2017 – Perspectives on Cybercrime and Domain Names

cybercrimeWith the New Year upon us, we at FairWinds and CADNA are excited to see the many opportunities that technology will bring to businesses like yours during the course of 2017; but, at the same time, we—as you too must be—are concerned about recent incidences of criminal hacking and cybercrime, both state-sponsored and non-state, that are being reported with increasing frequency in world news.

It is now widely understood that a typo domain name, meant to look confusingly similar to a fundraising site for the US democratic party, was the means by which hackers accessed that party’s network and, some say, changed the outcome of the recent US presidential election.


Cybercrime on the Rise According to Recent Study

In our most recent study, we looked at how the practice of typosquatting is impacting top retailers and found an alarming amount of malicious content.

According to this study, 39% of the typos that garner traffic are delivering phishing, ransomware, and download malware via fast flux DNS, a dangerous website deployment system.  In my two decades of experience working with trademark owners, this is the first time that I have seen such a high rate of cybersquatted or typosquatted domains involved in the dissemination of malicious scams.

Scammers are using trademark-rooted domains to cause more harm than ever before, and their bolder cybercrime activities touch more than consumer retail companies and their customers.  We have observed the same worrisome trend in our analyses of similarly constructed datasets across virtually all industry sectors, but financial services and healthcare in particular.


Effective Approaches to Dealing with Cybercrime

While the problems are daunting, I know that we can do better to protect online audiences, as well as defend brands and profits.  One approach would be to develop policies that provide law enforcement and intellectual property owners with a better toolkit to combat these threats.  The CADNA organization is trying to do just this via its role as trusted advisor to relevant committees on Capitol Hill and is well positioned to advance anti-cybersquatting legislation now given the current environment in Washington.

Since policy solutions are macro and long-term in nature, a necessary, complementary approach to combating these threats is through well-considered and targeted enforcement.  When reviewing the daily tally of new UDRP decisions, I frequently see too many wasted dollars spent scooping up worthless, benign domains.  Brands can take care of the most pressing problems with far fewer actions through applying a data-driven analytical approach to limited, yet more effective, enforcement.


Will .FOX Guard the Henhouse?

Branded gTLDs offer a new, exciting method of combating cybercrime and bolstering consumer confidence in the internet because they symbolize the trust we have in brands. However, since more time is required for them to become universally known and understood, and because not all brands have their own secure space, it is important to support the aforementioned approaches to foiling cyber criminals’ plans to misuse brand names at the legislative and brand protection levels.


Cybercrime Protection Outlook for 2017 and Beyond

Despite the obvious challenges of increasingly sophisticated cybercriminals and perpetually inadequate corporate budgets to counteract them, there is reason for hope and optimism. CADNA’s policy agenda seeks to reduce instances of domain cybercrime as a whole through the development of stronger legislative defenses. In the meantime, FairWinds’ sophisticated brand protection strategies offer solutions to today’s acute problems.

We are working to make the internet safer. Will you join us?

The Luxury Watch Market and Trademark Infringement in New gTLDs


trademarkinfringementLuxury brands are typically very aggressive about protecting their brand names against incidences of online trademark infringement. Protecting their brand names from misuse is integral to maintaining their cachet, supporting their high margins, catering to their customers, and protecting against counterfeits. While the luxury watch market has suffered a downturn this year given lower demand from Hong Kong, there are signs of potential rebound, with increased sales in the UK and select areas of East Asia. We have no expectation of this affecting their critical brand protection activities, and the influx of new gTLDs has created a new realm of potential domain name registrations that these brands must take into account.

Given this starting point, we decided to conduct a study of key Swiss luxury watchmakers, with the goals of assessing (i) whether these brands were protecting their trademarks against infringement in new gTLDs to the same degree that they have been in legacy domains, and (ii) if they are not, whether cybersquatters had stepped in to take advantage of this lapse in trademark protection activity. This study looked at .COM and .CH, the country code TLD for Switzerland, to establish a baseline indicator of brand protection activity and extended beyond these two to look at .BOUTIQUE, .LUXURY, and .WATCH.

Luxury Watch Brands On The Defensive Against Trademark Infringement

For the most part, we found that luxury brands’ typically aggressive trademark infringement protection and defense strategies in legacy extensions held true across new gTLDs. Nearly half of the brands included in the study were found to have blocked avenues of third-party registration or registered themselves all relevant names. Thus, out of the 270 domain names we considered, only 6% were cybersquatted domains, while 73% were brand-owned. (The remainder were a mix of reserved by registry, owned by a different, though legitimate, entity, or available for registration.) Just 0.4% of infringement activity took place in .COM and .CH, while 5.6% was found across the new gTLDs considered. The “worst” extension in terms of infringement rate was .WATCH, although even there most brands have done a good job of protecting their names—there were only 10 cybersquatted domains.

New gTLDs and Trademark Infringement Defense Strategies

That said, there were some more concerning findings. Namely, the rate of mark infringement was found to be 14 times greater in the new gTLDs than in the legacy extensions. These infringements were largely benign, that is, did not feature malware or other malicious content; however, given the extent to which trademark rights protection mechanisms have been discussed with reference to new gTLDs, this difference is worth noting.

Why was there greater cybersquatting in new gTLDs? In keeping with our preliminary research questions, cybersquatting rates reflect either (i) ineffective trademark protection strategies on the part of these luxury watchmakers or (ii) opportunistic cybersquatters registering in available names. The explanation, at this point, is overdetermined. Certainly, not all mark protection strategies are equal. Top-performing in this regard include Breguet, Chanel, Rolex, and Panerai. Lowest-performing in this regard include Movado, Breitling, Ebel, and Audemars Piguet. Brands have had time to secure most significant names in .COM and .CH. Across the newer extensions considered, .LUXURY had the lowest incidence of cybersquatting and the highest registration prices, with registrars charging $433 at minimum—price is clearly a natural impediment to cybersquatting. In contrast, the new gTLD with the greatest amount of cybersquatting had a minimum registration price of only $20.

A Need for More Robust RPMs?

Luxury brands are clearly well-acquainted with the risk of online trademark infringement and have been generally proactive in protecting their marks in new gTLDs. Yet, cheap new gTLDs, in particular, do feature cybersquatting. Brands cannot register all potentially mark-infringing names—this would be too costly—and those scrutinized here have done a fairly good job, but there appears to be room for more robust rights protection mechanisms to be introduced.  While they are most needed across the cheaper new gTLDs, where registration prices do not pose barriers to cybersquatter registrations, more effective deterrents for cybersquatting are necessary across all TLDs.

Domain Name Management and gTLD Workshop Informs, Connects Brand Professionals

Managing Partner Josh Bourne welcomes brand professionals to the Beyond the Dot Fall Workshop, which focused on domain name management and new gTLDs.
Managing Partner Josh Bourne welcomes brand professionals to the Beyond the Dot Fall Workshop, which focused on domain name management and new gTLDs.

Effective gTLD and domain name management can be challenging.

Multiple internal teams are involved; there are relationships with registrars to manage; there are key performance metrics to measure and evaluate against company objectives; and, if a .BRAND or .GENERIC is involved, there is compliance with ICANN to monitor. Legal, IT, and marketing departments each play a role in ensuring that the right domain names are registered and renewed (and outdated ones are dropped)—all while staying within budget.

Given these challenges, brand professionals involved in domain name management need a community forum, a way to stay on top of best practices and discuss experiences with industry experts and corporate peers.

That’s exactly why FairWinds hosts events like last week’s Beyond the Dot Fall Workshop in Chicago. The workshop was the latest in an ongoing series of exclusive, information-packed events designed to help companies get more out of their investment in online real estate.

Sessions covered a variety of helpful topics, from SEO to domain name management best practices.

Companies in multiple industries including pharmaceuticals, 
consulting, insurance, technology, hospitality, finance and self-storage were are all in attendance. A common thread among the group was that the majority of companies own and are in the process of launching .BRANDs and, for some, .GENERIC gTLDs as well. 18 representatives from 14 national and international corporations participated in sessions that covered new gTLD and domain name management topics such as:

  1. What really impacts SEO and what you can expect when it comes to new gTLDs.

    There’s a lot of confusion and misinformation about how websites rank for search terms, especially when it comes to the role that domain names and gTLDs play. Legal and marketing teams also need to understand how they can help ensure that IT has everything it needs to support SEO efforts. This session was so popular that it ran overtime due to audience questions. FairWinds is working on a master guide to provide this valuable content to its clients. If you’re interested in receiving this valuable material, please email us

  1. How to run a new gTLD when you’re not in the business of running new gTLDs.

    How can these new TLDs be absorbed into your existing domain name strategies? How have companies successfully managed internal stakeholders? Internal communications? Decision-making? We broke it all down during a discussion with Abbott’s Dirk Hoerter, who detailed the company’s successful implementation of its new gTLD.

  2. Domain name management trends, updates, and best practices.

    From how gTLDs are doing to the steps brands should take to keep their domain name portfolios in shape going into the new year, we provided expert observations and analysis for attendees to consider and factor into 2017 planning.

Why Domain Name Management Events Are So Valuable to Brands

Feedback from this workshop and previous, larger Beyond the Dot conferences suggests that the most valuable sessions involved practical, expert advice that could be implemented AND plenty of time to interact with peers in a no-pressure, supportive environment.

“Corporations invest heavily in domain names, not only by paying annually for thousands of domain names, but also by devoting significant amounts of internal resources across legal, IT, and marketing functions to ensure that the right domain names are in the company’s portfolio,” explains FairWinds Managing Partner, Joshua Bourne.

“Now, companies that have their own .BRAND or .GENERIC are beginning to include the registrations in their gTLDs into their larger domain name management, policy, and tracking work streams. This isn’t a function that people go to school for, and the domain name industry is more focused on individual investors and technical issues than on brands.”

Bourne, who has been helping Fortune 500 companies dramatically improve their domain name portfolios for more than 16 years, strongly recommends staying connected with peers in other corporations to share best practices and also getting an external review from an independent, unbiased source. “Make sure that your interests are aligned with the person or company that is making recommendations to you,” he notes. “Domain name management is too important to turn over to a registrar, but often, too overwhelming to handle entirely in-house.”

Beyond the Dot 2017: Next Opportunity to Learn and Connect

At the request of the Beyond the Dot community of companies, FairWinds will host additional workshops and other regional events in 2017, beginning with a webinar in January.

A significant amount of valuable information related to gTLD and domain name management, including website migration tips, was shared during the sessions. That, combined with even more SEO information and tools, will be given to FairWinds clients in the form of an SEO Guide later this year.

If you would like more information on becoming a FairWinds client and gaining access to our SEO Guide, please contact us.

ICANN 57: First ICANN Meeting After IANA Transition

Beginning on November 3, the ICANN community will convene for ICANN 57, its 57th Public Meeting in Hyderabad, India.

There are two noteworthy facts about this meeting:

ICANN 57 will be held in Hyderabad, India.
ICANN 57 will be held in Hyderabad, India.

1) ICANN 57 is an Annual General Meeting, which means a longer schedule with additional agenda items that goes beyond ICANN’s basic policymaking work, and

2) The Hyderabad gathering will be the first ICANN meeting to take place now that the IANA transition has successfully been completed.

From a policy perspective, much of the agenda for ICANN 57 will be dedicated to furthering efforts that are already underway. This meeting will see the continuation of work to:

  • Develop policies that will govern future new gTLD application procedures,
  • Review rights protection mechanisms in all new gTLDs, and
  • Tackle a perennial ICANN topic, improving WHOIS information in the Domain Name System.


ICANN 57 Will Lay Groundwork for New Processes and Procedures

It is unlikely that any concrete policy developments that directly impact new gTLD owners or businesses in general will come out of this meeting.

However, each face-to-face engagement of the individual Working Groups tackling these important policy topics will lay the groundwork for future processes and procedures that will have a direct and tangible effect on those groups.


New “High Interest Topic Sessions” To Be Introduced at ICANN 57

In addition to this ongoing policy development work, ICANN 57 will also host eight separate “High Interest Topic” sessions that will cover subjects that are meant to be of interest to large swaths of the ICANN community, as well as to observers of ICANN who do not directly participate in its stakeholder groups or constituencies.

The introduction of these new types of sessions during the Annual General Meeting – which typically attracts more participants from outside the ICANN community than ICANN’s other two in-person gatherings each year – makes sense given the audience.

However, the broad-reaching scope of some of the topics, such as one session which will cover “The Domain Name System and Content Regulation” – will undoubtedly raise concerns among those who wish to keep ICANN’s remit narrow and out of the realm of content regulation.

It remains to be seen whether these sessions result in new mandates for ICANN to address a broader range of topics, or if they will instead end up being forums for interested stakeholders to engage in dialogue without a specific directive.

Strengthening Accountability Will Be A Key Area Of Focus

Finally, now that the IANA transition has been completed and ICANN’s contract with the U.S. Department of Commerce has expired, much of the work to position ICANN to function without DOC oversight has been completed.

However, there is still a good deal of work to be done on strengthening ICANN’s accountability mechanisms, something that community members have been diligently working toward since 2014.

ICANN 57 will involve more of that work, which is likely to continue well into the next calendar year.

Back to School: 5 UDRP Rules for Trademark Owners

shutterstock_314871770The UDRP is a useful tool for trademark owners, but it does not offer a blanket solution for every perceived infringement because of specific rules. Moreover, unsuccessful complaints can have negative consequences for the complainant and counsel in question.

“Complainants can misinterpret or misunderstand how the right to the freedom of speech, selection of judicial venue, or fulfillment of the UDRP’s criteria apply to their situation,” explains Steve Levy. “And losing a complaint means losing time and money. It can even result in a reverse-hijacking complaint against the trademark owner.”

In-house counsel, domain name administrators, and marketers should note the following UDRP rules when determining whether to file a complaint or not.


UDRP Rule 1: You Must Actually Be The Trademark Owner

Sometimes the reason for denial of a complaint is straightforward. Phillip Island Nature Park Board of Management Inc. v. The Trustee for the Langford Family Trust is one such case. Simply, the complainant did not have sufficient legal rights to the disputed domain name, churchillislandcafe.com.au.

In previous decisions, panels have held that entities cannot claim trademark rights related to a place “unless its geographical significance is shown to have been displaced by long and extensive use as a brand by a single trader in such a manner as to distinguish that trader’s goods and services from those of competitors.” While the complainant in this case had exclusive rights in relation to the management of Churchill Island, it did not sufficiently show that it had employed the name “Churchill Island” as a trademark. Rather, the respondents, under a lease from the complainant, operated their café under the name “Our Café @ Churchill Island” for five years, which was not found to represent “long and exclusive use of that name as a trademark in respect of café services” by the complainant itself. Further, whether respondents no longer have any rights to or legitimate interests in the disputed domain depends on an analysis of the lease— and the UDRP complaint is not designed to adjudicate contractual disputes.


UDRP Rule 2: Your UDRP Complaint Cannot Violate Free Speech

In other cases, the issue may be less self-evident, such as in Shaw Cablesystems v. Domain Admin/Whois Privacy Corp. This UDRP complaint case, which involved a seemingly defamatory domain name, <fuckshaw.com>, hinged on the question of bad faith, as judged by the panel.

For the complainant, who owned the mark “SHAW,” it seemed clear that the disputed domain was registered in order to “tarnish” its brand as the domain redirected visitors to a YouTube video criticizing Shaw Cablesystem’s business.

Unfortunately for the complainant, its assertion of bad faith was submitted without any supporting evidence. Without even an exhibit showing redirection of the domain to the relevant YouTube video, the panel found that the domain name’s content was in keeping with free speech rights.

Even though the SHAW mark was clearly the ‘salient feature of the disputed domain name even with the addition of the non-distinctive and generic word “fuck,” and the generic top-level domain (“gTLD”) “.com,”’ the complainant’s failure to show the panel how the respondent was using the domain in bad faith and why the respondent lacked rights and legitimate interests to the domain name was sufficient to lead to the case’s denial. Cases like this, where obvious mistakes are made by a brand owner’s representative, highlight the fact that UDRP complaints should only be filed by those with a depth of experience in this field of law.


UDRP Rule 3: Trademark Disputes Cannot be Resolved Using the UDRP

Another, less obvious case is NZ Manufacturing, Inc. v. Eric Snell. The domain names at issue were <stretchcordz.com> and <1stretchcordz.com>. Both domain names consist of generic words, though one of them is intentionally misspelled.

In this instance, the panel found that, at its core, this was a trademark dispute and, therefore, outside of the intended purview of the UDRP. While trademarks are at the heart of the UDRP, the policy exists to enforce established trademark rights against online infringements, not to resolve trademark rights disputes.

Here, the respondent filed for a cancellation of the complainant’s U.S.-registered trademark STRECHCORDZ on the ground of “genericness”—after the start of the UDRP complaint proceeding. Typically, the panel explained, had it “been only for the sole fact that a petition for [trademark] cancellation was filed […] after the initiation of the present proceedings, the Panel might have decided to proceed with reviewing the case under the Policy, as long as [the] complainant asserted that the acquisition and use of the domain names subject to this dispute were made in bad faith.” Yet, the panel found that the existence of respondent’s rights and/or legitimate interests, one of the three key criteria of the policy, turns on resolution of a legitimate trademark dispute. As a result, the panel chose to deny the case until further resolution of the respondent’s petition.


UDRP Rule 4: Bad Faith Use of a Trademark Name Must Be Provable

While complainants file cases on the conviction that their legal rights to a given mark permit them exclusive use of a domain name, the MakerPlace, Inc v. Michael Salmon case shows that a UDRP panel will enforce these rights only when trademark owners can prove ill intent on the part of the respondent.

In this case, the panel found that the disputed domain name was indeed identical or confusingly similar to the complainant’s mark and that the respondent lacked rights or legitimate interests in the domain name. However, the panel also found that the respondent had not used the domain in bad faith. As the respondent was a former employee/contractor (“agent”) of the complainant, he had registered the domain name on behalf of the complainant, but with personal funds.


The Golden UDRP Rule: Adhere to The Three-Part Policy

If you are a regular reader of this blog, then you will know that the UDRP complaint process is designed to be a more cost-effective, quicker approach to recovering trademark infringing domain names than traditional litigation. As such, the UDRP is based on a concise, three-prong policy:

  1. The disputed domain name is identical or confusingly similar to a name, trade mark or service mark in which the complainant has rights; and
  2. The respondent has no rights or legitimate interests in respect of the disputed domain name; and
  3. The disputed domain name has been registered and is being used in bad faith.

While the UDRP may be relatively straight-forward, all three points of the Policy matter greatly and must be met in order for a decision in favor of the cinant, as the above cases show.

Even if you follow all of the UDRP rules outlined above, it can be tricky to know if these points have been met and whether recent decisions support your decision to file or not. Often, the best way to avoid the wasted time and money of an unsuccessful complaint is to work with an experienced attorney familiar with the nuances of UDRP practice.

For more information about the UDRP and when it should, and shouldn’t, be used, please refer to our white paper on the subject, available here.

Online Brand Protection is No Game for the Olympic Brand

shutterstock_315555992Online brand protection is an ever-present concern for all name brands. Interestingly, in spite of the extra protections available to it, the International Olympic Committee (IOC) faces the same sets of challenges that we regularly outline in our UDRP-focused blog posts on brand trademark defense cases.  So, while the Olympics is primarily about athleticism, clearly, online brand protection and promotion have become an important part of the event too.


Online Brand Protection Isn’t Just For the Athletes and Sponsors

There are many “brands” present at the Olympics events, but they are not all the same in the eyes of cybersquatters.

Gold medal-winning athletes, such as Michael Phelps, Simone Biles, and Usain Bolt, are the victims of only very minimal infringement of their personal brands via cybersquatting in new gTLDs containing their names. According to our research, these athletes all have their official sites at .com, as do the major Olympic sponsors, some of which are also new gTLD owners, such as Samsung (.SAMSUNG), Bradesco (.BRADESCO) and Bridgestone (.BRIDGESTONE). For example, Michael Phelps’ name is registered as an address in .rocks, .xyz, , and .vip;  Simone Biles’ name is registered as an address in .ninja and .news; and Usain Bolt’s name is registered as an address in .land, .paris, .vip, and .xyz. Despite this, the athletes in question do not own any of these domains; fortunately, none of these domains show evidence of commercial use as the pages either don’t resolve or are simply parked with a standard homepage provided by the registrar. They’re registered, likely, in the event that the legitimate athlete might want to purchase these domains. Official Olympic Brand sponsors, meanwhile, predominantly publicize their Olympic affiliation at the event itself and not on custom websites, thus are not subject to any such cybersquatting.

On the other hand, the IOC’s concerns about online brand protection and promotion are more substantial.  Fearful of “ambush marketing,” that is, when entities not officially affiliated with another entity or event puts out unofficial or misleading information that suggests a legitimate commercial relationship—and a lucrative one at that—the IOC has become notorious for policing illegitimate use of its trademarked terms, which include “Olympic,” “Olympiad,” “Citius Altius Fortius,” “Paralympic,” “Paralympiad,” “Pan-American,” “America Espirito Sport Fraternite,” plus any combination of these terms.


Limits on Olympic Brand Hashtags Might Improve Online Brand Protection

The IOC is concerned not only with domain registrations containing their trademarked terms and related phrases, but also with misuse of these on social media, in written and photo form. Indeed, in the lead up to Rio, the IOC ruffled some feathers by announcing in a letter that “Commercial entities may not post about the trials or games on their corporate social media accounts” and that “This restriction includes the use of USOC’s trademarks in hashtags such as #Rio2016 or #TeamUSA.”  A Twitter search revealed that while other, recognizable brands obeyed this prohibition, both hashtags were nonetheless widely used by individual users not subject to the ban. Given that these individual users are not using these hashtags for commercial activity, their use of them is permitted in the United States, for example, under First Amendment free speech rights.


Special Online Brand Protection Tools Protect Olympic Brand

A typical brand pursuing reclaim of offending domain names will head to the World Intellectual Property Organization (WIPO) or other similar venue to pursue the Uniform Dispute Resolution Policy (UDRP), the IOC has unique tools at its disposal and to its advantage. These include:

  • A U.S. statute specific to them, the Amateur Sports Act of 1978, which also established the US Olympic Committee.
  • The 1981 Nairobi Treaty on the Protection of the Olympic Symbol, an international treaty administered by WIPO.
  • Specific national legislation that protects the Olympic brand trademarks, such as China’s “Regulations on the Protection of Olympic Symbols,” and the 1946 Lanham Act, which, while not specific to the Olympics, serves as the major federal trademark statute of law in the United States and therefore offers protection for the Olympic brand.

It is highly unusual for a trademark to have such special protection via a statue; the only other trademarks that receive similar treatment are the Red Cross and the Red Crescent names and logos.


Online Brand Protection Still a Challenge

Still, as with other brand owners, proving illegitimate and infringing use of a mark requires proof of commercial use. As an example, one individual has, over the years, registered some 150+ domain names based on city name/year combinations that sometimes mirror an Olympics event, such as the upcoming 2020 Olympics in Tokyo (“Tokyo2020.com”). The U.S. District Judge who ruled on this recent case dismissed most of the IOC’s claims as there was no explicit evidence that the registrant was using the domain names for “trade or to induce the sale of goods or services, or for use in commerce.”  Reminiscent of the rationale behind the controversial .SUCKS new gTLD, the registrant argued that the website was hosted solely to permit “A Balanced Discussion” on the event associated with the domain name in question.

The Olympic Games, a 121-year-old celebration of athleticism (while ancient, the first games held under the auspices of the IOC were in 1896), have been successfully commercialized over recent decades to the point where the Olympics brand is a highly valuable sponsorship opportunity for other companies. Though it may not be the stated purpose of the protective statutes, the practical effect of the statutes is clearly an enhanced ability of the various Olympic committees to derive revenue from these famous trademarks. In comparison, private companies, though lacking the benefit of such extraordinary trademark protection, are not left out in the cold and still have the usual enforcement tools at their disposal such as the UDRP, the URS, and traditional courtroom litigation.


Internet Governance Events of Interest: ICANN 56 and the 2nd GDD Summit

Shutterstock: Internet_Governance_and_PolicyThis week, ICANN is kicking off its second internet governance-focused public meeting of the year in Helsinki, Finland. FairWinds will be traveling back to northern Europe for the second time in two months, having also attended the Global Domains Division (GDD) Summit in Amsterdam this past May.

Like the May meeting, this meeting is also being billed as a “summit;” though, this time it is a summit focused purely on internet governance policy work. It will be shorter in duration that typical ICANN meetings and the agenda will set aside extended periods of time for policy development working groups to hold face-to-face meetings. This meeting will also feature for the first time “cross-community sessions,” which are designed to gather input from multiple parts of the community on policy matters. This effort appears to be an attempt to push back against the trend ICANN geared heavily toward in recent years, where the community is divided into silos and emergent policies are not shared across different divisions until later stages.

This new meeting format, along with the creation of “intercessional” meetings like the GDD Summit, reflects ICANN’s ongoing attempts to figure out how to deal with the influx of new stakeholders with increasingly diverse interests that have joined the internet governance community as a result of both the New gTLD Program and the IANA transition. In recent years, the three annual public meetings have become increasingly packed with various activities and initiatives beyond policymaking, resulting in schedule overload for many participants. The majority of those who participated in the GDD Summit reflected positively on the summit’s shorter duration and narrow focus on matters specifically related to gTLD registries and registrars; hopefully, the tighter policy focus of this week’s meeting in Helsinki will prove equally productive.

We’re looking forward to a great week and will report back with updates as needed. Please follow up with your FairWinds Consultant if you have any questions about this ICANN meeting and follow us on Twitter for information and insights from the ground.

Talking ICANN and New gTLDs at INTA’s 138th Annual Meeting

new gtldsICANN’s New gTLD Program has always been regarded with some degree of skepticism from the intellectual property community. After all, in-house counsels tasked with protecting trademarks online previously had to only consider a few legacy top-level domains like .com and .net as well as country code top-level domains like .de and .cn, whereas now they must take action to protect trademarks across hundreds of additional gTLDs.  At the International Trademark Association’s (“INTA”) 138th Annual Meeting, which took place May 20-25, 2016, the New gTLD Program was the focal point of one panel discussion, followed by a related Q&A session.

Moderated by Ellen Shankman of Shankman & Associates, the panelists included representatives from registries and registrars alike, including Blacknight Solutions, ICM Registries, Amazon and Google. While the perspectives and opinions shared by panelists varied somewhat, there were a few points of agreement amongst both those speaking and those in the audience.


The Continued Relevance of Domain Names 

First, and perhaps most importantly, the panelists indicated that domain names remain relevant. In an age where mobile browsing and apps are increasingly common, domain names still operate as universally understood digital signposts. Whether you are a giant multinational or a small business, having the right domain name(s) gives you a strong digital foothold upon which to build platforms, create content, and conduct business. In addition, there are still plenty of chances to innovate with domain names, as illustrated by the introduction of IDNs and the acceptance and adoption of new gTLDs.


The Importance of ICANN Participation

Second, participation in the ICANN policy development process is paramount for IP and trademark holders. Panelists explained that certain results of the first round of new gTLD expansion – like the relative ineffectiveness of the URS, or the overly complex and overpriced defensive registration measures – came about because the intellectual property community was not successful enough in pushing ICANN to adopt acceptable measures of IP protection.


Judging the New gTLD Program

Finally, ICANN’s new gTLD program is far too young to be judged definitively, particularly when discussing .BRANDS. Despite over 18 million registrations in new gTLDs, there are just over 2,500 registrations across the 330 .BRANDS that have gone live so far. Coordination across multiple internal teams – IT, legal, and marketing, as well as other partners or affiliates – means that developing a strategy for rolling out .BRANDS can be a lengthy process. A far more appropriate point to make a judgment on the Program will be in two or even four years, once adoption of .BRANDS has increased and we better understand their effects on search.



Based on the topics discussed and advice shared by the panelists, domain names remain as important as ever. However, improving online trademark protection mechanisms will only happen if the IP community increasingly participates in ICANN’s policy development processes. For those interested, an excellent way of joining the discussion is contributing to the ongoing review of rights protection mechanisms for new gTLDs.



Beyond the Dot 2016: Chicago

BTD Logo - Date - Cropped



8:30am – 9:00am
Breakfast & Networking


9:00am – 9:45am
Overview & Introductions


9:45am – 11:00am
SEO: Realities, Fictions, and Practical Tips


11:00am – 11:15am
Coffee Break


11:15am – 11:45am
Cross-Functional Success: Forming & Running a gTLD Council


11:45am – 12:00pm
Corporate Use of Domain Names Today 


12:00pm – 1:00pm

A Look at New Online Banking Trends: .BANK & .BRANDs

online banking trendsThe financial services industry is in the midst of a “digital disruption.” As consumers increasingly turn to online portals for their banking needs, banks—especially those in China—are experimenting with an array of new financial services technologies known as “FinTech.” These technologies are designed to more securely and efficiently serve banking customers’ needs and enhance their online banking experience.

In this post we take an in-depth look at one type of FinTech—the new gTLDs .BANK and bank-owned .BRANDs—that is being used by financial services institutions around the world. We also discuss some critical and timely steps that banks need to consider with regard to their use of these new domain extensions.


New Online Banking Trends: .BANK and Its Mission to Create a Safer Online Space

Back in 2012, the fTLD Registry submitted an application for .BANK, a community gTLD.

The fTLD Registry is a coalition of banks, insurance companies and financial services trade associations from around the world. They are unified in their goal of providing an online space governed in the best interests of banks and their customers.

Per the application, .BANK’s goals include:

  • Becoming the “consumer’s choice for information about the banking industry,”
  • Serving as “a model or template for trusted online commercial transactions” for the community, and
  • Providing an innovative online space for the industry.

It is fTLD’s claim that by using .BANK, verified members of the financial industry will be empowered to provide higher levels of security and technology to support their business services.

 Today, there are well over 5,000 .BANK domain registrations, 3,236 of which have been delegated into the root zone.

Those utilizing .BANK are mainly smaller banks and financial institutions. For example:


Big Banks and their .BRAND Initiatives

Although bigger banks—that is, those that rank at the top of the list of commercial banks by their asset size—have only a relatively small presence in .BANK , they have invested in the New gTLD Program and acquired branded top level domains. By mid February, among the 94 active .BRANDs, 16 were from the financial industry.

These include, interestingly, a number of foreign financial institutions, for which new gTLDs may offer yet another new and exciting element of enhanced customer engagement—domain names in languages other than English.

Here are some examples:

1. Shriram Group

Shriram Group is an Indian financial conglomerate with 40+ years experience. Its business is mainly operated in India and covers banking, insurance, and real estate.

Currently, the conglomerate has some of their different business units registered under the .SHRIRAM umbrella, such as:


China’s biggest financial conglomerate was among the earliest adopters of .BRANDs. Both .CITIC and .中信 (CITIC in Chinese) are activated and house content.

Like Shriram, some of CITIC’s different business units have corresponding second level domains in .CITIC and .中信.
As the major sponsor of Guo An Football Club, CITIC Group also hosts the team’s website at .CITIC (http://www.fcguoan.citic and http:// 国安足球俱乐部.中信). The team is the highest-ranked soccer club in China and counts tens of thousands of fans, ensuring that a broader audience learns about and interacts with the .BRAND.

In total, .CITIC and .中信have a considerable 403 second-level domains registered, making it the most used among activated .BRANDs.

3. BNP Paribas

BNP Paribas is the world’s fourth largest bank and is also among the earliest adopters of .BRANDs, leading the way in online banking trends.

The bank has developed and hosted many functional sites at .BNPPARIBAS since its launch last July. For example:

4. Barclays

Barclays UK is unique among bank .BRAND registries, having fully migrated to its new extensions .BARCLAYS and .BARCLAYCARD.

As stated in their press release, Barclays is taking advantage of these top level domains for the full range of advantages they provide: “This clarity [of indicating to customers that they are engaging with a genuine Barclays site], along with the advantages of controlling our own online environment, enables us to provide an even more secure service, which we know is of utmost importance to our customers, and ultimately serves to increase trust and confidence in Barclays’ online entities.”

Big American financial institutions, in addition to French, Chinese, U.K., and Indian entities, are also riding this online banking trend and investing in .BRANDs.

We expect to see some U.S.-based registry operators from the industry launch .BRANDs in coming months. These include:

  • Citigroup, with .CITI and .BANAMEX;
  • Capital One, with .CAPITALONE;
  • EverBank, with .EVERBANK;
  • JP Morgan, with .JPMORGAN and .CHASE; and
  • .BRAND TLDs for credit cards .DISCOVER and .VISA. 

The Future of Online Banking Trends: Where Will .BANK and Banks’ .BRANDs Be In 5 Years?

New gTLDs are just one part of the ongoing digital disruption in the financial services industry, but depending on how registrants and registry operators make use of their new gTLDs, they could come to play a significant role in banks’ online reorientations.

.BANK and .BRANDs have demonstrated their appeal to thousands of registrants within the banking industry. Still, sites at these new top level domains have, by and large, not yet shown their potential as an essential part of banks’ new digital strategies.

We believe that these new domains can successfully be built out as trustworthy banking destinations for their consumers, and, as a result, become integral to banks’ marketing and operations. But, in order for them to realize this goal, several steps need to be taken along the way:

  1. Brands must build a council that engages internal stakeholders, who are relevant to the implementation of the .BRAND, in order to get internal buy-in, build up technical capacity, and lay out a long-term migration plan and marketing strategy.
  2. Such a council must then create a plan to gradually migrate over to the .BRAND site and offer full functionality at this new online destination
  3. Marketers among this council must focus on educating consumers, especially online banking customers, about the .BRAND and its safety and security features.

A full-scale move over to new gTLDs, as Barclays has shown, need not take years. However, adopting all these additional safeguards and promoting new gTLDs through targeted marketing could be a several-year long project, depending on the internal resources available to their owners

ICANN 55 Kicks Off in Marrakech

The global internet governance community has gathered in Marrakech, Morocco, for ICANN 55. Although much of the agenda of this Public Meeting will yet again be dominated by the topic of the IANA transition and enhancing ICANN’s accountability, with the community pushing to finalize the accountability recommendations by the meeting’s end, a number of additional items of interest to brand owners and new gTLD operators will be discussed and worked on.

Operational Items for New gTLD Owners at ICANN 55

At the time the Marrakech meeting convenes, just shy of 930 new gTLDs have delegated, with some having been in operation for two years or more already. While a few hundred strings still need to progress through the remaining stages to become part of the Internet, by and large the focus at ICANN meetings has shifted to operational matters impacting new gTLDs once they are up and running – both .BRANDs and .GENERICs alike.

At ICANN 55, we expect to see additional progress toward finalizing some changes to the New gTLD Registry Agreement, a process that was initiated in July 2014 and has unsurprisingly required concessions both on the part of ICANN’s legal team and Registry Operators. While many of the changes amount to clarifications, the exercise has been an important first step in opening the door to potential future terms negotiations.

ICANN is also in the process of finalizing, with the input of Registry Operators, an Advisory to clarify Specification 11 3b of the Registry Agreement, which stipulates that Registry Operators must periodically conduct tests to determine whether their gTLDs are being used to perpetrate security threats like malware, phishing, and botnets. This clause was added to the Registry Agreement as the result of GAC Advice, but ICANN has yet to communicate specifics about the contractual requirements to Registry Operators. This Advisory aims to give Registry Operators much more clarity in how to comply with this clause, and the Marrakech meeting will be an opportunity to further refine the details of the Advisory before it is made public.

Finally, ICANN’s very own version of the Never-Ending Story: the release of two-letter domain names. On the heels of a recent update from ICANN’s staff about the next steps in the process – where Registry Operators will need to submit planned mitigation measures in response to comments received from governments – Registry Operators are expected to take time in Marrakech to begin discussing and potentially coordinating how to approach these mitigation measures.

Work Progresses on ICANN’s Next New gTLD Program Round

Despite the focus on operational matters related to the current round and the broader topics of the IANA transition and ICANN accountability, the policymaking work toward a second new gTLD round marches onward, both up to and during the Marrakech meeting. Policy Development Process Working Groups have begun in earnest working toward both reviewing the Rights Protection Mechanisms from Round 1 and in creating policy to govern a subsequent round, both of which are critical steps to eventually open a new opportunity for organizations to apply for their own new gTLDs.

Stay tuned for updates from on the ground at ICANN 55.

Movies and New gTLDs: Trends and the Future of Film Online

As award season heats up with the Oscars happening at the end of the month, here’s a look at another “movie” garnering buzz online.

Since becoming available last summer, the new gTLD, .MOVIE has gained hundreds of new domain name registrations and has high profile registrations in each film genre, including:

  • Major Blockbusters: thehungergames.movie; thedivergentseries.movie
  • Critically Acclaimed: freeheld.movie; secretintheireyes.movie
  • Romance: thechoice.movie
  • Animated: normofthenorth.movie
  • Horror: theboyfanpremiere.movie
  • Comedy:  dirtygrandpa.movie
  • Drama: nowyouseeme.movie; asyouare.movie

However, not all film productions are getting the maximum benefit from new gTLDs. The eight films nominated for “Best Picture” at this year’s Oscars don’t use .MOVIE;  instead, the domains for the eight best picture nominees use one of two common structures, both of which can be adapted to the new gTLD space.

From Movie.com to .MOVIE

The first common structure is the use of the movie title with the word “movie” or “film” to better designate the site. Examples include theroommovie.com, madmaxmovie.com, thebigshortmovie.com, and spotlightthefilm.com. Movies often use this structure due to limits on the .COMs available for registration or conflicting websites of similar titles (e.g., madmax.com resolves to a motorcycle enterprise site).

To avoid potential confusion online and give fans a simple way to access the correct site, movie studios might consider using .MOVIE as a more effective domain name tool. Using the word “movie” may also help better market the site with shorter, more memorable names that are easily integrated into social media handles and initiatives. By opting for a .MOVIE name, films situate themselves in a legitimate space online that provides authenticity to the film business as a whole. 

From Brand.com to .BRAND

Another trend among the nominees is to eschew the practice of registering a dedicated domain name and instead just house the movie’s page under the studio’s existing URL structure. The remaining nominees follow this structure: foxmovies.com/movies/the-martian, foxmovies.com/movies/the-revenant, dreamworksstudios.com/films/bridge-of-spies, and foxsearchlight.com/brooklyn. Burying content under multiple pages within a larger site forces users to turn to search engines or other indirect tools of navigation, and does not maximize the visibility of the site online.

Instead, companies that want to underscore the connection between the film and the studio parent company – or simply rely on their own gTLD rather than an open string – may begin utilizing their .BRAND TLDs to directly associate their films to the overall distributor. A recent example came from Sony with the release of the new James Bond movie Spectre. To tie in the Sony Corporation to the film, Sony released assistmoneypenny.sony with games and interactive user content as a marketing tool to promote the film. .FOX also recently entered their testing phase with content on Nic.FOX. This structure allows the brand to stay tightly connected to the film in a way that is more easily accessible and noted by consumers (imagine TheMartian.FOX).

In all, .MOVIE provides a unique opportunity for the future of film online. The motion picture industry can form an online community where film-goers and critics alike can interact with movies. With competition from streaming services like Netflix (whose gTLD, .NETFLIX, is scheduled to go live in the summer of 2016) creating a need for innovation within the industry, gathering together under .MOVIE may be a step in confronting these challenges and garnering traffic online.