One of the central goals of a brand protection program is detecting infringing third-party activity that falls outside the firewall—that is, external to a brand owner’s portfolio of official core and tactical domains. Brand threats occur across a range of internet channels, but domain name abuse is one of the most significant areas for concern, both in terms of the visibility and potential for confusion of branded domain names by potential customers, and the enforcement options available. For this reason, domain monitoring is considered a core component of a brand protection service.
One of the primary data sources for monitoring are zone files, which are published by registry organizations and contain lists of all registered domains across a top-level domain (TLD), also known as a domain extension. By comparing consecutive daily versions of the zone file, one can identify both new registrations and lapsed domains.
When a new TLD is launched, it progresses through several phases, including a Sunrise phase, where trademark owners can apply for new domains—and a subsequent General Availability phase, where all entities, including members of the public, can register domains.
In this study, we considered the following four TLDs that entered General Availability in 2021, and analyzed the domain registration patterns following the launch date.
In this study, we considered the following four TLDs that entered General Availability in 20211 , and analyzed the domain registration patterns following the launch date.
.CFD – General Availability began April 20, 2021 Initially assigned to DotCFD Registry Limited by the original applicant, IG Group Holdings PLC, and delegated in 20152, the .CFD extension was initially intended to relate to “contracts for difference” trading3. It was eventually acquired by ShortDot and entered General Availability in April 2021, being marketed as referring to clothing and fashion design .
.BASKETBALL – General Availability began June 15, 2021 The Fédération Internationale de Basketball (FIBA) in partnership with TLDH and Roar Domains originally won the rights to serve as registry operator for the .BASKETBALL extension in 20145. After an extended period of qualified launch programs, community priority registration phases, and Sunrise periods, FIBA eventually opened access to the extension, marketed by agency Roar Domains doing business as ROAR.BASKETBALL, in mid-20216.
.SBS – General Availability began June 15, 2021 .SBS was originally managed by the Special Broadcasting Service Corporation (Australia) as a restricted .BRAND TLD in 2015. Following a termination notice by this registry operator in 2020, ShortDot acquired the extension and it entered General Availability in June 20217. It’s being marketed as referring to “Side by Side, perfect for social causes, charitable organizations, and other philanthropic initiatives8.”
.ZUERICH – General Availability began December 2, 2021 The government of Zurich was awarded management of the .ZUERICH extension (Zürich) in 2014 to “promote local industry, scientific interests, tourism and marketing, and to highlight the high standard of living in the Zurich region9.” The Sunrise period, where registration applications were subject to residency restrictions, began in August 2021, before moving to General Availability in December10.
Figure 1 shows the patterns in domain registration activity in relation to the start date of the respective General Availability phases.
Figure 1: Daily numbers (solid lines, left-hand axis) and cumulative total numbers since the start of April 2021 (dotted lines, right-hand axis) of domains registered for the four TLDs entering General Availability in 2021 (dates shown as dashed lines).
As expected, there are generally lower activity levels in the early phases of each TLD release. This primarily represents authorized parties registering domains for official use, and legitimate trademark holders applying for defensive registrations. A rapid increase in domain registrations generally follows, comprising domains intended for legitimate use as well as potentially infringing domains.
Across the four TLDs, more than 32,000 domains were registered between the General Availability launch phases and the date of analysis (December 17, 2021). Across these datasets, several themes are evident. Several domains incorporate popular brand names (Figure 2) and may have been registered with intent to infringe (e.g., phishing or fraud, traffic misdirection to third-party content, or the sale of counterfeit items).
|Brand||No. domains containing brand name|
|Industrial and Commercial Bank of China Limited||0|
Figure 2: Number of domains registered with names containing each of the top 10 most valuable brand names in 202111
Many of the brand-specific domains didn’t resolve to any significant site content at the time of analysis, though may be worthy of ongoing monitoring for future infringing content. Furthermore, several had already been flagged as dangerous at a browser level, potentially indicating malicious content may have been present previously, but subsequently removed. Two of the domains resolved to the same website, for a company purporting to be one of the brand’s official “product service centers.” In such cases, any false claims of affiliation can damage a brand’s reputation. Of the remaining domains, some were found being used for revenue generation, with some examples featuring pay-per-click links, and others explicitly advertised for sale.
Other popular domain keywords are also represented within this dataset—e.g., coin (156 domains); life (66); home (59); your (54); and online (123). Other examples related to specific areas of content. For example, references to eCommerce appear repeatedly via the keywords: shop (89 domains) and store (51). Other keywords raising greater potential for concern include: casino (48 domains); porn (22); and download (6). Other popular or topical areas are also represented, for example: crypto (56 domains); bitcoin (24); blockchain (9); and covid(4).
Observations and recommendations
The analysis shows the high speed at which potentially infringing domains are registered following a new TLD launch. This highlights the importance of employing a comprehensive brand monitoring program that can cover new extensions as they launch.
Monitoring should also be accompanied by an enforcement program against infringements. Ideally this should incorporate a ‘toolkit’ with a range of enforcement approaches, so that the most effective methodology can be selected, while reserving other options for escalation.
Both monitoring and enforcement can be made more efficient using automated technology. This can analyze and prioritize targets, monitor domains for content changes over time, and use clustering and other artificial intelligence (AI) features to establish links between infringements, thereby streamlining the enforcement process.
Another type of launch that’s happened over the past few years is where a country code begins offering second-level domains, where it was previously only possible to register domains at the third level (e.g., the launch of .UK, where previously only .CO.UK was available). When these launches take place, an additional Grandfather Phase is added to the process. During this phase, current owners of third-level domains are given first refusal to the second-level domain. The most notable
launches in recent years have been .NZ (New Zealand) and .UK (United Kingdom). Many brand owners failed to register relevant domains in the Grandfather Phases, resulting in high numbers of third-party registrations. The number of disputes filed with Nominet for .UK domains rose by more than 230% between 2018 and 2019, for example. Second-level domains now account for 20% of all registrations for .NZ, and 13% for .UK.
The Grandfather Phase for .AU (Australia) will launch on March 24, 2022. Brand holders will therefore need to decide whether to defensively register the names they currently hold in .COM.AU, or employ an effective monitoring program.
We’re here to talk
If you’d like more information on preparing for new TLD launches, please complete this contact form and we’ll contact you.