International Business Machines Corporation (IBM) v Privacy service
WIPO Case No. D2022-2745
•28-09-2022
| ARBITRATION AND MEDIATION CENTER |
ADMINISTRATIVE PANEL DECISION
International Business Machines Corporation (IBM) v. Privacy service
provided by Withheld for Privacy ehf / Arun D, Arun India
Case No. D2022-2745
1. The Parties
The Complainant is International Business Machines Corporation (IBM), United States of America (“United
States”), internally represented.
The Respondent is Privacy service provided by Withheld for Privacy ehf, Iceland / Arun D, Arun India, India.
2. The Domain Name and Registrar
The disputed domain name <in-ibm.com> (the “Domain Name”) is registered with NameCheap, Inc. (the
“Registrar”).
3. Procedural History
The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on July 26, 2022. On July 27, 2022, the Center transmitted by email to the Registrar a request for registrar verification in connection with the Domain Name. On July 27, 2022, the Registrar transmitted by email to the Center its verification response disclosing registrant and contact information for the Domain Name which differed from the named Respondent and contact information in the Complaint. The Center sent an email communication to the Complainant on July 28, 2022 providing the registrant and contact information disclosed by the Registrar, and inviting the Complainant to submit an amendment to the Complaint. The Complainant filed an amendment to the Complaint on July 28, 2022.
The Center verified that the Complaint together with the amendment to the Complaint satisfied the formal
requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for
Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for
Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).
In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the
Complaint, and the proceedings commenced on August 2, 2022. In accordance with the Rules, paragraph 5,
the due date for the Response was August 22, 2022. The Respondent did not submit any response.
Accordingly, the Center notified the Respondent’s default on August 24, 2022.
page 2
The Center appointed Jon Lang as the sole panelist in this matter on September 7, 2022. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.
4. Factual Background
Tracing its roots back to the 1880s, the Complainant is a leading innovator in the design and manufacture of a wide array of products that record, process, communicate, store and retrieve information, including computers and computer hardware, software and accessories. Incorporated on June 16, 1911 as an amalgamation of three previously existing companies, the Complainant became International Business Machines on February 14, 1924. The Complainant has been offering products under the trademark IBM ever since.
The Complainant owns and has owned trademark registrations for IBM in 131 countries all around the world for several decades for a broad range of goods and services including, but not limited to, information technology related goods and services. For instance, the Complainant owns the following trademarks for IBM: United States trademark registration no. 640,606 registered on January 29, 1957; United States trademark registration no. 1,696,454 registered on June 23, 1992; United States trademark registration no. 3,002,164 registered on September 27, 2005; and United States trademark registration no. 4,181,289 registered on July 31, 2012.
IBM is a world-famous trademark. In 2021, the Complainant was valued at over USD 91 billion and ranked the 15th most valuable global brand by BrandZ, the 18th best global brand by Interbrand, the 42nd largest company on the Fortune United States 500 list and the 121st largest company on the Fortune Global 500 list. It spends over USD 1 billion annually marketing its goods and services globally using the IBM
trademark.
The Domain Name <in-ibm.com> was registered on October 11, 2021, through a privacy shield service, Withheld for Privacy ehf. It is linked to a mail server such that it can be used for sending and accepting email messages using the Domain Name. Whilst the Domain Name currently resolves to a coming soon
page, in which Internet users are directed to a landing page stating “Future home of something quite cool”,
for a period of time it directed Internet users to the Complainant’s own website.
The Complainant sent a cease and desist letter on October 13, 2021, to the Respondent (via NameCheap,
the Registrar) at the email address listed on the WhoIs record, asking that the Respondent disable and
transfer the Domain Name to the Complainant. The Complainant also sent a follow up letter on December
28, 2021, and an additional follow up letter on January 28, 2022. The Respondent did not reply to the
Complainant’s letters.
The WhoIs record for the Domain Name indicates that it is associated with IP address 184.168.113.170 which is an IP address currently linked to botnet command and control servers.
5. Parties’ Contentions
A. Complainant
The following is a summary of the main assertions of the Complainant.
The Domain Name is identical or confusingly similar to a trademark or service mark in which the
Complainant has rights
As a result of the high quality of goods and services the Complainant has provided to its customers for over 100 years, and its reputation as one of the premier manufacturers of computer and computer related goods
page 3
and services throughout the world, the Complainant’s name and the IBM trademark are famous and valuable
assets. The IBM trademark is distinctive and well-known around the world.
The Domain Name consists of the letters “in” which refer to the country code for India, a “-” (dash), followed by the letters “ibm”, and then the generic Top-Level Domain (“gTLD”) “.com.” The letters “ibm” contained in the Domain Name are identical to the IBM trademark. The only difference therefore between the
Complainant’s trademark and Domain Name is the geographical indication “in” (for India) and the “-”. The Complainant has a longstanding history of conducting business in India. The presence of the term “in”, followed by a “-”, in the Domain Name does not obviate the confusing similarity between the Domain Name and trademark. In fact, the addition of the country code “in” is a descriptive indication of origin, which adds to the confusion as to the relationship between the Complainant and the Respondent, rather than reducing confusion.
The Domain Name is identical or confusingly similar to the Complainant’s registered trademarks.
The Respondent has no rights or legitimate interests in respect of the Domain Name
The Complainant has never licensed or otherwise permitted anyone to apply to register the Domain Name.
There is no evidence that the Respondent is using the Domain Name for a bona fide offering of goods or services. On the contrary, the Respondent has configured an email server to the Domain Name indicating an intention to potentially use it for purposes other than hosting a website, including for improper purposes.
The Respondent intentionally attempted to create a likelihood of confusion by using the Domain Name to redirect Internet users to the Complainant’s official website at “ Such use is likely to trick consumers into erroneously believing that the Complainant is somehow affiliated with the Respondent or endorsing its commercial activities.
There is no evidence of any use, or demonstrable preparations to use the Domain Name or a name corresponding to the Domain Name in connection with any bona fide offering of goods or services, the Respondent has not been commonly known by the Domain Name and the Respondent is not making a legitimate non-commercial or fair use of the Domain Name.
The Domain Name was registered and is being used in bad faith
A presumption of bad faith may be created solely through the registration of a domain name that is identical as to the relationship between the Complainant and Respondent and demonstrating bad faith.
or confusingly similar to a famous or widely-known trademark. The only difference between the Domain
Name and IBM trademark is the mere addition of the geographical term “in” which signifies India, and a dash
(“-”). Thus a presumption of bad faith must arise. Moreover, the Complainant has a longstanding history of
conducting business in India and owns the domain name <ibmindia.com>, which redirects to the
The Domain Name is confusingly similar to the Complainant’s IBM trademark and the Respondent has no
relationship to the Complainant or the IBM trademark, and thus the Respondent has registered the Domain
Name in bad faith.
Internet search engines find the Complainant and its products/services when using “In-IBM” as a key word.
The Complainant’s trademarks are well-known around the world. The Respondent registered the Domain Name at least 64 years after the Complainant established its registered trademark rights in the IBM trademark. The Respondent was well aware of the Complainant’s trademark at the time the Domain Name was registered, or should have known of it, or has exercised willful blindness in respect thereof.
page 4
The Respondent has registered the Domain Name through a privacy shield service which may indicate bad faith.
A presumption of bad faith may be created solely through redirecting a domain name to a complainant’s (or competitor’s) website as this creates a real or implied threat to a complainant.
The Respondent has connected the Domain Name to a mail server suggesting that the Respondent may have intended to use it for phishing or other fraudulent purposes.
The Complainant sent a cease and desist letter (and follow-up letters) to the Respondent (through reply was received.
The Domain Name currently resolves to a coming soon page, in which Internet users are directed to a landing page stating “Future home of something quite cool”. Bad faith exists here pursuant to the doctrine of passive holding.
The IP address with which the Domain name is associated is currently linked to botnet command and control servers often used to improperly gather sensitive information. Use of a domain name for purposes other than to host a website, including the sending of deceptive emails, phishing, identity theft or malware distribution, may constitute bad faith. The consequences of such activities can be detrimental not only to a complainant, but also to third parties. A Complainant need not wait for direct harm before seeking redress.
The Respondent’s undoubted familiarity with the Complainant’s world-famous IBM trademark at the time of registering the Domain Name, the Respondent’s use of a privacy shield service, the confusing similarity between the Domain Name and IBM trademark, the fact that the Domain Name is associated with an IP address connected to botnets and is linked to an active mail server, and the fact that for a time, it directed to the Complainant’s own website, are in combination proof that the Domain Name was registered, and has been used, in bad faith.
B. Respondent
The Respondent did not reply to the Complainant’s contentions.
6. Discussion and Findings
Paragraph 4(a) of the Policy requires a complainant to prove that a respondent has registered a domain name which is: (i) identical or confusingly similar to a trademark or service mark in which a complainant has rights; and (ii) that the respondent has no rights or legitimate interests in respect of the domain name; and (iii) that the domain name has been registered and is being used in bad faith. A complainant must prove each of these three elements to succeed.
A. Identical or Confusingly Similar
The Complainant is the owner of the IBM trademark and thus clearly has rights in that long-established and world famous trademark.
Ignoring the gTLD “.com”, the Domain Name comprises the IBM trademark preceded by a hyphen and the letters “in” to form <in-ibm.com>. Accordingly, the IBM trademark and Domain Name are not identical and thus the issue of confusing similarity must be considered. Application of the confusing similarity test under the UDRP typically involves “a side-by-side comparison of the domain name and the textual components of the relevant trademark to assess whether the mark is recognizable within the disputed domain name”
(section 1.7 of the WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition
(“WIPO Overview 3.0”)). Section 1.7 of the WIPO Overview 3.0 goes on to provide “…in cases where a
page 5
domain name incorporates the entirety of a trademark, (…) the domain name will normally be considered
confusingly similar to that mark for purposes of UDRP standing”.
The IBM trademark is incorporated in its entirety within the Domain Name. It is clearly recognizable within the Domain Name. The addition of the letters “in”, being the International Organization for Standardization (ISO) code for India, and the hyphen separating the letters “in” from the IBM trademark, does not prevent a finding of confusing similarity between the Domain Name and the Complainant’s IBM trademark.
The Panel finds that the Domain Name is confusingly similar to the IBM trademark for the purposes of the
Policy and thus paragraph 4(a)(i) of the Policy has been established.
B. Rights or Legitimate Interests
By its allegations, the Complainant has made out a prima facie case that the Respondent lacks rights or legitimate interests in the Domain Name.
Accordingly, the burden of production shifts to the Respondent to come forward with arguments or evidence demonstrating that it does in fact have such rights or legitimate interests. The Respondent has not done so and accordingly, the Panel is entitled to find, given the prima facie case made out by the Complainant, that the Respondent indeed lacks rights or legitimate interests in the Domain Name. Despite the lack of any
answer to the Complainant’s contentions however, the Panel is entitled to consider whether there would be
anything inappropriate in such a finding.
A respondent can show it has rights to or legitimate interests in a domain name in various ways even where preparations to possibly engage in, questionable activity. In particular, the Domain Name is associated with an IP address connected to botnets. One definition of a botnet is “a network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g. to send spam”. Other definitions are equally pernicious. The Domain Name is linked to an active mail server from which emails could be sent and received. This raises the possibility of the Domain Name being used for phishing or other illicit activity whereby Internet users are misled into believing they are corresponding with an email address of, or legally associated with, the Complainant. Also, for a period of time, the Domain Name directed Internet users to the Complainant’s own website.
it is not, as here, licensed by or affiliated with a complainant. For instance, it can show that it has been
commonly known by the domain name or that it is making a legitimate noncommercial or fair use of the
domain name without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark
or service mark at issue. A respondent can also show that it is using a domain name in connection with a
bona fide offering of goods or services. Here, however, the Respondent is not known by the Domain Name.
The Respondent clearly knew of the Complainant and its IBM trademark. The very purpose in the Respondent choosing the (confusingly similar) Domain Name it did was to deliberately create a false impression of association with the Complainant. The Respondent’s subsequent behavior as described above all but confirms the absence of any intention of using the Domain Name for any legitimate noncommercial or fair use.
The Respondent’s behavior cannot of course amount to a bona fide offering of goods or services either.
Furthermore, where a domain name consists of a trademark plus a geographical term, UDRP panels have largely held that such composition cannot constitute fair use if it effectively impersonates or suggests sponsorship or endorsement by the trademark owner. WIPO Overview 3.0, section 2.5.1.
There is no evidence before this Panel suggesting that the Respondent might have rights or legitimate interests in the Domain Name. Accordingly, the Panel finds that the Complainant has fulfilled the requirements of paragraph 4(a)(ii) of the Policy.
page 6
C. Registered and Used in Bad Faith
Paragraph 4(b) of the Policy provides a number of non-exclusive scenarios which may evidence a respondent’s bad faith. They include, for instance, a respondent registering a domain name in order to prevent an owner of the trademark or service mark to which it is said to be confusingly similar or identical, from reflecting the mark in question in a corresponding domain name, provided that the respondent has engaged in a pattern of such conduct. A respondent registering a domain name primarily for the purposes of disrupting the business of a competitor is another scenario, as is a respondent intentionally attempting to attract, for commercial gain, Internet users to its website by creating a likelihood of confusion with a complainant’s mark as to the source, sponsorship, affiliation or endorsement of its website or of products or services on it.
Sometimes, it is not possible for a complainant to demonstrate literal or verbatim application of one of the paragraph 4(b) scenarios. However, given that such scenarios are non-exclusive and simply illustrative, this matters not as long as there is evidence demonstrating that a respondent seeks to take unfair advantage of, or to abuse a complainant’s trademark, such behavior being broadly understood to constitute bad faith for the purposes of the Policy.
Section 3.1.4 of WIPO Overview 3.0 provides that “redirecting the domain name to the complainant’s (or a competitor’s) website” can support a finding of bad faith. Given the Respondent’s registration of a confusingly similar Domain Name incorporating a distinctive and world famous mark which directed Internet users for a time to the Complainant’s own website (no doubt to strengthen the appearance of association with the Complainant), the Domain Name’s connection to botnets and an active mail server from which emails could be sent and received, suggests that the Respondent was likely planning to engage in illicit activity. The circumstances of this Complaint clearly support a finding of bad faith.
Previous panels have found that the non-use of a domain name (including a “coming soon” page) does not prevent a finding of bad faith under the doctrine of passive holding. The fact that the Domain Name at present resolves to a coming soon page (and hence currently can be treated only as being passively held), does not prevent a finding of bad faith registration and use. Indeed, a passive holding of a domain name can support a finding of bad faith. UDRP panels must examine all the circumstances of the case.
Section 3.3 of the WIPO Overview 3.0, provides: “While panelists will look at the totality of the
circumstances in each case, factors that have been considered relevant in applying the passive holding
doctrine include: (i) the degree of distinctiveness or reputation of the complainant’s mark, (ii) the failure of the
respondent to submit a response or to provide any evidence of actual or contemplated good-faith use, (iii)
the respondent’s concealing its identity or use of false contact details (noted to be in breach of its registration
agreement), and (iv) the implausibility of any good faith use to which the domain name may be put.”
The Domain Name is confusingly similar to the world famous and distinctive IBM trademark. No Response was filed or evidence of actual or contemplated good faith use provided. Indeed, any good faith use of the confusingly similar Domain Name would seem highly implausible. The Respondent’s use of a privacy
service, whilst not in itself necessarily indicative of bad faith, is nonetheless here supportive of such a
finding.
The Domain Name has the hallmarks of bad faith registration and use. It is inherently deceptive and ripe to be likely used in a phishing scam or for other illegitimate activity. The Panel finds that there are circumstances suggesting that the Respondent has sought to take unfair advantage of the Complainant’s trademark and/or abuse its trademark and thus, for the purposes of the Policy, there is evidence of both registration and use of the Domain Name in bad faith. The passive holding of the Domain Name in the circumstances of this Complaint supports a finding of bad faith.
page 7
7. Decision
For the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel orders that the Domain Name <in-ibm.com> be transferred to the Complainant.
/Jon Lang/
Jon Lang
Sole Panelist
Date: September 21, 2022
0
0
0