FREE CHAPTER from ‘A Practical Guide to the Law of Domain Names and Cybersquatting’ by Andrew Clemson



If a brand owner finds itself in a position where it needs to take action against a domain then the first step is to determine which dispute resolution options are available to it and which is the most appropriate in the circumstances. This will depend upon the nature of the domain name itself and what use, if any, is being made of the domain name.

The most common options for brand owners would be:

  • One of the various domain name alternative dispute resolution mechanisms

  • Court action

  • Registrar takedowns

6.1 Domain name dispute mechanisms

The domain name alternative dispute resolution mechanisms shown below are the most likely to be relevant to practitioners and brand owners in the UK.

  • The Uniform Domain-Name Dispute-Resolution Policy (“UDRP”)1 – applies to all legacy gTLDs, all New gTLDs and around 40 ccTLDs

  • The Uniform Rapid Suspension System (“URS”)2 – applies to all New gTLDs, the legacy gTLDs .cat, .jobs, .mobi, .pro, .travel and .xxx and the .pw ccTLD

  • The Nominet DRS (“DRS”)3 – applies to the .uk ccTLD only

  • The EURid ADR (“ADR”)4 – applies to the .eu and .ею ccTLDs only

It can be seen from this that the UDRP is by far the most common mechanism and is applicable to over 1,300 TLDs so far (with this number only set to grow) amounting to roughly 193 million domain registrations. Additionally, many of the ccTLDs which do not adopt the UDRP directly use it as the basis for their own individual systems.

The URS is applicable to over 1,200 TLDs so far but in absolute terms it much less widely applied than the UDRP as it does not cover the key .com or .net legacy gTLDs which make up approximately 45% of all registered domain names. It is also more limited than the UDRP as regards the types of dispute it can address.

The DRS applies to the .uk ccTLD in which there are roughly 12million domain registrations.

The ADR applies to the .eu and .ею ccTLDs in which there are roughly 3.6million domain registrations in total.

Part C of this book focusses on the UDRP and then goes on to discuss the other domain name dispute mechanisms in a comparative fashion.

6.2 Court action

Whilst the various alternative dispute resolution mechanisms are likely to be the first port of call for resolving domain name disputes, the courts are always available for an appropriate case.

6.2.1 The UK legal landscape

The leading case on domain name disputes in the UK courts is British Telecommunications Plc & Ors v One In A Million Ltd & Ors [1998] EWCA Civ 1272.

One In A Million had registered various domain names incorporating the trade marks BT, BRITISH TELECOM, CELLNET, LADBROKES, SAINSBURYS, MARKS AND SPENCER and VIRGIN.  The claimants brought actions for passing off and trade mark infringement and the judge at first instance granted summary judgment. It was held on appeal that:

  • the mere registration of a domain name can amount to passing off as it makes a false representation that the domain registrant is associated or connected with the brand owner; and

  • domain names consisting of well-known brands are instruments of fraud as any realistic use of them as domains would result in passing off; and

  • the registration of the domain names also amounts to trade mark infringement under s.10(3) of the Trade Marks Act 1994. The domain names indicate trade origin and they were registered to take unfair advantage of the distinctive character and reputation of the marks.

There have been some subsequent decisions5 of the CJEU which have cast doubt on whether the law on the s.10(3) trade mark infringement question remains applicable.

The first part of the passing off decision was in part based on the court’s view that a WhoIs search would return results showing One In A Million as the domain owner and that this amounted to a misrepresentation that One In A Million was connected to or authorised by the trade mark owner.

A defendant might try to argue that the modern Internet user is more savvy and that, especially given the current WhoIs blackout, no misrepresentation as to connection or authorisation takes place and thus any goodwill the trade mark owner might have cannot be damaged by the registration of the domain name. However, the simple fact that a domain is registered and is owned by a company that has no right to the goodwill attaching to the domain name is likely to amount to passing off regardless of whether the domain is used in trade or if the consumer knows who owns that domain6.

In any event, the One In A Million case remains good law at the time of writing (particularly as it pertains to passing off and to domain names being instruments of fraud) and it has been relied on in numerous subsequent and more modern cases7 from the Intellectual Property Enterprise Court (“IPEC”), to the High Court and the Court of Appeal.

In Vertical Leisure Limited v Poleplus Limited [2014] EWHC 2077 (IPEC) the defendant had registered a number of domain names identical to the claimant’s marks and then offered them for sale to the claimant. The IPEC declined to grant summary judgement on the s.10(3) trade mark infringement claim but did grant summary judgement on the claim for passing off. It ordered the domain names to be transferred to the claimant.

Summary judgement applications at the IPEC, whilst still more expensive and slower than a UDRP action, are not hugely so. It would certainly be a reasonable route for a rights owner to go down if the other party has been identified and there are no problems with the court’s jurisdiction.

A summary judgement application should also be given careful consideration where there is a non-negligible risk at a respondent who has been unsuccessful in one of the domain name alternative dispute resolution mechanisms might commence related court action in an attempt to overturn or frustrate the decision to transfer ownership of the disputed domains.

The UK courts have been clear that they do not function as an instance of appeal from the UDRP/URS or of further appeal from the DRS. UK courts have also struck out requests to issue declarations that losing respondents are entitled to retain ownership of their domain names8.

Losing respondents have, however, had some moderate success in reaching settlements with complainants against the backdrop of US court proceedings9.

6.2.2 The US legal landscape

It is beyond the scope of this book to address in detail the legal position in the US. A few points are worthy of mention, however.

The US has enacted the Anti Cybersquatting Consumer Protection Act10 specifically to deal with the practice of cybersquatting. It provides an effective route for plaintiffs and, with statutory damages of up to USD 100,000 per domain available, it has real teeth even when a domain has never been used11.

The US court accepts in rem jurisdiction over domain names where the registry, registrar or other authority is based in USA. This represents a very large proportion of all domain names as .com, .net and .org are all operated by registries in the USA and many of the largest registrars are US-based companies.

Procedures are available for mass seizure of domain names and US-located monies by means of interim court injunctions.

6.2.3 Court action vs UDRP

It is important to remember that trade mark infringement and the UDRP are two different beasts.

A complainant can succeed under the UDRP where a trade mark infringement action would be doomed to fail (for example because the respondent’s use is not in the course of trade or the complainant has no rights in the respondent’s jurisdiction).

Conversely, a trade mark infringement claim can succeed in situations where a UDRP action would be doomed to fail (for example, in circumstances where a domain is being used for a legitimate business or was registered in good faith but is subsequently used in bad faith).

It is not appropriate, therefore, to use the UDRP as a form of “poor man’s litigation” perhaps believing that if a domain name can be taken away from a party then it will be forced into a total rebrand.

The factors to consider when deciding whether or not to commence court action or use the UDRP (or other mechanism) are:

  • Jurisdiction

  • Chances of success

  • Costs

  • Length of proceedings

  • Remedies available

  • Facts and evidence clear and easily presentable

  • UDRP will not deal with website content

The UDRP is likely to be preferable to court action in most cases primarily as it is significantly quicker, simpler and cheaper (albeit that a summary judgement application at IPEC is closing the gap).

In addition, given the global nature of the Internet, there are very significant jurisdictional and enforcement advantages in using the UDRP. Panels have jurisdiction over all respondents whether they are UK-based or otherwise and even if they are unidentified. Enforcement of decisions is automatic regardless of the respondent’s location.

The nature of the UDRP does make it unsuitable for certain cases, however.

Court action is likely to be the most appropriate route if the dispute has a complex factual background or if any of the factual matrix is disputed by the parties. Further, the UDRP deals with the domain name only and cannot be used to stop website content reappearing elsewhere. Courts can award injunctions as to website content and also offer other remedies such as damages and costs.

A potentially very significant advantage of court action is that the claimant has the choice of exactly when and where to launch proceedings. Users of the UDRP must submit to the jurisdiction of the courts in a “mutual jurisdiction” as defined under the UDRP Rules. For UK rights holder this will almost certainly be a foreign jurisdiction. There is a risk, therefore, that commencing a simple UDRP action could end up with the rights owner being a defendant in international litigation.

6.3 Registrar takedowns

Rather than using a judicial or quasi-judicial process to deal with abusive domain names, a rights owner can contact directly the registrar for the abusive domain and request that it is taken down. The registrar may agree to do this if the domain is being used in a way which breaches any terms in its registration agreement, in particular any acceptable use policy.

Each registrar will have their own conditions that need to be fulfilled before they will take down a domain name depending upon the specific terms of the registration agreement they have entered into with the domain registrant. However, almost all registrars will have a broad discretion to suspend or cancel a domain if it is used for any of the following types of activity:

  • Breaches of UK or other law

  • Hacking

  • Botnets and DDoS attacks

  • Distribution of malware and viruses

  • Phishing or other fraudulent activity

  • Sending spam email

  • Web space abuse (e.g. illegal/obscene/threatening/defamatory content on websites)

  • Selling counterfeit goods and/or unauthorised copyright works

  • Breaches of privacy

Any party can report such instances of misuse to a registrar whether or not it is their rights being targeted or their infrastructure that has been compromised.

If a brand owner becomes aware that any such activities are taking place in relation to its trade marks then immediate action will be necessary and the timescale of a UDRP action, or even a URS action, is likely to be too slow.

All ICANN-accredited registrars are obliged to provide contact information for receiving and dealing with reports of domain abuse and many will be keen to help if their infrastructure is being abused. Local laws in many countries also require registrars to take proactive steps to end such domain abuse once it is brought to their attention.

If the registrar is reluctant to take action or if there is particular urgency the matter can be escalated to any governmental or law enforcement bodies that have been specifically set up for tackling cybercrime12.

If the domain points to a website then the hosting company should also be contacted – though in many cases the registrar and the hosting company will be the same.

As can be seen from the above registrar takedowns are only appropriate in the most egregious cases and should not be used for cases of “normal” cybersquatting or other actions that may or may not amount to bad faith.

It is critical to have in place a domain monitoring service as action can only be taken against domains which have been highlighted as abusive.

A rights owner seeking a registrar takedown should make sure it distils all relevant information down into a clear report. This should as a minimum explain who is making the report and why, how urgent the matter is, how the criminal activity was discovered and what evidence there is to prove that it is taking place.

This report can then be sent to the relevant registrar’s abuse team using the email address on its website (it is usually in the form abuse@registrar.tld) or by using the dedicated reporting form (if the registrar has set one up). It is recommended to follow up the initial report with a phone call.

The larger registrars have abuse teams that are permanently staffed so they can begin the takedown process as soon as it is reported to them.

6.4 Conclusion

Every dispute will have a range of available mechanisms. Deciding on which one to use is an important question.

The nature of the domain name, how it is being used and the identity and location of the domain registrant will all feed into the decision.


1See Chapter 7 for the details

2See Chapter 8 for the details

3See Chapter 9 for the details

4See Chapter 10 for the details

5Céline SARL v Céline SA, Case C-17/06 and L’Oréal SA v Bellure NV, Case C-407/07

6Yoyo.Email Limited v Royal Bank of Scotland Group plc & Ors [2015] EWHC 3509 (Ch), at paragraphs 15 and 19

7See, by way of example, Vertical Leisure Limited v Poleplus Limited [2014] EWHC 2077 (IPEC), Smithkline Beecham Limited & another v GSKLINE Ltd & another [2011] EWHC 169 (Ch) and

8See, by way of example, Michael Ross v Playboy Enterprises International, Inc. [2016] EWHC 1379 (IPEC), Toth v Emirates & Anor [2012] EWHC 517 (Ch) and Patel v Allos Therapeutics Inc. [2008] E.T.M.R. 75

9Yoyo.Email LLC v Playinnovation Limited, Arizona District Court, Case Number: 2:2014cv01922

1015 U.S.C. §1125(d)

11E. and J. Gallo Winery v. Spider Webs Ltd., 129 FSupp2d 1033 (S.D. Tex. 2001) aff’d., 286 F3d 570 (5th Cir. 2002)

12In the UK, options include the National Cyber Security Centre ( and Action Fraud (