All Posts By

Lutz Berneke

How GDPR affects the fight against online infringements

How GDPR affects the fight against online infringements

By | Domains

On May 25, 2018 the General Data Protection Regulation (GDPR) entered into force, impacting every entity handling the personal data of European residents. The WHOIS system, a public directory filled with personal data seems, at first, incompatible with this new regulation. So how does the GDPR affect the fight against online infringements and abuse?

To try to get a clearer picture, we interviewed Luc Seufer, Chief Legal Officer of the EBRAND Services Group. 

First of all, could you tell us whether EBRAND Services has been impacted by the GDPR?

Because of our clientele type and the range of services we provide, EBRAND Services knows first hand the concerns the GDPR creates for the domain name industry.

As a domain registrar, the protection of our clients’ personal data is paramount, so we have always complied with all applicable laws in this regard. Aside from the redaction of certain data in our WHOIS databases, the Regulation has not imposed drastic changes to the manner in which we operate but rather a more thorough documentation.

As a brand protection services provider, however, the aforementioned redaction does constitute a hindrance we would prefer not exist.

In the last few months, a constant stream of articles from intellectual property protection groups  have been published to warn the public and lawmakers of the dire consequences of what they call the “WHOIS shutdown”. Could you tell us more about it?

To understand the current state of affairs, allow me to give you a brief history of ICANN and data privacy. For many years, data privacy specialists have formally and informally told ICANN that certain policies were infringing on European data protection laws.

The former Article 29 Working Party, now rechristened European Data Protection Board, sent several letters to each successive ICANN CEO.

Unfortunately, none took those warnings seriously and necessary reforms were never initiated.

Goran Marby, the current CEO of the organization, had to pressure the ICANN board of directors to approve a temporary policy allowing registries and registrars to take the actions they deemed necessary to abide by GDPR.

However, this policy’s text is so vague that each registry and registrar has implemented a different set of rules. Certain registries, for example, are redacting every Whois record in their database without regard to the location of the registrant or even the fact that they are a legal person and, thus, outside of the Regulation scope.

Others, like EBRAND Services, have taken a more pragmatic approach, only redacting details of natural persons while displaying an anonymized email contact address for those registrants. Others have opted to make an online contact form available on their websites. And some have even attempted to create an access model with a pseudo accreditation system.

In a few months, it has assuredly become difficult to access the contact details of domain name registrants.

Isn’t it ICANN’s role to define industry standards and enforce them?

During its latest meeting in Panama City, which I attended, ICANN announced that an expedited policy development process was being initiated, so that a lasting gloabl solution could be created. ICANN’s goal is to have this new policy finalised and put into force by the end of April 2019.

Although this may seem very slow to the general public, it is light speed for ICANN. As a reminder, it took ICANN 10 years to launch the new extensions program.

This new policy should introduce a tiered access system to the Whois databases. For example, law enforcement agencies should have a certain type of access, IP owners another one, registrars another, security researchers another…

As previously mentioned, certain registrars have tried to pre-empt ICANN by devising their own tiered access, but their models are not based on a common standard and are operated by the registrars themselves. Although every registrar is presumably a competent technical services provider, they are certainly not qualified to judge the legitimacy of requests for access to customers’ personal data. In my opinion, this initiative is rather dangerous and ill-adapted but the eagerness to find a solution easily explains its conception.

Does this mean that the DNS has really become a lawless place?

Not quite. On top of their local laws, every ICANN accredited registrar is bound by the same accreditation agreement to ICANN. This agreement requires registrars maintain a so-called abuse contact point. They must investigate reports of illegal activity involving domain names under their management.

As evidenced by our enforcement team results, it is still possible to obtain the suspension of domain names used in an illegal fashion. However, it’s very difficult to know the identity of the person behind the abuse.

So there is no way to identify infringing parties anymore?

Here, too, the crux of the issue is the lack of standard process and policy. Each WHOIS database maintainer (registry or registrar) is acting in accordance with its own interpretation of GDPR.

Some are adamant that only a court decision allows them to disclose personal data. Others solely require a substantiated complaint meeting the DMCA requirements. And some are clueless and, regrettably, remain mute.

When the infringement is constituted by the domain name itself, the initiation of a UDRP or URS may be considered as it will compel the registrar to disclose the registrant details. However, this route is quite expensive for a mere disclosure.

But this does not mean that brand owners are left to their own devices. EBRAND Services has developed a set of innovative technological tools over the years which are still fully functional despite the current situation.

Luc Seufer, Chief Legal Officer EBRAND Services Group

TREx trademark protection via EBRAND Services

TREx trademark protection by TMCH stops infringing cybersquatters

By | Domains

Don’t let cybersquatters jeopardise your trademark rights

Your online brand’s trademark is one of your most valuable assets. It helps you distinguish your business from others and safeguards your reputation. But in our digital age, they are also increasingly vulnerable to predators like cybersquatters. Trademark cybersquatting occurs when a third-party registers domain names, especially with well-known company and brand names, with the intention of selling them. In essence, this allows them to profit from a registered trademark.

Recent reports show that trademark holders must become increasingly vigilant to prevent this from happening. In 2017, cybersquatting disputes related to generic top-level domains (gTLDs) increased to 12 percent of the World Intellectual Property Organisation’s case load. Country code top-level domains (ccTLDs) made up 17 percent. After the US, France filed the most cases.

 

TREx, an extra layer of security for trademark holders

Trademark owners now have a new way to protect their online brands. The Trademark Registry Exchange (TREx), a new service available through the Trademark Clearing House (TMCH), provides additional protection for your trademarks. The TREx service is available for TMCH-registered trademarks. Accredited agents – like EBRAND Services – will use this centralized service to match your trademark across various top-level domains (TLDs), currently 33 – soon to reach 40 and more expected to join them. (Including legacy TLDs and ccTLDs.)

During a TLDs general availability phase, registries will remove the availability of domain names that match your trademark so that third parties are unable to register them. In essence, this will help trademark owners block their trademark in any number of TLDs, eliminating the need for defensive registration against cybersquatters.

TREx is a simple, cost-effective approach to trademark protection as it eliminates costs incurred from both defensive registration and the renewal of those domains. You will incur no cost from TMCH to have a blocked domain overridden if at some point you decide you would like to register the domain yourself. Moreover, you will avoid the hassle of having to file a Uniform Domain Name Dispute Resolution (UDRP) as you’ll be less likely to become a victim of trademark infringement in the first place.

But there are a few important caveats to consider:

  1. Domain names already registered by a third party prior to your signing up for the TREx service are, unfortunately, off limits. You will not be able to have these domains blocked. If domain names have already been registered under numerous TLDs, TREx may not be the best option for you.
  2. Once your TREx service is activated, it will be valid for one year and will be renewable each subsequent year. Your TMCH trademark record will need to remain valid for the duration of this period. If your trademark record expires before the end of the year, your TREx service will be cancelled.
  3. Variations related to your trademark are not protected under the TREx service.

How to subscribe to the TREx service

TREx is currently available to agents officially accredited by the TMCH or customers who are pre-paid trademark holders. Please contact an EBRAND Services Support Agent. We’ll get you started.

And keep in mind that EBRAND Services offers a variety of trademark protection and domain monitoring services. If TREx isn’t right for you, we’ll be happy to provide information about alternatives that are. Just remember: cybersquatters are lurking and if you don’t take action to protect your online brand’s trademark there’s a good chance it will be abused!

Homograph attacks increase need for brand protection | EBRAND Services blog

Homograph attacks increase need for brand protection

By | Domains

Internationalised domain names (IDNs) allow users to register domain names in almost any written language, enabling today’s global internet to become more multilingual. However, non-Latin script Unicode characters are making it easier for cybercriminals to register domain names for phishing websites. This website phishing technique, known as a homograph attack or IDN spoofing, is nothing new but reports indicate it’s a growing problem. If your domain isn’t being monitored, your brand is unprotected and may be at risk.

Unicode confusables key to homograph attacks

Farsight Security, the world’s largest provider of DNS data, has reported that between May 2017 and April 2018, nearly 36,000 domains were used to imitate 466 top brands with lookalike domains which used confusable characters. These brands came from diverse industries, ranging from banking to retail to technology. 91 percent of these IDNs were considered “confusable”.

IDNs represent characters in scripts other than Latin. Like other domains, IDNs rely on Unicode, which is the standard for digital representation of all the world’s languages. However, the key to a homograph attack is a specific Unicode formula known as Punycode. Punycode converts non-Latin script characters into code that is readable by DNS. For example, españa.com converted by Punycode creates the domain xn-espaa-rta.com. DNS will have no trouble recognizing xn-espaa-rta.com as it does not contain any non-Latin characters.

The problem, though, is that letters from different alphabets can look the same in different languages. These are called “confusables”.


Confusables are nearly undetectable to users, email clients, or web browsers. Take a look at this example (reported in The Sun).


To an untrained eye, there is no problem. But look closely at the “o” above “tower” and you’ll see a small diacritic mark – “ȯ” – which is used in some languages so, therefore, supported by Unicode.

This is the kind of small language script change that fraudsters rely on. They trick you into thinking you’re seeing one thing but, in reality, they’re redirecting you to a lookalike phishing site.

Combatting homograph attacks is everyone’s responsibility

ICANN (Internet Corporation for Assigned Names and Numbers) has taken steps to fight homograph attacks. Its Guidelines for the Implementation of Internationalized Domain Names provides registries and registrars with rules designed to help restrict the prevalence of homograph attacks and keep brands protected. Unfortunately, Farsight’s research indicates not everyone is adhering to the rules.

Many browsers have also responded to the growing threat of homograph attacks by providing warnings to users about potential Punycode lookalikes. Here’s what you see when you type https://www.са.com/ into Chrome and Safari:

Browser warning

Notice how in both examples the website address is converted to Punycode, “xn--80a7a.com” so visitors better understand this is a lookalike site. It is not the actual “.ca.com” site they are searching for. It is, instead, one using the Cyrillic “a” to trick users.

But what about outside browsers where such warning don’t exist? Users have a number of options:

  • Don’t click on suspicious-looking links in emails, especially from senders you don’t know.
  • See if your email client has the option to disable links altogether from incoming emails.
  • Changing the junk filter level will significantly remove the number of malicious incoming emails.
  • For both email and social media links, use a link checker (there are a number of them out there) to verify it.

Domain monitoring tools will help keep your brand protected

Of course, EBRAND Services is here to help eliminate threats which could undermine your brand name.

We use brand protection tools to monitor new domain name registrations, quickly identifying domains which are identical or confusingly similar to your brand, corporate name, or trademark. We identify who the infringing third party is. When necessary, we take legal action to stop third parties from infringing on your domain.

For more information about how we can help keep your domain name out of the hands of others, get in touch with one of our support agents. We are committed to making sure your brand name is never used by malicious third parties intent on unleashing the next big homograph attack.

International domain names benefit global businesses | Blog EBRAND Services

International domain names benefit global businesses

By | Uncategorized

Internationalised domain names (IDNS) are essential to any business with global ambitions. IDNs, domain names which use non-Latin scripts, respect the linguistic diversity of Internet users around the world. They also make it easier for businesses to target marketing and messaging to diverse markets which use non-Latin scripts.

The Internet is becoming more multilingual

Internet users around the world need to be able to access information in their own language. With Chinese, Arabic, and Japanese among the top languages spoken by users, it would be a mistake to assume that everyone on the Internet uses Latin script characters when conducting a search.


An International domain name allows an entire web address, to the left and to the right of the dot, to appear in a user’s own language. Consequently, they don’t have to rely on, and possibly struggle with, unfamiliar characters when searching for a site. As a bonus, because users don’t have to work so hard to find you, they’re more likely to remember you. Of course, you’ll also stand out because users will see – and appreciate – the fact that you are sensitive to their unique language needs.

IDNS give Internet users a voice

With the Internet becoming increasingly multilingual, ICANN (Internet Corporation for Assigned Names and Numbers) is actively working to develop and promote IDN usage. Over 8 million have been registered since becoming available in 2009 and now make up 3 percent of the world’s domains. Registration is highest in the Asia Pacific region. And scripts of registered IDNs strongly correlate to the languages used in different countries and territories.


Source

Universal acceptance of IDNs has been slow as domain name servers only support the English alphabet (A – Z), digits (0 – 9), and a couple of punctuation marks (dashes, full stops). But thanks to the efforts of ICANN and the Universal Acceptance Steering Group, the domain name system has evolved to keep pace with the emergence of domain names which use non-Latin scripts.

A system called Punycode was created so that non-Latin script characters could also be supported. Punycode converts non-Latin script and special characters (like accent marks) into code that is readable by DNS. For example, españa.com converted by Punycode creates the domain xn-espaa-rta.com. DNS will have no trouble recognising  xn-espaa-rta.com as it does not contain any non-Latin script characters.

IDNs expand your business across the globe!

Clearly, IDNs are key to unlocking new markets. If you’re able to communicate in local languages, your services become more accessible, your user experience improves, and your branding becomes more intuitive since users can use the exact words they’re likely to type into a search engine when looking for a business like yours.

And we want to help. International domain names registration is available through EBRAND Services. We offer a comprehensive selection of Internationalised domain extensions in various languages. If you have additional questions about how IDNs work or aren’t sure if an IDN makes sense for your business, just contact us for a consultation. We would be more than happy to discuss the best options for you!

Google gets serious about HTTPS encryption | Blog | EBRAND Services

SSL certificate deadlines: are you ready for Google’s changes?

By | Uncategorized

An SSL certificate (aka Secure Socket Layer) is, essentially, a set of cryptographic protocols that provide communications security over a computer network. Banking details, credit card numbers, and other private information transmitted from a user’s web browser to a site’s server is encrypted, preventing thieves from intercepting it. And, thanks to Google’s efforts to create a safer, more secure Internet, SSL certificate is increasingly commonplace.

More and more website owners and developers are using SSL certificates, specifically those which provide HTTPS encryption (as opposed to now-dated HTTP encryption.) HTTPS (HyperText Transfer Protocol Secure) provides end-to-end encryption of all information sent and received over a website, securing and protecting users from criminal interference.

These days, everyone is more or less expected to provide HTTPS encryption. Customers, increasingly nervous about sharing sensitive information online, know what trust indicators – green padlock, trust badge – to look for. And if you can’t provide those indicators, they won’t think twice about leaving you for a site that can. In fact, Google is encouraging them to do just that.

Google gets serious about HTTPS encryption

An SSL certificate is an easy, cost-effective way for website owners to secure online transactions. And, now, if you don’t provide HTTPS encryption, Google will toss you into the  penalty box.

The search engine giant has been stepping up its efforts to create a more secure Internet, making an SSL certificate more necessary than ever. Just take a look at these updates to Chrome.

Chrome 68, July 2018 release

With the July 2018 release of Chrome 68, Google is flagging any website without HTTPS encryption as “not secure”. And not only that but users will not see in their browsers the familiar padlock, green text, and HTTPS which indicates a site is not suspicious. In other words, users will immediately understand that the site is unsafe for sharing personal information.

Chrome 68, July 2018 release

Chrome 69, September 2018 release

With the release of Chrome 69, users no longer see the green “Secure” lettering they currently see in sites which use HTTPS. (Eventually, the green padlock will go, too.) The security itself won’t change, though. Basically, Google is alerting users to the fact that HTTPS is the new normal and, unless they’re told otherwise, they can rest assured a site is using the proper encryption without too much attention being called to the fact.

Chrome 69, September 2018 release

Chrome 70, October 2018 release

With Chrome 70, users will see a red “not secure” warning whenever they are about to enter data into an insecure HTTP page. Google has not done this in the past because HTTP usage was too high and, therefore, it was unrealistic to mark every page with a warning. But now that HTTPS is standard, Google is taking the step.

Chrome 70, October 2018 release

SSL certificates from EBRAND Services will keep Google happy

EBRAND Services offers three SSL certificates, all of which deliver different levels of online security according to your unique needs. All certificates provide HTTPS encryption, are supported by Google Chrome, and are easy to activate.

Domain Validated SSL

  • Ideal for blogs, social networks, and personal websites
  • Configures multiple domain names operating on different IP addresses
  • A low-cost option that can be set up in minutes

Organization Authentication SSL

  • Ideal for corporate websites
  • Company authenticity confirmed by our Certificate Authority (CA) GlobalSIgn, assuring users that your site is legitimate, not that of an imposter
  • Provides a higher level of authentication than the Domain Validated Certificate

Extended Validation SSL

  • Ideal for e-commerce and banking sites
  • Involves a more rigorous audit and validation process, performed annually
  • Delivers the highest level of security available

Wildcard Option

  • Wildcard option available for your primary domain name as well as unlimited subdomains and associated servers
  • Ideal solution for anyone with several pages, websites, and servers, protecting all under a single root domain name
  • Available for Domain and Organisation Validation

Not all SSL certificates are considered equal

Make sure you purchase your SSL certificate from a trusted, reputable dealer. Not all SSL dealers have been known to follow proper industry practices.

Case in point: just last year, GeoTrust, RapidSSL, and Thawte admitted to not following proper procedures when issuing certain certificates. Consequently, Google has started flagging any sites using these certificates with a rather scary sounding warning:

Private connection warning

With EBRAND Services, you have nothing to worry about. We work with globally renowned WebTrust accredited Certificate Authority, GlobalSign, known for maintaining high encryption standards.

If you need assistance selecting the right SSL certificate for your needs, or just have general questions about SSL, let us know. We’re happy to assist!

What to expect from the next round of gTLDs

By | Domains

The following is written right after the March 2017 ICANN 58 meeting which took place in Copenhagen, and we will do our best to update it as the review process develops.

What to expect from the next round of gTLDs

New gTLDs coming soon ?

A question we often are asked here at EBRAND Services is : when will I be able to apply for my own internet extension (like my competitor did) ? We usually reply that the process and policy used for the last round of applications are currently being reviewed and that it’s difficult to give a firm date. To help clarify matters, we’ve decided to write this article which will delve into the current review, and foreseeable date, of the next rounds of applications. The following is written right after the March 2017 ICANN 58 meeting which took place in Copenhagen, and we will do our best to update it as the review process develops.

Refresher

ICANN (the domain name regulator) officially allowed new extensions to be applied for back in 2008. The means selected to delegate those extensions was to stagger them in time limited application rounds.

The first round took place in the beginning of 2012. 1,930 new internet extensions were applied for in accordance with ICANN categories : generic (.blog, .email,.企业 .ninja), geographical (.paris, .berlin, .nyc) , community based (.gay, .catholic, .porn), and brand (.lidl, .apple, .postbank).

The delegation started in October 2013 and, as of now, 1,216 extensions have been delegated. 86 should be delegated in the near future.

Second round

On February 7, 2012, the ICANN Board approved a resolution to implement a second application window for the new gTLD program.

However, before the second round can take place, the programme needs to be reviewed to ensure that the first one promoted consumer trust and consumer choice. Moreover, ICANN needs to measure the effectiveness of the application and evaluation process as well as the safeguards put in place to mitigate issues

There are currently three review processes, all running in parallel, which need to be finalised for the second round to open.

1/ New gTLD Subsequent Procedures The Subsequent Procedures working group reported that several tracks are running in parallel, each dealing with one specific aspect of the charter questions. Some of the work has been completed while other larger pieces are taking longer. They stated that their initial report should be issued at the end of 2017.

For its part, the Cross Community working group on Country and Territory names has concluded that no 2-letter label must be allowed in future gTLD rounds because 2-letters are specifically reserved for current and future ccTLDs. However, as the group could not reach consensus on 3-letter extensions, they might be allowed during the next round.

2/ All Rights Protection Mechanisms (RPM) As an EBRAND client, you must be aware of the protection mechanisms available to brand owners as part of the new extension programme. (If you are not, please do contact your account manager).

The RPM working group is tasked to review all rights protection mechanisms. As such its members are reviewing the use and effectiveness of the TMCH, the UDRP, the URS, and the lesser used Post Delegation Policy. The working group reported that review of the UDRP and URS would be undergone last as they will take longer than the first two.

The group expect to have its initial report ready for publication in late 2017 for the PDP and TMCH review. The second phase of the review, which will be solely dedicated to UDRP will begin in early 2018.

3/ Registration Directory Services The working group is still working on phase 1, which is focused on fundamental requirements for the new WHOIS system. Next step will be to focus on policy development. However due to the sheer amount of work and the divergence of point of of views between the group members, no specific timeline for an initial report was provided.

Get involved

Leadership from each working group called for more involvement : the more participants, the faster the work will be accomplished and the second round can take place. If you want to help, you can by joining a working group or commenting on working group reports.

The Renewal Process within the Trademark Clearinghouse (TMCH)

By | Trademarks

Why renew ?

Deloitte has disclosed a study which offers a stunning insight : 95% of the queries for trademark terms are not being followed through to a live registration if the potential registrant is confronted with a TMCH notice warning about potential infringement of trademark rights !

If a mark is registered in the TMCH, such claim notice is sent as a warning to anyone attempting to register a domain name which matches the trademark term. Over 500,000 such Claims Notices have been delivered already on the basis of – per mid October 2014 – over 33.000 trademarks registered by 13.601 organizations in the TMCH covering 119 jurisdictions worldwide.

These metrics show that the Claim Notice is clearly working as deterrent. The high number of Claim Notices also indicates a high level of interest in trademarked terms from third parties.

A total of 129.095 official claim notifications have been sent out to potential infringers who have registered domains despite prior claim notice. The trademark owners have been informed in parallel.

So far, only a small part of new domain extensions have been launched. There are over 1.000 new extensions still to come. Also ICANN has announced a “second opening” : in 2016 or 2017 again, a new wave of domain extensions can be expected which will guarantee the usefulness of TMCH registrations for at least the next 5 years.

In sum : The TMCH remains the only universal rights protection system across the entire programme of new domain extensions. By recording protected terms in the TMCH, trademark owners are being offered the best protection available as more new domains are deployed. Together with the URS and UDRP, the TMCH completes ICANN’s right protection toolbox, and is the first line of defense as well as the most cost-efficient way before taking any litigating step.

Important : All mark records that were submitted for one year before the 4th of November 2013, will expire this year as from the 5th of November.

Notifications : 60 days – 30 days –(10 days grace period) starting from the 14th of November 2014 (cut-off day) – see below for details Expired Status : No changes possible once a record received an expired status.
Renewability : Once a mark record is within 1 year of expiring the option to renew with the TMCH will become possible.

Duration : Any mark which is eligible for renewal, can be renewed via TMCH Genius for 1, 3 or 5 years.

Pricing : The same as new records.

Impact to Mark Record :

a) Renewal : SMD files will be revoked and regenerated (the “notBefore” and “notAfter” dates will be updated in the new SMD file). Also the Certificates will be revoked and regenerated.
b) Expiration : status will change to expired. SMD file and Certificate will be revoked.

ICANN Passess 100 Delegations for New gTLDs

By | Domains

ICANN Passes 100 Delegations For New gTLDs This week ICANN announced they have passed the 100 mark for new gTLDs to be delegated. The move to being delegated is one of the final steps before the Registries that control the gTLDs may begin accepting registrations. In total, as of 21 January there were 107 gTLDs delegated.

In the past couple of weeks the first brand was delegated with the Australian university Monash having its gTLD delegated. And one of the pioneers of the new gTLD programme, those behind the application for .berlin became the second city gTLD to be delegated behind .wien (Vienna).

“There are now almost five times more generic Top-Level Domains than there were only a few months ago and that translates to greater consumer choice,” said Akram Atallah, President of ICANN’s Global Domains Division. “We are as eager as everyone else to see what type of innovation these new Domains will usher into the online world.”

Noting the historic achievement, Christine Willett, Vice President of gTLD Operations, said the year ahead was full of new opportunities.

“This is an historic milestone for ICANN’s New gTLD Program and the Internet as a whole. The year ahead will be defined by new opportunities in a vastly expanding online landscape.”

In addition to the new delegations, over 200 Registry Agreements (RA) have been signed by new gTLD applicants. The signing of an agreement allows applicants to move onto the final stages of the programme and prepare for delegation into the DNS.

In a posting on the ICANN blog, Atallah wrote enthusiastically of the possibilities of the already delegated gTLDs. He rattled off the following statistics : • there are new gTLD registries with delegated gTLDs operating in nine countries, including Australia, China and Switzerland • the original 22 gTLDs consist of Latin characters only, and most are abbreviated English words, but the new gTLDs include Arabic, Chinese, German and Russian • registries for gTLDs .WIEN and .BERLIN self-identified as community applicants, signifying their intention to operate the gTLDs on behalf of the citizens of Vienna and Berlin, respectively.

But there are still obstacles to be overcome for some applicants with ICANN’s Governmental Advisory Committee, who is charged with giving advice to ICANN from governments to ICANN on issues of public policy, and especially where there may be an interaction between ICANN’s activities or policies and national laws or international agreements, concerned about some applications.

The GAC has expressed reservations about applications for .wine and .vin. The GAC is concerned that appropriate that safeguards against possible abuse of these new gTLDs may be needed. The issue for the GAC is that many may associate a type of wine with a region, and this name may be a protected name. Examples include Champagne and Burgundy in France and Mosel in Germany. However governments have not been able to agree on appropriate safeguards and the GAC has recommended “that the applications should proceed through the normal evaluation process.”

Other contentious applications raised by the GAC were for .guangzhou (IDN in Chinese) and .shenzhen (IDN in Chinese) which were both rejected with neither being able to get local government support. Another application, for .spa, aimed at the spa and wellness industry has similarly had difficulties due to it also being a geographic name. To deal with these concerns, the applicant (Donuts) has offered the city a number of domains to take account of their concerns.

There were also issues with the protection of intergovernmental organisation acronyms including the Red Cross/Red Crescent Names, a special launch programme for geographic and community gTLDs and the applications for .islam and .halal have also been contentious.

And one of the major issues for new gTLDs has been concerns raised by brand owners. In an effort to explain in simple terms issues such as the Rights Protection Mechanisms that trademark holders and their representatives can use to combat infringement during the Domain Name System expansion, ICANN published an educational infographic.

The New gTLD Program Rights Protection Mechanisms include both proactive and reactive measures for defending trademarks. The infographic seeks to explain these issues such as the Trademark Clearinghouse, Uniform Rapid Suspension System and Trademark Post-Delegation Dispute Resolution Procedure succinctly and clearly.

The infographic is available to download from http://newgtlds.icann.org/en/announ….