In addition, a Google search for “bash” shows several results unrelated to Complainant or its trademark. Respondent has also provided a plausible explanation as to why he chose the term “bash”, an English dictionary term related to the idea of a party insofar as its initial target was female students.

Finally, although the parties operate in the same market segment (i.e. ready-to-wear and accessories), Respondent’s use of the disputed domain names does not show an intention to compete with Complainant and its trademark, given the different logos/layouts, the significantly lower prices at which the Respondent’s clothing is offered for sale, and the absence of any information on Respondent’s website that would lead users to believe that the website is operated by Complainant or any of its affiliated entities.

The complaint is, therefore, dismissed.

Ba & sh should have investigated Respondent’s motives before initiating a UDRP proceeding, including whether its trademark was known in Respondent’s country when the first domain name was registered. It should also have determined for how long Respondent had been using the “Bash” sign for fashion activities. An investigation could have revealed these elements. Respondent explains that he first marketed the Bash clothing on social networks. And, depending on the answers to these two questions, write a proper letter to the defendant

Why does the willingness to sell a domain name is not conditioned on an active approach?

Written by Dreyfus18/05/2021

(OMPI, Centre d’arbitrage et de médiation, 23 février 2021, affaire n° D2020-3322, Netflix Inc. c. WhoisGuard, Inc. / Siddharth Sethi)

Avons-nous encore besoin d’introduire Netflix ? Cette plateforme proposant des services de streaming vidéo compte 195 millions de membres dans plus de 190 pays et semble être connue dans le monde entier. Pourtant, certaines personnes tentent de se soustraire à cette notoriété pour tenter de se construire une légitimité artificielle et justifier l’enregistrement d’un nom de domaine .

En effet, alors que la société Netflix détient de nombreux enregistrements dans le monde pour le signe « NETFLIX » en tant que marque , la société a détecté l’enregistrement du nom de domaine <netflix.store> . En conséquence, elle a déposé une plainte auprès du Centre d’arbitrage et de médiation de l’OMPI pour obtenir son transfert.

Le nom de domaine, enregistré le 3 septembre 2017, pointe vers une page qui présente une animation composée d’un effet d’éclatement de couleur et se termine par un écran de couleur vierge.
Le titulaire soutient que le nom de domaine ne reproduit pas la marque NETFLIX mais est plutôt composé de deux termes , “net” et “flix”. Or, comme prévu, l’expert considère que la marque NETFLIX est reproduite à l’identique dans le nom de domaine.
L’expert considère que si l’utilisation du nom de domaine n’est pas commerciale, son enregistrement ne serait pas non plus considéré comme légitime. En effet, le site mis en place vise à légitimer l’enregistrement afin de dissimuler l’intention de vendre le nom de domaine au Plaignant. Ni la reproduction de la marque NETFLIX dans le nom de domaine litigieux, ni l’extension <.store> n’ont de sens si le projet devait effectivement être non commercial.

En conséquence, il estime que l’intimé n’a aucun droit ou intérêt légitime sur le nom de domaine .
Par ailleurs, l’expert constate que le Défendeur connaissait le Plaignant et son activité et prévoyait qu’en achetant le nom de domaine, il serait en mesure de le revendre au Plaignant avec un bénéfice significatif. Cette stratégie a été partiellement couronnée de succès, car Netflix a fait une offre que l’intimée a refusée, essayant d’obtenir une somme considérablement plus élevée.

Or, l’enregistrement d’un nom de domaine qui correspond à la marque d’un Plaignant avec l’intention de le vendre au Plaignant lui-même , établit la mauvaise foi. L’expert précise que le titulaire « [n’aurait pu] raisonnablement penser qu’un tiers serait en mesure d’utiliser commercialement le Nom de domaine litigieux ». Il convient également de noter que l’intimé a tenté de faire croire à la personne qui l’a contacté qu’il avait reçu d’autres offres plus élevées. En effet, le représentant de Netflix, qui n’avait pas indiqué qu’il agissait pour Netflix, ce qui était un secret de polichinelle, avait proposé la somme de 2 000 USD, que le déclarant jugeait trop faible.

L’expert commente ce comportement récurrent de certains cybersquatteurs : « Peu importe que le Défendeur n’ait pas proposé activement à la vente le Nom de domaine litigieux. Il n’est pas rare que des déclarants opportunistes de noms de domaine incluant une marque tierce attendent d’être approchés, réalisant qu’une offre active de vente du nom de domaine peut faciliter un procès UDRP à leur encontre ».

En conséquence, l’expert conclut que le nom de domaine litigieux a été enregistré et est utilisé de mauvaise foi et ordonne ainsi son transfert au Plaignant.

Sauf dans les cas où un nom de domaine reproduisant une marque notoire telle que NETFLIX est utilisé à des fins de critique sans usage commercial, ou pour un usage commercial minimal, il est quasiment inconcevable d’imaginer qu’un tel nom de domaine ait pu être enregistré de bonne foi . Netflix savait évidemment qu’elle gagnerait le procès, mais a visiblement choisi d’essayer de négocier un rachat à l’amiable pour un budget légèrement inférieur à celui d’une procédure UDRP, si l’on compte les 1 500 USD d’honoraires et les honoraires d’avocat. Cette approche, si elle réussissait, aurait permis d’économiser du temps et de l’argent, mais la simple offre de rachat a pour effet d’encourager le cybersquattage.

How does the bad faith duplicate between registration and bad faith use?

Written by Dreyfus29/04/2021

UDRP While one generally refers to the “three criteria” of the UDRP (a trademark similar to the domain name; the absence of rights or legitimate interests of the defendant in the disputed domain name; and the bad faith of the registrant), it should be kept in mind that bad faith in UDRP matters has two aspects: the first is bad faith registration and the second is bad faith usage. Therefore, proving only one of these elements is insufficient even though it may be considered “fair” that a name used in bad faith should be transferred to the applicant.
In the present case, Great American Hotel Group, Inc. complained that its former vice-president retained the domain name <greatamericanhg.com> and changed the password of the account used to manage this name with the registrar.

It all started in 2011 when the applicant decided to adopt the name Great American Hotel Group. Its president at the time asked Mr. Greene, then vice-president of the company, to reserve the domain name <greatamericanhg.group>.
The latter did so, but – apparently without notifying his superior – reserved the domain name in his name instead of that of the company. He did, however, record the company’s postal address, and pay with the company card. In 2012, he hired an anonymity service to hide his data.

Since its registration, the name had been used for the company and Mr. Greene had always treated the domain name as part of the company’s assets.

However, following disagreements, Mr. Greene was suspended from office in 2015 and dismissed in 2016. In 2017, the name was renewed by the company’s technical teams even though Mr. Greene was no longer present. However, the latter subsequently changed the password so that the name could no longer be renewed by the company. The applicant’s counsel proceeded to send Mr. Greene a letter of formal notice, which remained unanswered, leading to the filing of a UDRP complaint.

The panellist acknowledged that the applicant had common law trademark rights through the use of the sign “Great American” and that the registrant did not have any legitimate rights or interest in the name as it was created for the applicant company.
He also acknowledged that the domain name was used by Mr. Greene in bad faith.

Nevertheless, the panellist was more sceptical regarding the issue of bad faith registration. Indeed, the name had been reserved by Mr. Greene at the request of the president of the applicant company, which, in principle, had, in fact, been a registration in good faith.

In order for registration by an employee to qualify as having been done in bad faith, the panellist specified that the employee must have, from the beginning, had “an intention to cause harm”. Therefore, the evaluation must be factual and done on a case-by-case basis.

In this case, Mr. Greene had registered the domain name in his own name. The panellist found that “this may be subject to questioning, and the fact that he did not mention the company does not constitute a good domain name management practice”, however, the president and the company seemed to be equally as uninterested in formalizing the reservation of the name.

For four years, until he was suspended from his functions, the registrant had always displayed conduct that demonstrated that he understood that the name belonged to the company. Thus, there is no reason to suppose that by reserving the name four years earlier, he had intended to compete with the applicant or to benefit from some type of tactical advantage against him.

Consequently, the plaintiff’s complaint was dismissed as the registration in bad faith had not been established. Nevertheless, the panellist specified that the applicant could turn to other avenues to try to obtain relief.

The significance of this decision, in addition to highlighting the dual condition of bad faith, is that it reiterates the need to set up an internal naming charter to avoid any dispersion of assets, both in terms of trademarks and domain names.

How to protect your brands in the digital era?

Written by Dreyfus26/04/2021

“Intellectual property was viewed with passion – and in a style steeped in pre-Romanticism! – as “the most sacred, the most legitimate, the most unassailable […], the most personal of properties”; “The least likely to be contested, the one whose increase can neither hurt republican equality, nor overshadow freedom,” said Patrick Tafforeau in his book Intellectual Property Law published in 2017.

It should be borne in mind that intellectual property is protected by law. This protection is notably achieved through patents, copyright and trademark registrations. These intellectual property rights allow creators to obtain a certain form of recognition or even a financial advantage from their inventions, plant varieties or creations.

In this sense, paragraph 1 of article L111-1 of the Intellectual Property Code provides that: “The author of a work of the mind enjoys on this work, by the sole fact of his creation, of an exclusive and intangible property right enforceable against all”.

In fact, the Internet has created tremendous opportunities for companies in terms of communicating their brand message. However, its global reach, openness, versatility and the fact that it is largely unregulated are all elements that have created fertile ground for trademark infringement such as counterfeiting.

For a long time, real world activity and Internet activity were separated. Today, the two worlds undeniably tend to come together. Trademark law is therefore very useful in defending yourself in the digital era. By appropriately balancing the interests of innovators with those of the general public, the intellectual property system aims to foster an environment conducive to the flourishing of creativity and innovation.

When you create a company or launch a product, know that it is recommended to protect your trademark (which can be the name of your company, a logo, numbers, letters, etc. …). This registration will protect your company from counterfeiting.

Once registered, the trademark is an industrial property title which gives you a monopoly of exploitation for a period of ten years, renewable indefinitely.

Registering your trademark gives you an exclusive right to a sign that distinguishes the products or services you offer from those of your competitors, which is a significant competitive advantage ! As such, your sign is protected for the categories of goods and services referred to in your trademark registration and in the territory for which said registration is accepted.

In this perspective, it is necessary to put in place a strategy for the protection of your brand as soon as possible. Before filing a trademark, it is important to make sure that it is available and that there is no owner of an earlier right to that trademark. You must therefore be the first to register this mark.

The reasons why trademark registration is becoming a necessity are multiplying in the face of the phenomenon of cybersquatting. Thus, owners of registered trademarks benefit from new advantages in the defense of their rights on the Internet.

First, it has become increasingly important to protect your brand on social media. Since 2009, Facebook has allowed its members to create usernames, easily accessible, but which can include brands. Prior to 2009, Facebook allowed registered trademark owners to identify their trademarks and prevent their use by other members.

Most social networks register user names on a “first come, first served” basis. In order to defend your rights, it is preferable to have a registered trademark in order to report a violation of trademark rights, according to the general conditions of use of social networks.

Secondly, the presence of a mark on the Internet also imposes its protection in referencing on search engines and in particular paid referencing. Through the AdWords system, Google allows advertisers to select keywords so that their ads will appear to Internet users after entering those words into a search. Conflicts arise when advertisers buy keywords that contain brands, but do not have rights to them.

Owning a trademark right then also becomes extremely useful in the fight against unfair practices.

Thirdly, the proliferation of new gTLD domain name extensions must also attract the attention of trademark owners. To date, more than 300 new gTLDs have been delegated, and gradually hundreds more will follow. Faced with the risk of conflicts with protected trademarks, a new tool is made available to trademark rights holders: The Trademark Clearinghouse. It is a centralized declarative database of registered trademarks. Once the trademark is registered, the holder benefits from the priority registration period for new gTLDs – Sunrise Period – and is notified when a third party wishes to register a domain name identical or similar to its trademark. The registrant of the disputed domain name is also informed that he may infringe trademark rights.

Finally, if a domain name reproducing or containing a trademark is registered, the trademark rights holder has the possibility of taking action against cybersquatters using dedicated extrajudicial procedures such as the Uniform Rapid Suspension (URS) and the Uniform Domain Resolution Policy (UDRP). These dedicated procedures are only open to trademark holders.

It should be remembered that the business landscape has changed with the rise of the Internet and, in order to thwart the risks of intellectual property infringements on online markets, it is important that companies adapt their management of industrial property rights portfolio accordingly.

Nathalie Dreyfus – Industrial Property Attorney, Expert at the Paris Court of Appeal, Founder & Director of Cabinet Dreyfus in Paris – Dreyfus.fr

Dreyfus can assist you in the management of your trademarks portfolios in all countries of the world. Do not hesitate to contact us.

Can ICANN provide a solution for IT security problems?

Written by Dreyfus14/04/2021

The DNS NEWS report No. 271 highlights the overall criticism of ICANN solution for not intervening as much as its powers allow in Internet security issues, even though the DNS breaches do not decrease the number of hits. A sort of criticism derives from this observation: should ICANN become a kind of Internet welfare state or should it remain in the background, which would be recommended by the defenders of Internet neutrality.

It should be noted that in 2018, ICANN solution had already undertaken measures to make the Internet a little more secure, by changing the cryptographic key used to protect the Internet’s address book, the DNS (Domain Name System). However, further efforts are expected.
Domain Name System. – V. ICANN, 16 sept. 2018, Approved Board Resolutions [ R]egular Meeting of the ICANN Board).

Source: Dns-news.fr, date, rapp. n° 271,

To discover…

♦ ICANN Summit: the fight against DNS abuse, a GAC priority

The current reputation of the trademark is not sufficient to prove bad faith registration of an old domain name

Written by Dreyfus23/03/2021

Source: WIPO, Arbitration and Mediation Center, Nov. 24, 2020, case DRO2020-0007, NAOS c/ Bioderm Medical Center

The Bioderma brand has a world-wide reputation but was this reputation already established in Romania at the beginning of the years 2000? The Bioderm Medical Center, a clinic based in Romania, answers no to this question.

NAOS, owner of the Bioderma trademark, has detected the registration by the Centre Médical Bioderm of a domain name reproducing its trademark, namely <bioderma.ro>. However, said domain name is quite old as it has been registered on February 24, 2005.

On September 4, 2020, NAOS filed a complaint with the WIPO Arbitration and Mediation Center to obtain the transfer of this domain name. This complaint is based on an International trademark Bioderma, protected in Romania since 1997.

Nonetheless, the defendant claims to have used the sign Bioderma as its business name for several years, hence the registration of the domain name <bioderma.ro> and the subsequent change of its coporate name.
The expert in charge of the case is particularly thorough in its assessing whether the defendant has the legitimate interest and rights in the disputed domain name or not.
He considers that even if the latter produced a Kbis extract showing that its commercial name, in 2003, was indeed Bioderma, it is insufficient to prove a legitimate interest or rights on the domain name. The defendant should have brought evidence that it was commonly known by the Bioderma name.

The expert also notes that the disputed domain name resolves to an inactive web page and therefore concludes that there was nobona fide use of the name in connection with an offer of goods and services and no legitimate non-commercial use of the name.
It is however on the ground of bad faith that the expert finally decides in favour of Bioderm Medical Center.
The latter notes that the International registration of the applicant’s Bioderma trademark is several years older than the disputed domain name and that this trademark is currently renowned. However, the evidence brought by the applicant are deemed insufficient to demonstrate the possible or actual knowledge of this trademark by the defendant in 2005, at the time of registration of the disputed domain name.

Indeed, although the earlier mark was established in the 70’s in France and was first registered in Romania in 1997, the first subsidiary of the applicant, established in Italy, only opened in 2001: the true starting point of the brand’s internationalization.
Yet, the defendant founded the company in 2003 and carried on its business under the name Bioderma until 2008.

From there, it is not possible to establish that it had targeted the company or its trademark to mislead or confuse Internet users. Moreover, the defendant did not conceal its identity and responded to the complaint, which shows good faith.

This decision is a reminder that it is essential to place oneself at the time of domain name registration in order to assess the aim of the registrant. Even if the prior trademark enjoys a world-wide reputation on the day of the complaint, the dive into the past is inevitable: it must be determined whether the defendant, located in a certain country, had knowledge of the rights or reputation of the trademark. In this case, the expert took into account, among other things, that the defendant used the commercial name “Bioderma” in 2005. Therefore, it is essential to investigate on the registrant and their situation at the time of registration of the domain name, here particularly old. To that end, seeking legal advice from an IP lawyer specialized in UDRP procedures is strongly recommended.

Dreyfus can assist you in the management of your trademarks portfolios in all countries of the world. Please feel free to contact us.

The creation of a data access system Whois by ICANN

Written by Dreyfus27/01/2021

Since the advent of the General Data Protection Regulations (GDPR), it has become really difficult to obtain information about the registrant of a domain name. This obviously complicates the dialogue between trademark and domain name holders.

ICANN has proposed a project to create a System for Standardized Access/Disclosure (SSAD), which would allow standardized access to non-public data on domain name registrations.
The objective of the SSAD is to provide a predictable, transparent, efficient and accountable framework for access to non-public registration data. It must also be consistent with the GDPR.
However, the decision whether or not to grant requests would still belong to the registrars, as legal constraints on personal data may vary from country to country.

This project accelerated in August during Stage 2 of the policy development process, during which a final report was presented that provides 22 recommendations for the system.
The creation of this SSAD could, in the coming years, facilitate the fight against cybersquatting, which has been strongly impacted by the GDPR and WhoIs anonymization processes. It should be remembered that the next round of requests for domain name extensions should take place in 2023, bringing a whole new set of challenges in the fight against Internet attacks.

Source: LexisNexis, N°1 (January 2021)

domain name