Domain Name Wire | Domain Name News

Domain Name Industry News

Featured Domains

register.to

MITRE wins CVE.org dispute in questionable decision

by Policy & Law 3 Comments

It’s hard to see the bad faith use of this domain.

A screenshot of MITRE's CVE web page showing logo and web address

MITRE won a UDRP for CVE.org. It uses the domain cve.mitre.org for the program.

A National Arbitration Forum panelist has awarded The MITRE Corporation the domain name CVE.org in a cybersquatting dispute.

Finding in MITRE’s favor was the easy decision for panelist Ho Hyun Nahm, Esq. to make. MITRE is a respected organization and its Common Vulnerabilities and Exposures (CVE) service is run in conjunction with the U.S. Department of Homeland Security and Cybersecurity and Infrastructure Security Agency (CISA). The domain name owner also didn’t respond to the dispute.

So it was the easy decision, but I’m not sure it was the right decision.

MITRE argued that the domain is currently owned by either:

1. Someone associated with the dissolved non-profit organization CVE, Inc. but under inaccurate Whois information OR
2. A person who acquired the domain name after the non-profit dissolved.

If it’s the first case, the domain wasn’t registered in bad faith. If it’s the second, then it could have been registered in bad faith. We don’t know for sure because the domain owner didn’t respond, but I think it’s the second case based on a review of historical Whois records.

Given the second case and the non-response, there’s still a legitimate question of if this domain was registered and used in bad faith. The domain isn’t active, but MITRE argues:

Respondent registered and uses the disputed domain name in bad faith. Respondent either is affiliated with the inactive organization CVE, Inc. and provided false registration information on WHOIS, or Respondent is not affiliated with CVE, Inc. and uses the disputed domain name to create confusion and disrupt Complainant’s business for Respondent’s commercial gain. Respondent’s registration and use of the domain name is also in bad faith because it prevents Complainant from registering its mark as a domain name. Further, Respondent disrupts Complainant’s business because Respondent’s inactive website creates an impression that Complainant does not exist, or it may redirect Complainant’s consumers away from Complainant’s CVE product. Complainant asserts that Respondent presumably gains commercially from this practice. Respondent acquired the disputed domain name with actual knowledge of Complainant’s rights in the CVE mark.

If the domain owner used the domain to offer a security product or a parked page with security ads, there would be evidence of bad faith.

But not using the domain? I don’t see it. Also, what evidence is there that the domain owner “presumably gains commercially” from making the domain inactive? I’d argue the registrant presumably does not gain commercially from this.

Admittedly, CVE seems to be most commonly associated with MITRE’s CVE. Most Google results on the first page are for the program.

However, I find it difficult to squeeze this three-letter .org domain dispute into UDRP and to find that the Complainant showed it was registered and used in bad faith.

Buying an expiring domain? Might want to check this

by Expired Domains 3 Comments

The domain could already be subject to a UDRP.

logo for Solverde Casinos with a green background and image of a sun

A domain investor bought an expired domain that Solverde had already filed a UDRP against. The casino company won, and the domain buyer is suing to retain the domain.

Domain investors review a lot of data before buying expiring domain names. The more expensive the domain, the more data they check.

Sometimes I’ll Google the domain name to see how it’s used. I might even check a trademark database if the name seems like it might be a trademark. What I’ve never thought to do is see if the domain is subject to a current UDRP case.

After all, if a company decided to file a UDRP against a domain that was about to expire, wouldn’t they at least work with the registrar to make sure the renewal fee was paid?

Apparently not.

Turn Invest Group Ltd. bought SolVerde.com for $665 on NameJet in January after it expired. But the domain was already subject to a UDRP filed in November 2020. Despite being notified by the registrar of the pending expiration, neither World Intellectual Property Organization (WIPO) or the Complainant, casino company Solverde, S.A., apparently did anything about it.

So the domain expired and Turn Invest Group won a competitive auction.

According to the WIPO panel, the domain buyer should have searched to see if there was an active UDRP:

…The Respondent is a sophisticated domain name investor, and has been in this business since 2009.

Despite providing a detailed declaration, the Respondent did not provide any details of searches or due diligence the Respondent undertook prior to acquiring the disputed domain name at auction. A Google search of “SOLVERDE” conducted by the Panel resulted in many search results for the Complainant on the first page of the search results. Moreover, if the Respondent had searched the UDRP SEARCH database at “www.udrpsearch.com”, the Respondent would have seen that the disputed domain name was subject to an “active case”…

OK, I can buy searching Google to see if these two Spanish dictionary words are a well-known trademark used exclusively by one company. But checking for a UDRP?

The panel found in favor of Solverde, S.A.. Now, Turn Invest Group is suing to block the transfer.

The company filed a lawsuit (pdf) in U.S. District Court in Florida yesterday. It’s asking the court for declaratory relief that ownership of the domain is not infringing on Solverde S.A.’s trademarks and a finding of reverse domain name hijacking.

Howard Neu is local counsel for the plaintiff.

Another Gorgonzola domain dispute has me bewildered

by Policy & Law 0 Comments

I can’t figure out what these lawyers are doing.

Picture of Gorgonzola cheese

The organization that defends the Gorgonzola cheese trademark lost another cybersquatting dispute.

A World Intellectual Property Organization panel has decided the latest case involving a Gorgonzola domain name. It has me questioning the legal approach taken by Consorzio per la Tutela del Formaggio Gorgonzola, the organization that defends the Gorgonzola trademark for cheese.

Last week I wrote about a case for gorgonzola.blue and noted that the facts of the case, including the geographic location of the registrant and what they intend to use the domain for, matter.

In the latest case for gorgonzola.info, the registrant is located in Italy but says they registered the domain because of the city of Gorgonzola, not the cheese. The Respondent owns lots of Italian city name domains.

What’s particularly perplexing is that, in an effort to bolster its case, the Complainant mentioned two other cybersquatting cases against the Respondent that reference Italian cities that are cheeses as well. The Respondent won both of those cases. Why is the Complainant pointing out cases that are evidence of the domain owner’s case that it registered the domains because of the cities?

As I pointed out in my last article, Consorzio per la Tutela del Formaggio Gorgonzola hasn’t hand registered many relevant domains. One of them is a domain against which it lost a UDRP that later expired. So it thought it was worth paying thousands of dollars to file a UDRP against the domain but hasn’t bothered to register it for a few bucks now that it’s available.

Strange.

Crypto company Lukka loses cybersquatting dispute (again)

by Policy & Law 2 Comments

Company goes after domain registered before it existed.

Blue image with the letters UDRP

Lukka, Inc. has lost its second attempt to get the domain name Lukka.com through a UDRP. The company, which provides crypto asset software and data, uses the domain name Lukka.tech. It has raised nearly $75 million from investors over the past year.

The company filed the first UDRP on March 1, but the trademark it claimed rights to was not in the Complainant’s name, so the panelist nixed the UDRP based on the first element.

It refiled the complaint on May 6, addressing the difference in the name of the trademark holder.

But the case was still a stinker. The company was founded as Libra (yes, the same name that Facebook temporarily used for its planned cryptocurrency) in 2014 and changed its name to Lukka later. The domain name owner acquired the domain in 2010 and registered a company in Korea that year called Lukka Co., Ltd.

Given the dates, it’s impossible that the Respondent registered the domain to target the Complainant.

The panel did not consider if this is a case of reverse domain name hijacking.

Reboxed Limited attempts reverse domain name hijacking

by Policy & Law 0 Comments

UK mobile phone site went after domain registered before it existed.

A picture of a man's face with an eye cover coming out of a laptop screen with the words "reverse domain name hijacking"

A UK firm has been found (pdf) to have attempted to reverse domain name hijack the domain name reboxed.com.

Reboxed Limited offers a marketplace for buying and selling used mobile phones at Reboxed.co. Before founding the company in 2019, Reboxed’s founders attempted to buy Reboxed.com from the current owner, who acquired the domain name in 2012. Given the timeline, a cybersquatting dispute under UDRP was doomed to fail.

Nevertheless, Reboxed filed a UDRP with the assistance of the law firm Sheridans.

The panel found that Reboxed did not show that the domain was registered and used in bad faith because Respondent could not have known that a firm would pop up many years later to use the mark.

It also found reverse domain name hijacking. This is the second reverse domain name hijacking win for attorney John Berryhill in two days. The three-person World Intellectual Property Organization panel wrote:

…The Complainant in this case is legally represented and, in view particularly of that factor, the Panel considers that the Complainant knew or ought to have known that the Complaint had no reasonable prospect of success.  The Panel agrees with the Respondent’s contention that this is a “Plan B case”, in which the Complainant, having failed to purchase the disputed domain name by means of a commercial negotiation, has turned to the UDRP in an improper attempt to deprive the Respondent of it…

The dispute appears to have gotten a bit testy. The Complainant’s lawyer was apparently offended by Berryhill’s response on the case, calling it “unprofessional” and defamatory to the lawyer and its client. Berryhill wrote about it on twitter.

Domain Name Wire | Domain Name News