not so punny! – understanding punycode
3 mins reading time
Facebook, Inc. v. Registration Private, Domains By Proxy, LLC / Krzysztof Wazny, WIPO Case No. D2019-2984 (WIPO Arbitration and Mediation Center)
Facebook was recently successful in obtaining the transfer of a .com domain name, xn--facbook-ts4c.com, from a cyber-squatter.
It is interesting how WIPO arrived at their decision. It involved the analysis of Punycode and an analysis of how the domain name presents itself to the general public on devices.
‘Punycode’ is computer coding used to assist computers to recognise the use of special characters i.e. characters in other languages, umlauts and even emojis (e.g. München, the German name for Munich, is encoded as Mnchen-3ya).
What makes this case interesting is that xn--facbook-ts4c.com as a domain name is displayed in your browser as facẹbook.com. This looks almost identical to facebook.com as the only difference is that the ‘e’ has a diacritic mark on its bottom, shown more clearly by enlarging the character:
ẹ
Applying the decision of Württembergische Versicherung AG v. Emir Ulu, WIPO Case No. D2006-0278, it was affirmed that in determining whether Punycode domains are similar to existing trade marks (or potentially infringe on IP rights of third parties), Punycode domains should be assessed using both their browser-translated appearance, and the address itself.
On this basis, it was evident that the domain name was confusingly similar to Facebook’s trade marks. It was also held that on the balance of probabilities, the cyber-squatter had registered the domain name in bad faith: it’s likely the cyber-squatter would have been aware of Facebook’s website and the cyber-squatter had no legitimate interest in the name.
key take-aways:
- you need to be vigilant in protecting your trade mark rights;
- there are relatively low-cost methods of enforcing your rights against cyber-squatters (e.g. through WIPO’s domain dispute regime) provided you have a registered trade mark;
- there is a vast number of Punycode characters that are available;
- the use of Punycode in email addresses can cause a loss of brand value where third parties attempt phishing by impersonating your business (i.e. through utilising a similar domain to your genuine one); and
- If you use an umlaut or other unique character in your brand, you should seek registration of at least two domains: one without the unique character (e.g. lup.com), which redirects to the second Punycode domain (e.g. xn--lp-xka.com, which appears as lüp.com) that displays the character (in the example the umlaut).
For further information on Punycode or any domain name disputes, please contact Mark Metzeling and Macpherson Kelley’s IP Team.
more
insights
stay up to date with our news & insights
not so punny! – understanding punycode
Facebook, Inc. v. Registration Private, Domains By Proxy, LLC / Krzysztof Wazny, WIPO Case No. D2019-2984 (WIPO Arbitration and Mediation Center)
Facebook was recently successful in obtaining the transfer of a .com domain name, xn--facbook-ts4c.com, from a cyber-squatter.
It is interesting how WIPO arrived at their decision. It involved the analysis of Punycode and an analysis of how the domain name presents itself to the general public on devices.
‘Punycode’ is computer coding used to assist computers to recognise the use of special characters i.e. characters in other languages, umlauts and even emojis (e.g. München, the German name for Munich, is encoded as Mnchen-3ya).
What makes this case interesting is that xn--facbook-ts4c.com as a domain name is displayed in your browser as facẹbook.com. This looks almost identical to facebook.com as the only difference is that the ‘e’ has a diacritic mark on its bottom, shown more clearly by enlarging the character:
ẹ
Applying the decision of Württembergische Versicherung AG v. Emir Ulu, WIPO Case No. D2006-0278, it was affirmed that in determining whether Punycode domains are similar to existing trade marks (or potentially infringe on IP rights of third parties), Punycode domains should be assessed using both their browser-translated appearance, and the address itself.
On this basis, it was evident that the domain name was confusingly similar to Facebook’s trade marks. It was also held that on the balance of probabilities, the cyber-squatter had registered the domain name in bad faith: it’s likely the cyber-squatter would have been aware of Facebook’s website and the cyber-squatter had no legitimate interest in the name.
key take-aways:
- you need to be vigilant in protecting your trade mark rights;
- there are relatively low-cost methods of enforcing your rights against cyber-squatters (e.g. through WIPO’s domain dispute regime) provided you have a registered trade mark;
- there is a vast number of Punycode characters that are available;
- the use of Punycode in email addresses can cause a loss of brand value where third parties attempt phishing by impersonating your business (i.e. through utilising a similar domain to your genuine one); and
- If you use an umlaut or other unique character in your brand, you should seek registration of at least two domains: one without the unique character (e.g. lup.com), which redirects to the second Punycode domain (e.g. xn--lp-xka.com, which appears as lüp.com) that displays the character (in the example the umlaut).
For further information on Punycode or any domain name disputes, please contact Mark Metzeling and Macpherson Kelley’s IP Team.