Domain Name News: July/August 2025

• Domain name industry news
  • GAC urges action on DNS abuse policy before next round of new gTLDs
  • DNS.PT strengthens the fight against online child sexual abuse
  • Spain on the front foot for combatting cybercrime
• Domain name recuperation news
  • Lack of acquired distinctiveness sinks UDRP Complaint
  • Timing is crucial in UDRP disputes
  • Band name beats trade mark in domain dispute

For earlier Anchovy News publications, please visit our Domain Names practice page. Learn more about Anchovy® - Global Domain Name and Internet Governance here.

Domain name industry news

GAC urges action on DNS abuse policy before next round of new gTLDs

At the recent ICANN meeting in Prague, the Government Advisory Committee (GAC), a body that represents the “voice of Governments and Intergovernmental Organizations (IGOs) in ICANN's multistakeholder structure”, called upon ICANN to undertake urgent policy development on DNS (Domain name System) abuse before new strings are added to the DNS subsequent to the next round of new generic Top Level Domains (gTLDs).

In the Consensus Advice section of its Communiqué issued at the June 2025 ICANN meeting, the GAC urged the Generic Names Supporting Organization (GNSO) Council of ICANN to take the steps necessary for “starting targeted and narrowly scoped Policy Development Processes (PDPs) on DNS Abuse issues, prioritizing bulk registration of malicious domain names and the responsibility of registrars to investigate domains associated with registrant accounts that are the subject of actionable reports of DNS Abuse.”

This work is seen as being all the more urgent in view of the fast-approaching next round of new gTLDs, set to open in April 2026.

The GAC Advice states that “further work on DNS Abuse is needed to stem the increasing cost to the public of phishing, malware, botnets, and other forms of DNS abuse” and, while it affirms that it appreciates “the wealth of proposals for further policy work recently expressed by different parts of the community and maintains they all deserve attention”, it “encourages progress on commencing narrowly-scoped PDPs” by ICANN in relation to crucial issues, such as the malicious use of bulk domain name registrations, before the next ICANN meeting.

Registrars that offer bulk domain name registrations, along with those that offer either free, or very low-cost registrations, have long been recognised as hubs for phishing, spam and bots. As reported in our article in the June issue of Anchovy News covering the release of the Inferential Analysis of Maliciously Registered Domains (INFERMAL) Report, “each dollar reduction in registration fees corresponds to a 49% increase in malicious domains.” That report also found that registrars with APIs that enable bulk, automated domain name registration and configuration are particularly vulnerable to malicious registrations and suggested that API access should be restricted to “known, vetted users” in order to mitigate this problem.

It will be interesting to see whether the progress on policy development urged by the GAC can be achieved before the next ICANN Meeting in October 2025.

For more information, please contact David Taylor or Jane Seager.

Back to the top

DNS.PT strengthens the fight against online child sexual abuse

The DNS.PT Association, the Registry responsible for running the .PT country code Top Level Domain (ccTLD) for Portugal, has recently announced that it has joined the Internet Watch Foundation (IWF), a globally recognised organisation leading efforts to combat online child sexual abuse.

The IWF is an independent, non-profit organisation founded in 1996 to provide a confidential hotline for the public and IT professionals to report potentially criminal online content. Working in partnership with entities across the private, public, and non-governmental sectors, the IWF serves as a 'notice and takedown' authority for illegal online material, with a particular focus on child sexual abuse imagery.

By joining the IWF, DNS.PT will have access to critical tools and expertise in the fight against Child Sexual Abuse Material (CSAM). One of these tools is “Domain Alerts”, a real-time notification system that will inform DNS.PT whenever confirmed child sexual abuse images or videos are discovered on websites using .PT domain names. This will enable immediate action, such as suspending domain names and removing illegal content at the request of law enforcement. When such content is identified, DNS.PT is expected to promptly inform the appropriate authorities and take necessary action, including sharing domain name holder information or suspending the domain name when required.

DNS.PT will also use the “TLD Hopping List”, another essential IWF service. This tool helps combat a common tactic used by offenders which is re-registering abusive domain names under different Top Level Domains (TLDs) after takedown. Indeed when a domain name is suspended, website owners often attempt to retain their visibility and market position by re-registering the same recognisable string under a different TLD. This strategy allows users to easily relocate the website following a takedown. The list tracks domain names with a history of abuse that have migrated between TLDs, which will enable DNS.PT to stay ahead of these attempts and block repeat offences. This proactive approach aims to disrupt the exploitation of legitimate services, protecting the public from further harm.

Through its collaboration with the IWF, DNS.PT aims to reinforce its commitment to online safety and child protection, while actively contributing to the global effort to eliminate child sexual abuse material from the Internet.

For more information on the registration or recuperation of domain names under .PT, please contact David Taylor or Jane Seager.

Back to the top

Spain on the front foot for combatting cybercrime

Recent studies have shown a general increase in cybercrime and especially in “credential phishing”, a concerning trend for both security professionals and Internet users. It seems that this trend is particularly increasing with domain names registered under .ES, the country code Top Level Domain (ccTLD) for Spain.

Cybersecurity experts have recently identified a massive rise in malicious campaigns originating from the .ES namespace, taking it to third place in the rankings of the most exploited Top Level Domains (TLDs), behind .COM and .RU (for Russia). According to Cofense, a company specialising in providing solutions against phishing, the misuse of the .ES ccTLD began increasing in January, and by May, 1,373 subdomains across 447 .ES domain names were already found to be hosting harmful webpages.

Cofense found that cyberattacks targeting .ES domain names predominantly revolve around credential phishing, which is a type of online scam whereby cybercriminals devise tricks to gain one type of valuable information: username and password combinations. Once they obtain this information from their targets, cybercriminals are able to access their online bank accounts, shopping website accounts, online tax forms, etc.

There are two common ways a cybercriminal might try to steal online account credentials. The first way is through a phishing attempt that asks specifically for usernames and passwords. They may impersonate a person or organisation with authority, such as the target’s employer, a bank representative, or a government organisation. Phishing attempts often threaten dire consequences if targets do not reply promptly and so it is therefore essential to be attentive when receiving emails, texts, and social media direct messages that are marked as urgent. The second way is through fake login pages. Targets may be redirected to a fake login page after clicking on a malicious link hidden in a phishing message or on a malicious website, leading to their real login details being sent straight to scammers.

Cofense did not speculate on why .ES domain names have become a popular target for cybercrime but noted that, aside from .COM and .RU, targeted TLDs tended to vary on a quarterly basis. However the persistent nature of these phishing campaigns suggests that malicious .ES websites may remain a threat at least for the time being.

The Spanish government has introduced a draft cybersecurity law in order to implement the EU NIS2 Directive, which introduces new rules to advance a high common level of cybersecurity across the European Union. It also strengthens cybersecurity requirements for medium-sized and large entities that operate and provide services in key sectors.

It is interesting to note that generally, ccTLDs like .ES are among those that are the least targeted by cybercriminals due to stricter registration rules and restrictions against bulk domain name registrations, making them less attractive for mass exploitation compared to TLDs with no restrictions. Besides .COM, the TLDs that came out on top of the pile in 2024 for cyberattacks include .ZIP, .TOP or .XYZ because they are cheap and very easy to obtain, as well as .CN (for China) which is popular with fraudsters.

For more information, please contact David Taylor or Jane Seager.

Back to the top

Domain name recuperation news

Lack of acquired distinctiveness sinks UDRP Complaint

In a recent decision under the Uniform Domain Name Dispute Resolution Policy (UDRP) before the World Intellectual Property Organization (WIPO), a Panel denied the transfer of the domain name <divebuddyapp.com>, finding that the Complainant had failed to establish trade mark rights for the purposes of the UDRP, and also noting that there was insufficient evidence of bad faith registration and use.

The Complainant, Davis Companies Inc., was the owner of a trade mark in DIVE BUDDY, registered on the Supplemental Register in the United States since 20 January 2009 in respect of Internet based social networking, introduction and dating services in International Class 45.

The Respondent, an individual, had incorporated a company called Dive Buddy Limited in May 2023 in the United Kingdom and registered the disputed domain name on 29 July 2024. It had also applied for a UK trade mark, although this was opposed by the Complainant. The Respondent had also launched a website under the disputed domain name to promote a mobile app designed for divers. The website offered features including dive site discovery, diver networking, booking tools, and merchandise sales. The app itself was still under development at the time of the filing of the Complaint.

To succeed under the UDRP, a complainant must satisfy all three elements:

1. the domain name is identical or confusingly similar to a trade mark in which the complainant has rights;
2. the respondent has no rights or legitimate interests in the domain name; and
3. the domain name has been registered and is being used in bad faith.

The first element first requires the complainant to show that it has valid trade mark rights. While the Complainant did hold a registration for DIVE BUDDY, the Panel emphasised that registration on the United States Supplemental Register, rather than on the Principal Register, did not in itself establish trade mark rights for the purposes of the UDRP. Panels have consistently recognised that mere registration on the Supplemental Register does not confer trade mark rights for the purposes of the UDRP. It is necessary to show that such trade marks have acquired secondary meaning or distinctiveness, see WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition, (“WIPO Overview 3.0”), section 1.2.1.

Evidence demonstrating secondary meaning may include sales figures, advertising efforts, consumer surveys, or third-party recognition. Despite asserting that its trade mark had been used in commerce since 2006, the Complainant did not provide any supporting evidence, neither in the initial Complaint nor in a later unsolicited supplemental filing. The Panel therefore concluded that the Complainant had failed to establish the existence of relevant trade mark rights.

Given that the Complaint had failed on the first element, it was unnecessary for the Panel to make a finding on the second and third elements. However, the Panel noted that the Complainant would likely also have failed to establish bad faith registration and use under the third element.

The Respondent credibly denied knowledge of the Complainant or its trade mark prior to receiving a cease-and-desist letter in April 2025, some nine months after registering the domain name and nearly two years after incorporating Dive Buddy Limited. On the available record, the Panel saw no reason to reject the Respondent’s assertions. The Panel also found that “dive buddy” was a descriptive term that aptly referred to the subject matter of the Respondent’s services, namely, a diving app or platform for divers to connect. In the absence of evidence that the Complainant’s trade mark was well known or distinctive, it was not unreasonable for the Respondent to adopt the name without knowledge of the Complainant. The Panel noted that many online results used the phrase “dive buddy” in a descriptive sense, further undermining the Complainant’s claim to exclusive rights.

Finally, although the Complaint was unsuccessful, the Panel declined to find Reverse Domain Name Hijacking. While the Complainant’s case was unsupported, the Panel noted that there was a degree of overlap between the services of the Complainant and the Respondent, and that the Respondent had not requested a finding of Reverse Domain Name Hijacking. The Panel therefore found no abuse of the administrative proceeding and declined to make a finding of Reverse Domain Name Hijacking.

This decision underlines that a complainant seeking to assert rights based on a trade mark registration on the Supplemental Register in the United States must be prepared to demonstrate acquired distinctiveness through specific and persuasive evidence. Absent such proof, any complaint will generally be denied on the first element.

The full decision is available here.

Back to the top

Timing is crucial in UDRP disputes

In a recent decision under the Uniform Domain Name Dispute Resolution Policy (UDRP) before the World Intellectual Property Organization (WIPO), a Panel refused to order the transfer of the domain name <leotech.com> to the Complainant, finding that the Complainant failed to establish that the Respondent had registered and used the disputed domain name in bad faith.

The Complainant was Leo Technologies, LLC, a American company providing search and analytics platforms for correctional facilities. The Respondent was listed as JUNGYUHKOOK, based in the Republic of Korea.

The disputed domain name <leotech.com> was registered on 19 July 2023, and resolved to a pay-per-click ("PPC") website containing links such as "Digital Twin Artificial Intelligence", "GPS Tracking for Equipment", and "Data Center Digital Twin".

To be successful in a complaint under the UDRP, a complainant must satisfy the following three requirements under paragraph 4(a):

1. the domain name registered by the respondent is identical or confusingly similar to a trade mark or service mark in which the complainant has rights; and
2. the respondent has no rights or legitimate interests in respect of the domain name; and
3. the domain name has been registered and is being used in bad faith.

Regarding the first limb, the Complainant relied on two United States trade marks for LEOTECH, both registered on 13 May 2025. The Complainant also claimed common law rights dating from 28 February 2023. Although the Complaint was filed before the LEOTECH trade marks were formally registered, the Panel noted that the trade mark applications had passed the opposition phase by the time of filing, and allowed such applications to support standing under the first element of the UDRP, in line with previous decisions. In addition, the Panel noted that the trade marks were registered by the time the Panel reviewed the case record.

Given that the disputed domain name incorporated the LEOTECH mark in its entirety, the Panel found that the domain name was identical to the Complainant’s trade mark and that the first requirement was satisfied.

In light of its findings under the third limb of the UDRP, the Panel declined to assess whether the Respondent held any rights or legitimate interests in the disputed domain name.

Turning to the third requirement and registration and use in bad faith, the Complainant argued that the Respondent had acted in bad faith, citing a demand for USD 180,000 via Sedo.com and pointing to the Complainant's prior use of the LEOTECH mark. The Complainant also contended that the Respondent was a cybersquatter controlling over 28,000 domain names. The Panel, however, noted that when the disputed domain name was registered in July 2023, the Complainant held no registered trade mark rights and had only recently begun using the LEOTECH name. A printout of a Google search result dated April 2025, provided by the Complainant, did little to demonstrate public awareness of the Complainant’s brand at the relevant time. The Panel conducted its own search and found that the term "leotech" was also used by various unrelated entities around the world, such as "Leo Tech Consulting", "Leotech Sierra Leone", and others. On that basis, the Panel concluded that there was no persuasive evidence that the Respondent had had the Complainant in mind when registering the disputed domain name, especially given the fact that “leotech” is composed of two short words.

As regards the high asking price for the disputed domain name, the Panel noted that the negotiation between the parties occurred via Sedo.com and that there was no evidence that the Respondent knew that the Complainant was the prospective buyer. As for the PPC links appearing at the website associated with the disputed domain name, the Panel found at that it was unclear whether they were related to the Complainant’s services or to those of its competitors, or to the term “tech” in the disputed domain name. Ultimately, the Panel concluded that the Complainant had failed to prove that the disputed domain name had been registered and used in bad faith. Therefore the third requirement of the UDRP had not been met and the Complaint was denied.

This decision is a reminder that timing is crucial in UDRP disputes, as it is necessary to prove that a respondent was targeting the complainant’s trade mark rights with a view to profiting from them at the date of registration of the domain name. Except in a very limited set of circumstances, it is very difficult to prove targeting by a respondent when the complainant’s rights did not exist at the time of registration of the domain name.

The decision is available here.

Back to the top

Band name beats trade mark in domain dispute

In a recent decision under the Uniform Domain Name Dispute Resolution Policy ("UDRP") before the World Intellectual Property Organization ("WIPO"), a Panel denied the transfer of the Domain Name <irispond.com>, finding that the Complainant had failed to prove that the Domain Name had been registered and used in bad faith.

The Complainant Kemco Scientific, Inc., was the owner of United States Trademark Registration No. 4833343, IRISPOND, registered on 13 October 2015, for use in connection with, inter alia, chemicals for use in the purification of water, desalinisation, and drinking water treatment.

The Respondent was an individual based in the United States.

The Domain Name <irispond.com> was registered by the Respondent on 23 October 2020. It redirected to a website at "www.colinchalmers.com" (the Respondent's website), which made reference to songwriting, worship leading, and film and television production. The Respondent's website made no reference to the Complainant.

Prior to submission of the Complaint, the Complainant made an offer to purchase the Domain Name from the Respondent via a broker for USD 400. The Respondent replied two days later offering to sell the Domain Name for USD 30,000. The Complainant filed the Complaint the following day.

To be successful in a complaint under the UDRP, a complainant must satisfy the following three requirements set out in paragraph 4(a):

1. the disputed domain name is identical or confusingly similar to a trade mark or service mark in which the complainant has rights; and
2. the respondent has no rights or legitimate interests in respect of the disputed domain name; and
3. the disputed domain name was registered and is being used in bad faith.

Identity or Confusing Similarity

Under the first element, the Panel found that the Complainant had established rights in the IRISPOND trade mark, and found the Domain Name to be identical to that same mark. The Complainant had satisfied the requirements of paragraph 4(a)(i) of the UDRP.

Rights or Legitimate Interests

The Panel did not deem it necessary to enter a finding under the second element, owing to the Panel's findings regarding the Respondent's bad faith registration and use of the Domain Name.

Bad Faith

Under the third element, the Panel found that the Complainant had failed to demonstrate that the Domain Name was registered and had been used in bad faith.

The Panel found that there was little or no basis to conclude that the Respondent had the Complainant in mind when registering the Domain Name. Rather, the Panel acknowledged the evidence provided by the Respondent about his own use of the name "Iris Pond", first as a band name dating back to 1997, then as a business identifier, registered in 2000 as Iris Pond Productions, and finally as a domain name registered in 2001 for "Iris Pond Productions". Even if the Respondent's evidence of his use of the name was relatively "thin", and further noting that there had been significant periods of non-use of the name, the Panel found that the Respondent's use of the name "Iris Pond" predated the Complainant's registration of the IRIS POND trade mark.

The Panel further held that the Complaint was lacking evidence as to the extent to which the IRISPOND trade mark was known to consumers. The Panel commented that the Complainant's field of industry was "fairly arcane and does not appear to be decidedly consumer-facing." Even if the Panel were to disregard the Respondent's evidence of his self-association with the name "Iris Pond", the Panel was still unable to conclude that the Domain Name was registered and had been used in bad faith by the Respondent.

Noting that the Complainant had failed to establish bad faith registration, the Panel did not consider it necessary to discuss the Respondent's offer to sell the Domain Name to the Complainant.

The Complaint was therefore denied.

Comment

One the one hand, the decision highlights that establishing bad faith requires more "robust evidence" than notice of a trade mark registration when claiming that a respondent should have been aware of that trade mark. Notoriety of a mark has to be demonstrated, especially when the field of industry is not qualified by the Panel as being particularly consumer-facing. On the other hand, Panels are open to considering evidence – even if rather tenuous – which attests to the use of a term reflected in a disputed domain name that predates registration of the relevant trade mark.

The decision is available here.

Back to the top

Authored by the Anchovy News team.

Anchovy News editorial team:

• Laëtitia Arrault
• Sean Kelly
• Ying Lou
• Cindy Mikul
• Eliza Parr
• Thomas Raudkivi
• Maria Rozylo
• Jane Seager
• David Taylor
• Tony Vitali
• Grace Wilshaw

Anchovy® - Global Domain Name and Internet Governance

Hogan Lovells offers a unique, comprehensive and centralised Paris-based online brand protection service called Anchovy® for global domain name strategy, portfolio management and global enforcement. We are the only law firm to be an ICANN-accredited registrar and we are accredited with a number of country-specific Registries worldwide.

We also specialise in all aspects of ICANN’s new generic Top Level Domain (gTLD) process and we are an agent for the Trademark Clearinghouse. As the global Domain Name System undergoes an unprecedented expansion, brand owners must revise their online protection strategies and we are ideally placed to guide them.

We are also frequently brought in to advise on cybersecurity, data protection and on a whole range of technology-related issues.

For more information on our services, please contact David Taylor or Jane Seager.