By David Buirs, Brand Protection Director for Pointer Brand Protection
In the last two years the American domain registrar GoDaddy has made two important decisions. In 2017, they terminated their services for a neo-Nazi website called The Daily Stormer, and, following a complaint from the Lawyers’ Committee for Civil Rights in 2018, they performed a similar denial service to the Altright.com website. Both websites were hosting content in violation of the company’s terms of service for violent speech.
While GoDaddy did ultimately deny service to these websites, the path to enforcement was not straightforward. Neither of the resolutions were court-mandated, both were achieved through negotiation between service providers and complainants, but also as a result of public pressure. What these cases illustrated was that when properly motivated registrars can take swift and decisive action against users.
Despite this, it’s become common for those working in brand protection to run up against a brick wall, with registrars insisting that they either cannot or will not take action against people selling illegal counterfeits or committing copyright violations.
What are domain registrars and what responsibilities do they have?
Domain name registrars register domain names on behalf of website owners.
What is a website?
It’s a collection of text, images, and formatting which is hosted on the server of a hosting provider. The specific location of that content on the server is designated by an IP address, but, as humans have a hard time memorizing IP addresses, there is a system called DNS that connects more memorable alphanumeric combinations (domain names) to IP addresses. This allows people to enter a domain name into their browser, which then directs them to the right content (website).
In most jurisdictions in the world, registrars are not liable for the content of a website, the hosting providers are. Although there are a few rare cases in which courts have held registrars liable for the content of a website (for example, in cases of notorious torrent websites), mainly the legal responsibility lies with the company that hosts the content.
So, shouldn’t IP enforcement just start with the hosting provider?
Brand owners and service providers do often start the enforcement process by contacting the hosting provider first, yet this does not always solve the problem. In some cases it may lead to cross-jurisdictional issues, especially in cases where a website is selling to consumers in one country but where it’s actually hosted in another country where the brand owner doesn’t have any trademark registrations. In other instances there are issues when hosting providers don’t respond to Cease & Desist letters, or when the hosting provider is located in a jurisdiction that doesn’t provide a legal framework of intermediary liability.
If a hosting provider does remove the content of the website from the IP address then this still may not resolve the issue. The website owner might go to another hosting provider but transfer the same domain name to their new IP address. If, however, a registrar suspends a domain name then anyone typing in that domain name will not be able to visit the website anymore.
Loyal visitors, people who have bookmarked the website, links from search engines, none of that will bring in any more traffic to the website. The website owner can go and register a new domain name, but he will then have to rebuild his search engine rating and a significant part of his clientele. That is why registrars play such an important role in website enforcement. They can suspend the domain name with a click of a button.
For a variety of reasons, many registrars are reluctant to act against websites offering counterfeits.
This is an attitude which is common among large registrars such as GoDaddy and Name.com. Despite their unwillingness to take action, however, they do already have contracts in place between them and the domain owner prohibiting the owner from using their websites for illegal purposes. Doing so gives the registrar the right to suspend the domain name, thereby effectively making the website inaccessible to the public.
For example, Name.com’s (a large US-based registrar) Acceptable Use Policy states:
You affirm and guarantee that you will not use our Services in connection with any
illegal activities or in a manner that violates any applicable local, state, national, or
international laws or regulations.
Content or actions that infringe the trademark, copyright, patent rights, trade secret or
other intellectual property rights, or any other legal rights of Name.com or any third party.
If you are in violation of any of the above provisions or are engaged in any other misleading or
illegal activities, you agree that we may suspend, cancel, transfer or modify your use of
services or individual domain names without prior notice to you.
Even when presented with clear cases where illegal activities are being conducted on websites for which Name.com has registered the domain, the company may acknowledge that the behaviour is in violation of their Acceptable Use Policy but still refuse to take any action. This type of response from registrars is, sadly, all too common.
A Call to Action
Clearly this is a problem that calls for collective action. On behalf of the brands who have their profits and ideas stolen; on behalf of pressed law enforcement officials who don’t have the time or resources to tackle every webshop; on behalf of the buyers who have their money stolen or purchase potentially dangerous fake products, this is a plea to registrars to work with us to take action.
A recent study by the University of Amsterdam revealed that almost one third of all domain names on the Dutch .NL top level domain (the tenth largest TLD in terms of registered domain names) is used for fraudulent activities. Based on our experience, we can say that these numbers are representative for many other top level domains too. All these millions of domain names were registered, on behalf of all types of criminals, by domain name registrars – many of whom are uncooperative.
We are not asking for the closing down of free speech, nor are we asking to police valid content. We are, however, asking all currently uncooperative registrars to work with us to suspend domain names involved in counterfeiting and piracy. Secondly, we are asking that they properly enforce their own terms of service. Registrars should understand they have a responsibility to society and should do their due diligence when it comes to the domain names they register. This doesn’t have to be a manual process as software or AI-enabled systems could easily pick up the bulk of the suspicious domain names by, for example, spotting the incorrect or nonsensical domain owner data which is very common on fraudulent websites.
Another solution could be a trusted flagger system in which brands or service providers report domain names connected to websites that sell counterfeits. With a pre-existing status as a vetted and authenticated expert, the reporting party takes full legal responsibility for the accuracy of the complaints. The registrars will then block those domain names, thereby removing access to the website.
Why Should Registrars Work with Brands to Stop Counterfeiting?
We’re no longer short of evidence; many years’ worth of studies by august bodies including Europol, Interpol, the OECD, and WIPO have consistently and reliably shown that counterfeiting and the black market economy:
- Cheat businesses
- Defraud consumers
- Circulate harmful and potentially deadly products
- Damage taxation revenues
- Fund organized crime
- Are linked to terrorism and human trafficking
The established dangers are very clear at this point. To shy away from them is not just a failure of businesses to act, it’s a dereliction of an ethical need to treat other people as we ourselves would wish to be treated.
Industry and enforcement must collaborate to reduce global counterfeiting by using the expertise of brands and brand protection providers alongside the enforcement power of the tech companies.
Without having to limit freedom of speech, or create a lot of additional work for all parties involved, together we can make a better, safer internet.