A few days ago, a client sent me an email asking me to weigh in on what domain names her company should register to correspond with its presence in markets in the Middle East. While she was planning to register the core brand name in the relevant ccTLDs, or country code top-level domains (Brand.ae for the United Arab Emirates, Brand.co.il for Israel, etc.), her distributor in the region had advised her that local Internet users tend not to direct navigate to domains in their ccTLDs. Instead, she said that consumers typically type in the brand name followed by “ME” in .COM. So, the distributor advised, our client should register BrandME.com.

The client asked me if I agreed that this was a common practice, and if other major brands followed this naming convention. To my knowledge, it was much more common for brands to stick with ccTLD domains. Off the top of my head, I couldn’t think of any big brands that follow the BrandME.com practice my client had described. But it sounded interesting, so I wanted to look into it further.

I decided to take a sample of the biggest brands and see whether or not they used BrandME.com domain names. For a quick reference, I looked at the top 20 brands on Interbrand’s Best Global Brands of 2011 list.

Of those 20, I found that only four owned their BrandME.com domain names: Coca-Cola (Coca-ColaME.com, but not CocaColaME.com or CokeME.com), Google (GoogleME.com), McDonald’s (McDonaldsME.com), and Disney (DisneyME.com). Of those four, only two, McDonald’s and Disney, actually direct those domains to content. McDonaldsME.com redirects to McDonaldsArabia.com; DisneyME.com displays Disney content in English.

Of the other 16, some brands’ BrandME.com domains had been registered by third parties. Most pointed to Pay-Per-Click ads or parked pages. Others did not resolve to content. The rest of the BrandME.com domains were not currently registered.

Because the client is a cosmetics company, I checked about five other cosmetic brands’ BrandME.com domains as well. None resolved to brand content. In fact, none resolved to content at all.

So what did I end up telling the client? Basically, it won’t hurt her to make sure all her bases are covered by registering her BrandME.com domain name. But the standard practice is to stick to registering the brandname in the ccTLDs of the relevant markets. If a company has a presence in Saudi Arabia, in other words, it should go after Brand.com.sa.

Please note: this blog post is meant to be a humorous piece. I advise placing your tongue inside your cheek before reading.

I’m wiling to bet that nearly every tech entrepreneur out there dreams of coming up with the idea for THE new technology, the one that changes the way humans conduct their lives or interact with content and each other. And I’m sure none would shy away from the fame, not to mention the financial windfall, that such an invention would entail.

At the same time, I’m also willing to bet that very few of these entrepreneurs dream of going down in a massive police raid during their birthday party, or of being found hiding in their safe room clinging to sawed-off shot gun. No one dreams of being infamous instead of famous. No one dreams of going out like Kim Dotcom.

Call him the Jabba the Hutt of digital piracy. The media has painted the German-born Kim Dotcom, formerly Kim Schmitz, as a self-styled gangster and international digital kingpin. Aside from putting the “mega” in MegaUpload.com, the founder of the massive Hong Kong-based file hosting site also has a penchant for hacking and even racked up a conviction for insider trading. Reports from the raid say that police seized various luxury cars, including (of course) a Rolls Royce; valuable artwork; and over $8 million. No word yet on whether Dotcom also had a gold-bikini-clad princess chained up somewhere in his mansion.

The indictment, which charged Dotcom and his associates with conspiracy to commit racketeering, piracy to commit copyright infringement, and piracy to commit money laundering, claims that MegaUpload.com inflicts harm on copyright holders to the tune of $500 million. MegaUpload.com is what’s known as a cyberlocker, a site where users can upload files for others to download. Unsurprisingly, these kinds of sites, while they have many legitimate uses, are often hotbeds for the exchange of pirated content.

Interestingly, Dotcom’s arrest came just a day after the widespread protests over two anti-piracy bills, the PROTECT IP Act and the Stop Online Piracy Act.

When asked to comment on his arrest, Dotcom muttered, “Bring me Solo and the Wookiee. They will all suffer for this outrage.”

Just kidding.

For brand owners, the launch of a new generic top-level domain (gTLD) brings with it a now all-too familiar nuisance: the Sunrise period. Sunrise periods are a necessary evil for businesses: on the one hand, they provide businesses with the opportunity to protect their brand in newly launched extensions, but on the other hand, they require businesses to monitor for announcements, navigate through the steps of registering their trademarks, and pay the associated fees. For companies that hold multiple trademarks, this can be an expensive and time-consuming process. However, as the number of gTLDs is poised to expand significantly, participating in Sunrise periods will remain an important aspect of businesses’ online brand protection strategies.

Unfortunately, there is a lack of clarity among many businesses about when participating in a Sunrise period is a smart defensive move. Some registrars appear willing to take advantage of this confusion, and the “better safe than sorry” attitude that often accompanies it, with vague marketing practices. Take, for example, the so-called "Sunrise period" for the .JP.NET extension that opened on January 16. Let's get one thing straight right off the bat: .JP.NET is not a top-level domain. Rather, the registry services provider CentralNic has registered "JP" as a second-level domain in the .NET domain space. Businesses that register their trademarks in .JP.NET are actually purchasing a third-level domain on the JP.net second-level domain.

CentralNic argues rightly that the third-level registrations in the JP.net domain open up opportunities for businesses that were unable to obtain their desired domain name in the .NET gTLD or Japan's .JP country-code TLD (ccTLD). What is unsettling, however, is that .JP.NET is being marketed by registrars as the debut of another top-level domain with no reference to the fact that .JP.NET is not, in fact, a top-level domain. Rather, the .JP.NET rollout seems designed to mirror the recent, high profile launch of the .XXX gTLD with a four-phase registration process that includes Sunrise and Landrush periods along with a promotional period for .JP and .NET owners to register matching .JP.NET domains before General Availability begins. This strategy seems aimed at inciting brand owner confusion and anxiety, and, of course, drumming up sales.

The bottom line is that registrants should be told, up front, what they are actually getting by registering a .JP.NET domain. Without such an explanation, however, the burden falls upon brand owners to be informed and strategic with regard to domain name registrations. As countries increasingly open up ccTLDs to general registrations (Columbia's .CO and Montenegro's .ME are two of the most recent examples), and with the first extensions from ICANN's New gTLD Program predicted to go live in early 2013, the number of Sunrise periods is only going to increase as time goes on. Staying aware and informed will be the key to making smart decisions.  
 

Back in September, we published a Perspectives paper about a survey scam that targeted social networks: when Internet users mistyped the domain names of popular social media sites like Facebook, Twitter, YouTube and others into their browsers’ address bars, they were led to a website that was formatted similarly to the target homepage, but displayed a survey in place of the expected content. The surveys promised prizes for answering questions and – surprise, surprise – never delivered on those prizes. Instead, they stole users’ valuable personal information.

In the study, we noted that shortly before we published, Facebook had filed a lawsuit against 25 defendants over 104 different domain names, many of which we identified as hosting this survey scam. Now, according to Fusible, Google has come out on top in its own struggle against survey scammers. The search engine giant, and owner of YouTube, filed a Uniform Domain-Name Dispute-Resolution Policy (UDRP) complaint with the National Arbitration Forum over the domain names youtbe.com, youtub.com, youtue.com, youube.com, and yutube.com, all of which had popped up in our study as hosting the survey scam.

Recovering these domains was by no means a bad move on Google’s part, but it amounts to a drop in the bucket: in total, we had identified 81 typos of YouTube.com that had been squatted to host this scam, many of which receive extremely high volumes of traffic (by our calculations, a single domain receives over 19 million visitors annually). These five domains receive fewer than 300,000 visitor per year, accounting for only 0.72 percent of the total traffic that all the squatted Youtube.com typos in our study receive. Conversely, if Google had targeted the top five typos that receive the most visitors, it could have recovered over 90 percent of traffic, or more than 35 million annual visitors, that are exposed to these survey scams. That would have gone a long way in protecting YouTube’s users, and in turn would have stemmed a significant portion of the damage that these scams have inflicted on the YouTube brand.

But on the bright side, Google is clearly aware of the survey scam problem, and the UDRP Panelist reached a fairly open-and-shut decision. These two factors bode well for the company, should it decide to pursue more of these typosquatted domains.
 

Anyone who has lost a domain because they let the registration lapse knows how important it is to make sure to renew your domains before the registration expires. Just ask Trevor Tahlem Smith, Jr.

Not familiar with Mr. Smith? You might know him better by his stage name, Busta Rhymes. That’s right, the iconic rapper’s domain name, BustaRhymes.com, expired today. According to The Domains, the domain listed a management company, Flip Mode Licensing, LLC.

Looks like Busta better busta move to get his domain back.

ICM Registry, the company that administers the .XXX sponsored top-level domain (sTLD), announced this morning that it was suspending domain registrations "that appear to involve unmistakable, blatant cybersquatting." The announcement came in the wake of suspicious registrations for famous trademarked names including BusinessWeek.xxx, CNBC.xxx and WashingtonPost.xxx, among others. ICM's swift move to suspend the questionable registrations is commendable and shows that the registry is committed to protecting trademarks and enforcing its own policies.  

However, this morning's news also highlights a key pitfall of Sunrise Periods: in order to be effective, brands must participate in them. FairWinds recently reported that 75 percent of Fortune 500 companies participated in the .XXX Sunrise Period B by blocking either their many company names or names of their key brands. In our view, this high rate of involvement indicates a significant level of awareness of the .XXX Sunrise Period among businesses. Unfortunately, certain companies did not choose to participate, and had to either register their domains defensively, or deal with cybersquatting. With the Internet poised to expand with ICANN's New gTLD Program, the lessons from the .XXX Sunrise Period—and the precedent set by ICM's swift response to cybersquatting—will be worth watching.

Simply put, not all domains are good candidates for a UDRP complaint. It is the duty of a Complainant and its counsel to both carefully research claims before filing and also to be prepared to alter their strategy if new facts come to light after filing. If these fundamentals are ignored and a Complainant is unable to provide the right evidence, it risks more than just a denial of its claim. Completely unsubstantiated complaints could be judged as an attempt at reverse domain name hijacking, a ruling that could be used against the Complainant in subsequent cases.

The perils of filing a complaint without sufficient evidence were highlighted in a recent UDRP decision handed down by a World Intellectual Property Organization (WIPO) Panelist. In this case, the Complainant, the California Milk Processor Board (the organization behind the Got Milk? advertising campaign) was denied its Complaint against Center Ring Productions, LLC over the domain name GotMilke.com.

Respondent’s owner, a Mr. John Milke, registered the domain in 2010 and argued that it had been chosen purely for its resemblance to his own surname. He also asserted that any similarity to the famous Got Milk? campaign was entirely coincidental. Further, the Respondent stated that the domain had been used exclusively for personal emails and not for commercial gain.

The Complainant introduced no evidence to show that the Respondent was not commonly known by the name Milke and, likewise, was unable to show that the Respondent's choice of the GotMilke.com domain was an attempt to profit from the Got Milk? mark. It seems that the Complainant found it unbelievable that GotMilke.com could have been registered without a desire to profit from the famous ad campaign. Yet this, in and of itself, does not constitute proof and the UDRP Panelist remained unconvinced.

It is surprising, in this case, that the Complainant’s counsel either didn’t adequately research the Respondent or, upon learning the surname of the Respondent's owner, didn't move to suspend the case and initiate settlement negotiations. Once the Respondent's connection to GotMilke.com was discovered, the Complainant would have been better off avoiding the UDRP route altogether and directly negotiating an acquisition of the GotMilke.com domain, or waiting to file the Complaint until able to make its case. Instead, the case was lost and the Complainant narrowly avoided a finding of reverse domain name hijacking.

This post has been updated to amend an error in phrasing from an earlier version. Previously, we wrote that 80,000 companies submitted applications to reserve their .XXX domains during the Sunrise Periods. Actually, an undisclosed number of companies and other organizations filed nearly 80,000 applications for domains.
 
Today marks the opening of the .XXX generic top-level domain (gTLD) to the general public. ICM Registry, the company under contract with ICANN to administer the .XXX domain, has preceded the opening with a 4.5 million dollar (cringe-inducing) advertising campaign aimed at drumming up sales and awareness of the new extension.

The beginning of General Availability marks the final step in .XXX's four-phase launch process. During Sunrise Periods A and B, registered trademark holders from inside and outside the adult entertainment industry had the opportunity to proactively register their marks as domains. The recently closed Landrush Period gave qualified members of the adult entertainment industry an opportunity to register domains. Starting today, anyone will be able to purchase a .XXX domain. Importantly, when registrants register their domains, they will have the option of having that domain not resolve to content. For businesses and individuals, this solves the delicate question of where to point a defensively registered .XXX domain.

For brands, today is an important day. Although nearly 80,000 applications for .XXX domains were filed from outside the porn industry during Sunrise Period B, applicants were only able to register an exact match of their trademark. Shortenings, iterations, nicknames and common misspellings and typos were not accepted. Today, brands, along with the general public, will finally be able to register these variations.

At this point it's hard to predict if .XXX will gain popularity among the general Internet community. Currently, ICM Registry faces an anti-trust suit from online pornography companies Manwin Licensing International and Digital Playground over its pricing and handling of the .XXX domain. Among other demands, the suit seeks to renegotiate the contract between ICM Registry and ICANN. Despite .XXX's uncertain future, brands who have not yet registered their mark or who are anxious to protect other variations of their trademark, would do well to take early advantage of General Availability.

Zut alors! According to The Guardian, identity squatting is no longer a problem that only American politicians face. It appears that French squatters have a certain savoir faire for the practice as well, and it extends all the way up to the office of Prime Minister. When users type in FrancoisFillon.fr, instead of landing on the site for French Prime Minister Francois Fillon, they are redirected to FrancoisHollande.fr, the site for presidential candidate Francois Hollande.

And what about the current French president, who is seeking reelection next May? Well, NicolasSarkozy2012.fr points to a tattoo artist's site, and Karachigate.fr (the nickname given to the scandal over a corrupt arms deal from earlier this year) redirects to the site of the Elysée Palace, the French equivalent to the U.S. White House.

But the biggest difference between the U.S. and France when it comes to identity squatting is the pénalité involved. Here, the French add a certain je ne sais quoi, to the tune of jail time and a fine. The country introduced an anti-cybersquatting law last March that goes beyond simply protecting trademarks and intellectual property. The law deems the act of stealing another person's identity "to attack their honor" punishable by up to a year in prison and a maximum fine of €15,000, or about $20,000. Sacre bleu!

Last week, FairWinds launched a new service called FairWinds Intelligence, a patent-pending revolutionary new domain name infringement and management technology. Intelligence utilizes the Domain Name Intelligence Engine (DNIE), a software that identifies, categorizes and quantifies infringing domain names, and when combined with our advisoryservices, helps clients make real-time decisions about which domains to recover.
 
Years ago, when we first entered the business of domain name strategy consulting, we knew the field would be constantly changing. In fact, that's one of the things that excited us about it. We knew we, too, would have to adapt in order to continue providing our clients with the best advice in the most time- and cost-efficient way possible.
 
Other automated domain name monitoring tools have been around the marketplace for a while now. Because FairWinds has such a trusted relationship with all of our clients, we have been privy to the best and the worst tools that others offer. Unfortunately, we've observed that the vast majority are overpriced and frankly, inaccurate in their categorizations of infringing domains. Moreover, they do nothing to actually prevent or combat cybersquatting for the clients who use them.
 
In the past, we rejected the idea of developing our own tool, largely because here at FairWinds, we are branding, marketing and legal experts, not software developers. But then we met Desvio, a technology provider based in Silicon Valley that is comprised of a small group of highly skilled engineers. But the Desvio team is more than just talented technologists – they truly understand the bigger picture of cybersquatting and the impact that it can have on businesses outside of the realm of the DNS. When we met Desvio, we realized now was the right time to take the leap and develop our own tool.
 
The result was an easy-to-use dashboard interface where clients can access and view all of the domains classified by the DNIE, receive real-time notifications and manage the workflow to recover valuable domains. We're very pleased with the end result, and can't wait to begin rolling it out to clients.
 
For more information on the new Intelligence service, visit our Services page on the FairWinds website.