Foresight 2020: today’s best practice and tomorrow’s challenges

By Nick Wood, Executive Chairman & Co-Founder

The management of IP in the domain name system has never been more complicated. A decade ago there were just 320 registries, 99.9% of all domains were in the English script and bad actors could be tracked from a whois record to the real world. Today we have over 1200 registries, domains in scripts like Arabic, Chinese or Cyrillic and records of registration that reveal very little. Scams spread from social media across the domain name system to online marketplaces while specialist companies are busy harnessing AI to track and take down the counterfeiters.

Best practice in domain portfolio management is now heavily influenced by considerations of business continuity and security as consumers continue to trust a domain that matches a well-known brand to signpost authentic content. Whereas it was once sufficient to know where to find information about the formalities and dispute procedures of a registry, IP professionals engaged in domain name matters in 2019 have to understand an alphabet soup of acronyms and know the difference between a Sunrise and a Landrush, Blocking Programmes and the Trademark Clearinghouse or if, how or when the URS might be useful as opposed to a UDRP.

We held a seminar for clients and contacts in New York City last month called Foresight 2020. The aim of the event was to share some insights into today’s best practice and tomorrow’s challenges. Here’s a summary of some of what we covered:

The place of benchmarking in portfolio management

Benchmarking a portfolio can help with rightsizing and better communication. We have tools and processes to help our clients benchmark externally against peers and competitors and also to benchmark internally, comparing brand to brand.

Com Laude’s Co-founder Lorna Gradden covers this in her podcast, available here: https://comlaude.com/domain- benchmarking-podcast

Blockbuster registry launches for 2020

Three open registries which were applied for in Round One of the new gTLD programme will most likely launch in 2020. Depending on your organisational culture and business focus, .Gay, .Music and .Kids may be of importance to you.

Review of the UDRP

A two-phase review of the Rights Protection Mechanisms used in the first Round of the new gTLDs is underway in ICANN. An initial report on the first phase is long overdue, covering topics like Sunrise Schemes and the Trademark Clearing House. Although exhaustion has seeped into the volunteers working on the review, the thorny topic of the URS won’t go away. Intended to be the little sister of the UDRP, for slam-dunk cases of cybersquatting, it is ineffective for brand owners as it does not result in a transfer or cancellation of a domain and hated by civil society advocates who think it is draconian. Therefore it is being re- examined in December so we won’t see the report for a month or two yet. The second phase of the RPM review will be dedicated to the UDRP, which is now 20 years old. As this cannot start until the report on the first phase review has been accepted by ICANN’s GNSO, this means work will commence mid-2020.

The UDRP review will be wide-ranging, though the UDRP in its current form is the default position. Charter questions include: a review of filing fees, including whether a “loser pays” system should be introduced; whether the concept of freedom of expression should included as a consideration along with free speech and the rights of non-commercial registrants; if geographical indications, last names, and generic terms are being appropriately protected; whether there should be a presumption of bad faith for repeat/serial offenders; if a statute of limitations should be introduced; and whether the bad faith requirement should be “registered OR used” as opposed to “registered AND used”.

Brand owners should be prepared for a fight to stop forces who wish to loosen the UDRP – mostly from academia and civil society.

Blockchain Domains

The Domain Name System appears to be a fertile ground for exploitation by blockchain innovators. After all, the DNS is a distributed network and blockchain is a distributed ledger. However, there is only very limited cross over at present.

The best example is the .luxe new gTLD registry. This is being used by Ethereum, one of the top three blockchains with c. 50 million assets. For five years now, Ethereum members have been able to register unique .eth identifiers to use on the ENS (Ethereum Naming Service). These .eth identifiers are randomly generated 40-character strings limited to use on the Ethereum platform.

Domain registry operator MMX is now mapping .luxe domains on the DNS (Domain Name System) to .eth identifiers on the ENS. LUXE is an acronym for “Lets Us Exchange Easily”. The thinking is that you can have a human-readable and therefore memorable .luxe name over-layered on top of your .eth identifier. As it says at the Ethereum website “ENS eliminates the need to copy or type long addresses. With ENS, you’ll be able to send money to your friend at ‘aardvark.eth’ instead of ‘0x4cbe58c50480…’

It is far from ideal that blockchain identifiers that work only in the closed world of a proprietary blockchain using plug-ins are referred to as “blockchain domains”. Unlike the Domain Name System, there is no ICANN-type agency co-ordinating standards, regulating through contract, providing a forum for public and private sector interests to determine policy including for publishing ownership details or take downs. There is no “root”: in fact, there can be as many roots as there are blockchains. What exists are independent initiatives like PeerName or Unstoppable Domains, both blockchain identifier registrars, or Chainsregistry.com, a company created to buy new gTLDs in Round Two that relate to cryptocurrencies.

Registries and Artificial Intelligence

A small number of ccTLD registries have begun to use artificial intelligence to predict abusive domain registrations, including the UK’s Nominet, Denmark’s DIFO and EUrid, operator of EU. They each have proprietary systems and processes and, if required, have changed their registry T&Cs to allow them to suspend registrations where, for example, there is suspicious activity on an IP address, the registrar has a poor record and is paying for a domain with a new credit card or the identity of the applicant cannot be verified. Best practice is emerging. Continuous assessment of registrant identity has been found to reduce domain infringement. The biggest problem in rolling out the AI is that the volume of new registrations is too low to support faster learning. We have raised the possibility of ccTLDs sharing “Red Lists” of known domain abusers between each other.