Some brand owners claim that domain-name registrars are making money from cybersquatters at the expense of legitimate brands -- and that ICANN isn't doing enough to stop it.
Sarah Deutsche is on a crusade against cybersquatters. As vice president and associate general counsel at Verizon Communications Inc., she has sued many businesses involved in the illicit activity. Along the way she has recovered thousands of domain names that play off of Verizon's brands. But what really irritates her, she says, is who the perpetrators are.
Deutsche says that all of the companies Verizon has sued for cybersquatting are domain-name registrars that have been accredited by the Internet Corporation for Assigned Names and Numbers, the organization that oversees the Internet's domain-naming system. "They pay a $4,000 fee to ICANN and it puts them in business," she says.
Cybersquatting -- the practice of abusing trademarks within the Internet domain-name system, often by registering domain names that exploit common misspellings or typographical errors in trademarked names -- isn't a new problem, but industry watchers agree that it's getting worse (see "Domain-name wars: Rise of the cybersquatters"). The growth in cybersquatting is intertwined with the rise of domain parking, in which domains are registered for the purpose of generating advertising revenue, and for future resale of the domain to the highest bidder.
While some "domainers" register generic names, others use names that exploit trademarked brands in order to attract traffic and generate ad revenue. In many cases, Deutsche alleges, registrars -- or businesses associated with those registrars -- profit either directly or indirectly from domain-parking sites that use variations on popular trademarked brands and generate revenue by stealing traffic away from brand holders' sites.
Intellectual property holders have started pushing back aggressively against cybersquatters and domainers -- and the domain registrars seen to abet them -- by filing either lawsuits or complaints with ICANN using the Uniform Domain Name Dispute Resolution Policy (often called UDRP) procedure for addressing domain-name brand abuse.
Chicago-based online auction site uBid Inc., for instance, recently sued The Go Daddy Group Inc. and its subsidiaries for providing domain-parking services that uBid claims infringe on its trademarks ( download PDF). Christine Jones, general counsel at Scottsdale, Ariz.-based registrar Go Daddy, says the case has no merit because the federal law known as the Anticybersquatting Consumer Protection Act applies only to registrants of domain names, not the registrars.
Go Daddy is not in the domaining business, Jones contends, although its customers may be. "We do have a small number of names, maybe a few thousand, that we use on a test basis, but we do not have a huge portfolio," she says. Go Daddy does not register domain names to monetize them, she adds.
But that practice is widespread and takes many forms, says Steve Metalitz, president of the Intellectual Property Constituency (IPC), an ICANN-sanctioned organization that advocates on behalf of brand owners. "Several registrars, including Go Daddy, have new registrations automatically resolve to a parking page if the registrant does not provide a server to which the name resolves," he says.
The money to be made from domainers has had a corrupting influence on some ICANN-accredited registrars, intellectual property holders say. Some turn a blind eye while collecting registration fees from cybersquatters, while others are actively involved in cybersquatting themselves, Deutsche claims.
Some registrars, for instance, offer services and automated technologies that domainers can use to monetize Web pages with pay-per-click advertising. "The technology exists to have an automated Web page appear almost immediately after registering a domain name, and have links on that page relative to a particular industry," says Doug Isenberg, an attorney The GigaLaw Firm in Atlanta. Those domain names may be legitimate, he says, but often they're not.
Verizon has pursued thousands of cybersquatters in court and says that registrars are at the center of the problem. "Most of the registrars had hundreds or thousands of names [specific to Verizon and its brands] in their portfolios," Deutsche says.
One of Verizon's biggest victories came last December, when it won a $33 million judgment against OnlineNIC Inc., which Deutsche says is the largest registrar in China. The company, which lists a San Francisco address on its Web site, had registered 663 domain names that were variations on Verizon brands, according to the complaint. Verizon was awarded $50,000 per domain name.
Also in Verizon's sights is Lead Networks Domains Pvt., a Mumbai, India-based registrar that Verizon claims actively solicits domainers and then protects their identities behind India's weak intellectual property laws. Not only can complainants not find out who the registrants are, Verizon contends, but Lead Networks has been known to file "phony lawsuits" that can tie up the UDRP process for years. It then negotiates a payment with the complainant for the domain name in dispute.
In February, after Lead Networks established a U.S. presence, Verizon sued. And Verizon isn't the only disgruntled intellectual property holder to have taken action against Lead Networks. In April, WIPO submitted a formal letter of complaint ( download PDF) about the company to ICANN, which says it is investigating.
Some intellectual property owners contend that ICANN has been less than prompt in responding to their complaints about registrars. "All the complaints to ICANN [about registrar misbehavior] have fallen into a black hole," Deutsche says.
ICANN may have sound policies in its contracts with registrars, but it "has been weak" on compliance, says Lynn Goodendorf, global head of data privacy at InterContinental Hotels Group PLC, which is based in Denham, England.
Paul Levins, vice president of corporate affairs at ICANN, disagrees on both counts. ICANN "is aware of the manner in which several registrars conduct their business," he says, noting that its auditors are investigating "a small number of registrars and their practices relative to implementing UDRP panel decisions."
In addition, ICANN has responded to complaints over the past year by beefing up its compliance audits of its 952 accredited registrars worldwide, Levins says. In that time, it has doubled the number of auditors from two and a half full-time positions to five, and it has decertified 10 registrars and put 10 others on notice. The vast majority of registrars are fully compliant with accreditation agreements, he says.
Part of the problem behind timely resolution of disputes, say critics of ICANN, may be that the registrars (which sell and register domain names) and registry operators (which administer top-level domains) provide most of ICANN's funding. "Ninety-three cents of every dollar that comes to ICANN comes from registrars. It gives them outsized control," says the IPC's Metalitz.
The vast majority of ICANN's funding does indeed come from registrars, Levins confirms. (ICANN receives about $22 million annually from registrars -- 20 cents per year for each of the more than 109 million registered domain names under the 16 generic top-level domains its registry operators administer.) But he says budgets are developed by a "community of interests," including the IPC, and are not unduly influenced by registrars. The process is "extraordinarily open to scrutiny," he says.
"If we were being influenced by registries and registrars, there's no way we could have gotten more teeth into our compliance efforts," he adds.
But critics say ICANN has let things slide in the past for its constituent registrars. For example, some domainers -- and registrars -- earned a bad reputation by taking advantage of an ICANN loophole that allowed the practice that became known as "domain tasting" (a practice that, for the record, Go Daddy openly opposed). Until ICANN changed its policy in December 2008, registrars and others could set up domains and not pay any registration fees if the order was canceled within five days.
In the interim they would monetize the site with ads and wait to see how well it did. The domainers would then buy the domain or simply keep registering and canceling it over and over again to avoid paying for it -- a practice known as "domain kiting."
Both practices trailed off dramatically last year when search giant Google Inc. stopped including sites less than five days old in its search results and ICANN changed the rules. But some organizations -- including registrars -- got away with this practice for years, says James Carnall, manager of the cyberintelligence division at Cyveillance Inc., a company based in Arlington, Va. that monitors cybersquatting and other brand-damaging online activities for corporate clients.
And other problems remain, Metalitz says. For example, many registrars run other businesses that host or own pay-per-click sites, some of which may be involved in cybersquatting. However, those relationships are not clearly spelled out in the accreditation contracts, he says. In other cases, registrars may use a post office box as an address, so tracking down the location where a registrar does business is difficult.
"Even basic things like that are not in place. That's a problem for law enforcement and trademark holders," Metalitz says.
The problem is twofold, says Peter Kjaer, a lawyer with toymaker Lego Juris AS, based in Billund, Denmark: Cybersquatting is lucrative, and offenders don't pay a high enough penalty if they're caught. Currently, if a trademark holder wins a UDRP complaint, then the cybersquatter simply loses the domain name. But the loser of such cases should pay all costs relating to the UDRP process, Kjaer says. "This would cause a significant decrease in infringing domain-name registrations by cybersquatters," he says.
However, ICANN has no power to enforce such penalties against domain-name registrants. Likewise, the World Intellectual Property Organization and other dispute resolution bodies that handle UDRP cases have no authority to take action against registrars or registry operators. ICANN can terminate accreditation for noncompliant registrars, but it needs to be able to mete out other penalties as well, Metalitz argues. "It's building up enforcement, but it has a long way to go," he says.
Copyright 2009 IDG Magazines Norge AS. All rights reserved
Postboks 9090 Grønland - 0133 OSLO / Telefon 22053000
Ansvarlig redaktør Henning Meese / Utviklingsansvarlig Ulf Helland / Salgsdirektør Tore Harald Pettersen