Protecting brands and trademarks on the internet
With increased penetrating online presence, companies become susceptible to different forms of online infringement and brand abuse, such as sale of counterfeit products through the internet and malpractices employed in SEO, unsolicited email, phishing, cybersquatting, brandjacking, etc. Web identities are fluid and can be morphed any time, leaving right-holders in the lurch when it comes to securing solid evidence against the infringers. This article talks about how you can protect your brand and trademark online.
With the rise of the internet traditional brick-and-mortar businesses found a viable tool to expand their reach on a virtual platform that was not only open, unregulated and versatile but had gigantic potential in terms of how companies could utilize their resources and key strengths.
Online presence is now perceived as a natural extension of, and integral to the business expansion strategies of companies. Most corporations do that by setting up a website that highlights the firm’s business objectives, goals and its products/services. This content is usually hosted on a second-level domain name that is purchased through one of the commercial service providers (called registrars) dealing in buying and selling of domain names – for example, GoDaddy, Network Solutions, etc.
However, with this penetrating online presence, companies are also susceptible to different forms of online infringement and brand abuse, such as sale of counterfeit products through the internet and malpractices employed in SEO, unsolicited email, phishing, cybersquatting, brandjacking, etc. Web identities are fluid and can be morphed any time, leaving right-holders in the lurch when it comes to securing solid evidence against the infringers.
Online brand abuse of this nature can land business owners in scandals and messy legal disputes, with consumers leveling allegations against the legitimate brand-owners for defective products, faulty services, etc. Faced with such a situation, it is no more feasible for companies to solely reply on traditional trademark protection laws and strategies to protect their brands; a holistic and robust trademark protection strategy needs to be established in place to support regular legal IP mechanisms to tackle such unpleasant scenarios.
Domain Name as a Trademark and the need for Protection
A duly registered domain name can not only act as a navigator for your website, but can be the “virtual face” of your business, enable worldwide accessibility of your products and services, and also protect you from unauthorized use of your domain name by third parties.
It does need to fulfill certain criteria to be registered though; just like trademarks, a domain name must be unique so as to distinguish and identify your goods/services from that of other companies, must not be ambiguous, and may even be peculiarly unique from other well-known trademarks on the internet so that it does give rise to confusion, mistakes, deception, etc. It must also, like a regular trademark, not be one that violates public order or morality. The rising significance of domain names being recognized at par with trademarks was observed by the Supreme Court of India in Satyam Infoway Ltd. vs. Sifynet Solutions Pvt. Ltd.
Domain name consists of an Internet Protocol (IP) address, where the name portion of the domain name is called the Second-Level name, to be created or chosen by the applicant/entrepreneur. The end portion of the domain name is termed as the Top-Level Domain (TLD), and is further categorized into Generic Top-Level Domains (gTLDs) and the Country-Code Top-Level Domains (ccTLDs). Currently, some of the TLDs popularly is use are .com; .org; .net; .gov; .in, etc.
Recognizing that the internet was fast getting saturated with these regular domain names, the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit organization overseeing management of internet domain names, took the decision to add more top-level domains, and subsequently on January 12, 2012 it invited applications for new generic top-level domain names. These new applications include terms such as .marketing; .search; .app; .social; .chevrolet; .toshiba; .law; .tickets; .cafe; .bridgestone and many others making up the 1,930 applications received by ICANN.
As more and more people flock to get their domain names registered and the possibility of the same being approved looms large, online abuse instances under these thousand and so domain names will also rise exponentially. In addition to the woes listed in the beginning of this article, there arises major concerns of spamming, spoofing and a host of fraudulent activities that can take place using one of these newly launched domain names.
Some of the most prominent online brand and trademark protection approaches have been discussed below:
Protection Strategies
1. Register your trademark in the Trademark Clearinghouse – The Trademark Clearinghouse, a new addition with the introduction of the ngTLDs, can act as a watch device on behalf of ICANN of owners holding registered trademarks (the use of which has been proven) by notifying the third-party applicant of second-level domain names identical to the one registered in the TMCH, and if the applicant still wishes to go ahead with the process, the brand owner shall be notified, following which the trademark owner can take appropriate action.
2. Register Your Domain Name Pre-emptively – This is one of the best ways to prevent someone from registering a brand as a domain name under the new ngTLDs; brand owners can typically partake in sunrise periods ranging between 30-60 days by registering domain names identical to trademarks in the Trademark Clearinghouse on a priority basis. This certainly gives brand owners a definitive advantage over the general public.
3. Monitor Domain Name labels – It is important to monitor infringing domain names closely; infringers intentionally indulge in typosquatting (intentionally spelling a trademark wrong or inserting a typographical error in a domain name) to draw traffic to their websites.
4. Register all TMCH registered trademarks under the domain protected marks list – The Domain Name Protected List (DMPL), a blocking service initiated by Donuts that applied for more than 300 ngTLDs, by which brand owners can reserve their marks under the list. So any new domain name sought to be registered with an identical second level domain name of a registered trademark of a brand owner under DMPL will be instantly blocked.
5. File UDRP actions against infringing domain names – The Uniform Domain Name Dispute Resolution Policy (UDRP) that will now govern dispute proceedings under the gTLDs, can force transfer of a domain name to a brand owner or even cancellation, should the complainant succeed in the proceedings. The time frame of resolving such disputes is less than three months and considerably less expensive than the traditional litigation process.
6. Take actions against infringing parties under URS – The Uniform Rapid Suspension, a cheaper alternative to UDRP can be resorted to; this however, will only lead the infringing domain name to be left in suspension (rendering it inactive and un-usable by anyone). If as a brand owner you are in a hurry for some sort of relief, this can be a good option.
In India, the National Internet Exchange of India (NIXI) governs management of domain names under the unrestricted domains (.in, co.in, net.in, org.in, etc.) as well as restricted domains like ac.in, edu.in, gov.in, etc. The arbitration procedure under INDRP (IN Domain Name Dispute Resolution Policy) is similar to that under UDRP and URS. Currently, the fee for filing a complaint under the same is Rs.30, 000/- plus a fee of Rs.2000/- for personal hearing (maximum two hearings).
General Protection Measures
1. Establish a Domain Name Policy/Procedure in place in your company – Having in place written policies/procedures pertaining to purchase and protection of domain names as well as their protection from abuse, is a must for companies. This will require the coordination of various departments/units within the company – the IT department, marketing, security, logistics and the legal units.
2. Register key domain names and register early – Companies should register only those key matches and common misspellings of the brands that are most commonly used and searched (.com, .net, .org), and those conducting business outside the U.S. or looking to do so in future must register domain names attaching the appropriate ccTLD (for example, .in for India). It is best to go for defensive registration than later get entangled in legal disputes over the same. Also, the earlier the domain name gets registered, better protection it receives. You can hire specialized services for the same who can work in tandem with your legal department to monitor any new desirable domain names as well to detect infringers.
3. Renew domain names timely – Companies must renew their domain names periodically; for core domain names (those featuring on the corporate website and the like) an automatic renewal system may be arranged. You could also purchase these domain names for a period of several years at a time.
4. Engage with customers directly through social media platforms and apps– These days it is common for celebrities and other high profile personalities to maintain public accounts on social media platforms, the same being Twitter, Instagram, Facebook, YouTube, etc. Companies too can borrow inspiration from the same and set up their official social media page so as to facilitate consumer interaction with the company directly.
Your social media page could list employee guidelines, updates on new products/services, keep a record of customer feedback (this could work both ways, though) and define their IP rights. You could do the same through mobile apps too; you only need to ensure the content featuring on the app does not violate any third-party rights, consistently showcases the use of your trademark and domain name and is technically updated and reviewed at periodic intervals.
Alternative Measures
Companies these days install and hire automated trademark monitoring systems and services that help prevent registration of confusingly similar or identical marks by third parties as well send across signals to such third parties about such trademarks being properly defended. Some businesses have surveillance mechanisms in place to monitor trademark use even by legitimate third parties right from the product development stage to the point of sale/distribution. All kinds of activities that may seriously hurt the reputation and integrity of the brand are monitored- advertising, marketing, defamatory statements in videos, blogs or any other social media platform, etc.
As a brand owner, where you suspect a case of cybersquatting, hacking/phishing or other forms of online infringement, it is necessary to conduct an in-depth investigation into the same. Collect all available evidence (from screen shots to content on the website and Whois records) and ensure such evidence demonstrates intention on the part of the domain registrant to-
i) Either sell, rent or transfer domain name registration to the trademark owner for substantially higher cost or a competitor
ii) Purposely misdirect web traffic by owning numerous domain names that are confusingly similar to that of a trademark
Before you set out to tackle the infringer, you must ascertain with the help of trademark attorneys the current status of your trademark (its strength and if it has been in continuous use) and the kind of protection it is covered under at the time.
You can either go for domain name acquisition (where a clear case of infringement does not exist) or send out assertive cease and desist letters where the domain registrant appears to be acting in bad faith (make sure you consult your attorneys when taking this step since it can involve issues of jurisdiction and cross-country laws may differ). You can resort to litigation where all other remedies have been exhausted or if the domain name at issue does not fall under the purview of UDRP.
As a “best protection measure” though, ensure that all communication regarding business should ideally be conducted through official emails (and not private ones), and change passwords at regular intervals and choose ones that are tough to crack and have no association with the user.