WIPO Arbitration and Mediation Center
ADMINISTRATIVE PANEL DECISION
Intesa Sanpaolo S.p.A. v. Sally R. Fosbrink, Shivasdf Ltd.co
Case No. D2012-0586
1. The Parties
The Complainant is Intesa Sanpaolo S.p.A of Turin, Italy, represented by Perani Pozzi Tavella, Italy.
The Respondent is Sally R. Fosbrink, Shivasdf Ltd.co of Uniontown, Pennsylvania, United States of America.
2. The Domain Name and Registrar
The disputed domain name <intezasanpaolo.net> is registered with Directi Internet Solutions Pvt. Ltd. d/b/a PublicDomainRegistry.com.
3. Procedural History
The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on March 21, 2012. On March 21, 2012, the Center transmitted by email to Directi Internet Solutions Pvt. Ltd. d/b/a PublicDomainRegistry.com a request for registrar verification in connection with the disputed domain name. On March 22, 2012, Directi Internet Solutions Pvt. Ltd. d/b/a PublicDomainRegistry.com. transmitted by email to the Center its verification response confirming that the Respondent is listed as the registrant and providing the contact details.
The Center verified that the Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).
In accordance with the Rules, paragraphs 2(a) and 4(a), the Center formally notified the Respondent of the Complaint, and the proceedings commenced on March 27, 2012. In accordance with the Rules, paragraph 5(a), the due date for Response was April 16, 2012. The Respondent did not submit any formal Response. Accordingly, the Center notified the Respondent’s default on April 17, 2012.
The Center appointed Isabel Davies as the sole panelist in this matter on April 20, 2012. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.
4. Factual Background
The Complainant contends that it is the leading Italian banking group with 5,700 branches and 11 million customers in its home country. It contends that it is among the top banking groups in Europe, with a market capitalization exceeding EUR 29.8 billion. The Complainant further contends that it has a strong presence in Central-Eastern Europe with a further 2,000 branches and 8.5 million customers. It also has an international network which specializes in supporting corporate customers across 29 countries. The Complainant contends that its international presence is felt most significantly in the Mediterranean countries as well as those countries in which Italian companies are most active, namely the United States, Russia, China and India.
The Complainant contends that it registered INTESA SANPAOLO as an International Trade Mark, registration number 920896, in classes 9, 16, 35, 36, 38, 41 and 42 on March 7, 2007; as a Community Trade Mark, registration number 5301999, in classes 35, 36 and 38 on June 18, 2007 and as an Italian Trade Mark, registration number 1042140 in classes 9, 16, 35, 36, 38, 41 and 42 on March 7, 2007. The Complainant also contends that it is owner of the domain names <intesasanpaolo.com>, <intesasanpaolo.org>, <intesasanpaolo.eu>, <intesasanpaolo.info>, <intesasanpaolo.net>, <intesasanpaolo.biz> as well as <intesa-sanpaolo.com>, <intesa-sanpaolo.org>, <intesa-sanpaolo.eu>, <intesa-sanpaolo.info>, <intesa-sanpaolo.net> and <intesa-sanpaolo.biz>.
The Respondent registered the disputed domain name <intezasanpaolo.net> on March 4, 2012.
The Complainant has provided evidence to show that the Respondent operates a website via the disputed domain name, which has been blocked by Google Safe Browsing, an online advisory service that alerts Internet users whenever suspicious content, such as malware, is present which might infect the website user’s computer. The Complainant has produced a copy of Google’s diagnostic page which explains that the website is listed as suspicious.
5. Parties’ Contentions
The disputed domain name is confusingly similar to the Complainant’s mark.
The Complainant contends that the disputed domain name <intezasanpaolo.net> is confusingly similar to the Complainant’s trade mark INTESA SANPAOLO.
The Complainant contends that the sole difference between the disputed domain name and the Complainant’s trade mark is the substitution of the letter “z” for the letter “s” and that the disputed domain name therefore comprises only a minor variation of the Complainant’s trade mark.
The Respondent has no rights or legitimate Interests in the disputed domain name.
The Complainant contends that the Respondent has no rights or legitimate interests with respect to the disputed domain name, nor is the Respondent connected with the Complainant in any way. The Complainant contends that it has not licensed nor has it authorized the Respondent to use the trade mark in its domain name.
The Complainant further contends that the disputed domain name does not correspond with the name of the Respondent, nor is the disputed domain name being used for fair or noncommercial purposes.
The disputed domain name was registered and is used in bad faith.
The Complainant contends that bad faith may be found because, at the time of the registration, the Respondent had knowledge of the Complainant’s well-know mark INTESA SANPAOLO. The Complainant contends that, were it not for the existence of the Complainant’s trade mark, the disputed domain name would not have been registered by the Respondent.
The Complainant also contends that, by registering and using the disputed domain name, the Respondent is acting in bad faith because it is attempting to attract, for commercial gain, Internet users to the website by creating a likelihood of confusion with the Complainant’s trade mark as to the source, sponsorship, affiliation or endorsement of the website.
The Complainant contends that the Respondent has acted in bad faith with respect to the disputed domain name by using it to operate a website that harbors malware for the purpose of phishing. The Complainant has produced evidence in the form of a Google Safe Browsing diagnostic page dated March 17, 2012, which explains that, “(the) site is listed as suspicious- visiting this web site may harm your computer.” The diagnostic page goes on to say, among other things that, “over the past 90 days, intezasanpaolo.net appeared to function as an intermediary for the infection of 35 sites,” and that, “this site has hosted malicious software over the past 90 days. It infected 39 domains.” The Complainant has also produced evidence comprising a separate warning message which says that the website might attempt to install software that is able to steal the personal information of the user. This situation is of particular concern to the Complainant because it has experienced several cases of phishing in the past few years. The Complainant’s customers have visited a website that imitates that of the Complainant and have been asked to enter their personal details. The malevolent website has then been able to gain access to the customers’ bank accounts and consequently, their savings.
The Complainant further contends that the disputed domain name is now inactive and that the Respondent is acting in bad faith by engaging in the passive holding of the disputed domain name in circumstances where it has knowledge that that disputed domain name infringes another party’s trade mark rights.
On April 10, 2012, the Respondent sent an email to the Center, claiming that it had, “been a victim of identity theft”, and that the registration information in the Public WhoIs database is “fraudulent”. The Respondent further stated that “this information was used to open a credit card account in [its]name over the internet.” The Respondent did not file any formal Response to the Complainant’s contentions.
6. Discussion and Findings
While there is a possibility that the disputed domain name was registered by a third party using the Respondent’s information without its knowledge or authorization, the Panel notes that under paragraph 1 of the Rules, a respondent is defined as, “the holder of a domain-name registration against which a complaint is initiated.” In this proceeding, the holder of the disputed domain name, according to the public WhoIs database confirmed by the concerned Registrar Directi Internet Solutions Pvt. Ltd. d/b/a PublicDomainRegistry.com is Sally R. Fosbrink, Shivasdf Ltd.co. Accordingly, while the Respondent might have been the victim of identity theft, the Panel finds that, pursuant to the Rules and the Policy, Sally R. Fosbrink, Shivasdf Ltd.co. is the proper Respondent in the proceeding.
The Policy establishes three elements, specified in paragraph 4(a), that must be established by the complainant to obtain relief. These elements are that:
i. The respondent’s domain name is identical or confusingly similar to a trade mark or service mark in which the Complainant has rights;
ii. The respondent has no rights or legitimate interests in respect of the domain name; and
iii. The respondent’s domain name has been registered and is being used in bad faith.
Each of these elements will be addressed below.
The complainant must establish these elements even if the respondent does not reply (see The Vanguard Group, Inc. v. Lorna Kang, WIPO Case No. D2002-1064). However, under paragraph 14(b) of the Rules, the panel is entitled to draw such inferences as it considers appropriate from a party’s failure to comply with any provision of, or requirement under, the Rules, including the Respondent’s failure to file a Response.
In the absence of a response, the panel may also accept as true the factual allegations in the complaint (see ThyssenKrupp USA, Inc. v. Richard Giardini, WIPO Case No. D2001-1425 (citing Talk City, Inc. v. Michael Robertson, WIPO Case No. D2000-0009)).
Paragraph 15 of the Rules provides that the panel is to decide the complaint on the basis of the statements and documents submitted. As the proceeding is a civil one, the complainant bears the onus of proving its case on the balance of probabilities. The complainant must therefore establish all three of the elements specified in paragraph 4(a) of the Policy on the balance of probabilities before a decision can be made to cancel or transfer the domain name.
A. Identical or Confusingly Similar
The Complainant is the owner of the trade mark INTESA SANPAOLO which was registered as an International Trade Mark, as a Community Trade Mark and as an Italian Trade Mark in the Complainant’s home country. All three registrations were effected prior to the registration of the disputed domain name.
The Panel has considered the fact that the disputed domain name <intezasanpaolo.net> only differs from the registered mark in that it contains the letter “z,” which serves to replace the letter “s” as the fifth letter in the Complainant’s mark and that it contains the generic Top-Level Domain (gTLD) suffix, “.net.”
The presence of “.net” serves purely to identify the text in question as a domain name and does not change the likelihood of confusion between a domain name and a registered mark (See BIC Deutscheland GmbH & Co KG v. Paul Tweed, WIPO Case No. D2000-0418). More significantly, the Panel finds that the letter substitution constitutes only a minor variation between the disputed domain name and the Complainant’s registered mark. The Panel recognizes this conduct as “typosquatting,” a practice which involves the use of a domain name of virtually identical and/or confusingly similar marks to a complainant’s trade mark (See Edmunds.com, Inc. v. Yingkun Guo, dba This domain name is 4 sale, WIPO Case No. D2006-0694).
The Panel holds that the similarity of the letters, “s” and “z” from a visual, oral and conceptual perspective makes the disputed domain name <intezasanpaolo.net> even more confusingly similar to the Complainant’s mark. (See EasyGroup IP Licensing Limited v. Philip Thornton, WIPO Case No. D2004-0826).
In situations where the domain name is a slight alphabetical variation from a famous mark, it is easy for an Internet user to make a typing error, particularly when the mark is in a different language (See Deutsche Bank Aktiengesellschaft v. New York TV Tickets Inc, WIPO Case No. D2001-1314). While the Complainant is an Italian banking group in this instance, it has contended that it has a strong international presence with customers in other countries whose language is not Italian. Such users may reasonably believe that the word, “intesa” is spelled with the letter “z” as opposed to the letter “s” and as a result type the disputed domain name into their computers by mistake when they were intending to access the Complainant’s website.
For the reasons stated above, the Panel holds that the disputed domain name is confusingly similar to the Complainant’s trade mark and the Complainant has met the requirements of paragraph 4(a)(i) of the Policy.
B. Rights or Legitimate Interests
Paragraphs 4(c) of the Policy contains a non-exhaustive list of circumstances that may demonstrate when a respondent has rights or legitimate interests in a domain name. The list includes: (i) using the domain name in connection with a bona fide offering of goods and services; (ii) being commonly known by the domain name; or (iii) making a legitimate noncommercial or fair use of the domain name, without intent for commercial gain to misleadingly divert consumers.
A complainant must show a prima facie case that a respondent lacks rights or legitimate interests in a domain name, after which the burden of production passes to the respondent. (See Croatia Airlines d.d. v. Modern Empire Internet Ltd, WIPO Case No. D2003-0455; and Belupo d.d. v. WACHEM d.o.o., WIPO Case No. D2004-0110).
There is no evidence to suggest that the Respondent has registered any mark that consists of, or contains, the word “inteza sanpaolo” and the Panel cannot see that the Respondent has any right in the mark on an unregistered basis. The Complainant and the Respondent are not in any way connected, nor has the Complainant authorized or licensed the use of its mark INTESA SANPAOLO to the Respondent. There is no evidence to suggest that the Respondent is commonly known by the disputed domain name.
It is not possible to view the website connected to the disputed domain name because it has been blocked by Google Safe Browsing to prevent harm to computers. The fact that Google views the website as suspicious, due to its connection with malware and possibly phishing, leads the Panel to find that the disputed domain name is not used in connection with a bona fide offering of goods or services, nor is the use a legitimate, noncommercial or fair use, without intent for commercial gain to misleadingly divert consumers.
The list of circumstances contained within paragraphs 4(c) of the Policy is non-exhaustive. The Panel considers the INTESA SANPAOLO mark to be distinctive. It results from the merger on January 1, 2007 between prominent Italian banking groups Banca Intesa S.p.A. and Sanpaolo IMI S.p.A. to form Intesa Sanpaolo S.p.A. The Panel cannot find any logical reason why the disputed domain name would happen to be combined of the words “Intesa” and ”Sanpaolo” were it not for the knowledge of the Complainant’s mark in mind.
In its email to the Center dated April 10, 2012, the Respondent stated that it believes an unknown third party has registered the disputed domain name using its identity and without its consent or authorization and that it has been subject to identity theft. The Respondent has not put forward any evidence to substantiate its claims of identity theft, so the Panel is unable to establish whether it is true or not (See Banca Intesa S.p.A v. David Radziewicz, WIPO Case No. D2006-0919).
If the Respondent’s claims of identity theft are unfounded, a lack of rights or legitimate interests on the part of the Respondent can be established on the grounds stated above. If, however, the Respondent was a victim of identity theft, these circumstances clearly establish that there are no legitimate rights or interests behind the registration of the disputed domain name. (See TPI Holdings, Inc. v. Carol Fante, WIPO Case No. D2009-0281).
The Respondent has not submitted any formal Response to demonstrate any rights or legitimate interests in it. As stated in paragraph 15 of the Rules, the Panel can only make its decision based on the information and evidence submitted before it and, given the circumstances, the Panel is satisfied that the Complainant has met the requirements of paragraph 4(a)(ii) of the Policy.
C. Registered and Used in Bad Faith
The Panel finds it unlikely that the disputed domain name could have been registered without knowledge of the Complainant’s mark. The international prominence of the Complainant’s mark is considerable. In addition to the bank’s prominence in Italy and Central-Eastern Europe, it has an international network providing support to corporate customers that has a presence in 29 countries worldwide. The Complainant trades under its INTESA SANPAOLO mark. Previous panels have at times found bad faith registration in part on the basis that the respondent ‘knew or should have known’ about the complainant’s trade mark. (See SembCorp Industries Limited v. Hu Huan Xin, WIPO Case No. D2001-1092). Instances where this has applied also include situations where the complainant’s mark is well-known or in wide use on the Internet or otherwise at the time of registration of the disputed domain name. Therefore, it is the Panel’s opinion that, on the balance of probabilities, the person or entity that registered the disputed domain name, be it the named Respondent or an unknown third party who has used the Respondent’s identity without its authorization, must have known of the Complainant’s mark at the time it registered the disputed domain name. Given the worldwide presence of the INTESA SANPAOLO mark, the Panel finds that whoever registered the disputed domain name did so in bad faith. (See Accor S.A. v. Kristen Hoerl, WIPO Case No. D2007-1722)
Phishing is a practice to which banks, by their very nature, are particularly susceptible (See Banco Bradesco S.A. v. Marciano Martins, WIPO Case No. D2010-0201 and EFG Bank European Financial Group SA v. Domain Consults, WIPO Case No. D2011-1907). Also, the Panel takes Google’s Internet safety warning seriously and acknowledges its finding of malware at the website connected to the disputed domain name. The Panel finds that the registration and use of the disputed domain name might have been intended to disrupt the Complainant’s business by damaging its reputation. This occurred when customers of the Complainant unintentionally visited the website, thinking it was connected with the Complainant and instead came across malware that was potentially harmful. The Panel considers that registering a domain name and then using it to distribute malware in this way amounts to bad faith registration and use (See DivX, LLC v. PrivacyProtect.org / Gerente de Dominia, CSRUS Enterprises, WIPO Case No. D2011-0600).
The existence of “typosquatting” has been discussed earlier in this decision but the Panel returns to the subject in the context of bad faith. The Panel holds that “typosquatting” is evidence of bad faith registration of the disputed domain name (See ESPN, Inc. v. XC2, WIPO Case No. D2005-0444). The effects of “typosquatting” are in some situations akin to the passive holding of a domain. Meanwhile, the practice of passive holding of a domain name has, in some circumstances been considered by the UDRP panels as amounting to bad faith registration and use (See, e.g., Telstra Corporation Limited v. Nuclear Marshmallows, WIPO Case No. D2000-0003).
The disputed domain name is essentially inactive because it has been blocked by Google. The Panel appreciates that in this instance, the inactivity might not be intentional but considers the action taken by Google when it blocked the website to be predictable and something that could be reasonably expected to happen when a website containing malware was set up. The effect of the passive holding in this case can be seen to be no different from instances where respondents have actively chosen to hold domains passively. The disputed domain name is serving no constructive purpose and is inaccessible to the Complainant. The Panel therefore finds that the inactivity or passive holding of the disputed domain name amounts to bad faith.
As stated previously, the Panel is not in a position to assess whether or not the Respondent’s claims of identity theft are true because these claims have not been substantiated. If the Respondent has not fallen victim to identity theft, bad faith is found on the grounds stated above. If, on the other hand, it has, the Panel still finds a situation of bad faith on the part of the person using the Respondent’s identity when it registered and used the domain name without the Respondent’s knowledge or consent (See TPI Holdings, Inc. v. Carol Fante, WIPO Case No. D2009-0281).
The Respondent has chosen to refrain from responding formally to the Complaint. Such circumstances taken together support an inference of bad faith registration and use.
For the reasons cited above, the Panel finds that the disputed domain name was registered and is used in bad faith and the Complainant has therefore met the requirements of paragraph 4(a)(iii) of the Policy.
For the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel orders that the disputed domain name <intezasanpaolo.net> be transferred to the Complainant.
Dated: May 10, 2012