Registering Your Domain Name and Ensuring Security
The following is a presentation given by Charles Webster at the Cyberlaw 2 conference held in Johannesburg on 15 March 2001.
For purposes of this presentation the most important legal issue in establishing and running your website revolves around the name for your website, more particularly the Internet Domain Name. The speed with which the Internet and e-commerce have developed has changed the way we manage our businesses and the way we communicate with clients or customers. However, we must never loose sight of the basic principles of a brick and mortar business or the basic legal principles, be they the laws of contract or trade marks.
While experiences show that trade mark law is wanting in its ability to police all forms of Internet uses and abuses, from cybersquatting to typosquatting and metatagging if one reviews the cases, in particular the wealth of cases in the USA, it is remarkable how effective trade mark law has proven to be in combating the worst evils on the Internet.
Differentiating Between Domain Names and Trade Mark Registrations
What is a Trade Mark?
Section 1 of the Trade Marks Act 194 of 1993 states that a trade mark is ‘a mark used or proposed to be used by a person in relation to goods and services for the purpose of distinguishing the goods or services in relation to which the mark is used or proposed to be used from the same kind of goods or services connected in the course of trade with another person.’
A "mark" is furthermore defined as ‘any sign capable of being represented graphically including a device, a name, signature, word, letter, numeral, shape, configuration, pattern, ornamentation, colour or container for goods or any combination of the aforementioned.’
The most important aspect of a trade mark is the fact that it must be capable of distinguishing. In determining whether a trade mark is capable of distinguishing, in particular where the mark is a normal English word, one must consider the specific goods or services in respect of which it is sought to be registered. For example BICYCLE is an excellent trade mark for playing cards but is no good as a trade mark for two wheeled modes of transport. If one walks into a greengrocer and asks for an apple one will expect to get a fruit, but if one walks into a computer store and asks for an APPLE one will not get just any computer.
While a trade mark includes a device, ornamentation or any form of visual features which can be graphically represented, when one considers the implications of trade mark law on the Internet one generally concentrates on normal word or alphanumerical marks which form part of a domain name.
The Trade Marks Act defines precisely what a trade mark is and there is a wealth of case law supporting these definitions. For present purposes we should simply stress that a trade mark must be capable of distinguishing and may not consist exclusively of a sign or indication which may serve in trade to designate the kind, quality, quantity, intended purposes, value, geographical origin, or mode or time of production of the goods or services covered by the trade mark.
A person acquires a trade mark by selecting a particular distinctive name and then applying for registration of that name at the Trade Marks Office. The Registrar requires the following information:
- A representation of the trade mark.
- The goods and/or services in respect of which it is used or proposed to be used.
- The trade mark proprietor’s name and physical address.
- An address for service - to which all official documents will be sent.
- A statement of intention to use the mark.
The Registrar of Trade Marks then satisfies himself that the trade mark is distinctive and does not conflict with any prior rights of other trade mark proprietors and, assuming all is well, issues the certificate of registration.
Once registered the trade mark proprietor acquires certain rights, the most important of which are:
- The right to prevent any third party from using the same or a confusingly similar trade mark in relation to the same or similar goods or services in respect of which the trade mark is registered. Where the registered trade mark constitutes a well known trade mark arising out of considerable use then the proprietor can prevent use by a third party even in the absence of confusion or deception (commonly referred to as the dilution of a trade mark).
- The proprietor cannot be sued for trade mark infringement arising out of its use of its own trade mark.
The Register of Trade Marks is a directory which is open to public inspection giving details of the scope and ownership of the monopoly trade mark rights acquired by the trade mark proprietor. It is possible to inspect the register not only for the identical mark but also a mark confusingly or deceptively similar thereto. Over the years the courts have formulated the tests for determining what two trade marks are likely to cause confusion or deception should they be used by different proprietors.
While there is a degree of artificiality in these tests the system is certainly vastly more sophisticated than and superior to the position with domain names where cocacola.co.za can co-exist with coca-cola.co.za.
There is no link between the register and actual commerce in the sense that the Registrar of Trade Marks does not in any way police what is happening in the market place. His only policing function in this context is to ensure that any new trade mark application which might be filed does not conflict with any rights already existing on his register. The ´first come, first served´ principle is accordingly a cornerstone of trade mark law but exceptions to this principle have been introduced.
A trade mark is also strictly a territorial right; The Registrar in determining whether a trade mark is registrable and the courts in determining the enforcement of a trade mark are only concerned with the situation within the borders of South Africa. A trade mark proprietor wanting a form of international registration must acquire trade mark rights in all of the countries in which it intends doing business.
What is a Domain Name?
The Internet can be described as an enormous computer network that connects millions of computers globally and provides world-wide communications to businesses, homes, schools and governments. It began in 1969 as a research project of the United States Department of Defence, known as the Advanced Research Projects Agency Network (ARPANET) and it is interesting to note that it was deliberately designed with no central office as Internet designers were told to think of the possible consequences of a nuclear attack. The consequences of this lack of centralisation have been uncontrolled growth. Nothing can stop anyone from adding a new computer or LAN (Local Area Network) to the Internet.
The computer networks are connected by a set of software protocols which represent standards whereby data can be exchanged through the Internet. Any computer connected to the Internet must have a unique Internet Protocol (IP) address to enable data and messages to be sent to and from it. The IP addresses consist of unique strings of numbers and domain names serve as word equivalents for these addresses which are user-friendly and easy to remember. The Domain Name System or DNS translates the domain names into IP addresses.
Thus a domain name operates as an address on the Internet and a business’ cyber presence therefor starts with its domain name. Given the unstructured nature of the Internet, it is vital marketing strategy to obtain an easily ascertained domain name as it is a common practice of Internet users to guess at a company’s Internet location by typing in the name of the company. This practice of guessing at domain names indicates that a domain name, like a trade mark, is an important and valuable corporate asset and identifier.
Domain Names Consist Primarily of the Following Two Elements:
Top Level Domain (TLD): Domain names are effectively read by computers from right to left, from the most general part of the name on the far right, to the most specific part on the left. The first level on the right is known as the Top Level Domain. Primarily there are two types of TLDs namely international or generic TLDs (gTLDs) and country code TLDs (ccTLDs).
The ccTLDs indicate the country covered by the domain name. Initially and for historic reasons there were only gTLDs, such as “.com” , “.net” and “.org”, which simply described the type of entity. For this reason, USA domain names exist without any country code. Although predominantly used by USA bodies, these gTLDs are also available to be registered by any entity in the world. In the example microsoft.co.za, the “.co” is the gTLD, which is the descriptive element denoting the word “commercial” and the “.za” is the cc TLD which indicates South Africa.
Second Level Domain (SLD): In the example microsoft.co.za, Microsoft is the SLD which is commonly referred to as the domain name and often corresponds with the owner’s trade mark or trading name.
It is at the SLD level that most conflicts between domain names and Trade Mark law occur. As long as there is a single character difference between one domain name and the other, the addresses are entirely distinguishable from each other and can co-exist.
From the computer’s perspective cocacola.com is as different to coca-cola.com as it is to pepsicola.com. There is accordingly no technical reason why the domain names cocacola.com and coca-cola.com cannot co-exist as domain names and be owned by entirely different and competing entities. From a trade mark perspective this is clearly untenable.
The only immutable rule with domain names is that no two names can be identical. As these names are allocated on a “first come, first served” basis the risk for confusion in the trade mark or commercial sense is great and this is why, when trouble has occurred, more often than not the complainant has relied on the tried and tested principles of trade mark law. Before we consider how this works in practice I set out below the relevant procedure for securing “.co.za” and “.com” domain names.
Securing a “.co.za” Domain Name
In South Africa, the “.za” domain is administered by UNINET, which was designated by IANA (Internet Assigned Numbers Authority), a US government funded body. (IANA was later replaced by ICANN). The most commonly used Top Level Domain in South Africa (probably in Africa) is “.co.za”, which is administered by UniForum SA (Proprietary) Limited, a non profit organisation (Section 21 company). ".co" is a descriptive element denoting the word “commercial” or “company” and is mainly used for the registration of commercial domains in SA.
Requirements for a “.co.za” Registration:
- No more than 30 of the following characters may be used: letters of the alphabet (A-Z), the numbers (0-9) and the hyphen (-). In order to see whether a domain name is available search the “.co.za” register by clicking on WHOIS SERVER and pressing enter. If no prior name appears the name is available.
- Contact details for the domain name owner, the administrative contact, and the technical contact for the domain name are required.
- A presence in SA is not required and any person/company in the world may apply.
- An agreement is entered into directly between the registrant and UniForum SA.
There is no Act or Regulations analogous to the Trade Marks Act to monitor the registration process. However, Uniform’s Terms and Conditions do apply and the most important provisions are set out below:
1. The applicant must warrant that:
- it has the right without restriction to use and register the domain name;
- it has a bona fide intention to use the domain name on a regular basis on the Internet;
- the use or registration of the domain name does not or will not interfere with, nor infringe the right of any third party in any jurisdiction with respect to a trade mark,
- service mark, trade name, company name, close corporation name, copyright or any other intellectual property right; and
- it is not seeking to use the domain name for any unlawful purpose whatsoever, including, without limitation, unfair competition, defamation, passing off or for the purpose of confusing or misleading any person.
2. The Applicant must also agree that UniForum SA shall have the right to withdraw the domain name from use and registration on the internet:
- in the circumstances contemplated in clause 3 of UniForum’s Terms and Conditions;
- should UniForum receive an order by any competent court having jurisdiction that a domain name rightfully belongs to a third party or infringes a third party’s rights;
- should applicant breach any other provision of this agreement and fail to remedy such breach within 14 days of receiving written notice from UniForum calling upon it to do so; and
- should applicant not make regular use, as determined by UniForum in its reasonable discretion, of its assigned domain name for a period of ninety days or more.
3. Clause 3 of Terms and Conditions deals with fees. According to this policy UniForum may de-register a domain name should the applicant fail to pay its registration fees within thirty days of submitting its application. However, they are not obliged to exercise this right. Instead they allocate invoice counts. If you register a domain name today an invoice will be sent to you and the invoice count will be reflected as Statements are sent out each month for outstanding payments. If the invoice count reaches 4 the domain will be suspended and this will disable your website and e-mail address. If payment is still outstanding and the invoice count reaches 7, UniForum will delete it automatically. UniForum has recently made a schedule available indicating when invoices will be sent out and when names will be deleted/suspended. This schedule, however, is subject to changes.
4. UniForum is not obliged to act as an arbiter of disputes arising of the registration of a domain name.
Securing a ".com" Domain Name
According to a recent e-publication close to 2 million “.com” or "dot com" domain name has been registered which makes “.com” the most popular TLD by far.
Originally Network Solutions Inc (NSI) was the only registrar authorised to provide for registration of “.com”, “.net” and “.org” domain names under contract of the US government. In its 5 June 1998 statement of policy on the Management of Internet Names and Addresses (the White Paper), US government called for the privatisation of the DNS (Domain Name System). The idea was to allow for the development of robust competition and to facilitate global participation in the management of Internet names and addresses. The White Paper resulted in the formation of ICANN (Internet Corporation for Assigned Names and Numbers) created by the US Department of Commerce in 1998. ICANN is a California non-profit public benefit corporation.
In terms of its articles of incorporation and by-laws, its stated business purpose is to:
- co-ordinate the assignment of Internet technical parameters as need to maintain universal connectivity on the Internet;
- perform and oversee functions related to the co-ordination of the Internet Protocol (IP) address space;
- perform and oversee functions related to the DNS, including the development of policies for determining the circumstances under which new top-level domains are added to the DNS root system;
- oversee the operation of the authoritative Internet DNS root server system; and
- engage in any other related lawful activity in furtherance of the previous four items.
◦best practices for registration authorities;
◦administrative procedure concerning abusive domain name registrations;
◦exclusions for famous and well-known marks; and
- Panavision owned the trade mark PANAVISION in America for theatrical motion pictures and television camera and photographic services. One Mr. Toeppen registered a domain name panavision.com and when Panavision requested that he relinquish the name he demanded US$13 000.00. His website displayed an aerial view of Pana, Illinois. Mr. Toeppen’s conduct was also found to be far from benign as he had registered hundreds of domain names utilising well known trade marks. The court had little difficulty in finding for Panavision.
- The defendant Abir, registered a domain name toysareus.com and offered to sell it to the plaintiff, owner of the famous TOYS R US store chain. In Abir’s first approach to the plaintiff it chastised the plaintiff for its foolishness in not registering the toysareus.com domain name, and in the second Abir advised that it had contacted Chinese toy companies and commenced negotiations with them for the name unless the plaintiff purchased the name from it. Once again the court had little difficulty in finding for the plaintiff.
- The defendant registered domain names like post-it.com, post-its.com and ipostit.com all of which infringed 3M’s registered POST-IT trade marks. In finding for 3M the court noted the strong public interest in preventing misuse of the Internet.
- The Washington Post found itself affected by typosquatters who registered the domain name washintonpost (the defendants omitted the letter "g") and displayed pornographic materials on the corresponding website. The court had no difficulty in determining that this conduct tarnished and therefore diluted the plaintiff’s WASHINGTON POST trade mark.
- Yahoo found itself at the receiving end of typosquatters who had registered domain names containing variations of Yahoo such as yaholigans.com and yahholigans.com - linking these to the defendant’s websites which contained a loop of pornography. The court was quick to grant relief noting, in particular, persuasive evidence of e-mails received by Yahoo from angry parents and teachers whose children or students mistakenly reached the pornographic websites.
- Volkswagen objected to the registration by Virtual Works of the domain name vw.net. In finding for Volkswagen and actively applying the ACPA the court found:
ICANN also called upon WIPO (World Intellectual Property Organisation) to develop a process designed to culminate in recommendations concerning domain name issues to be submitted to ICANN. This process resulted in the 30 April 1999 WIPO Final Report containing recommendations generally to:
One of the first actions taken by ICANN was the introduction of competition among registrars. However, numerous new registrars providing competing registration services led to more uncertainty concerning intellectual property rights.
The most significant action that has been taken by ICANN is the adoption of a mandatory dispute resolution procedure concerning cases of bad faith domain name registrations. The policy was defined in October 1999 and is called ICANN’s Uniform Domain Name Dispute Resolution Policy (UDRP). It is an international dispute resolution procedure which enables trade mark holders to challenge the registrant of an Internet domain name. If the challenge is successful the challenger gains control of the name. UDRP is widely acknowledged to be "a unique experiment in the globalisation and privatisation of intellectual property protection".
Its core objectives are to:
- create global uniformity i.e. to eliminate variety and competition amongst the jurisdictions and rule sets applied to domain name - trade mark conflicts;
- reduce the cost of resolving disputes; and
- be aimed at the most egregious types of cybersquatting, leaving other disputes to the courts.
The UDRP is not designed to replace courts or to be the ultimate arbiter of name rights on the global Internet and does not aim to replace national laws with global law.
In order to achieve uniformity and lower costs, ICANN has leveraged the centralised monopoly and monopolistic nature of access to the domain name root. Consequently, no business can sell name registrations in the ´.com´, ´.net´ and ´.org´ domains without being accredited by ICANN. These domains constitute about 65 percent of all registrations world-wide. All “.com”, “.net”, “.org” domains must therefore adopt the UDRP as their dispute procedure before they be accredited by ICANN. An accredited registrar is contractually bound to submit to arbitration under the UDRP.
Besides the said gTLDs, there are 245 other TLDs known as ´country codes´. Some country code administrators have voluntarily adopted the UDRP. New gTLDs which will be introduced by ICANN this year will also be subject to the UDRP. All in all, about 70 percent of the world’s domain name registrations now fall under the jurisdiction of the UDRP. The UDRP is incorporated by reference into every registrar’s registration agreement.
Combatting the Scourge of Cybersquatting
One of the wonders of the Internet has been the inventiveness of the names given to Internet practices - cybersquatting sounds so much more 21st Century a domain name piracy or name grabbing. Whatever name you give to the particular conduct there is always one common thread - the unauthorised use of a name, typically a trade mark, on the Internet. While such use as a second level domain is the most common and most easily identifiable, use can also take place within a website.
As indicated above no two domain names can be identical. Accordingly any party who wishes to ensure that a third party does not cybersquat its trade marks can block all such efforts by registering all its trade marks as domain names.
However, this is easier said than done. Apart from the difficulty of covering all country top level domains it is practically impossible to cover all variants of the name. This problem is not experienced with a trade mark registration because of the significant difference between domain names and trade marks whereby a registered trade mark secures protection not only for the identical mark as registered but any mark confusingly or deceptively similar thereto. The registered trade mark COCA COLA would bar use of any of the following variants:
KOCA COLA, KOKA COLA, COCA KOLA, and KOKA KOLA for example.
There is a wealth of trade mark law, in South Africa and internationally, which stipulates what constitutes a confusingly or deceptively similar trade mark. This form of umbrella protection around the name, together with the effective remedies for trade mark infringement, result in a registered trade mark being the most effective tool in combating cybersquatting. Of course it is not a prerequisite in trade mark law to obtain a registration because the common law rights arising out of use do give the trade mark proprietor a cause of action based on the common law of passing-off. However, the ease with which one can prove one’s rights and the efficiency of enforcing one’s rights is much greater in the case of trade mark infringement than passing-off.
The aforementioned statement is best illustrated by reference to some cases involving cybersquatting.