Short Domain Names Threatened by Proposed Policy on IGO Dispute Resolution Procedure

« ICANN staff has published a draft report on dispute resolution procedures for IGO (inter-governmental organization) domain names. This proposal has deep flaws and should be rejected by the community, as it does not have the balance and protection of registrant rights present in the existing UDRP.

Initially, the proposed policy would apply to new Top-Level Domains (TLDs), but via a Policy Development Process (PDP) it could be extended to existing TLDs.

Under the current UDRP the rules state that:

4. a. Applicable Disputes. You are required to submit to a mandatory administrative proceeding in the event that a third party (a complainant ») asserts to the applicable Provider, in compliance with the Rules of Procedure, that

(i) your domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights; and

(ii) you have no rights or legitimate interests in respect of the domain name; and

(iii) your domain name has been registered and is being used in bad faith.

In the administrative proceeding, the complainant must prove that each of these three elements are present.

I’ve emphasized above the words and and each. Contrast this with the language in the draft report for IGO dispute resolutions:

4. a. Applicable Disputes. You are required to submit to a mandatory administrative proceeding in the event that an International Intergovernmental Organization (IGO) (a complainant ») asserts to the applicable Provider, in compliance with the Rules of Procedure, that

(i) the registration or use, as a domain name, of the name or abbreviation of the complainant that has been communicated under Article 6ter of the Paris Convention is of a nature:

(a) to suggest to the public that a connection exists between the domain name holder and the complainant; or

(b) to mislead the public as to the existence of a connection between the domain name holder and the complainant; or

(ii) on the ground that the registration or use, as a domain name, of a name or abbreviation of the complainant protected under an international treaty violates the terms of that treaty.

In the administrative proceeding, the complainant must prove that any of the elements (i)(a) or {i)(b) or (ii) – is present.

Notice that in the proposed policy, the domain registrant (respondent) has much weaker protection compared to the UDRP because the complainant need only prove a single element is present. If one is for the rights of registrants, then this proposal is clearly preposterous, especially for registrants of short domains (2 to 5 characters in length) which may randomly collide with the acronyms of IGOs.

Under this draft policy, the existing registrant would not even be able to argue that the domain name was registered in good faith, or that they had a legitimate use of their own that is entirely unrelated to that of the complainant. The existing registrant might even have a trademark of their own (e.g. AOL, who owns the short AOL.com as well as AIM.com), but that could not be used as an affirmative defense. Under the UDRP, a complainant would need to show that a domain was registered and used in bad faith, but element 4.(ii) of the proposed policy is much less balanced, allowing the complaint to theoretically succeed only on the basis that an abbreviation of the complainant is identical to that of the registered domain name. This is a recipe for mass reverse domain name hijacking of short domain names by IGOs. Many businesses, individuals, law firms, non-profits and others legitimately own short domain names that have nothing to do with IGOs, yet these domain names would potentially be at risk under this proposed policy, especially if it was extended to existing TLDs like .com or .org.

To pick some random examples from a list of IGOs (a further problem is that there exists no authoritative list of ALL IGOs!), the Economic Commission for Europe has an abbreviation of ECE-if the policy was adopted for .com through a PDP, what would be the defense of ECE Projektmanagement G.m.b.H. & Co., who happens to own the ECE.com domain name? The draft policy would not allow them to argue they have a legitimate use for the domain name (to reflect their own company name since 1965!), like the UDRP permits. The draft policy would not permit the current owner to demonstrate that they registered the domain name in good faith, and are using it in good faith for activities totally unrelated to the Economic Commission for Europe. Similarly, what would be the defense of the Independent Film Channel, who owns IFC.com to make it easier for repeat visitors to their website and reflecting their own identity against a theoretical complaint by the International Finance Corporation (an IGO that is part of the World Bank Group)? Would ICO Global Communications, a satellite company, be able to fend off any reverse hijacking attempts by the International Coffee Organization who might covet their ICO.com domain name?

The impetus for creation of this policy was jurisdictional, namely that IGOs don’t want to face the jurisdiction of any national court, like they would under the existing UDRP. This is delivered in spades by the proposed policy, as the only appeal process (4.i, Availability of Arbitration Procedures ») is international arbitration. The courts of the registrant (or that of the registrar) are no longer an option. This should be a scary proposition for any registrant, that their domain name can be essentially expropriated with extremely limited rights to due process by international agencies. A registrant in the USA or Canada or Mexico or any other country would not be able to appeal a poor decision in their courts, following their own laws.

IGOs already have their own gTLD, .int, yet it seems they want an even larger land grab if this draft policy was adopted.

In conclusion, this draft policy is very poorly written (unless you’re a covetous IGO), and threatens to permit mass reverse hijacking of short domain names, with limited recourse. I propose at a minimum that the draft policy be amended to compel the complainant to prove bad faith registration AND use of the domain name, like the UDRP, and to permit the respondent to create an affirmative defense that they do have their own legitimate rights or interest in the domain name. This would add balance to the policy, and limit the ability of reverse domain name hijacking to occur. With the use of appropriate Sunrise procedures for new TLDs, the need for any specific policy for IGOs is lessened.  »

Source CircleID

  • Post category:calendrier