legal Blackrock, Inc. v. BALCKROCK.COM et al

[bhartzer]

This is an interesting case, especially because it was a lawsuit filed in the Eastern District of Virginia against 40 domain name owners.

In September 2022, Blackrock, Inc. filed a lawsuit against the owner of balckrock dot com for trademark infringement. They also included 40 other domain names as well:

BALCKROCK.COM, BLACKROCKINVESTMENTS.COM, BLACKROCKINVESTORS.COM, BLACKROCKBANK.COM, BLACKROCKFINANCIALCORP.COM, BLACKROCKMONEY.COM, BLACKROCKEQUITYPARTNER.COM, BLACKROCKFUNDING.COM, BLACKROCKHOLDINGINVESTMENTS.COM, BLACKROCKBANKS.COM, BLACKROCKTRADELLP.COM, BLACKROCK-PSA.COM, BLACKROCK-INVESTMENT.COM, BLACKROCKBITCOIN.COM, BLACKROCKUKINVESTMENT.COM, BLACKROCKCAPITALSOLUTIONSLLC.COM, BLOCKROCKCAPITAL.COM, BLACKROCK-FUND.COM, BLACKROCKCRYPTOBANK.COM, BLACKROCKBROKER.COM, BLACKROCKBROKERAGEFIRM.COM, BLACROCK.NET, MYBLACKROCKISHARES.COM, BLACK-ROCK-INVEST.COM, BLACKROCKINVESTMENTSGROUP.COM, BLACKSOCK-INVEST.COM, FUNDBLACKROCK.COM, BLACKROCKFINANCIALADVISERS.COM, BLACKROCKFINANCIALADVISORS.COM, BLACKROCKLOAN.COM, BLACKROCK-STOCK.COM, BLACKROCKE.COM, BLACKROCKDIGITALASSETS.COM, BLACKROCKINVEST.ORG, BLACKRPCK.COM, BLACKROCK-INVEST.COM, BLACKROK.COM, BLACKROCKGLOBALINVESTMENT.COM and BLACKROCKVESTMENT.COM

https://dockets.justia.com/docket/virginia/vaedce/1:2022cv01002/528315

Rather than filing a UDRP, they chose to file a lawsuit in Virginia. Blackrock, Inc. won the case, and it was finalized by the judge in December 2022.

What's interesting to me here is that GoDaddy, the registrar where at least 1 of the domain names were registered, at NO time during the lawsuit (when they were told to lock the domains), nor when the domains were moved out of the domain owner's account, did GoDaddy notify the domain owners.

I know one of the owners of the domains, and they were actually using it for a website that had nothing to do with finance, investment, etc. so it's quite possible that if they had known about the lawsuit they could have tried to defend the ownership of the domain.

The UDRP process notifies domain owners about the UDRP and gives them a chance to respond. However, if a lawsuit is filed, then domain owners are not notified at all. In this case, the domain owner went to renew the domain and found it was no longer in his GoDaddy account, so they came to me (through DNAccess' domain recovery service) and asked if I could find out what happened.

So what are domain owners to do? We're not notified when a lawsuit is filed, especially if the domain is at GoDaddy and it's locked.

 

[jberryhill]

I know one of the owners of the domains, and they were actually using it for a website that had nothing to do with finance, investment, etc.

I love how this is described as what it was "not" being used for. So, tell us, how was it being used?

This is one of the business lines of the TM claimant:

This is one of many screencaps of the domain name in question (showing how it was used until relatively recently):

So, gee, a news aggregator about real estate investing and the Consumer Financial Protection Bureau has nothing to do with finance and investing?

That's bullshit right there.

More recently, the domain owner changed it to a blank wordpress site being used for nothing, with no contact information on the site.

In this case, the domain owner was not informed, and real contact info was listed in the whois record.

Here's a brilliant idea - if you are running a website for some genuine purpose, then provide a way of contacting you on that website. Pretty simple, eh?

Here's the WHOIS record for August 2022:

That is significant, since the contact information in the WHOIS (the link that GoDaddy provides) was sworn to be used in this affidavit describing how notice was sent:

https://storage.courtlistener.com/recap/gov.uscourts.vaed.528315/gov.uscourts.vaed.528315.5.1.pdf

So, yep, in the absence of any contact information on the page that was being used for... oh, we don't know, but we know what it was "not"... the WHOIS information also did not include a way to contact the domain registrant other than the GoDaddy contact link method.

 

[branding]

For what it's worth, GoDaddy doesn't automatically relay emails sent through the form at the link they provide in their whois.

Someone at GD had the brilliant idea to make this change. You can edit the setting somewhere in your domain settings if I remember correctly. (I don't use them much).

There's another thread on NP discussing the issue and this is an excellent example on how this might harm the registrant.

So yeah, the plaintiff most probably tried to contact the owner through that form, and GoDaddy most likely didn't relay that email to the domain owner.

@James Iles

 

[bhartzer]

For what it's worth, GoDaddy doesn't automatically relay emails sent through the form at the link they provide in their whois.

Someone at GD had the brilliant idea to make this change. You can edit the setting somewhere in your domain settings if I remember correctly. (I don't use them much).

There's another thread on NP discussing the issue and this is an excellent example on how this might harm the registrant.

So yeah, the plaintiff most probably tried to contact the owner through that form, and GoDaddy most likely didn't relay that email to the domain owner.

@James Iles

So even if someone sends something, such as them wanting to buy my domain name, I would never get it? That's crazy.

 

[Keith]

2.5.1. Registrar MUST provide an email address or a web form to facilitate email communication with the relevant contact, but MUST NOT identify the contact email address or the contact itself.

2.5.1.1. The email address and the URL to the web form MUST provide functionality to forward communications received to the email address of the applicable contact.

2.5.1.2. Registrar MAY implement commercially reasonable safeguards to filter out spam and other form of abusive communications.

2.5.1. and 2.5.1.1. godaddy does not do in many instances.

2.5.1.2. is the loophole why they don’t pass along communication from potential buyers.

I often wonder why there is no response from sellers when I email the registrant via the Godaddy contact link. It’s because they don’t forward it along. It’s a bullshit input to fool folks into believing you are sending a legit communication. And then some folks pay the $69 to have a representative contact the owner that godaddy blocked you from

 

[branding]

https://www.namepros.com/threads/godaddy-blocking-emails.1291876

 

[jberryhill]

Isn't there an ICANN requirement that a valid email be listed on the whois record so that the current registrant can be contacted?

No.

https://www.icann.org/resources/pages/gtld-registration-data-specs-en/#temp-spec

2.5. In responses to domain name queries, in the value of the "Email" field of every contact (e.g., Registrant, Admin, Tech):

2.5.1. Registrar MUST provide an email address or a web form to facilitate email communication with the relevant contact, but MUST NOT identify the contact email address or the contact itself.

2.5.1.1. The email address and the URL to the web form MUST provide functionality to forward communications received to the email address of the applicable contact.

2.5.1.2. Registrar MAY implement commercially reasonable safeguards to filter out spam and other form of abusive communications.

2.5.1.3. It MUST NOT be feasible to extract or derive the email address of the contact from the email address and the URL to the web form provided to facilitate email communication with the relevant contact.


This is a huge bonus for some registrars, since they can co-opt every sales inquiry that way.

That is why it is imperative to know your registrar's whois policy (i.e. the manner in which they have implemented the various options under the ICANN Temporary Specification for WHOIS data) and to provide a way of contacting you on your websites.

 

[bhartzer]

This is a discussion that has morphed into something beyond the intent of the OP.

That said, we need industry leaders like you to recognize the wrongs of registrars like Godaddy and try to right them. Easier said than done for sure and your feedback is invaluable to the domain community. Thank you!

Actually, one of my original points of this thread is that a domain registrant was sued and they never received the communication that was supposedly sent by the Plaintiff's attorneys in this case.

If I'm ever sued over a domain name, I'd like to actually know about it.

 

[bhartzer]

If a lawsuit is filed directly against a domain owner, that has nothing to do with godaddy. I can almost guarantee that all parties were informed that there was a case involving their domain or domains.

In looking at the list you provided, they are all guilty of TM infringement and the right decision was made. Godaddy isn’t going to hold your hand in these types of situations.

In this case, the domain owner was not informed, and real contact info was listed in the whois record.

I agree that with many of the domains there was TM infringement. There are about 50 live/dead trademarks for 'blackrock' actually. About half are live.

But with a few of the other named domains, there actually is no 'clear' infringement, a domain owner could have defended themselves based on their usage of the domain. I know one in particular was not used for anything related to finance or investment, etc.. and was not notified at all of the lawsuit.

My point here is not necessarily to argue one way or the other on whether these are or aren't infringing domains.


What is a domain owner to do when they're NOT notified of a lawsuit that involves one of their domains? UDRP will notify a domain owner.

 

[bhartzer]

Why is that hard to argue?

This is the whois information at the relevant time:

Show attachment 236263

Here's a sworn statement explaining how they tried to contact the domain registrants:

https://storage.courtlistener.com/recap/gov.uscourts.vaed.528315/gov.uscourts.vaed.528315.5.1.pdf

So, what is it they didn't do which they should have done?




The .com registry is located in Virginia where this suit was filed.

Interesting that you point this out. As far as the contact info goes, looking at the whois history, the full name, address and phone was on the whois record prior to GoDaddy obfuscating it like you're showing above. A simple view of the whois history would actually show the full contact info. The 'organization' and State didn't change so we'd have to assume that the domain owner didn't change from previous versions of the whois record that are a part of the whois history.

But if the registrar is obfuscating the whois data, then wouldn't the reasonable thing to do would be to contact the registrar and then that info should have been sent over to the domain owner? Isn't there an ICANN requirement that a valid email be listed on the whois record so that the current registrant can be contacted? All I see is '[email protected]' as the email, and that's not the email (or even an obfuscated email) for the registrant.

I see that in the original complaint that they DID contact GoDaddy about the lawsuit. And in this case, GoDaddy never contacted their customer about the lawsuit.

 

[jberryhill]

I see that in the original complaint that they DID contact GoDaddy about the lawsuit. And in this case, GoDaddy never contacted their customer about the lawsuit.

Yep. They should definitely do that, just as with abuse complaints.

Bizarrely, some registrars are under the impression that they aren't supposed to tell registrants about things like this, even when they lock the name.

One assumption here is equating "I didn't receive something" with "Something wasn't sent to me". If some people get a 20 meg email from someone they don't know, it gets filtered out.

Nothing beats controlling your own contact information by providing it on your web site(s).

 

[jberryhill]

Has this approach been used much in the past?

Yeah, it's been used for years. Click on this and tell me if you think it is "much":

https://www.courtlistener.com/?type=r&q=.com&type=r&order_by=score desc&court=vaed

And that is limited to cases filed in the E.D. Va. where the Verisign .com registry is located.

This was part of the cybersquatting law that was implemented in the US in 1999 around the same time that ICANN developed the UDRP:

https://www.law.cornell.edu/uscode/text/15/1125

(2)
(A) The owner of a mark may file an in rem civil action against a domain name in the judicial district in which the domain name registrar, domain name registry, or other domain name authority that registered or assigned the domain name is located if—

(i) the domain name violates any right of the owner of a mark registered in the Patent and Trademark Office, or protected under subsection (a) or (c); and

(ii) the court finds that the owner—

(I) is not able to obtain in personam jurisdiction over a person who would have been a defendant in a civil action under paragraph (1); or

(II) through due diligence was not able to find a person who would have been a defendant in a civil action under paragraph (1) by—

(aa) sending a notice of the alleged violation and intent to proceed under this paragraph to the registrant of the domain name at the postal and e-mail address provided by the registrant to the registrar; and

(bb) publishing notice of the action as the court may direct promptly after filing the action.

(B) The actions under subparagraph (A)(ii) shall constitute service of process.

(C) In an in rem action under this paragraph, a domain name shall be deemed to have its situs in the judicial district in which—

(i) the domain name registrar, registry, or other domain name authority that registered or assigned the domain name is located; or

(ii) documents sufficient to establish control and authority regarding the disposition of the registration and use of the domain name are deposited with the court.

(D)
(i) The remedies in an in rem action under this paragraph shall be limited to a court order for the forfeiture or cancellation of the domain name or the transfer of the domain name to the owner of the mark. Upon receipt of written notification of a filed, stamped copy of a complaint filed by the owner of a mark in a United States district court under this paragraph, the domain name registrar, domain name registry, or other domain name authority shall—

(I) expeditiously deposit with the court documents sufficient to establish the court’s control and authority regarding the disposition of the registration and use of the domain name to the court; and

(II) not transfer, suspend, or otherwise modify the domain name during the pendency of the action, except upon order of the court.

(ii) The domain name registrar or registry or other domain name authority shall not be liable for injunctive or monetary relief under this paragraph except in the case of bad faith or reckless disregard, which includes a willful failure to comply with any such court order.

----------------------

So, the option of filing an in rem suit against the domain name in the judicial district where Verisign is located has been around a long time, and is regularly used.

I mean, that's one of the things that has been going on for years with suits filed in Virginia to recover stolen domain names. This is one of the laws that's been regularly used to do that.

An "in rem" suit is a form of suit which is undertaken against a "thing" instead of a person. It was specifically designed to go after names registered to persons who cannot be found and over whom jurisdiction cannot be obtained. It assumes that WHOIS information is available (see the stuff highlighted in red), but the court regularly grants motions by plaintiffs in these things to use alternate forms of service.

 

[Maggie Mae]

I have not read all the posts in this thread. I don't agree with infringing on IP and ppl need to be careful with sites that generate logos and landing pages. It's been a while since I've read GoDaddy's terms.

That said, I did a curious google search and this is what I found on Nasdaq•com (can't share the link); this is just fyi. Nothing more. I had seen a meme about all the companies Blackrock has invested in, so thought to search based on this post.

"BlackRock Increases Position in Godaddy (GDDY)​

February 03, 2023 — 12:13 pm EST

Written by Fintel Staff for Fintel

Fintel reports that BlackRock has filed a 13G form with the SEC disclosing ownership of 8.35MM shares of Godaddy Inc (GDDY). This represents 5.4% of the company.

In their previous filing dated February 9, 2022 they reported 8.24MM shares and 5.00% of the company, an increase in shares of 1.36% and an increase in total ownership of 0.40% (calculated as current - previous percent ownership).

..."
read the rest on the Nasdaq site.

This is just fyi, nothing more

 

[draco]

AFAIK, you always have to be notified of a lawsuit. At least they have to make a good faith effort to find you. If the Whois information was accurate, they should have been notified. It's hard to argue they couldn't find the person.

My other question is, shouldn't Blackrock have had to file in the jurisdiction(s) of the domain owner(s) or GoDaddy itself?

 

[jberryhill]

like what happened to me, w' wwwbloombergradio.com

Gosh, it's hard to imagine why anyone would object to that.

 

[jberryhill]

In the case of blackrok, it is my understanding that its sole purpose was that it was part of a PBN. That's all. It was merely there to get indexed by search engines and provide links to other websites in the link network.

I'm not much of an SEO expert, so I'd really appreciate it if you can break this down for me.

My understanding of what you are saying is that the domain name was registered to attract traffic and link to other sites in the private blog network in order to boost the ranking of the sites to which it, and other sites, are linked. This occurs due to the presence of what crawlers will detect as backlinks to the site(s) to be boosted.

It is also my understanding that this works if the names in question have organic traffic in the first place. As described here....

https://ahrefs.com/seo/glossary/private-blog-network

Very low organic traffic of the referring domain can indicate the website was only created to link out to other websites.

So, first, could you confirm that thumbnail description concerning PBN's is, to some degree, accurate?

And, if so, then I am curious to know why, for example, one would expect a name like "blackrok.com" to generate organic traffic in the first place. What would be a reason for that?

And, secondly, if the purpose of the name was to increase SEO relevance of other sites, on what basis are you saying that, ultimately, none of those other sites had anything to do with financial services? Isn't that a high-return subject?

Maybe I don't fully understand, but I can come up with a pretty good reason why "blackrok.com" might generate a fair amount of organic traffic, and I'm pretty sure that anyone with an IQ above room temperature can do so as well.

 

[Bob Hawkes]

Click on this and tell me if you think it is "much"

Naw, just more than 8000 cases, not 'much'

Wow I had no idea. Thank you for all the detailed information @jberryhill

-Bob

 

[bhartzer]

You're good at SEO, that doesn't make you a legal expert. It's one of the biggest concerns I would have when hiring a company like yours.

You're good at what you do but are lacking legal backup. Not trying to shit on your parade, pardon my french, but you should partner up with someone in the legal field to advance your reach.

Thanks for mentioning, we already have. In fact, we do referrals regularly to qualified domain attorneys. One particular domain attorney we work with won a UDRP for one of our clients just a few weeks ago. We have 3 domain attorneys that we're currently working with, if/when it comes to that.

99 percent of the requests we get at DNAccess are resolvable because we've been our client's "domain advocate" so to speak, walking them through the process of recovering their stolen domain name, and telling them how to respond to the registrars' requests and support tickets. The last two were just that (2 recoveries in the past two weeks). One stolen from NetSol and moved to Public Domain Registry without permission, and the other domain stolen from CloudFlare (registrar). Legal was not involved or needed.

 

[draco]

Why is that hard to argue?

This is the whois information at the relevant time:



Here's a sworn statement explaining how they tried to contact the domain registrants:

https://storage.courtlistener.com/recap/gov.uscourts.vaed.528315/gov.uscourts.vaed.528315.5.1.pdf

So, what is it they didn't do which they should have done?

Nothing. That's why I said if the whois was accurate. It apparently wasn't, or they just ignored the message. Plus I didn't read through the case to see that they had tried. My bad on that one, and kudos to you for taking your time to do it on this case and all the others you respond to on here.

 

[jberryhill]

And then some folks pay the $69 to have a representative contact the owner that godaddy blocked you from

That's more or less the point, yeah.

 

[Keith]

That's more or less the point, yeah.

This is a discussion that has morphed into something beyond the intent of the OP.

That said, we need industry leaders like you to recognize the wrongs of registrars like Godaddy and try to right them. Easier said than done for sure and your feedback is invaluable to the domain community. Thank you!

 

[Keith]

Actually, one of my original points of this thread is that a domain registrant was sued and they never received the communication that was supposedly sent by the Plaintiff's attorneys in this case.

If I'm ever sued over a domain name, I'd like to actually know about it.

Those are 2 different types of communication.

1 is how godaddy decides to filter customers access to each other.

2 is godaddy communicating directly to registrants in the case of inquiries or legalities.

 

[branding]

I have disabled whois privacy, yet they don't show my email in whois. They show all personal info but still direct you to their form where I'd expect them to display my email.

 

[jberryhill]

Naw, just more than 8000 cases, not 'much'

I don't know how many of those are duplicates or not relevant... it's just a search for ".com" in EDVA cases. There are some other ACPA cases in which hundreds of domain names are dealt with in one shot. That's particularly convenient where the domains are being used in the same network, like the huge number of "shop" or "sale" domain names which are currently around 10% of the WIPO caseload and which use an identical ecommerce template to set up fake online stores.

I really don't get the point of the 'blackrok.com' domain name that is the subject of this thread. I'm still intrigued by this part:

I know one of the owners of the domains, and they were actually using it for a website that had nothing to do with finance, investment, etc.

Instead of explaining what it "had nothing to do with", why not explain what the alleged website was about?

Was it for Africans in South Korea or Kosovo?

 

[jberryhill]

What was the domain they were using?

Blackrok.com - it's noted above.