Non classé

A lot of work is currently being done to define domain name abuse or domain name Infringements. Domain abuse is the use or intent to use of domain names, the DNS domain name system protocol, or any digital identifier with a shape or function similar to domain names, for deceptive, malicious, or illegal purposes.

But where do we stand in the fight against domain name infringement?

Focus on the Attack Vector:  a form of Domain Name Abuse

The form of damage corresponds to the attack vectors. Domain name abuse is becoming more common, manifesting itself on websites, via search engines, or in email inboxes via phishing attempts.

In 2023, holders of contentious domain names are increasingly using certain “modern” domain name infringements vectors. Among them are domain name infringements via SMS, QR codes, or even sponsored ads.

In the case of SMS, the infringement takes advantage of flaws in communication protocols. A URL link pointing to a malicious website is frequently attached to the SMS.

QR codes, on the other hand, function as URL shorteners and can direct users to potentially harmful websites. These QR codes are increasingly being printed in paper format on fake notices of passage or fines.

Finally, sponsored advertisements are extremely popular. Malicious sites often appear at the top of Google searches in the form of advertising inserts. The lack of a precise visual indicator often prompts internet users to click on these ads without being wary of the content they contain.

These new attack vectors highlight the creativity and determination of malicious actors. These novel forms are accompanied by substantive innovations. In actuality, the landscape of infringements is also expanding.

An overview of Domain Name Infringements

There are various types of infringements. Cybersquatting, phishing, and fake institutional websites are well-known practices. Others, more recent, require a thorough examination.

A New Form of Cybersquatting: Robot Cybersquatting

Cybersquatting, the act of registering brand-related domain names with the intent to profit from the brand’s reputation, disrupt its visibility, or sell it back to its rightful owner, isn’t new. However, its methods are becoming more sophisticated.

Bots, particularly in China, now constantly monitor domain names. They swiftly register domains once they become available, especially if they are related to legitimate brands. These “vacuum” bots snap up domains that lapse into the public domain for any reason. While this tactic existed in the past, it’s seeing a resurgence, especially in China.

The ‘Fake Shop’ Trend

The so-called “fake shop” is a new 2023 trend. Some fraudulent websites register domain names by linking a previous brand to a country name. These fake shops are counterfeit sites that deliver no product or service. They are near-perfect, semi-automated duplications of previously registered brand sites. The similarity of these contentious sites with legitimate ones creates almost inevitable confusion for consumers. In an effort to sidestep some alternative dispute resolution procedures, such as the UDRP (Uniform Domain Name Dispute Resolution Policy), by replacing trademarks within the domain name by a generic term, this new domain name infringement trend is more difficult to combat.

Click Fraud

Another trend for 2023 is “click fraud.” Click fraud is a type of fraud that occurs online within pay-per-click advertising. Website owners are paid based on the number of visitors who click on the ads in this advertising. Click fraud typically occurs on a large scale, with multiple links targeted and clicked multiple times, rather than just once. Malicious actors will obtain expired domain names or typosquat domain names that appear legitimate in order to entice users to click.

Identity Theft and Fake Merchant Sites

Identity theft and the creation of fake merchant sites are frequently seasonal, which means that fraudsters create contentious sites during tax or local fee collection periods, or during festive periods such as Christmas, Mother’s Day, or Valentine’s Day. This strategy targets both the B2B and B2C markets.

The fake merchant site is created in the name of a company whose official details are usurped. The credibility of these fake sites lies in the accuracy of the information concerning the merchant, such as the Siren, Siret, and VAT numbers, and in the usurpation of the company’s Whois data. This tactic is commonly used when legitimate businesses lack an online presence. Consumers who do not have access to the legitimate company’s official website believe the contentious site is authentic. To

Furthermore, fraudsters create fake Yellow Pages accounts, or official sites such as “Google My Business” or “societe.com,” and even fake reviews. The consequence of this practice is hefty as, beyond infringing on intellectual property rights and usurping companies’ identities, fraudsters scam consumers by never delivering the purchased products. This domain name abuse is severe since there’s both a monetary and personal data theft of the deceived consumers.

Identity Theft and Fake Orders

This practice consists in obtaining an undue merchandise delivery, in other words, diverting a product’s delivery. The perpetrators send an email that appears to be from a brand or company and requests large purchase quotes from sellers or distributors. Then they request payment for these purchases.

This method is especially dangerous since it can involve large amounts of money. Numerous elements give the appearance of an official site, lending credibility to identity theft. Fraudsters access official signatures and stamps from freely available online general assemblies, as well as recent financial statements, at least partially. Only the phone numbers and email are linked to the scammer.

Email Interception and Fake Bank Details

The most recent domain name infringement trend consists in redirecting a legitimate bank transfer to a third-party account. It is classified as a high-level attack because it primarily involves real estate and banking transactions.

The perpetrator begins by hacking the victim’s email. They monitor exchanges until they find an interesting transaction, identify related order discussions, and intercept a legitimate email during these exchanges. Then, they replace the legitimate email with a falsified one, modify the attached bank details, and send the email to the correspondent. Scammers use forged emails that look exactly like legitimate emails. Because of multiple exchanges in the victim’s email, the victim frequently misses the subtle email change, resulting in transactions that benefit the perpetrator.

Final thoughts

Consumers, companies, and owners of intellectual property are all affected by the recent rise in domain name infringement. Malicious actors can commit more difficult-to-detect domain name abuses thanks to increasingly sophisticated and cunning attack vectors combined with computer tool mastery. It is critical to exercise extreme caution when using the internet, emails, SMS, and even paper mail. The best way for businesses to protect themselves, their leaders, and their customers is to keep an eye on their domain names and put in place a policy and plan of action that takes this into account. Today, we talk about compliance strategy and domain names. If you have any questions, please do not be hesitant to get in touch with us.

To find out more, read our article New AFNIC Mediation Procedure: Fast and Free Dispute Resolution for Domain Name Holders

Generative artificial intelligence (AI) is a type of artificial intelligence system that can generate text, images, and other media.

The process of creating content with generative AI can be roughly divided into two steps:

– The initial source of inspiration is termed as the “input”. The generic creation is based on this initial data, either retrieved from data labelled by the user/creator of the AI or from data autonomously found by the AI, to subsequently produce an “output” or result.

 – From the initial data (input), the AI generates a model, infers rules, and then applies these rules. This is the output.

As a result, generative artificial intelligence raises concerns about the protection of both upstream content and downstream output.

Upstream protection for content processed by generative AI

In the upstream, intellectual property rights may be infringed upon if data is copied by AI and then used without permission. Indeed, there is a reproduction of copyrighted content (texts, images, sounds) to feed AI databases.

These contents, however, are protected by intellectual property rights. To legally feed AIs without prior authorization, the European legislator created an exception for “text and data mining,” which suspends the exploitation monopoly under copyright and related rights for data mining purposes. This relates to Articles 3 and 4 of Directive 2019/790 of the European Parliament and Council on copyright and related rights in the digital single market, which was adopted on April 17, 2019.

Data mining involves collecting data to transform them. There is a mining operation, which means algorithmic processing in order to interpret results. Nonetheless, these mining operations violate intellectual and artistic property rights.

Text and data mining can also lead to acts protected by copyright, sui generis rights on databases, or both, especially regarding the reproduction of works or other protected items, the extraction of content from a database, or both, which is the case when data is standardised during the text and data mining process.

The Directive 2019/790 establishes two mandatory exceptions for copying, i.e., two exceptions on reproducing content protected by literary and artistic property rights overall (texts, sounds, images, for all copyrights, related rights, and sui generis rights).

– Article 3 is a mandatory academic exception, benefiting research bodies and cultural heritage institutions performing mining for scientific research purposes, which right holders can’t oppose.

– Article 4, on the other hand, is an exception for all uses, regardless of the purpose (including commercial), provided that the copyright holder has not expressed opposition. In this case, the right holders can oppose even though the exception is mandatory. This may seem contradictory, but in reality, it’s the only possible balance between the rights of intellectual property right holders and the rights of those reproducing the data.

While data mining is currently allowed, the debate on the protection of content used upstream by generative AI to produce content is not over. Appeals are multiplying. For instance, in Europe, right holders are mobilising through “position papers” since the context between the drafting of Directive 2019/790 in 2018 and the time when generative AIs are booming in 2023 is very different. Compensation for intellectual property rights holders for the exception on data mining is now part of the considerations of intellectual property specialists working on the topic.

Protection of Content Generated by Generative AI

While robots were once considered passive tools, advances in artificial intelligence research have raised concerns about their role in the creative process. Indeed, these advancements sometimes attribute a significant role to them in content creation, raising questions about the protection of content generated by generative AI.

Under copyright law, the principle remains indifferent to merit (CJEU 1st March 2012, Football Dataco Ltd et al. vs. Yahoo! UK Ltd et al., Case C-604/10). Yet, it remains contentious to assert that generative AI can be the author of a work it produces.

This brings up the question: Is the appearance of a work tied to a regime? Should we accept protection for works generated by AI?

The European Parliament’s report from 27th January 2017 on recommendations for civil law rules on robotics suggested that copyright criteria should be adapted to accommodate these new AI-generated creations.

What’s crucial here is distinguishing between creations assisted by generative AI and those autonomously generated by AI.

If generative AI is used as a tool assisting creation, there’s no debate. The work is protected by copyright, with the affiliated rights belonging to the human creator. In this scenario, the work clearly reflects the personality of its human creator.

But what about the opposite scenario? Do we lean towards copyright or other paths (common law, special law)?

In 2018, the Superior Council of Literary and Artistic Property conducted an economic and legal analysis of the options.

The idea of AI as an author is ruled out today. To qualify as a work under the European Union law, it must meet specific conditions:

– There must be a human author.
– The work must be original.

Given these conditions, today’s perceived autonomy of AI is exaggerated as human involvement is essential. The idea of creating an “electronic personality” is rejected, as it might disrupt existing legal categories, leading to a legal chimaera. Without a human entity, the work can’t fulfil the originality criterion, which in France refers to the “imprint of the author’s personality” and similarly in the European Union, denotes an “intellectual creation unique to its author”, both necessitating a human presence.

The link to a human author in copyright law seems to be an international requirement
suggested by the Berne Convention.

If literary and artistic property rights are chosen, determining which specific rights apply (copyright, sui generis rights) becomes essential. Also, the definition of the author (indirect author, work without an author?) must be clarified.

Some argue no protection is required, and the “opt out” would fall under the “common by design” regime.

While awaiting legislation specific to works produced by generative AI, it’s worth noting emerging case law in this field. Notably, the US District Court for the District of Columbia’s decision in Thaler vs. Perlmutter on 18th August 2023, which ruled that copyright doesn’t apply to creations made by AI tools, even if they’re trained by human intelligence.

Such discussions on highly current topics raise genuine legal questions. The rise of new technologies requires the legislature’s keen attention and continuous updates to stay relevant. It’ll be fascinating to see future measures and laws adopted to further regulate these smart new inventions.

To find out more about generative AI, read our article Generative AI: Balancing Innovation and Intellectual Property Rights Protection or visit WIPO Magazine and Blog Modérateur.

Intellectual property (IP) litigation is a process used to resolve a dispute over the ownership or use of IP. It is a legal process that can be used to protect and enforce the rights of IP owners. IP litigation is an important tool for businesses, as it enables them to protect their valuable IP assets and to prevent infringement.

The most common form of IP litigation is patent litigation. Patent litigation is used to resolve disputes over the ownership of inventions and the rights associated with them. Patent litigation can help to protect businesses from infringement and can help to ensure that they have exclusive rights to their inventions. Copyright litigation is another form of IP litigation. Copyright litigation is used to resolve disputes over the ownership of creative works, such as artwork, literature, music, and software. Copyright litigation can help to protect businesses from infringement and can help to ensure that they have exclusive rights to their works. Trademark litigation is another form of IP litigation. Trademark litigation is used to resolve disputes over the ownership of trademarks and the rights associated with them. Trademark litigation can help to protect businesses from infringement and can help to ensure that they have exclusive rights to their trademarks. The benefits of IP litigation for businesses are numerous. IP litigation can help to protect a business from infringement and can help to ensure that they have exclusive rights to their IP assets. IP litigation can also protect a business from competitors by preventing them from misusing or copying a business’s IP assets. In addition, IP litigation can help to protect a business’s reputation and to ensure that their products are not associated with competitors. IP litigation can also help to protect a business’s investments. IP litigation can help to ensure that a business’s investments are not wasted by competitors who are infringing on their IP rights. IP litigation can also help to secure a business’s investments by preventing competitors from misusing or copying their IP assets. IP litigation can also help to protect a business’s revenues. IP litigation can help to ensure that a business’s revenues are not lost due to infringement or misappropriation of their IP assets. IP litigation can also help to protect a business’s revenues by preventing competitors from copying or misusing their IP assets. Finally, IP litigation can help to protect a business’s future. IP litigation can help to ensure that a business’s IP assets remain valuable and can help to prevent competitors from taking advantage of them. IP litigation can also help to protect a business’s future by preventing competitors from misusing or copying their IP assets.

In conclusion, IP litigation is a valuable tool for businesses. IP litigation can help to protect a business’s valuable IP assets, can help to protect a business’s investments, can help to protect a business’s revenues, and can help to protect a business’s future. IP litigation can help to ensure that a business’s IP assets remain valuable and can help to prevent competitors from taking advantage of them.

We offer our clients a dedicated and unique experience of expertise that is necessary for the exploitation of intangible assets.  We will also endeavor to keep you informed and up-to-date about intellectual property and digital economic issues through our articles and newsletters written by the Dreyfus Legal Team.

The European Union (EU) is one of the most technologically advanced areas in the world, and as such, it is important that businesses remain compliant with all applicable IT laws. This article provides an overview of some of the key regulations that all companies should be aware of to ensure they remain compliant with the latest IT laws in the EU.

The EU General Data Protection Regulation (GDPR) is one of the most important pieces of legislation in the EU. It sets out the rules that companies must follow when processing and storing the personal data of EU citizens. Key elements of the GDPR include the right for people to access the data that companies hold on them, the right to be forgotten and the right to data portability. Companies must also ensure that they are transparent about how they are using personal data and must have appropriate measures in place to protect it. The EU Network and Information Security (NIS) Directive is another key piece of legislation. It sets out the requirements for organizations that operate “essential services” such as energy, transport, healthcare and banking. The Directive requires these organizations to take appropriate measures to protect their networks and information systems from cyber-attacks. This includes ensuring that they have appropriate security policies and procedures in place, as well as measures to detect, report and respond to cyber-attacks. The EU Digital Single Market Strategy is a set of rules designed to ensure that businesses can operate freely and fairly in the digital world. It includes measures to make sure that digital services are not subject to unreasonable restrictions, that businesses can compete on a level playing field, and that consumers have access to a wide range of digital content and services. This includes ensuring that copyright laws are respected and that online content is not blocked or filtered unnecessarily.

Finally, the EU e-Privacy Directive sets out rules for the use of cookies and other tracking technologies. Companies must inform users about how they are using cookies and must obtain the user’s consent before using them. Companies must also ensure that any information collected through cookies is kept secure and is only used for the purposes for which it was collected.

We offer our clients a dedicated and unique experience of expertise that is necessary for the exploitation of intangible assets.  We will also endeavor to keep you informed and up-to-date about intellectual property and digital economic issues through our articles and newsletters written by the Dreyfus Legal Team.