“Domain Name Management Is Core to IP Protection”: David Barnett, Brand Protection Strategist

• Sep 28 2023
• by Ilona K.

Preventing domain name infringement is a crucial part of any brand strategy. On the sidelines of the London Domain Summit, we interviewed David Barnett, the author of the ‘Brand Protection in the Online World’ book and Brand Protection Strategist at Stobbs IP, about the interplay between domain and brand management.

it.com Domains: Can you explain the relationship between web domains and branding? How do domains contribute to a brand’s online identity?

David Barnett: Brand protection programmes need to holistically address a range of infringement types, across multiple online channels. Within this picture, domain names play a central role, as branded domain names constitute a more explicit use (or abuse) of IP rights than other Internet content – thereby yielding greater enforcement options. They also carry the greatest potential for customer confusion or fraudulent use such as a convincing phishing site.

Brand protection, as the detection of, and enforcement against, infringing third-party domain names, as well as other content – sits alongside domain name management, as part of an organisation’s wider IP management and business administration. 

Domain name management involves the maintenance of a portfolio of domains, including ‘core’ domains used in the day-to-day business (such as those used to host the client-facing websites and email infrastructure) and ‘tactical’ domains. The latter include defensive registrations to avoid them being used by third parties, and the ones intended for future use, for example, for planned brand- or product launches.

In many cases, bad actors will deliberately make use of domain names which appear similar to those of a brand owner’s official site in order to construct a deceptive site and misdirect users. This highlights the importance of domain name considerations in online branding and brand protection.

it.com Domains: Considering the intersection of brand protection and domains – could you share some key insights you gained from your participation in the London Domain Summit? How are these trends shaping the strategies brands use to secure their online presence?

DB: From a brand protection perspective, there were discussions on proposed legislation for dealing with DNS and website abuse, particularly the proposals to extend the definition of ‘unfair use’ to include ‘just’ cyber- and typosquatting. Some others were covering domain name disputes, especially the requirements for demonstration of bad faith / abusive registration.

Also of very significant relevance were the discussions on Web3 technologies (third iteration of the web, defined by open technologies like blockchain and immersive experiences like the metaverse) – particularly blockchain domains. It was great to see the consideration of how domain name collisions (that is, the same domain name being created on multiple blockchains / by multiple providers) can be avoided, and how brand protection might function in this developing ecosystem. 

Brand owners need the same types of defensive registration and brand protection strategies as in the classic Web2 in view of the continuing numbers of infringing domain registrations across Web3. This is particularly true due Web3 domains allowing the construction of decentralised websites with associated live content and cryptocurrency wallet hosting for accepting and sending payments.

it.com Domains: When it comes to the recent developments in the domain name world, new top-level domains (TLDs) are still in the spotlight. How do these new generic top-level domains (gTLDs), third-level domains, and subdomains impact brand protection efforts? 

DB: Despite the intention of the new gTLD programme to “enhance innovation, competition and consumer choice” – and, by extension, to reduce infringements and build customer clarity – this has not really been the case. New gTLDs have seen relatively poor adoption by official entities, and the new domains have been more extensively seized on by infringers. We have seen a range of infringement types including cybersquatting, brand impersonation, phishing, and malware distribution. 

Many of the new gTLDs have been found to be more affected by infringements than their previous counterparts, despite the improved enforcement processes in place – in many cases, a reflection of low-cost registrations with lax requirements.

Accordingly, the new gTLD landscape brings increased requirements to utilise comprehensive brand protection solutions which are able to address the range of new extensions and the different contexts in which brand references can be present. 

it.com Domains: What risks should brands be mindful of when incorporating these domain variations? DB: We are seeing significant numbers of cases where domain variations are being utilised by bad actors to drive visitors to non-legitimate content. Those range from ‘fuzzy’ matches to the brand name to exact matches to the official site name but on a different TLD. Subdomain abuse is a particularly effective way of constructing a deceptive URL, especially when combined with other techniques such as hyphenated brand variations.

Brand infringements make use of a range of brand variations in domain names, including missing, additional or replaced characters (including non-Latin ‘homoglyphs’ which appear almost identical to their Latin equivalents), or transposed characters. Many of these appear visually similar to the legitimate brand domain names, leading to confusion, whilst others attract web traffic from mistyped web addresses. 

it.com Domains: Subdomains are a close topic to us, as we offer third-level domain names with a benefit of having a domain ending with .com. How do you see the role of it.com Domains and other providers in supporting businesses seeking better brand protection?

DB: Subdomain / third-level domain resellers such as it.com Domains provide a quick and easy opportunity for entities to register distinctive domain names on highly desirable TLDs. In many cases, such service providers can also offer a degree of privacy protection for the subdomain owners. 

For the same reasons, these types of service can also be attractive to infringers. So the service providers have a responsibility to operate robust know-your-customer (KYC) practices, be proactive in screening applications and hosted content for IP infringements, and to be receptive to enforcement requests from third-party brand protection service providers.

it.com Domains: Zooming out a bit – how do you foresee the intersection of artificial intelligence, machine learning, and brand protection evolving in the context of web domains? Are there any emerging technologies that could revolutionise how brands protect their online assets?

DB: Currently AI really presents more questions than answers in the brand protection arena, with open issues including: 

• the nature of content produced by AI (What if it is defamatory or inaccurate? How can dynamic content be monitored? Who owns the rights?); 
• the training datasets (Is IP infringed when tools are trained? What are the cybersecurity risks if tools are trained with company-sensitive information?); 
• and the risk of tools being used to generate malware or phishing content.

When it comes to domain names, the question is whether automated tools to suggest suitable domains for registration should incorporate checks to ensure that the suggestions will not infringe protected IP.

However, there are opportunities for AI to be integrated into the next generation of brand monitoring and domain management tools. We can envisage monitoring systems which learn how to evolve their own settings to more accurately filter and prioritise content, and identify trends in infringement patterns.

it.com Domains: Finally, looking ahead, what advice do you have for businesses aiming to enhance their brand protection strategies in the dynamic landscape of web domains? 

DB: The interplay between brand protection (i.e. consideration of third-party content) and domain name management (i.e. consideration of officially owned domains) is likely to remain core to IP protection in the future.

For initiatives such as the launch of new gTLDs, it is necessary to employ a brand protection solution, and brand owners may wish to buy into the associated opportunities more fully, such as through applications for dot-brand TLDs.

Going forward, we should also expect to see AI capabilities increasingly being incorporated into brand monitoring technologies.

---