As many of you will have garnered from reading the commentary on this site, the majority of disputes that come before Panelists such as myself are governed by ICANN’s Uniform Domain Name Dispute Resolution Policy (UDRP). Implemented at the turn of the century, the UDRP provides a comprehensive and effective framework for resolving domain name disputes and tackling abusive cybersquatting.
The UDRP is used when determining disputes over generic top-level domains (gTLDs), such as .com, .net and .org, and also, nowadays, disputes over domain names issued under the range of the hundreds of new Top Level Domain, like .club, .amazon, and .travel.
Whilst these make up a majority of cases, disputes also arise over country-code top-level domains (ccTLDs), they being domains established and governed by country-specific regulatory bodies (such as .co.uk, .com.au and .ca). Countries have leeway in determining how to resolve their own ccTLD disputes, and many incorporate the UDRP partially or entirely into their respective policies.
THE CANADIAN POLICY
One noteworthy policy is the Canadian approach to resolving disputes over domain names issued under the .ca ccTLD, as laid out in the Canadian Internet Registration Authority (CIRA) Domain Name Dispute Resolution Policy ( "the CIRA policy") against abusive cybersquatting, which largely draws from the UDRP and is consequently similar to it, but with a few exceptions.
Here are some examples of the differences.
For instance, on the three requirements or the three elements as they are often referred to in the context of the UDRP:
The UDRP stipulates that to prove cybersquatting, confusing similarity, the respondent’s lack of rights and bad faith registration and use are the three requirements for bringing a successful Complaint under the UDRP. Under the CIRA Policy, essentially the same elements must be proved, but there are some differences of emphasis. For a start, take a look at the requirements for a successful CIRA complaint.
THE CANADIAN PRESENCE REQUIREMENTS
At the outset, it must be said that there is a big difference between the UDRP and the CIRA policy on who can file or bring a claim. This is called a standing requirement, a requirement to give a party standing before a tribunal. Any party, such as a company, may bring a claim under the UDRP provided it has a trademark or service mark. The requirement of a trademark is true also of the CIRA policy, but there is an additional requirement in that case, namely that the Complainant must meet CIRA’s Canadian Presence Requirements.
The essence of the Requirements is that the Complainant must have a presence in Canada. The requirements must also be met to register a .ca domain name. The link between the two is probably that as the end objective of a domain name proceeding is to have the domain name transferred to the Complainant, it could hardly be transferred to a party that could not be the registrant of the domain name. A Canadian citizen or Permanent Resident or a Canadian company has a Canadian Presence, and there are some other criteria which will meet the test. If the party does not meet one or other of them, it will still qualify if it holds a registered Canadian trademark; but then it may only register a domain name which is the exact word component or exact match of its trademark. Suffice to say that the Requirements are a feature of every Canadian domain name case, particularly where a US company is making a claim in Canada, although it would usually have a Canadian trademark if trading in Canada. Thus evidence is important, as it always is.
PROOF OF TRADEMARK
Under the UDRP, the Complainant must prove that it has a trademark, or its cousin, a service mark. This is also called a "standing requirement", because it gives the Complainant the standing or right of audience to bring the Complaint[1]. The trademark may come into existence at any time, before or after the domain name is registered.
Under the CIRA Policy, the Complainant must have a trademark, but not any old trademark. The trademark must be one in which the Complainant had rights prior to the date on which the domain name was registered and one in which the Complainant "continues to have such rights". This latter requirement presumably means that the Complainant must still own the trademark on the date when the Complaint was filed.
Having established the trademark, the next step is to show that the domain name being sought in the proceeding is, under the UDRP, identical or confusingly similar to the trademark that the Complainant relies on, or, under the CIRA Policy, confusingly similar to the trademark. That, of course is a difference between the two policies. Under the CIRA policy, it will not be enough to show that the domain name is identical to the trademark; even if it is, the Complainant must go further and show that the domain name is also confusingly similar to it.
RIGHTS AND LEGITIMATE INTERESTS
Rights and legitimate interests under the UDRP probably blur somewhere in the middle. This may be why the Canadian policy requires the Complainant to prove "only" that the Respondent, called the registrant in the CIRA policy, has no legitimate interest, whereas the UDRP requires proof that the registrant does not have either a right to register the domain name or a legitimate interest in it.
The CIRA Policy, like the UDRP, sets out some non-exclusive criteria that will prove a legitimate interest. Some of the criteria have echoes of the UDRP, but some are different. The "commonly known" criterion is in both policies, more or less. So is the non-commercial criterion, more or less. The Canadian policy also has a useful criterion for where the domain name is descriptive of goods or services and another one for where the domain name is generic of goods or services. There is also a specific criterion for where "the domain name was the geographical name of the location of the Registrant’s non-commercial activity or place of business.” But all of these clauses must be read closely!
BAD FAITH
There is a substantial and important difference in how the UDRP and the CIRA policy deal with the requirement to prove bad faith. It is important because on one view bad faith is what all domain name dispute resolution policies are all about.
Whilst the UDRP requires both bad faith registration and bad faith use to satisfy this third requirement, the CIRA policy requires only bad faith registration. It is worth noting here that under some other ccTLD dispute policies, such as in Australia and also under the EU Policy for .eu domain names, this requirement can be satisfied by proving either bad faith registration or bad faith use.
It is all a matter of opinion of course, but when you come to think of it there is a lot to be said for the Canadian approach, as the important question to be asked is: what did the registrant of the domain name actually do at the most important time, namely when he or she registered the domain name? And why? What was the motivation behind registering the domain name?
Even so, we should always remember that in a case under the UDRP, the Complainant must prove both that the registrant (the Respondent) registered the domain name in bad faith and that it has since used it in bad faith. This is doubly hard for a Complainant to do. Many a case has been lost because the Complainant has not been able to do this. But, as the philosopher said, that's life.
We have discussed before, the consequence of such a distinction. Theoretically, under the UDRP, a respondent could register a domain name in bad faith yet leave it idle or not do anything adverse to the interests of the Complainant trademark owner, except hold onto it; in such a scenario, the third requirement will not have been made out, for lack of bad faith use. The complaint will not have succeeded. In practice, it is not particularly common under the UDRP to find that a registrant has registered a domain name in bad faith and used it in good faith. It is more likely that the registrant will have done nothing with the domain name other than sit on it. Here, there is an interesting development of practice under the UDRP, where it is said that doing nothing with a domain name may amount to bad faith use, but we will not get into that issue at this stage.
It is more likely, in cases under the UDRP, that the registrant will have registered the domain name in good faith ,but later engage in bad faith conduct. Say, for example that the Respondent registered a harmless generic name, <sunshine.com> and uses it to link to websites advertising solar panels from which it earns pay-per-click revenue. That all sounds quite legitimate. Five years later, he hits the jackpot, because a new company is formed called Sunshine Mines, which then strikes gold. Suddenly everyone, particularly the registrant, is interested in <sunshine.com>. The registrant changes the contents of its website, so that it now advertises gold mining equipment and it also writes to Sunshine's rival, Moonshine Mines, offering to sell the domain name to it for a very large sum of money. You might argue that there was bad faith use, but there was no bad faith registration and that therefore the registrant should win. This type of situation often arises.
If the domain name were <sunshine.ca> and a claim were made for it under the Canadian policy, the Complainant would also fail if it could prove only bad faith use. If it proved bad faith registration, and only that, it would succeed.
If, say, the domain name were <sunshine.com.au>, it would be sufficient for the Complainant to prove only bad faith use, as the Australian auDA policy expresses the bad faith requirement that:[2]
“(iii) your domain name has been registered or subsequently used in bad faith.”
This is not the case under the CIRA policy, which states[3] simply that:
“the Registrant has registered the domain name in bad faith as described in paragraph 3.5.” It must be shown that the domain name was registered in bad faith.
Similarly, under the CIRA policy, if a .ca domain name is registered in good faith but used later for bad faith purposes (such as redirecting traffic from a competitor), then any complaint against it could not succeed. In such a scenario the outcome would not greatly differ from a similar UDRP procedure, but such a complaint may have legs under other ccTLD dispute regimes if the domain name had been registered under one of those regimes.
WHAT HAS TO BE PROVED
The CIRA policy has an interesting provision relating to proof. Paragraph 4.1 puts the onus of proof on the Complainant to prove all three elements on a balance of probabilities. It might be a tautology also to provide, as it does, that the Complainant must provide “some evidence” of each of the three elements, as the Complainant will not get far if it provides ”some” evidence, but not enough to prove each of the three elements. But the interesting part of the paragraph is the balance, which provides:
“Even if the Complainant proves (a) and (b) and provides some evidence of (c), the Registrant will succeed in the Proceeding if the Registrant proves, on a balance of probabilities, that the Registrant has a legitimate interest in the domain name as described in paragraph 3.4.”
The best policy would be for a complainant to concentrate on proving all three elements and for a registrant to argue that, at best, the complainant has only proved the first and second elements, but provided only “some” but not enough evidence on the third element (legitimate interests) and then to try to prove that it has a legitimate interest in the domain name.
PAYING THE PRICE FOR RDNH
Many commentators on this subject lament the inability of UDRP providers to attach financial penalties to findings of Reverse Domain Name Hijacking. However, one handy element of the CIRA policy that is sure to please otherwise disgruntled registrants is that if a Complainant is found, on a balance of probabilities, to have abused the process then it may be ordered to pay up to CAD$5,000 to the Respondent towards any costs incurred in the proceedings.
This is because unlike the UDRP, CIRA deals exclusively within the Canadian jurisdiction and therefore it has the capacity to chase up any debts incurred. This is an important feature of the CIRA policy that UDRP providers lack, due to their international operations – it is not easy to chase up $5000 from an abusive Complainant halfway across the world!
NOW FOR SOMETHING COMPLETELY DIFFERENT.
For more information on my involvement with Canadian dispute resolution, feel free to read about my recent appearance at a webinar organised by the Canadian International Internet Dispute Resolution Centre (CIIDRC), an already accredited provider under the CIRA and newly accredited provider under the UDRP. HYPERLINK to the piece about CIIDRC.
[1] There is a lot of debate about whether this should be the requirement. But the point is that it IS the requirement. Not all policies have that requirement. For instance, under the Australian policy, the Complainant need only prove that it has a name. [2] https://www.auda.org.au/policies/index-of-published-policies/2016/2016-01/ [3] https://www.cira.ca/policy/domain-name/cira-domain-name-dispute-resolution-policy