Patent Application
20140283106
The Internet connects computers, computer networks, and users throughout the world. Computing resources, such as web servers, connected to the Internet are each assigned an Internet Protocol (“IP”) address that represents the online “location” of that resource. IP addresses, which are defined by a set of numeric values (e.g., 135.54.148.32 (IPv4) or 5031:ad53:4be4:d3e4:c940:132f:d189:145d (IPv6)), are often difficult for humans to remember. Domain names, such as “acme.com” or “acme.net,” which are often easier for humans to remember, provide a convenient alternative to IP addresses. Rather than remembering and entering an unremarkable string of numbers to access a website, a user can simply enter a corresponding domain name. A domain name is a string of characters (e.g., numbers or letters) specifying a top-level domain (“TLD”) (e.g., .com, .net, .org) and one or more sub-domains. For example, “acme.com” comprises the sub-domain (or sometimes called the second-level domain or “SLD”) “acme” (which is itself comprised of a string of characters, or sometimes called simply a “string”) under the TLD “.com.”
Domain name registries (e.g., Verisign, Inc.) are entities that manage or operate TLDs. In some cases, registries interact directly with domain name applicants, or registrants, who wish to register domain names. Typically, however, domain names are registered through registrars, which may be accredited by the Internet Corporation for Assigned Names and Numbers, or “ICANN.” Each registry maintains databases of currently-registered domain names, each database identifying the SLDs that are registered in a corresponding TLD, who holds the registration, and other identifying information. When a party wishing to register a domain name submits a corresponding request, the registrar submits the request to the relevant registry. If the domain name is not then currently registered, the registry typically allows the domain name to be registered to the first requesting party. As an alternative to this “first-come, first-serve” system, registries may auction domain names, use “sunrise periods” (during which qualified claimants with certain rights to marks, such as a trademark, are offered preferential registration rights), and/or offer rights of first refusal. Currently, ICANN controls the addition of new TLDs to the root domain name server. In 2011, ICANN voted to end most restrictions on top-level domain names and allow companies or other organizations to apply for new TLDs. ICANN began taking applications for the new TLDs in early 2012 and has received over 1,900 applications for new TLDs, such as “.app,” “.blog,” “.book,” “.shop,” and so on, and expects to begin activating these TLDs in 2013.
Domain names are important for mark holders, such as holders of registered or non-registered trademarks or service marks. Registering domain names that contain a mark allows the mark holder to take advantage of the goodwill of their mark in the digital world. The relatively open domain name registration process, however, sometimes presents problems for mark holders. Cybersquatting, for example, is an act of registering or using a domain name in bad faith for the purpose of unduly extracting money or other resources from the mark holder and/or the public. For example, a cybersquatter may intentionally register a domain name based on another party's registered mark and hold the domain name ransom. As another example, a party may register a domain name that is similar to a registered trademark and use the registered domain name to exploit the goodwill of the registered trademark. One such act, known as “typosquatting,” involves registering a domain name that is a misspelling of another domain name (e.g., “akme.com” or “adme.com” as a misspelling of “acme.com”) in the hope that an unsuspecting user (and potential customer of “acme.com”) will inadvertently visit the typosquatter's website. The typosquatter's website may include annoying advertisements, pop-ups, or offensive material and discourage the user from visiting and/or conducting business with acme.com. In addition to cybersquatting, domain name registrants can employ other techniques to leverage the goodwill of the mark and/or disparage the mark holder, such as registering the domain name “acme-sucks.com” or “acmesux.org” and/or using an alternative alphabet, such as leet or leetspeak, or Internet slang in a domain name, and so on.
To help combat cybersquatting, ICANN established the Uniform Domain-Name Dispute-Resolution Policy (“UDRP”) in 1999. The UDRP provides procedures for resolving disputes over domain name registrations. The UDRP procedures, however, can be expensive and time consuming. There are also existing laws in the US prohibiting cybersquatting and imposing penalties on perpetrators. In some cases, mark holders have found it less expensive to simply pay a cybersquatter for a domain name as opposed to invoking the UDRP or pursuing legal action. It is desirable to create a cost- and time-effective way to protect mark holders from the acts of cybersquatters who want to exploit mark holders through domain name registrations.
A facility comprising systems and methods for preventing or protecting against the registration of domain names that exactly match, contain (e.g, partially match), or are similar to a mark is provided. The facility maintains a data structure, herein referred to as a Domain Protected Marks List (“DPML”), for recording strings that an entity (e.g., an individual, company, or other organization) has an interest in protecting, such as a domain name that contains or is similar to a mark owned or held by the entity. The facility is part of a DPML system configured to prevent or protect against the registration of domain names that exactly match, contain (e.g., partially match), or are similar to a mark by entities that do not hold the mark (or similar marks). For example, Acme Corporation may have a trademark related to the term “acme.” Additionally, Acme Corporation may have registered “acme.com,” “acme-corp.com,” and other domain names that Acme Corporation uses to serve one or more websites or to send and receive email, for example. Acme Corporation, however, may have no interest in serving, or having others serve, websites under other TLDs via domain names that include the term “acme,” such as “acme.blog,” “acme.app,” “acme.book,” “acme-corp.web,” and so on. The facility allows Acme Corporation to record strings, such as “acme” or “acme-corp,” in a DPML and uses these recorded strings to block or prevent others from registering domain names that include those strings. Thus, if an entity, that does not also hold a mark such as “acme” or “acme-corp,” attempts to register “acme.biz,” “acme.school,” “acme-sucks.biz,” “acme-corp-sucks.info,” “acme-corp.web,” and so on, the facility can prevent the entity from registering these domain names based on Acme Corporation's previously-recorded entries (“acme” and “acme-corp”) in the DPML even if the domain names are not registered with a domain name registry. In other words, in response to requests to register a domain name that includes a string recorded in the domain protected marks list, the facility can prevent registration of that domain name. In this manner, a mark holder can prevent or protect against the registration of domain names—across multiple TLDs—that match, include, or are similar to the mark holder's mark with a single request to the DPML system, thereby saving the mark holder substantial time. Moreover, because updating the DPML does not require individual domain name registration requests (and payments) for each or any of the protected domain names (one for each participating TLD, such as acme.shoe, acme.blog, acme.sports, acme.book, etc.), and the DPML would typically be cheaper than a registration on a per-TLD basis, the mark holder can also realize a substantial cost savings. Also, the registry benefits because the block does not block other mark holders from registering their marks as domain names and thus allows the registry to charge full-registration price to those other mark holders. The other mark holders benefit by still being allowed to register those domain names (if not already registered). Furthermore, a DPML service may include multiple domain name registrars and registries that each share and publish DPML updates and use the DPML to block registrations in their respective TLDs, offering the mark holder protection across any number of registrars and registries with a single request.
In some embodiments, each entry in the DPML comprises a “prefix string,” a “mark string,” and a “suffix string” and the facility is configured to allow mark holders with marks that match the “mark string” to record corresponding entries in the DPML. Subsequent attempts to register domain names that begin with the prefix string, contain the mark string, and end in the suffix string can be blocked based on the DPML. For example, Acme Corporation may record an entry in the DPML comprising “acme” as the “mark string,” “-sucks” as the suffix string, and a blank prefix string (concatenated together the resulting string is therefore “acme-sucks”). Attempts to register second level domain names in a participating TLD that exactly match “acme-sucks” (e.g., “acme-sucks.shoe” or “acme-sucks.app”) can be blocked based on Acme's recorded entry in the DPML. A blank prefix string or suffix string can be matched to any text such that a DPML entry that includes the mark string “acme,” a blank prefix string, and a blank suffix string (concatenated results in the string “acme”) will exact-match to any “acme” SLD registration, and therefore it will be blocked from registration. Thus, the DPML system may block any attempt to register a domain name that exactly-matches or contains “acme.”
In some embodiments, the facility may use mark data or mark information provided by a trusted mark registry to verify or authenticate an entity requesting to add an entry to the DPML, or it may validate or authenticate the entity itself by, for example, requiring secure or tamper-resistant authentication information, etc. For example, the facility may query a trademark office, such as the United States Patent and Trademark Office or the European Union's Office for Harmonization in the Internal Market, to determine whether the requesting entity actually owns a trademark that matches (e.g., exactly or partially) a string that the requesting entity wishes to add to the DPML, and the facility may perform other checks (potentially offline checks) to validate that the requesting entity is actually the entity they claim to be. As another example, the facility may receive, in conjunction with the request, a Signed Mark Data (“SMD”) file provided by a mark clearinghouse or mark registry, such as ICANN's Trademark Clearinghouse. ICANN's Trademark Clearinghouse was established to assist with authentication and verification of trademark owners or holders and their marks. A trademark holder may submit trademark data to the Trademark Clearinghouse and, if the Trademark Clearinghouse verifies that the submitter owns the trademark and the submitter is who they purport to be, receive from the Trademark Clearinghouse a digitally signed SMD file. The SMD file specifies, among other things (such as whether the mark is or is not an “in-use” mark), a number of domain labels, each domain label including a corresponding string for which the trademark owner may have an interest in registering as a domain name within one or more TLDs. For example, an SMD file for BARNES AND NOBLE may include domain labels corresponding to: “barnesandnoble,” “barnes-noble,” “barnes-and-noble,” “barnesnoble,” and so on. Additional information regarding ICANN's Trademark Clearinghouse can be found at http://newgtlds.icann.org/en/about/trademark-clearinghouse. Mark data provided by a trusted entity allows the facility to more easily verify and authenticate mark owners and their marks in order to add an entry to or otherwise update the DPML (e.g., by renewing or removing a DPML entry). In some embodiments, the DPML system may maintain its own mark registry as a list of marks and associated information, such as who owns the mark, where the mark is in use and/or registered, status of the mark, and so on. Accordingly, the mark registry may including information about marks that are not registered with a trademark granting body, such as the United States Patent and Trademark Office, the Canadian Intellectual Property Office, and so on. In some embodiments, the facility may use other data in the SMD file (or which may be obtained by other means) to differentiate between in-use marks (for example for USPTO marks) and non-in-use marks (which some trademark offices allow), and, for example, allow in-use marks or corresponding strings to be entered in the DPML and prevent non-in-use marks or corresponding strings from being entered in the DPML.
In some embodiments, the facility provides a mechanism for protecting against the registration of domain names that do not exactly match or contain a requesting entity's trademark but that may cause damage to the entity holding the mark if registered to malicious users. For example, even though Acme Corporation may not have trademarked “accme” or “akme,” Acme Corporation may wish to prevent others from registering these typo domain names to avoid typosquatters from registering domain names hoping to lure unsuspecting users to their sites. To protect these domain names against registration, the facility provides a bypass mechanism through which entities may take advantage of the DPML even if they do not own a mark that at least partially matches the string (or strings) they wish to protect. To take advantage of the bypass mechanism, a party can submit a request for a DPML authorization token, the request including mark data (e.g., an SMD file) and a string or set of strings. For each string, the facility determines, based on the mark data, whether the string is similar enough to a protected mark or is likely to be easily confused with the mark or otherwise harm the mark holder. For example, the facility may calculate a distance (e.g., Levenshtein distance) between the string and a domain label specified in an SMD. As another example, the facility may submit the string and domain labels to a human for a determination of whether the string is similar to a protected mark or is likely to be confused with the mark or likely damage its holder. If the string is similar to a protected mark or is likely to cause harm, the facility can issue a DPML authorization token that the requester can then use to record an entry in the DPML. Accordingly, a string need not match a mark exactly to be qualified for entry in the DPML.
In some embodiments, the facility may allow an entity to register a domain name even though the DPML includes an entry specifying a string corresponding to the domain name (i.e., a string that matches the sub-domain of the domain name). In other words, the facility provides a mechanism for overriding the DPML in certain cases. For example, if the requesting entity also recorded the string in the DPML, the facility may allow the entity to “override” the DPML entry and register a corresponding domain name. Using the example above, Acme Corporation may, after recording “acme” in the DPML, wish to register the domain name “acme.biz,” and that it holds a mark for “acme.” In response to verifying that Acme Corporation has submitted a request to register “acme.biz,” the facility can override the DPML and authorize registration of the domain name. In some cases, an entity may be charged an “override” fee for overriding the DPML. As another example, if the entity requesting registration also owns a trademark related to a string in the DPML, the facility may allow the requesting entity to override the DPML. For example, two parties may own the same mark in different jurisdictions or in different mark classifications. As another example, Delta Air Lines, Inc. and Masco Corporation each own trademarks related to the word “Delta.” Thus, each may be interested in registering and/or protecting against the registration of domain names that include the word “Delta.” If Delta Air Lines has recorded “Delta” in the DPML, the facility may allow Masco, upon proving that it owns or has rights in a mark related to “Delta” and is requesting registration of a domain name having a portion that exactly matches “Delta” (not case-sensitive) such as delta.faucets or delta.water, to override the DPML and register the domain name. As another example, Citibank, may record an entry in the DMPL corresponding to the string “citizen” based on Citibank's trademark on the word “citi.” Subsequently, Citizen Watch Company may wish to register the domain name “citizen.watch”. Citizen's registration request would override the block if Citizen proved to the facility (typically accomplished by presenting, directly or indirectly, the SMD file) that it is in fact Citizen Watch Company and it holds a mark corresponding to “citizen.” Accordingly, the facility can override the DPML to allow a mark holder to register a domain name even though the DPML contains an entry corresponding to the domain name (e.g., the sub-domain of the domain name matches the DPML entry's string) recorded by another entity. Potential registrants that do not own a corresponding mark, however, will still be prevented from registering conflicting domain names (i.e., domain names that correspond to a string in the DPML). Accordingly, a mark holder can protect their mark against others but not necessarily against others with the same mark.
As another example, the facility may maintain a list of “premium domain names” on a per-TLD basis such as domain names that contain fewer than three letters or characters in the sub-domain (e.g., “a1.restaurant” or “LOL.book”) or domain names containing specified strings, such as “blog” as in “blog.sport” or “blog.soccer” or are related to the TLD (e.g., “apple.fruit”, “ford.family” or “blue.car” or “paul.name”, apple, ford, blue, and paul all being registered trademarks), or other names. In response to receiving a request to register an unregistered, premium domain name, the facility may authorize the registration regardless of the contents of the DPML.
The computing devices on which the disclosed systems are implemented may include a central processing unit, memory, input devices (e.g., keyboard and pointing devices), output devices (e.g., display devices), and storage devices (e.g., disk drives). The memory and storage devices are computer-readable media that may be encoded with computer-executable instructions that implement the technology, e.g., a computer-readable medium that contains the instructions. In addition, the instructions, data structures, and message structures may be stored or transmitted via a data transmission medium, such as a signal on a communications link and may be encrypted. Non-transitory computer-readable media include tangible media such as storage media, hard drives, CD-ROMs, DVD-ROMS, and memories such as ROM, RAM, and Compact Flash memories that can store instructions. Signals on a carrier wave such as an optical or electrical carrier wave are examples of transitory computer-readable media. Various communications links may be used, such as the Internet, a local area network, a wide area network, a point-to-point dial-up connection, a cell phone network, and so on.
The disclosed systems may be described in the general context of computer-executable instructions, such as program modules, executed by one or more computers or other devices. Generally, program modules include routines, programs, objects, components, data structures, and so on, that perform particular tasks or implement particular abstract data types. Typically, the functionality of the program modules may be combined or distributed as desired in various embodiments.
Many embodiments of the technology described herein may take the form of computer-executable instructions, including routines executed by a programmable computer. Those skilled in the relevant art will appreciate that aspects of the technology can be practiced on computer systems other than those shown and described herein. Embodiments of the technology may be implemented in and used with various operating environments that include personal computers, server computers, handheld or laptop devices, multiprocessor systems, microprocessor-based systems, programmable consumer electronics, network PCs, minicomputers, mainframe computers, computing environments that include any of the above systems or devices, and so on. Moreover, the technology can be embodied in a special-purpose computer or data processor that is specifically programmed, configured or constructed to perform one or more of the computer-executable instructions described herein. Accordingly, the terms “computer” or “system” as generally used herein refer to any data processor and can include Internet appliances and handheld devices (including palmtop computers, wearable computers, cellular or mobile phones, multi-processor systems, processor-based or programmable consumer electronics, network computers, mini computers and the like). Information handled by these computers can be presented at any suitable display medium, including a CRT display or LCD.
The technology can also be practiced in distributed environments, where tasks or modules are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules or subroutines may be located in local and remote memory storage devices. Aspects of the technology described herein may be stored or distributed on computer-readable media, including magnetic or optically readable or removable computer disks, as well as distributed electronically over networks. Data structures and transmissions of data particular to aspects of the technology are also encompassed within the scope of the technology. For example, various systems may transmit data structures and other information using various protocols, such as the hypertext transfer protocol (HTTP), the transmission control protocol (TCP), the extensible provisioning protocol (EPP), and so on.
Those of ordinary skill in the art will recognize that while the disclosed techniques are generally discussed in the context of registries, registrars, and the public or quasi-public TLDs administered by ICANN and other bodies, the disclosed techniques can be applied to analogous applications in the field of domain name and IP address systems, such as a privately managed domain name systems and/or computer networks. In this case, a “registry” is any person or entity with authoritative control over a hierarchical domain or IP address or other computer address system; and in which case a “registrar” is a delegate of the “registry” with authoritative control over one or more levels of sub-domains or sub-addresses; and in which case a “registrant” is a delegate of the “registrar” with authoritative control over one or more levels of sub-domains or sub-addresses below the level of the “registrar.”
From the foregoing, it will be appreciated that specific embodiments of the technology have been described herein for purposes of illustration, but that various modifications may be made without deviating from the disclosure. The facility can include additional components or features, and/or different combinations of the components or features described herein. For example, the disclosed facility may determine and assess fees (and associated grace period) for various acts, such as generating a DPML authorization token, overriding the DPML to register a DPML-protected domain name, deleting or removing a DPML entry, and so on. Moreover, although the DPML data structure is herein described as a list, one of ordinary skill in the art will recognize that the DPML information may be stored in any number of data structures, such as a table or an array. As another example, one or more computer memories may collectively contain a marks list data structure relating to a plurality of strings that are each protected from being registered as domain names within a plurality of top-level domains, the data structure comprising a plurality of entries, each entry containing a string and identifying a mark, such that each entry can be used to determine whether a request to register a domain name within any one of the plurality of top-level domains should be denied. In some embodiments, the DPML system maintains a shadow or non-public registry containing the DPML. Each entry in the shadow or non-public registry includes a string and domain names containing that string can be blocked from registration by the DPML system. Moreover, domain name registries may query the shadow registry (via standard interfaces, such as EPP, and so on) to identify blocked domain names, to make entries in the DPML, to determine whether a request to register a domain should be authorized or denied, and so on. In some embodiments, multiple registries may maintain separate DPML systems. Additionally, while advantages associated with certain embodiments of the new technology have been described in the context of those embodiments, other embodiments may also exhibit such advantages, and not all embodiments need necessarily exhibit such advantages to fall within the scope of the technology. Accordingly, the disclosure and associated technology can encompass other embodiments not expressly shown or described herein.
