The EUIPO Observatory recently published a new discussion paper, Challenges and good practices from registrars and registries to prevent the misuse of domain names for IP infringement activities.
In brief, the paper catalogues current best practice on the prevention of domain name abuse. While it remains to be seen whether registries or registrars will voluntarily adopt these best practices (or whether they will be encouraged or even mandated to do so by the EUIPO in future), the report highlights that the Observatory is at least aware of the issues affecting brand owners.
To spare you from reading the paper in full, we've summarised the key takeaways below.
- Registries should set out robust terms and conditions on the registration and use of a domain name, one of which should include the suspension of a domain name in the event of IP infringement, making breach of contract more easily enforceable.
- Registries should discourage or ban the use of privacy or proxy services to cloak the contact details of a domain name registrant.
- Brand owners should be notified of the third-party registration of a domain name which is associated with their own trade marks.
- Registries should verify the contact details provided by a third party upon registration of a domain name to block fraudulent or malicious registrations, akin to running commercial 'KYC' checks.
- Registries should continually and proactively review and verify registrant contact details and information to add an additional level of review for fraudulent domain name activity.
- Registries should consider reactively asking domain name registrants to prove that their details are correct, if they consider that fraudulent activities are taking place.
- Registries and registrars should have 'notice and takedown' procedures in place to allow brand owners take action against trade mark infringement without having to litigate,
- Registries and registrars should consider implementing 'trusted notifier' systems to facilitate cooperation with brand owners and effect the take down of a domain name upon the submission of clear evidence of trade mark infringement occurring at the domain name.
- Registries should implement tools to enable brand owners to contact a domain name registrant via a contact form linked to verified contact details held at the registry – this approach is compliant with GDPR data privacy requirements.
- Registries should put in place WHOIS disclosure forms to allow brand owners to retrieve registrant contact details if they can prove a specific, legitimate interest in doing so – this approach is also compliant with GDPR data privacy requirements.
- Registries should consider freezing domain names for the duration of their registration, or putting up warning pages on suspended domain names to inform consumers about previous infringements that have taken place on the domain name.
- Registries should voluntarily collaborate with brand owners and law enforcement agencies to collate and share information and expedite action against IP-infringing activities.
- Registries should run information campaigns to support and educate brand owners on how to protect their trade marks online.
Overall, there is plenty to be done to sharpen up enforcement procedures and speed up the suspension and take-down of IP-infringing content; this paper illustrates some current best practices which may plug the gaps in the protocols of a number of registrars and registries.
The full report, which includes case studies from various registries and registrars around the world, is available online here.
Find out more
To discuss the issues raised in this article in more detail, please reach out to a member of our trade marks team.