WIPO Arbitration and Mediation Center
ADMINISTRATIVE PANEL DECISION
Northern Trust Corporation v. Domains By Proxy, LLC / Carolina Rodrigues, Fundacion Comercio Electronico
Case No. D2020-0465
1. The Parties
The Complainant is Northern Trust Corporation, United States of America (“United States), represented by Dentons US LLP, United States.
The Respondent is Domains By Proxy, LLC, Panama / Carolina Rodrigues, Fundacion Comercio Electronico, Panama.
2. The Domain Name and Registrar
The disputed domain name <northerntrustprivatepassport.com> (“the Disputed Domain Name”) is registered with GoDaddy.com, LLC (the “Registrar”).
3. Procedural History
The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on February 26, 2020. On February 27, 2020, the Center transmitted by email to the Registrar a request for registrar verification in connection with the Disputed Domain Name. On February 28, 2020, the Registrar transmitted by email to the Center its verification response disclosing registrant and contact information for the Disputed Domain Name which differed from the named Respondent and contact information in the Complaint. The Center sent an email communication to the Complainant on March 4, 2020 providing the registrant and contact information disclosed by the Registrar, and inviting the Complainant to submit an amendment to the Complaint. The Complainant filed an amended Complaint on March 6, 2020.
The Center verified that the Complaint together with the amended Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).
In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the Complaint, and the proceedings commenced on March 10, 2020. In accordance with the Rules, paragraph 5, the due date for Response was March 30, 2020. The Respondent did not submit any response. Accordingly, the Center notified the Respondent’s default on March 31, 2020.
The Center appointed Jacques de Werra as the sole panelist in this matter on April 7, 2020. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.
The Center sent an email communication to the Registrar on March 4, 2020 by which it noted that the Disputed Domain Name was set to expire on March 29, 2020. The Center consequently reminded the Registrar that paragraph 18.104.22.168 of the ICANN Registrar Accreditation Agreement (RAA) provides, inter alia, that “[i]n the event that a domain which is the subject of a UDRP dispute is deleted or expires during the course of the dispute, the Complainant in the UDRP dispute will have the option to renew or restore the name under the same commercial terms as the registrant”.
Further to subsequent exchanges between the Complainant, the Registrar and the Center, the Complainant informed the Center that the Registrar had confirmed the renewal of the Disputed Domain Name by email communication of March 25, 2020.
4. Factual Background
The Complainant is a publicly traded international financial services company that is a leading provider of asset servicing, fund administration, asset management, fiduciary and banking solutions for corporations, institutions, families and individuals worldwide. The Complainant’s predecessor was originally founded as a bank under the name “Northern Trust” in 1889, and today employs over 18,000 people.
The Complainant has used the trademark NORTHERN TRUST PRIVATE PASSPORT in the United States for over 20 years, for online banking, trust management, investment management, mutual funds investment and brokerage services. It maintains a website located at “ www.northerntrust.com/privatepassport” which hosts information about the Northern Trust Private Passport customer platform and service. The Complainant is the registrant of the domain name <northerntrust.com> and operates it since 1999.
The Complainant owns many trademarks incorporating the terms “Northern Trust” in various variations, including the trademark NORTHERN TRUST PRIVATE PASSPORT which was registered in the United States on January 1, 2002 for various services in class 36 under Registration No. 2,524,542 (“the Trademark”). The Complainant further owns trademarks in various jurisdictions for NORTHERN TRUST.
The Disputed Domain Name was registered on March 29, 2019. It resolves to known adware/malware domain names.
5. Parties’ Contentions
The Complainant makes in essence the following arguments:
The Complainant first claims that the Disputed Domain Name is confusingly similar to the Complainant’s rights in its NORTHERN TRUST and NORTHERN TRUST PRIVATE PASSPORT trademarks.
The Complainant further claims that the Respondent is not, and never was, a licensee or business associate of the Complainant and that the Respondent is not otherwise authorized by the Complainant to use its NORTHERN TRUST and NORTHERN TRUST PRIVATE PASSPORT trademarks. It also claims that the Respondent attempts to capitalize on copying the Complainant’s trademarks in the Disputed Domain Name, presumably to gain revenue from each Internet user that is affected by the malware or adware, or who clicks on one of the links on the websites to which the Disputed Domain Name resolves. It also claims that UDRP panels have found that the dissemination of malware is not a legitimate interest and is obviously bad faith.
The Respondent has no interest in the Complainant’s trademarks other than reaping commercial gain from misleading clients and potential clients seeking the Complainant’s banking services, and diverting them to the websites at the Disputed Domain Name which seek to disseminate adware and/or malware.
The Complainant claims that the Respondent is deliberately using or allowing use of the Disputed Domain Name to create confusion and to mislead clients and potential clients of the Complainant, and the public, into falsely believing that a relationship of source sponsorship or affiliation or endorsement exists between the Complainant and the websites located at the Disputed Domain Name. The Complainant has located 89 cybersquatting UDRP decisions under the Policy involving the Respondent, which shows that the Respondent has engaged in a pattern of registering domain names using the mark of third parties for abusive purposes, which is evidence of the Respondent’s registration and use of the Disputed Domain Name in bad faith.
The Respondent did not reply to the Complainant’s contentions.
6. Discussion and Findings
Paragraph 4(a) of the Policy provides that the complainant must prove each of the following three elements in order to succeed in a UDRP proceeding:
(i) the respondent’s domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights; and
(ii) the respondent has no rights or legitimate interests in respect of the domain name; and
(iii) the respondent’s domain name has been registered and is being used in bad faith.
A. Identical or Confusingly Similar
The Panel is satisfied that the Complainant has rights to a trademark or service mark as reflected in the Trademark.
A comparison between the Disputed Domain Name and the Trademark shows that the Disputed Domain Name is identical to the Trademark, whereby the generic Top-Level Domain (i.e. “.com”) shall be disregarded.
As a result, based on the rights of the Complainant in the Trademark and on the identity between the Trademark and the Disputed Domain Name, the Panel finds that the condition of paragraph 4(a)(i) of the Policy is met.
B. Rights or Legitimate Interests
Pursuant to paragraph 4(c) of the Policy, the Respondent may establish rights or legitimate interests in the Disputed Domain Name by demonstrating any of the following:
(i) before any notice to it of the dispute, the Respondent’s use of, or demonstrable preparations to use, the Disputed Domain Name or a name corresponding to the Disputed Domain Name in connection with a bona fide offering of goods or services; or
(ii) the Respondent has been commonly known by the Disputed Domain Name, even if it has acquired no trademark or service mark rights; or
(iii) the Respondent is making a legitimate noncommercial or fair use of the Disputed Domain Name, without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark or service mark at issue.
Although the complainant bears the ultimate burden of establishing all three elements of paragraph 4(a) of the Policy, a complainant is required to make out a prima facie case that the respondent lacks rights or legitimate interests, and once such prima facie case is made the burden of production shifts to the respondent to come forward with relevant evidence of rights or legitimate interests in the domain name. WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (“WIPO Overview 3.0”), section 2.1.
In the Panel’s opinion, the Complainant has made a prima facie case against the Respondent. The Respondent indeed registered the Disputed Domain Name that reflects the Trademark owned by the Complainant without the authorization of the Complainant, in a way that can only reasonably be explained as a reference to the Complainant’s Trademark.
The Respondent’s use of the Disputed Domain Name in connection with malware and/or adware products cannot confer rights or legitimate interests on the Respondent. See WIPO Overview 3.0, section 2.13.1.
On this basis, the Panel considers that the Complainant has established prima facie that the Respondent has no rights or legitimate interests in the Disputed Domain Name and that the Respondent has not established evidence of any rights or legitimate interests in the Disputed Domain Name because the Respondent has not participated in the proceedings.
As a result, the Panel finds that the Respondent has no rights or legitimate interests in the Disputed Domain Name and that the condition under paragraph 4(a)(ii) of the Policy is met.
C. Registered and Used in Bad Faith
Paragraph 4(b) of the Policy states that any of the following circumstances, in particular but without limitation, shall be considered evidence of registration and use of a domain name in bad faith:
(i) circumstances indicating that the respondent registered or acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the complainant (the owner of the trademark or service mark) or to a competitor of the complainant, for valuable consideration in excess of documented out-of-pocket costs directly related to the domain name;
(ii) circumstances indicating that the respondent registered the domain name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that the respondent has engaged in a pattern of such conduct;
(iii) circumstances indicating that the respondent registered the domain name primarily for the purpose of disrupting the business of a competitor; or
(iv) circumstances indicating that the respondent intentionally is using the domain name in an attempt to attract, for commercial gain, Internet users to its website or other online location, by creating a likelihood of confusion with the complainant’s mark as to the source, sponsorship, affiliation, or endorsement of the respondent’s website or location or of a product or service on its website or location.
The examples of bad faith registration and use set forth in paragraph 4(b) of the Policy are not meant to be exhaustive of all circumstances from which such bad faith may be found. See Telstra Corporation Limited v. Nuclear Marshmallows, WIPO Case No. D2000-0003. Given that the scenarios described in UDRP paragraph 4(b) are non-exclusive and merely illustrative, even where a complainant may not be able to demonstrate the literal or verbatim application of one of the above scenarios, evidence demonstrating that a respondent seeks to take unfair advantage of, abuse, or otherwise engage in behavior detrimental to the complainant’s trademark would also satisfy the complainant’s burden. See WIPO Overview 3.0, section 3.1. The overriding objective of the Policy is to curb the abusive registration of domain names in circumstances where the registrant is seeking to profit from and exploit the trademark of another. See Match.com, LP v. Bill Zag and NWLAWS.ORG, WIPO Case No. D2004-0230.
In this case, the Panel holds that the Respondent registered the Disputed Domain Name in bad faith because the Disputed Domain Name clearly targets the Complainant’s Trademark and the Complainant’s activities already because the Disputed Domain Name replicates the Trademark.
Consequently, the choice of the Disputed Domain Name cannot be reasonably explained otherwise than as a reference to the Complainant’s Trademark and to the Complainant’s activities.
It is established that the use of a domain name for purposes of malware distribution (which is what the websites associated to the Disputed Domain Names contribute to do) may constitute bad faith under the Policy. In addition, the Panel notes that the Respondent has been found to have registered and used domain names in bad faith in multiple other cases decided under the Policy, which suggests a pattern of such conduct on the part of the Respondent.
On this basis, the Panel finds that the Respondent registered and uses the Disputed Domain Name in bad faith pursuant to paragraph 4(b) of the Policy, so that the conditions of paragraph 4(a)(iii) of the Policy are met.
For the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel orders that the disputed domain name <northerntrustprivatepassport.com> be transferred to the Complainant.
Jacques de Werra
Date: April 20, 2020