legal Blackrock, Inc. v. BALCKROCK.COM et al

[bhartzer]

This is an interesting case, especially because it was a lawsuit filed in the Eastern District of Virginia against 40 domain name owners.

In September 2022, Blackrock, Inc. filed a lawsuit against the owner of balckrock dot com for trademark infringement. They also included 40 other domain names as well:

BALCKROCK.COM, BLACKROCKINVESTMENTS.COM, BLACKROCKINVESTORS.COM, BLACKROCKBANK.COM, BLACKROCKFINANCIALCORP.COM, BLACKROCKMONEY.COM, BLACKROCKEQUITYPARTNER.COM, BLACKROCKFUNDING.COM, BLACKROCKHOLDINGINVESTMENTS.COM, BLACKROCKBANKS.COM, BLACKROCKTRADELLP.COM, BLACKROCK-PSA.COM, BLACKROCK-INVESTMENT.COM, BLACKROCKBITCOIN.COM, BLACKROCKUKINVESTMENT.COM, BLACKROCKCAPITALSOLUTIONSLLC.COM, BLOCKROCKCAPITAL.COM, BLACKROCK-FUND.COM, BLACKROCKCRYPTOBANK.COM, BLACKROCKBROKER.COM, BLACKROCKBROKERAGEFIRM.COM, BLACROCK.NET, MYBLACKROCKISHARES.COM, BLACK-ROCK-INVEST.COM, BLACKROCKINVESTMENTSGROUP.COM, BLACKSOCK-INVEST.COM, FUNDBLACKROCK.COM, BLACKROCKFINANCIALADVISERS.COM, BLACKROCKFINANCIALADVISORS.COM, BLACKROCKLOAN.COM, BLACKROCK-STOCK.COM, BLACKROCKE.COM, BLACKROCKDIGITALASSETS.COM, BLACKROCKINVEST.ORG, BLACKRPCK.COM, BLACKROCK-INVEST.COM, BLACKROK.COM, BLACKROCKGLOBALINVESTMENT.COM and BLACKROCKVESTMENT.COM

https://dockets.justia.com/docket/virginia/vaedce/1:2022cv01002/528315

Rather than filing a UDRP, they chose to file a lawsuit in Virginia. Blackrock, Inc. won the case, and it was finalized by the judge in December 2022.

What's interesting to me here is that GoDaddy, the registrar where at least 1 of the domain names were registered, at NO time during the lawsuit (when they were told to lock the domains), nor when the domains were moved out of the domain owner's account, did GoDaddy notify the domain owners.

I know one of the owners of the domains, and they were actually using it for a website that had nothing to do with finance, investment, etc. so it's quite possible that if they had known about the lawsuit they could have tried to defend the ownership of the domain.

The UDRP process notifies domain owners about the UDRP and gives them a chance to respond. However, if a lawsuit is filed, then domain owners are not notified at all. In this case, the domain owner went to renew the domain and found it was no longer in his GoDaddy account, so they came to me (through DNAccess' domain recovery service) and asked if I could find out what happened.

So what are domain owners to do? We're not notified when a lawsuit is filed, especially if the domain is at GoDaddy and it's locked.

 

[Keith]

If a lawsuit is filed directly against a domain owner, that has nothing to do with godaddy. I can almost guarantee that all parties were informed that there was a case involving their domain or domains.

In looking at the list you provided, they are all guilty of TM infringement and the right decision was made. Godaddy isn’t going to hold your hand in these types of situations.

 

[bhartzer]

If a lawsuit is filed directly against a domain owner, that has nothing to do with godaddy. I can almost guarantee that all parties were informed that there was a case involving their domain or domains.

In looking at the list you provided, they are all guilty of TM infringement and the right decision was made. Godaddy isn’t going to hold your hand in these types of situations.

In this case, the domain owner was not informed, and real contact info was listed in the whois record.

I agree that with many of the domains there was TM infringement. There are about 50 live/dead trademarks for 'blackrock' actually. About half are live.

But with a few of the other named domains, there actually is no 'clear' infringement, a domain owner could have defended themselves based on their usage of the domain. I know one in particular was not used for anything related to finance or investment, etc.. and was not notified at all of the lawsuit.

My point here is not necessarily to argue one way or the other on whether these are or aren't infringing domains.


What is a domain owner to do when they're NOT notified of a lawsuit that involves one of their domains? UDRP will notify a domain owner.

 

[draco]

AFAIK, you always have to be notified of a lawsuit. At least they have to make a good faith effort to find you. If the Whois information was accurate, they should have been notified. It's hard to argue they couldn't find the person.

My other question is, shouldn't Blackrock have had to file in the jurisdiction(s) of the domain owner(s) or GoDaddy itself?

 

[Keith]

What is a domain owner to do when they're NOT notified of a lawsuit that involves one of their domains? UDRP will notify a domain owner.

My gut says they were informed but let’s assume they weren’t. If their brand is so valuable to them, they can file their own lawsuit against Godaddy and Blackrock.

I’m sorry but piggy backing off of other, established brands is not recommended and these leaches are learning the hard way.

 

[bhartzer]

My gut says they were informed but let’s assume they weren’t. If their brand is so valuable to them, they can file their own lawsuit against Godaddy and Blackrock.

I’m sorry but piggy backing off of other, established brands is not recommended and these leaches are learning the hard way.

I totally agree, piggy backing off of other well established brands is definitely not a good thing.

In this case, this one domain owner wasn't notified of the lawsuit and they registered the domain in 2003.

 

[Keith]

I totally agree, piggy backing off of other well established brands is definitely not a good thing.

In this case, this one domain owner wasn't notified of the lawsuit and they registered the domain in 2003.

What was their domain?

 

[bhartzer]

What was their domain?

blackrok

 

[Keith]

blackrok

 

[Keith]

They were trying to grab a few bucks and it backfired.

 

[jberryhill]

I know one of the owners of the domains, and they were actually using it for a website that had nothing to do with finance, investment, etc.

I love how this is described as what it was "not" being used for. So, tell us, how was it being used?

This is one of the business lines of the TM claimant:

This is one of many screencaps of the domain name in question (showing how it was used until relatively recently):

So, gee, a news aggregator about real estate investing and the Consumer Financial Protection Bureau has nothing to do with finance and investing?

That's bullshit right there.

More recently, the domain owner changed it to a blank wordpress site being used for nothing, with no contact information on the site.

In this case, the domain owner was not informed, and real contact info was listed in the whois record.

Here's a brilliant idea - if you are running a website for some genuine purpose, then provide a way of contacting you on that website. Pretty simple, eh?

Here's the WHOIS record for August 2022:

That is significant, since the contact information in the WHOIS (the link that GoDaddy provides) was sworn to be used in this affidavit describing how notice was sent:

https://storage.courtlistener.com/recap/gov.uscourts.vaed.528315/gov.uscourts.vaed.528315.5.1.pdf

So, yep, in the absence of any contact information on the page that was being used for... oh, we don't know, but we know what it was "not"... the WHOIS information also did not include a way to contact the domain registrant other than the GoDaddy contact link method.

 

[jberryhill]

AFAIK, you always have to be notified of a lawsuit. At least they have to make a good faith effort to find you. If the Whois information was accurate, they should have been notified. It's hard to argue they couldn't find the person.

Why is that hard to argue?

This is the whois information at the relevant time:

Here's a sworn statement explaining how they tried to contact the domain registrants:

https://storage.courtlistener.com/recap/gov.uscourts.vaed.528315/gov.uscourts.vaed.528315.5.1.pdf

So, what is it they didn't do which they should have done?

My other question is, shouldn't Blackrock have had to file in the jurisdiction(s) of the domain owner(s) or GoDaddy itself?

The .com registry is located in Virginia where this suit was filed.

 

[draco]

Why is that hard to argue?

This is the whois information at the relevant time:



Here's a sworn statement explaining how they tried to contact the domain registrants:

https://storage.courtlistener.com/recap/gov.uscourts.vaed.528315/gov.uscourts.vaed.528315.5.1.pdf

So, what is it they didn't do which they should have done?

Nothing. That's why I said if the whois was accurate. It apparently wasn't, or they just ignored the message. Plus I didn't read through the case to see that they had tried. My bad on that one, and kudos to you for taking your time to do it on this case and all the others you respond to on here.

 

[bhartzer]

Why is that hard to argue?

This is the whois information at the relevant time:

Show attachment 236263

Here's a sworn statement explaining how they tried to contact the domain registrants:

https://storage.courtlistener.com/recap/gov.uscourts.vaed.528315/gov.uscourts.vaed.528315.5.1.pdf

So, what is it they didn't do which they should have done?




The .com registry is located in Virginia where this suit was filed.

Interesting that you point this out. As far as the contact info goes, looking at the whois history, the full name, address and phone was on the whois record prior to GoDaddy obfuscating it like you're showing above. A simple view of the whois history would actually show the full contact info. The 'organization' and State didn't change so we'd have to assume that the domain owner didn't change from previous versions of the whois record that are a part of the whois history.

But if the registrar is obfuscating the whois data, then wouldn't the reasonable thing to do would be to contact the registrar and then that info should have been sent over to the domain owner? Isn't there an ICANN requirement that a valid email be listed on the whois record so that the current registrant can be contacted? All I see is '[email protected]' as the email, and that's not the email (or even an obfuscated email) for the registrant.

I see that in the original complaint that they DID contact GoDaddy about the lawsuit. And in this case, GoDaddy never contacted their customer about the lawsuit.

 

[jberryhill]

I see that in the original complaint that they DID contact GoDaddy about the lawsuit. And in this case, GoDaddy never contacted their customer about the lawsuit.

Yep. They should definitely do that, just as with abuse complaints.

Bizarrely, some registrars are under the impression that they aren't supposed to tell registrants about things like this, even when they lock the name.

One assumption here is equating "I didn't receive something" with "Something wasn't sent to me". If some people get a 20 meg email from someone they don't know, it gets filtered out.

Nothing beats controlling your own contact information by providing it on your web site(s).

 

[pb]

I'm confused, you mention BlackRock.com but it appears to have been in their possession since at least 1999?
Never mind, I misread the typo, lol

 

[branding]

For what it's worth, GoDaddy doesn't automatically relay emails sent through the form at the link they provide in their whois.

Someone at GD had the brilliant idea to make this change. You can edit the setting somewhere in your domain settings if I remember correctly. (I don't use them much).

There's another thread on NP discussing the issue and this is an excellent example on how this might harm the registrant.

So yeah, the plaintiff most probably tried to contact the owner through that form, and GoDaddy most likely didn't relay that email to the domain owner.

@James Iles

 

[branding]

https://www.namepros.com/threads/godaddy-blocking-emails.1291876

 

[bhartzer]

For what it's worth, GoDaddy doesn't automatically relay emails sent through the form at the link they provide in their whois.

Someone at GD had the brilliant idea to make this change. You can edit the setting somewhere in your domain settings if I remember correctly. (I don't use them much).

There's another thread on NP discussing the issue and this is an excellent example on how this might harm the registrant.

So yeah, the plaintiff most probably tried to contact the owner through that form, and GoDaddy most likely didn't relay that email to the domain owner.

@James Iles

So even if someone sends something, such as them wanting to buy my domain name, I would never get it? That's crazy.

 

[branding]

So even if someone sends something, such as them wanting to buy my domain name, I would never get it? That's crazy.

Judging by the thread that's basically it. I think there's also a screen in the thread showing where to enable/disable the block option.

I have the same experience trying to buy a domain off someone using the form. I tracked him down later through an abandoned twitter account

I haven't tested/verified it myself but it would be easy enough to try and contact yourself through the listed whois link

 

[branding]

Which I just tried... And I did get the email from GoDaddy... So if I'm wrong I stand corrected

 

[jberryhill]

Isn't there an ICANN requirement that a valid email be listed on the whois record so that the current registrant can be contacted?

No.

https://www.icann.org/resources/pages/gtld-registration-data-specs-en/#temp-spec

2.5. In responses to domain name queries, in the value of the "Email" field of every contact (e.g., Registrant, Admin, Tech):

2.5.1. Registrar MUST provide an email address or a web form to facilitate email communication with the relevant contact, but MUST NOT identify the contact email address or the contact itself.

2.5.1.1. The email address and the URL to the web form MUST provide functionality to forward communications received to the email address of the applicable contact.

2.5.1.2. Registrar MAY implement commercially reasonable safeguards to filter out spam and other form of abusive communications.

2.5.1.3. It MUST NOT be feasible to extract or derive the email address of the contact from the email address and the URL to the web form provided to facilitate email communication with the relevant contact.


This is a huge bonus for some registrars, since they can co-opt every sales inquiry that way.

That is why it is imperative to know your registrar's whois policy (i.e. the manner in which they have implemented the various options under the ICANN Temporary Specification for WHOIS data) and to provide a way of contacting you on your websites.

 

[Keith]

2.5.1. Registrar MUST provide an email address or a web form to facilitate email communication with the relevant contact, but MUST NOT identify the contact email address or the contact itself.

2.5.1.1. The email address and the URL to the web form MUST provide functionality to forward communications received to the email address of the applicable contact.

2.5.1.2. Registrar MAY implement commercially reasonable safeguards to filter out spam and other form of abusive communications.

2.5.1. and 2.5.1.1. godaddy does not do in many instances.

2.5.1.2. is the loophole why they don’t pass along communication from potential buyers.

I often wonder why there is no response from sellers when I email the registrant via the Godaddy contact link. It’s because they don’t forward it along. It’s a bullshit input to fool folks into believing you are sending a legit communication. And then some folks pay the $69 to have a representative contact the owner that godaddy blocked you from

 

[jberryhill]

And then some folks pay the $69 to have a representative contact the owner that godaddy blocked you from

That's more or less the point, yeah.

 

[Keith]

That's more or less the point, yeah.

This is a discussion that has morphed into something beyond the intent of the OP.

That said, we need industry leaders like you to recognize the wrongs of registrars like Godaddy and try to right them. Easier said than done for sure and your feedback is invaluable to the domain community. Thank you!