Monday, February 25, 2019

ICANN and the New Top-Level Domains part 1


American University Washington College of Law

Welcome, Christine Haight Farley, American University Washington College of Law
We are in the midst of an historic expansion of internet domain names with more than 1200 new generic top-level domains (“gTLDs”) now competing with <.com>. This 5000% increase in gTLDs is the biggest change to the internet's domain naming system in thirty years (and more are coming soon!). Accompanying these new gTLDs, are new and innovative--but little known--IP rights protection mechanisms. These developments could have a profound impact on the rights of IP owners, domain name registrants, and the public, and on the architecture of the internet.

Trademark Protections in the New gTLDs
Mary Wong, ICANN
What is the TMCH? Ten years of history. One of the mechanisms developed at ICANN (not by ICANN necessarily) for the latest round of expansion of gTLDs.  ICANN has staff but can be described as a world wide community, always talking about participants—gov’ts, businesses, lawyers, civil society participants, academics, other individuals.  Participants develop policy, not ICANN staff (which would be easier and faster!).  These mechanisms were developed/agreed upon by a wide variety of interests.

TMCH is not a rights protection mechanism (RPM) as such, but supports other RPMs in that TM owners submit marks into the TMCH. Those marks (their existence in a national register somewhere, or b/c they’re protected by treaty) would be validated by Deloitte, the operator of the TMCH, and you end up with a global repository supporting Sunrise and Claims (of which more soon). Over 80% of marks submitted are validated; marks from over 100 jurisdictions; 10,000s have been submitted since establishment 5-6 years ago.  Allows three categories of marks: (1) protected by a national registration, w/no distinction across countries; (2) marks validated by a court of law; marks protected by a statute or treaty.

Brian King, MarkMonitor: What did TM owners want from the TMCH? Assume you’re in-house at Delta Airlines.  Responsible for brand protection: monitoring for infringement, TM registries around the world. You may have 100s or 1000s of domain names, including country code domain names (delta.co.uk), and have to monitor for similar/infringing names. Might hire MarkMonitor to help w/that. Privacy protections can help people hide identity of registration.  ICANN decides to multiply existing gTLDs by a lot.  Now I have to worry about .air, .flight, .sucks, .porn: concepts Delta doesn’t want the brand associated w/ and may have to register domain names in merely to preempt other people from doing so.  This is scary and new RPMs help address the fear.  Sunrise allows Delta to register before non-TM owners.  TMCH also provides a notification when someone else registers [an identical domain name] in a new gTLD.

Michael Karanicolas, University of Toronto (delayed due to weather; I was able to rely on his notes)
Kathy Kleiman introduced Sunrise in his absence. Mandatory 30-day period (some registries expand it to 60 days) that all new top level domains are required to provide to owners of trademarks, whereby any owner of a mark which is recorded in the TMCH may pay a special fee to the registry to register a domain matching their mark before they are opened for general sale.

Why 30 days? And not forever? A balance designed to give weight to the interests of current trademark owners, but also to the interests of other potential registrants -- the innovators, speakers, entrepreneurs who want to register in a new gTLD as well.  There are multiple entities with rights in Delta, for example: dental, educational, fraternity, etc.  Both Sunrise’s duration and its limits—requiring an exact match with what the trademark owner has registered—reflect the desire to balance these competing interests.

Griffin Barnett, Winterfeldt IP Group: Q to address: Purpose of TMCH for TM owners as it has turned out?  Keep in mind function of TMs, which is to protect consumers from cybersquatting/fraud etc.  Benefits to brand community: operationally, TMCH generally works well.  Sunrise allows defense against phishing.  Two aspects to claims service: one is notice to brand owner who’s recorded the mark if a domain name matching the registration is registered, but also during the first 90 days a potential registrant who tries to register a matching domain name will receive a claims notice setting out the registered mark with some details. Just a notification: does not block registration but makes them aware and hopefully they can make an informed decision.  They might be deterred based on the knowledge of rights out there.

Q: where are these TMCH registrations coming from? 

Barnett: Deloitte has a report: a lot of these TMCH records come from the US, Europe.  There are a number of Asian jurisdictions represented, but majority are US/Europe. Large corporations tend to be the ones recording multiple marks, but smaller/medium businesses can use it too.

Wong: Yes; likely to see other countries’ submissions go up b/c of increasing awareness of these kinds of protections. Most big companies don’t enter all their brands.

King: it’s not cost effective to enter all TMs, but the crown jewels deserve TMCH entry. There was an educational period, but people are aware of this now.

Rebecca Tushnet, Harvard Law School
New legal or quasi legal systems are often set up assuming that they will be used against, and not by, bad actors, because that’s the problem that is most salient before the new system exists.  Unfortunately, online is like offline: bad actors find ways to game the system whether that’s by disseminating fake news or by claiming rights far beyond what they actually have, and we need to take that into account in designing our systems.  Devil is also in the details: when a policy is written, it may change substantially depending on who is implementing it and with what expectations.

After Sunrise, there is a Trademark Claims period: when we talk about Trademark Claims notice, we mean the notice that goes to anyone who attempts to register a term that is an exact match to a mark in the TMCH. If they proceed to a final domain name registration then the TMCH mark owner also gets a notice so that it can take further action if it chooses to do so.  This second notice is called a NORN in case there weren’t enough acronyms around.  

Top ten queried entries in the TMCH that trigger a Trademark Notice when there’s a registration attempt: Cloud (which is a registered Swiss trademark for pens, registered by a trademark lawyer), smart, love, luxury, nyc, forex, hotel, one, london, abc. Other terms that reporting has identified as being in the TMCH: Cash, "RICH," "CREDIT, the word “the,” VIP, global, hotels, mobile, prime, uk, virtual, “Christmas”, “Insurance”, “Dating,” “Discount,” Direct, social, construction, BUILD, BET, VACATION, and WEDDING. Not exactly Microsoft or Xerox, though those are likely also in the TMCH.

The Trademark Clearinghouse adopts a “lowest bar” approach to registration, whereby if a mark can be protected under any jurisdiction, and in any context, it is eligible for inclusion globally under a universal standard of protection. Doesn’t matter if the mark isn’t eligible for protection in certain jurisdictions – geographic indicators.  Huge dispute elsewhere in ICANN and in TM law over whether geographic indications are “marks,” but resolved in implementation, outside of agreement by participants, in favor of including GIs.  Also doesn’t matter if a word is considered generic for the relevant goods or services, or for some other goods or services, in certain jurisdictions. If it’s protected anywhere it’s protected everywhere for everything.

Moreover, although not by design, the TMCH accepts design marks - Once a mark has been accepted, it is protected as a word mark without reference to any distinguishing design features, since domain names are a text-only medium. So even when the trademark itself does not protect the textual elements as text, the TMCH will extract the textual elements for protection, as Deloitte confirmed when we asked them what they’d do with various design and stylized marks.  Cars by Disney, Music by Parallel Music Entertainment – all eligible as word marks for trademark protection.

For example: the American Physical Society publishes a journal called, naturally enough, “Physics”. Their US registration for the logo used on that publication was required to disclaim the word “Physics”. However, since the EU does not have an explicit disclaimer procedure, even though the mark is just as limited in the EU—it is a figurative mark—they used their figurative EU registration to get their TMCH entry for the word “Physics” per se.

Q: Implementation v. policy development.

Wong: One of the most fascinating aspects of the job is looking how a policy is written, which goes through multistakeholder consultation process, a little bit like treaty negotiations.  The output might be fairly general and that’s what happened. The original policy recommendations were really really general. Protect legal rights of others.  Everything we’re talking about today was developed as minimum protections during implementation of the very general policy recommendation. Had to be turned into something workable.  Now there’s a policy working group looking at all of this and will hopefully develop policy recommendations that can be implemented.  Where things go too far they can be restrained, where not far enough extended.

Q: was this issue discussed in policy development then?

Wong: there was a very general policy; with respect to specific points about GIs and text, the group didn’t list all the different things that could or couldn’t be protected, but during implementation it was made very explicit that no jurisdiction should be excluded.  It was felt that neither ICANN nor Deloitte as the validator are in a position to determine which marks are protected trademarks.  So the rules were made fairly generic.

RT: Where there are gray areas, to say “we’re not making a judgment” actually admits of two approaches: you can say it’s in or it’s out.  Both of those approaches are “nonjudgmental”—and you really could have thought that “all TMs are in” clearly excluded GIs because there’s an entire class of people who think that GIs aren’t trademarks and have a different ordinal priority when it comes to rights conflicts. And where you have already a really expansive definition of rights (protected anywhere, protected everywhere; registered for any good, covered for all goods/services) then further expansive decisions have collateral consequences.

Barnett: Different jurisdictions approach things from different standpoints, especially with respect to GIs; the clearinghouse was intended as a baseline so no one would be left behind by the way they were accepting certain rights. Concrete hypothetical: if Italy protects parmesan as a GI in national law, based on the underlying concept: we did discuss that rights based in national law should be protected.  [“Rights” is not “trademark rights” which was the actual language. Rights of publicity is another easy example where rights but not TM rights exist.]  There are a lot of nonspecific new gTLDs but you still might encounter consumer protection issues e.g., for .web, .online, .llc. Can’t tie Delta Airlines brand to exclude those general websites.  On design marks: where there’s a textual element w/stylization—going back to policy rationale, this took expansive approach b/c the underlying approach is to protect consumers against confusingly similar uses in the DNS.  If someone registered cars.whatever and uses it in bad faith to target Disney’s Cars, it’s appropriate to have that in the TMCH for Sunrise and Claims. It’s up to the registrant to make an informed decision.

Kleiman: Rules in consensus policy adopted by ICANN.  Unanimously adopted by the GNSO council and Board. Two things it says: the name of the RPM should be the TMCH (not “IP clearinghouse as proposed”) to signify that only TMs should be included. Should be required to include “text marks.”  As a parenthesis: design marks provide protection for letters and words only in the context of the design or logo and the group was under a mandate not to expand trademark rights.  We also debated the secrecy of the TMCH and decided against it: the notice function is important.  What happened? This goes way beyond implementation: they accepted GIs, which WIPO says aren’t TMs; they accepted design marks; they decided to make the TMCH secret. Stopped making sense of “implementation.”

Wong: The implementation that Wong described started in 2008, and the policy was “protect the legal rights of others.” Kleiman’s team (quoted) happened during implementation. Took 4-5 years and there were multiple discussions. Coming back to consensus-building, at each step, all proposals were put out for feedback from stakeholders. Where we ended up was the Applicant Guidebook, reflecting a consolidated history of 5 years of implementation stemming from v broad policy. Not saying we got it right or wrong but that’s where we ended.

King: We protect TMs from any jurisdiction and not just from the US.  No one country’s law rules the internet, so it’s important for this community to allow TM registrations under the laws of all jurisdictions.

Barnett: Expanding rights: legit brand owners don’t want people having rights they don’t have. Consumer confusion and bad faith are the ultimate tests. If cars.whatever is confusingly similar and used and bad faith it shouldn’t be ok. Depending on the use, Disney might win a UDRP case.

RT: Letting everything in is a great way to get much, much further from the consumer protection basis of trademark. And every axis on which you decide to allow more in has effects on how much further away from protecting consumers you are. We’re already abstracting away from national rights and from goods and services.  Cars is a great example b/c the TMCH/Sunrise have already abstracted away from consumer confusion and bad faith.  How many cars.whatever websites would you have to look at before you found one that was infringing? (URS/UDRP is the right solution for the bad faith ones.)  And they’re all impacted by Sunrise and Claims.

Q: Global database of recordals would be really useful. So let’s talk secrecy.

King: Putting people on notice: TMCH does put potential new domain name owners on notice that they may infringe if they proceed.  That notice can then be evidence in a potential case.  90% bounce rate of those who put a domain in their cart, received a notice, then didn’t proceed to final registration.  That’s great for deterrence! TM is a clear way to cry foul but it’s impractical to go to federal court in every infringement case. 

RT: Abandonment rates are really unclear: 90% rate might be mainly for queries by automated programs, but we really don’t know. Also, that 90% rate refers to queries for cloud, hotel, one, london, abc—the idea that they were planning on being cybersquatters is simply not plausible. We were unable to survey actual cybersquatters and it’s hard for me to believe that someone who wants a phishing site is going to be deterred by a notice, but better data might convince me otherwise; the point is that making claims about deterrence is simply not supported by the current data.  We were able to survey ordinary registrants and their understanding of the notice was not much better than chance. 

Barnett: there are issues around gaming the register. We want a clean TMCH as much as we want a clean PTO register.  There is a mechanism that allows challenges to records in the clearinghouse—you can challenge a denial if you’re a TM owner, or a third party can challenge [if they learn of it]. If you’re attempting to register in good faith, then there is a mechanism to get that deactivated.

Confidentiality: there’s conflicting views on transparency. The idea of keeping it confidential is important b/c TM owners make strategic decisions. That reflects information from the brand owner; don’t want to provide road map to what gaps exist.

Farley: people monitor other countries’ registration systems for information already. 

[How would this “abuse of transparency” work exactly?  The abuse scenario is that they look at the TMCH, look at the PTO’s registration database, and register the domain names that aren’t in both? There is zero evidence that this is how anyone does anything, and zero explanation how knowing from the TMCH that Coca Cola might possibly consider Coke a more valuable mark than Vault would change anyone’s behavior.  Moreover, trying to register the domain names would itself reveal the relevant information to the putative abuser.]

Phil Corwin, working group co-chair at ICANN.  (1) Confidential, but if I want to know whether ACME has registered, I can simply go during the first 90 days and find out whether it’s recorded.  We suspect that some parties have done that. [So the point of the secrecy is ….?]  We don’t know how many queries were like this. (2) Domain names can be trademarked, as in booking.com.  (3) We are talking here about new gTLD policy not consensus policy: to get that through ICANN you need consensus—unanimous or near-unanimous; 80% support isn’t going to be good enough. [Clarification: consensus policy would mean that Sunrise, Claims, URS would all be applied to every gTLD, including the legacy TLDs like .com.]

RT: [Great points; (3) means that policy decisions made in implementation are likely to stick.]

Q: a brand is not a TM.  Delta.sex isn’t a problem if it isn’t confusing.  You don’t have rights against it even if you don’t like it.

Q from PTO person: GIs are not marks protected by statute/treaty. Way back when, we were thinking about Olympics, Red Cross etc. for those categories.  Has been handed her head for conflating GIs with marks—offends Europeans/WIPO. However, GIs can be protected as trademarks whether unregistered or registered if they are serving as TMs. This is a burning issue for the PTO. We are very concerned that when it says “marks,” “TMCH,” we want to be talking about marks and not GIs.  Is this still on the table with the working group at ICANN?

Q: how does GDPR affect rights protection mechanisms as we revamp WHOIS in a different PDP (policy development group)?

Michael Karanicolas: Manual input has determined some of the content of the TMCH, e.g., inclusion of Christmas and the like. Not a great oversight mechanism, though. Hard to get a broad understanding of how the system is working, which is vital to accountability and overall assessment: is abuse widespread or limited?  Corwin mentioned that if there isn’t consensus the status quo prevails, which is particularly problematic where the implementation drifted from the rules as originally designed, specifically for accepting design marks [and GIs].  Turns the original rules on their head.  Allows beneficiaries to block “consensus” even though that was the original consensus. Leads to larger Qs about ICANN and its role in internet governance. Transparency is fundamental to what ICANN does.  And it’s fundamentally problematic when used to maximize rights beyond what TM would grant (global rights, goods/services).

Wong: Yes, it is under consideration that GIs would be treated differently. Part of our discussions.  “Mark protected by statute or treaty” but the word mark isn’t defined.  May not be about whether something is a GI but whether it is a mark.  [But if GIs are not trademarks … I believe my logic class had something to say about this.]

Barnett: the wording of the claims notice can be improved, we all agree. 

King: “cloud” example—be careful b/c one of the most valuable TMs in the world is Apple.  [Though note it’s not at the top of the list of those queried in the TMCH the way “cloud” is, so a bit of a red herring, no pun intended.]  GDPR makes things a lot harder.

No comments: