Domain Name Abuse : INTA’s New Definition

La nouvelle définition de « l’abus de Noms de Domaine / Domain Name Abuse» de l’INTAIntroduction

The International Trademark Association (“INTA”) provided a comprehensive and clear definition of “Domain Name Abuse” on May 16, 2023. Prior to this date, the definition of “Domain Name Abuse” was imprecise in the private sector, government, and universities. INTA defines it as “any activity that makes, or intends to make, use of domain names, the Domain Name System protocol, or any digital identifiers that are similar in form or function to domain names to carry out deceptive, malicious, or illegal activity.”

This new definition will therefore enable prior trademark owners to protect their rights when their trademarks are targeted by criminals.


Understanding Domain Name Abuse

Abuse occurs when bad actors commit fraud and steal from consumers, businesses, or even governmental bodies, all while infringing on the rights of prior trademark holders. It manifests through the malicious use of domain name systems, notably via phishing, spamming, distributing malicious software, or engaging in fraudulent activities like cybersquatting, typosquatting, dotsquatting, domain hijacking, shadowing, and domain name impersonation.


Implications for Trademark Holders and Consumers

Abuse is a hazardous practice for both victims (consumers, businesses, government agencies) and prior trademark holders. In fact, bad-faith actors maliciously register domain names by replicating pre-existing trademarks or domain names that have been legitimately registered and renewed. To lend credibility to these dubious websites, these malicious domain holders will replicate the products and services offered by the legitimate owner, as well as their email correspondence, mailing address, and even the brand image of companies.

Domain name abuse thereby infringes upon the rights of legitimate trademark holders and creates a significant risk of confusion for users.


Previous Definitions: Gaps and Limitations

In January 2022, the European Commission published the European Union study on the abuse of domain names, which was quickly followed in March 2023 by the United States, with an active commitment to securing critical infrastructures, particularly domain name systems, as part of its National Cybersecurity Strategy. The prevalence of domain name abuse compelled various nations to take necessary action; however, these were frequently limited and ambiguous.

Although many definitions existed prior to INTA’s report, many of them failed to adequately address important intellectual property concerns like counterfeiting and privacy. 

One example is the definition given by the European Commission in January 2022. According to the European Commission, abuse would be “any activity using domain names or the DNS protocol to conduct harmful or illegal activities.”

In clause 11 of the registry agreement, ICANN, the Internet Corporation for Assigned Names and Numbers, asserts that domain name abuse includes “malware, phishing, trademark or copyright infringements, deceptive or fraudulent practises, counterfeiting, or any other activity contrary to prevailing legislation…”

Finally, the Voluntary Framework on Domain Name Abuse defines them as “malware, botnets, phishing, pharming, or SPAM disseminating malware, botnets, phishing, pharming, or SPAM disseminating malware, botnets, phishing, or pharming.”

These definitions largely represent what the technical community recognizes as abuse. Indeed, confining domain name abuse to “technical breaches” failed to anticipate the tangible legal challenges of these practices.

Similarly, mentioning “harmful or illegal activities” without defining their scope did not provide adequate legal guidance regarding intellectual property

It was therefore critical to develop a comprehensive, concise, and understandable definition of domain name abuse in order to best protect victims of these infringements and trademark holders.

INTA’s Comprehensive Definition of Domain Name Abuse

Given the increasing instances of attacks on domain names and cyber risks, INTA felt the need to step in and provide a clear technical and legal definition that incorporates issues of intellectual property and emerging technologies.

Domain name abuse, is now defined as “any activity that makes, or intends to make, use of domain names, the Domain Name System protocol, or any digital identifiers that are similar in form or function to domain names to carry out deceptive, malicious, or illegal activity”

The inclusion of the term “similar in form or function to domain names” allows INTA to make the necessary connection with intellectual property. Indeed, the function of a trademark is to assure the origin of a product or service. However, domain name abuse misleads internet users about the origin of brands, creating a significant risk of confusion through techniques such as cybersquatting, typosquatting, and dotsquatting.

Conclusion on the new definition of Domain Name Abuse.

The new definition of domain name system abuse now helps trademark owners and the general public. It calls for ongoing vigilance and cooperation between organisations such as INTA and ICANN to ensure a clear understanding of the issues surrounding this concept.


To find out more read our articles on Domain name right : bona fide offer of goods or services, AFNIC’s New Mediation Procedure: Fast and Free Dispute Resolution for Domain Name Holders or visit INTA’s website.