UDRP confusion: Georgia the state, not the country

Company searches for the domain name owner in the wrong Georgia.

Jorge Almirall registered the domain name almirall.org in 2002 and has used it for email since then.

This year, the Spanish pharmaceuticals company Almirall, S.A. filed a cybersquatting dispute against the domain name.

With GDPR, nearly all domain names have protected Whois records. As part of the UDRP filing process, the UDRP provider gets the registrant’s contact information from the registrar and shares it with the complainant. The complainant then has the chance to amend its filing.

In this case, World Intellectual Property Organization provided Almirall with the domain registrant’s information, including his address in Georgia, United States.

Almirall, S.A. challenged the identity of the domain registrant but made a big mistake: it tried to find the registrant in the country of Georgia, not the state.

The WIPO panelist addressed this when considering reverse domain name hijacking:

When the Complaint was originally filed, the name of the registrant of the disputed domain name in the WhoIs information was Redacted for Privacy.The true identity of the registrant was disclosed to the Complainant when the Center conveyed to the Complainant the Registrar’s verification response. Five days later, the Complainant filed an amended Complaint, in which it “raises doubts about the actual identity and existence of the registrant of the disputed domain name” and that “Despite this effort by the Complainant, we have not been able to confirm the identity and existence of the individual in the public citizen registry of the country of registration of the domain, namely Georgia”. Whatever effort the Complainant put in to confirming the identity of the Respondent, that effort was pointless given that the disclosed country of the Respondent’s location was the United States, not Georgia.

The Registrar’s verification response in fact identified the registrant’s name and complete address (i.e., street, city, state, country), and also the registrant’s organization. Had the Complainant undertaken a simple web search using this information, it would have found (as the Panel has found) a clear reference to the existence of the Respondent in the disclosed location and associated with the registrant organization.

It is difficult for the Panel to understand why the Complainant would undertake a search for the Respondent in Georgia when the Registrar’s verification clearly stated that the registrant’s country was the United States and provided the name of a city (Acworth) that does not exist in the country of Georgia. The Panel considers that the most likely reason for doing this is carelessness, rather than mala fides.

Indeed, that was quite careless. So why didn’t the Complainant withdraw the case after receiving the response, which included a copy of the domain owner’s government identification? And why did it wait over two decades to file a UDRP, while during that time, the domain wasn’t used in any way to target the pharmaceutical company?

You’d think this might tip the scales for a reverse domain name hijacking finding.

Alas, the panelist was Andrew F. Christie. He denied the complaint (pdf) but ruled against reverse domain name hijacking.