Why legal is increasingly needed to stamp out domain abuse

In early 1985, the world’s first domain name was registered when the internet was still largely a non-commercial platform. As the internet evolved and become more widely used, the domain landscape evolved and grew exponentially. Fast forward to the present day, there are hundreds of millions of domains in existence and the internet has become ubiquitous. The current domain landscape is much broader than in its nascent days, with country-code top-level domains, new generic top-level domains (TLDs) and novel .brand TLDs. Domains have evolved from a functional, navigational purpose. Today, they are integral to organisations seeking to establish a strong online presence in our interconnected digital world and are crucial to e-commerce strategies.

Despite being a relatively recent form of intellectual property, domains’ ever-growing prominence has resulted in their assuming greater importance in organisations’ IP portfolios. In a recent Clarivate survey of global business leaders’ attitudes to domain management and the challenges they face, 78% of respondents regarded domain names as valuable IP assets. In fact, organisations now view domains to be as important as trademarks and patents. It is no wonder that 75% of organisations in 2020 monitored the value of their domain portfolio, an increase from 62% in 2019.

It is no wonder that 75% of organisations in 2020 monitored the value of their domain portfolio, an increase from 62% in 2019.

Reflecting the strategic value of domains, management of domain portfolios has evolved. In 2020, there was a shift from a passive, renewals-led focus to a more strategic and planned approach. While over a quarter of organisations (26%) relied on renewal notices reactively in 2019, this dropped to 14% in 2020, according to the same Clarivate survey. At the same time, 28% of organisations now have a proactive plan and collaborate with multiple departments across the business to ensure their domain portfolios are organised and effectively managed. This is similar to how organisations manage patents, another asset within the IP family, with legal and R&D departments collaborating on patent management.

A vital component of proactive domain management is security. Cyber threats are becoming more widespread and malware, web-based attacks and phishing were the top threats in the EU last year, according to a European Union Agency for Cybersecurity report. All three of these threat types take advantage of domain names for increased effectiveness. Worryingly, the report highlighted that many cyber security incidents remained undetected for a long time, or worse, escaped detection completely. The pandemic is accelerating social, cultural and commercial activity in the digital sphere and 70% of new value created in the next 10 years is expected to be based on digitally enabled platforms. It is no wonder that the digital space and digital assets such as domains are targets for cyber crime.

Today, security is seen as the biggest challenge in domain management. Domain security has reached the boardroom, with a growing number of senior decision makers (47%) acknowledging it as a board-level issue, compared to 43% in 2019. Senior business leaders are rightly concerned as domains are not just a vital element of a brand’s identity, they have become a fundamental part of e-commerce strategies.

Responding to security challenges, the most popular methods to secure domains range from two-factor authentication, name server monitoring and, increasingly, the use of registry locking. Not only is there increasing awareness of the security benefits of registry locking, more registries are also introducing this important security feature. With cyber threats increasing and attacks becoming more sophisticated, organisations need to adequately safeguard themselves. Having robust cyber and domain security measures in place is imperative. Only in doing so can they protect their brand, reputation and customers’ trust.

While domain security remains primarily the IT department’s responsibility according to 60% of companies surveyed, legal teams are increasingly becoming more involved. In 2020, 31% of organisations reported that their legal teams were involved in domain management and security, compared to 23% in 2019, reflecting the increased need for legal protection of these IP assets.

One reason for greater involvement of legal teams could be the rising levels of infringement and fraud. The World Intellectual Property Organization experienced a surge in cybersquatting case filings last year. Previously, domain strategies were primarily motivated by the need to promote new products and services. In 2020, protecting brand value by mitigating brand abuse became the most important factor driving domain registrations.

With organisations moving to a more defensive focus, their legal teams and IP experts are called on to provide advice and support, for instance if a cybersquatting case is filed under the Uniform Domain Name Dispute Resolution Policy (UDRP). While it is not required to have an attorney representing a UDRP claimant, legal teams frequently use case law both to prepare for litigation and to determine the likelihood of winning a domain dispute.

Prior to filing a domain dispute or lawsuit, organisations often attempt to resolve the matter amicably, and may offer to purchase a domain name from its current owner. Legal expertise is also tapped when organisations consider a potential domain name purchase. Darts-ip case data also shows that nearly 49% of organisations review case law when analysing a likely domain name purchase.

As domains have become essential to IP strategies, domain management has evolved beyond simply choosing and registering a domain to reflect the brand’s name. In registering and managing sub-domains, name variations, domains for campaigns, defensive registrations and regional domains, large organisations with global reach can end up with expansive domain portfolios that need time, resources and expertise to manage.

As domains have become essential to IP strategies, domain management has evolved beyond simply choosing and registering a domain to reflect the brand’s name.

As their volume of domains grow, organisations may also experience an increase in the number of inactive domains in their portfolios. These inactive domains are mainly acquired for defensive purposes, perhaps to prevent cybersquatting, and most should be used to redirect traffic to their main websites. They must, however, be properly configured and managed in order to avoid security risks such as domain name server compromise.

Besides overall growth in the volume of domain portfolios, the composition of these portfolios is changing too as adoption of new gTLDs and .brand TLDs grows. Examples of new .brand TLDs include Canon (global.canon) and Suzuki (team.suzuki).

These domain trends, coupled with evolving threats including cyber security and infringement, can add to the challenges of a collaborative approach to domain management spanning departments, including legal teams. Views on domain strategy could differ and coordinating efforts across departments can be complicated.

Grasping today’s domain trends and challenges can enable IP lawyers not just to better collaborate with other teams in their organisations in protecting and managing domains, but, importantly, to build a robust and proactive domain strategy.

Brian King is head of policy and advocacy in the intellectual property group at Clarivate in Washington DC.