New gTLDs: report card for rights protection mechanisms

The start of the new year is appropriate for a performance review, so David Taylor, partner at law firm Hogan Lovells, assesses the popularity of the new gTLD sunrise periods and the progress of the UDRP and URS.

January 2015 saw the total number of domain name registrations across nearly 500 new generic top-level domains (gTLDs) reach four million. In the same month, about 400 new gTLD related complaints had been filed under the Uniform Domain-Name Dispute-Resolution Policy (UDRP) or Uniform Rapid Suspension system (URS). These figures give us the opportunity to consider whether we are seeing the high levels of cybersquatting many predicted, or in fact witnessing just a few unscrupulous third parties seeking to usurp brands and prey on unwitting consumers.

We can also ask the following questions. Are sunrise periods for brand owners proving as popular as they once were? How is the traditional UDRP coping? Is the new kid on the block, the URS, living up to expectations?

ICANN’s new gTLD programme inevitably provides a challenge to brand owners that requires a reconsideration of their intellectual property strategies online. The surprisingly high number (1,930) of applications received by ICANN was later reduced to 1,466, as around 400 were withdrawn and 68 rejected. The first new gTLDs were cleared to proceed on to the internet in October 2013. Since then several new gTLDs have launched, first to brand owners and then to the general public, every week throughout 2014. This will continue in 2015 and 2016 and, more than likely, in 2017.

At the turn of the new year 483 new gTLDs had been delegated, but there remain another 983 working their way through the ICANN new gTLD process. Of the 483 new gTLDs delegated so far, 352 have already announced sunrise periods; 321 of these periods are now closed.

Table 1 contains examples of new gTLDs that recently opened their sunrise periods.

Before we look at the rights protection mechanisms (RPMs) available to deal with registrations that appear to be infringing, it is worth looking at the sunrise periods themselves to see how popular they have been for defensively registering brands.

It is clear that new gTLDs are receiving far fewer sunrise applications than in previous TLD launches. We have gone from hundreds of thousands, to tens of thousands, to thousands at best, and hundreds on average. The principal reason is a change in brand owner strategy: choice was more limited before and the TLD launches were spaced out in time, rather than opening in parallel.

For example, for .eu, which launched at the end of 2005, the sunrise period had 346,218 applications. For .asia, the sunrise period for which opened in 2007, there were 30,780 applications, more than ten times fewer.

While there are a similar number of trademarks in the Trademark Clearinghouse (TCMH)—30,902—allowing participation in every new gTLD sunrise period, this is not translating into equivalent numbers of sunrise applications in each new gTLD. To date we are seeing very low numbers of applications being filed during each new sunrise period, generally in the hundreds in each new gTLD.

This is not surprising given a saturated market and the sheer number of new gTLDs coming online. It also shows that strategies have changed—they had to—and that brand owners are generally playing more of a waiting game, watching to see whether their brands are actually infringed in the new gTLD space.

It may also be partly due to another aspect of the TMCH: when someone wishes to register a domain name that matches a trademark in the TMCH, that person is alerted to those rights and he/she then needs to acknowledge those rights before completing the registration. This may be providing a deterrent factor to would-be infringers. The owner of any mark in the TMCH also benefits when a domain name that is identical to the mark has been registered, as the right owner is alerted to possible infringement.

Using protection

The mechanisms available to recuperate a domain name, other than court action or negotiation, are essentially two administrative procedures designed specifically for dealing with domain name infringement: the UDRP and the URS.

The UDRP has existed for more than 15 years. The main provider of the policy, the World Intellectual Property Organization (WIPO), in January saw its 30,000th complaint decided. The complaint was filed by online auction site eBay concerning 1,153 domain names, and was the second largest UDRP complaint ever. Mandatory for all gTLDs (including existing ones such as .com), the UDRP generally produces consistent results, although perhaps not as fast or cheaply as many right owners might hope.

"The URS and UDRP appear to be equally popular for complainants. Whether one should file a URS or a UDRP complaint needs to be considered carefully."

Before the new gTLDs launched, those in ICANN’s IP community thought that the UDRP would not be sufficient in a domain name system comprising hundreds and perhaps thousands of new gTLDs. As a result, the URS was created to assist right owners that encounter the most clear-cut cases of infringement.

The URS offers a lower-cost, faster path to relief than the UDRP, but it offers the suspension of a domain name as a remedy rather than a transfer. It is mandatory across all new gTLDs but does not apply to earlier gTLDs such as .com or .net. 

It includes a number of compromises in policy and procedure that seek to protect genuine registrants from inappropriate use of the URS, although some would argue that the URS is not as robust as it could be. In particular, looking at the numerous possibilities for registrant appeal, while they may counter the actions of an overreaching brand owner, the question is whether they will shelter a cybersquatter who is taking advantage of the procedures available, and therefore hinder the efficiency of the process.

For instance, when a respondent/registrant has been given 14 days to respond to a complaint but has failed to do so, the registrant can file a late response free of charge at any point in the following 30 days. That means a successful complainant still has to wait to see what the registrant may do in that month.

The remedy provided by the URS is a temporary suspension for the duration of the registration period, with the possibility of a successful complainant extending this. It can be thought of as a mini-UDRP, as it has the same substantive requirements but a higher burden of proof, requiring “clear and convincing evidence”. With a filing fee of $375 compared to $1,500 under the UDRP, the URS is certainly cheaper.

The first use of the URS was in a case brought by Facebook in September 2013, concerning the domain name facebok.pw, which Facebook later won. This was filed by the National Arbitration Forum (NAF), one of only two providers appointed by ICANN to operate the URS, the other being the Asian Domain Name Dispute Resolution Centre (ADNDRC).

Is the URS as robust as it could be? Only time will tell, but if one looks at the URS cases filed to date we have an indication of its usefulness. If we look at roughly the first year of its operation through to November 2014, there have been 195 cases filed with the NAF and the ADNDRC. More than 50% of those cases were defended, but the success rate for complainants stands at around 90%.

Only ten cases were appealed against. Of those three succeeded, thereby returning the domain names from suspended status. Domains that were successfully defended include finn.sexy, as ‘Finn’ is a common name. In some instances the registrant retained the domain name even though it did not file a response, such as in the case of branson.guru, where there was no evidence of fame or targeting.

If we look at the new gTLD-related UDRP cases filed over the same period, the total is almost identical to the number of URS cases, standing at 186 cases. When looking at WIPO figures alone, 45% of complaints have been defended, which is considerably higher than the typical rate of around 25%, but there was a success rate of 100% for complainants. 

At this stage the URS and UDRP appear to be equally popular for complainants. Whether one should file a URS or a UDRP complaint needs to be considered carefully. Factors to consider include the time available, the costs, the number of domain names, and whether or not you want the domain name(s) in question in your portfolio.

If a company is seeking to protect a core brand and the domain name points to an active website that may be a risk to consumers, or affects sales or goodwill, then I would tend towards filing a UDRP. But if it’s a ‘typo’ domain name or one of no or little interest, then the URS may be the appropriate way forward on a cost basis alone.

With the UDRP and URS, the number of cases filed via each procedure is presently fairly equal. The success rate via the UDRP is slightly higher, and that seems to be due in part to the URS having a higher burden of proof, resulting in some cases that are not so clear-cut being refused. Also, however, and importantly, one has to get the complaint right. This may sound simple but numerous UDRP filings are deficient when filed, and the complainant is given the opportunity to correct that deficiency. However, with the URS there is no opportunity to amend a complaint.

Many argue that the URS’s remedy of suspension rather than transfer is actually a ‘non-remedy’. However, not all brand owners wish to acquire and have to face the cost of managing typosquatted domain names that have no intrinsic value. The UDRP is arguably the appropriate mechanism in cases where the domain name is causing significant consumer harm, or lost sales or goodwill.

In any event the URS is the new kid on the block in terms of an enforcement tool and we will have to wait and see how successfully it is used, and whether it proves to be as effective as many hope. As it stands today it is a complement to the UDRP. In the future, we may see both the URS and the UDRP evolve and I wonder whether they may end up becoming more formally merged with one dovetailing into the other. Both are earmarked for review by ICANN. 

The January 2015 figures (four million domain names registered across 500 gTLDs) have given us some indication into the behaviour of registrants in the new gTLD space. In turn, the 400 complaints filed give us an idea of the abusive registrations being made. It is also clear that brand protection online has altered. At this stage brands are not defensively registering domains to the extent that they once did; and with fewer complaints than gTLDs, we have not seen the large scale cybersquatting many predicted.

But, having said that, brands have faced higher costs under the new gTLD programme, even with limited defensive registration strategies and a lack of cybersquatting. The problem of cybsersquatting still exists in its most basic form, as some third parties take advantage of the opportunity that these new gTLDs bring, and abusively register brand names. 

David Taylor is a partner at Hogan Lovells. He can be contacted at: david.taylor@hoganlovells.com