WIPO Arbitration and Mediation Center


Cisco Technology, Inc. v. Domain By Proxy, LLC / Alvaro Alfonso

Case No. D2021-1625

1. The Parties

The Complainant is Cisco Technology, Inc., United States of America (the “United States”), represented by Sideman & Bancroft LLP, United States.

The Respondent is Domain By Proxy, LLC, United States / Alvaro Alfonso, United States.

2. The Domain Name and Registrar

The disputed domain name <ciscobrandprotection.com> (the “Domain Name”) is registered with GoDaddy.com, LLC (the “Registrar”).

3. Procedural History

The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on May 25, 2021. On May 26, 2021, the Center transmitted by email to the Registrar a request for registrar verification in connection with the Domain Name. On May 27, 2021, the Registrar transmitted by email to the Center its verification response disclosing registrant and contact information for the Domain Name which differed from the named Respondent and contact information in the Complaint. The Center sent an email communication to the Complainant on May 28, 2021, providing the registrant and contact information disclosed by the Registrar, and inviting the Complainant to submit an amendment to the Complaint. The Complainant filed an amended Complaint on June 4, 2021.

The Center verified that the Complaint together with the amended Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for the Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).

In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the Complaint, and the proceedings commenced on June 8, 2021. In accordance with the Rules, paragraph 5, the due date for Response was June 28, 2021. An informal communication related to the notification of the Complaint was filed by the Respondent with the Center on June 28, 2021. The Respondent requested a 60-day extension. On July 14, 2021, the Center requested more information and told the Respondent that his communication would be forwarded to the Panel for consideration.

The Center appointed W. Scott Blackmer as the sole panelist in this matter on July 29, 2021. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.

4. Factual Background

The Complainant is a corporation organized under California law and headquartered in San Jose, California, United States. It manages the intellectual property portfolio of Cisco Systems, Inc. (“Cisco”), a publicly traded Delaware corporation, and licenses CISCO trademarks to Cisco and other affiliates for use in their business. As described in the Complaint, Cisco is a global leader in “developing, implementing, and providing networking, communications, and information technology products and services”, including servers, routers, and switches sold under the CISCO mark. The Complainant reported more than USD 49 billion in revenues in fiscal year 2020.

The Complainant advertises holds more than 1,400 domain names incorporating the CISCO mark, including <cisco.com> (used for its principal website), <cisco.us>, <cisco.biz>, and <cisco.info>.

Cisco has been using the CICSO mark for its goods and services since at least 1984, and in 2020 the global consultancy Interbrand ranked CISCO as the 16th most valuable brand in the world. The record shows that Cisco has substantial and ongoing advertising across multiple channels, media attention, and industry recognition. It is a Fortune 100 company, for example, and it was ranked number one on Fortune’s list of the World’s Best Multinational Workplaces in 2019 and 2020.

The Complainant holds more than 2,900 CISCO and CISCO-formative trademark registrations and applications, including United States Trademark Registration Number 1542339 for CISCO as a standard character mark (registered on June 6, 1989).

Other UDRP panels have recognized the high level of brand recognition that the CISCO mark enjoys in the United States and other jurisdictions. See, e.g., Cisco Technology Inc. v. Hidden Hidden, Open IT, WIPO Case No. D2018-0093 (“The Complainant acquired a high level recognition for its brand in many countries, in particular in the United States and the United Kingdom”); Cisco Technology, Inc. v. Matthew Archer, International Computer Purchasing Ltd, WIPO Case No. D2012-0563 (“CISCO can properly be regarded as world famous mark”).

“Cisco Brand Protection” is the Complainant’s business unit that investigates counterfeit and pirated products and enforces CISCO trademark rights. The work of the Cisco Brand Protection Team is described on the “Brand Protection” page of the Cisco website at “www.cisco.com”.

The Domain Name was registered on February 18, 2019, using the Domain by Proxy service, which identified the underlying registrant as the Respondent Alvaro Alfonso of Florida, United States, listing no organization.

The Complaint attaches the Respondent’s LinkedIn profile, describing the Respondent as “Cisco PSC” (presumably referring to the Respondent’s familiarity with the Complainant’s Prime Service Catalog functions) with a company called Tech Data. The Complaint also attaches a 2019 screenshot from a Florida State database listing the Respondent as CEO of an inactive corporation named Procensus Plus Corp., as well as an email dated February 26, 2019, from the Complainant to the Respondent “terminating for cause PROCENSUS PLUS CORPORATION’s contractual relationship with Cisco under the Indirect Channel Partner Agreement dated May 13, 2018 (the ‘ICPA’).” The email stated that as a result of termination, “PROCENSUS PLUS CORPORATION’s rights to purchase Cisco Services and Products from any Authorized Channel shall immediately terminate and Cisco will discontinue all Partner benefits set forth in the ICPA.” The accompanying letter of the same date addressed to Mr. Alfonso expressly instructed Procensus and any person affiliated with it to cease and desist from displaying Cisco trademarks or representing itself as Cisco certified or specialized. In addition, “[u]nless your company is informed otherwise in writing by Cisco Brand Protection, neither Procensus Plus Corporation nor any company, entity, or person affiliated in any way with you or your company will be entitled to become a Cisco authorized reseller.”

It does not appear that the Respondent has developed an active website associated with the Domain Name. The Complaint attaches a screenshot showing that the Domain Name formerly generated an error message. At the time of this Decision, however, the Domain Name resolves to a landing page hosted by the Registrar, headed with the Domain Name and text stating that it is “parked free, courtesy of GoDaddy.com”, with a link for those interested in offering to purchase the Domain Name. This is followed by a succession of what appear to be pay-per-click (“PPC”) third-party advertising links under the heading “Related searches” (likely generated by a search algorithm) with topics such as “routers”, “intranets”, “web security”, “WiFi networks”, and other matters relevant to the Complainant’s business. These link in turn to the commercial websites of the providers of related goods and services, some of which appear to compete with the Complainant.

The Complaint provides evidence that the Domain Name appeared in 2018 and early 2019 on six emails impersonating three members of Cisco’s Brand Protection Team. These emails were sent to a then-authorized Cisco partner, referring to a supposed audit concerning counterfeit goods and requesting information such as “invoices, quotes and purchase orders”, under threat of termination and damages for noncompliance. The Complaint attaches declarations by the named Cisco employees attesting that they did not send these emails.

The Complainant assumes that all of these fraudulent emails were sent by the Respondent, but the Panel notes that two of these emails were sent before the Respondent registered the Domain Name, despite the fact that one of them, dated in 2018, shows a sender with a <cisco.com> address and a “cc” with an address using the Domain Name. That “cc” address may not have been valid at the time, of course, and the address in the <cisco.com> domain was probably spoofed. There is reason to believe that some of these emails were sent via an email anonymizer service called 5yMail, thereby using an active email account other than the ones appearing in the “from” and “reply” lines of the message address. In the case of one of the fraudulent emails, for example, the sender neglected to substitute the fake sender’s email address for the 5yMail address that appeared by default. As the later email messages refer to the earlier ones in the thread and use the same Cisco employee names, it is fair to assume that they came from the same source. It appears, then, that the Domain Name was used on the emails as early as 2018 to lend credence to fraudulent emails as part of a long-running scheme to impersonate Cisco’s Brand Protection Team even before the Respondent registered the Domain Name and created a real email account.

5. Parties’ Contentions

A. Complainant

The Complainant asserts that the Domain Name is confusingly similar to its registered CISCO trademarks and that the Respondent has never had permission to use the mark in the Domain Name or other rights or legitimate interests in the Domain Name.

The Complainant contends that the “Respondent registered the domain name to impersonate Complainant’s Cisco Brand Protection Team members and send fraudulent audit notices and contract terminations to one of Complainant’s then-authorized channel partners.” The Complainant argues that this was done to disrupt the Complainant’s business and that the Respondent further evinced bad faith by concealing his identity through a domain privacy service.

B. Respondent

On June 28, 2021, the deadline for the Response, the Center received an email from a Gmail account that did not correspond to the contact details furnished by the Registrar. It purported to come from the Respondent and requested a 60-day extension on several grounds:

“I have just received the documentation you sent me regarding case number D2021-1625. This response took long since the documents were given to another person and not me personally. I am in the process of seeking counsel to answer the complaint regarding this case. Due to an incoming trip this week and because of the Covid-19 pandemic making everything more cumbersome, please grant me another 60 days to file an answer.”

The Center replied, asking for further information to identify the sender and the sender’s relationship with the Respondent, as well as stating that the message would be provided to the Panel. There was no further communication from the sender.

In the Panel’s view, if the email represented a serious attempt to submit arguments and evidence, the sender would have responded to the Center’s request for identifying information. In that case, the Panel would have considered the request and the Complainant’s objections, if any, to a short extension (likely not 60 days). As the sender did not reply to the Center, the Panel considers the email more likely a delaying tactic by the Respondent or an ally.

Rule 5 provides for twenty days to file a Response and a four-day automatic extension on request. The Center and panels have been generous with additional extensions during the pandemic and generally for respondents with reasonable and/or documented reasons for delay. This Respondent has not come forward with such reasons since the Center’s communication on July 14, 2021, so the Panel will proceed to a Decision on the record as it stands.

6. Discussion and Findings

Paragraph 4(a) of the Policy provides that in order to divest a respondent of a domain name, a complainant must demonstrate each of the following:

(i) the domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights; and

(ii) the respondent has no rights or legitimate interests in respect of the domain name; and

(iii) the domain name has been registered and is being used in bad faith.

Under paragraph 15(a) of the Rules, “[a] Panel shall decide a complaint on the basis of the statements and documents submitted and in accordance with the Policy, these Rules and any rules and principles of law that it deems applicable”.

A. Identical or Confusingly Similar

The first element of a UDRP complaint “functions primarily as a standing requirement” and entails “a straightforward comparison between the complainant’s trademark and the domain name”. See WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (“WIPO Overview 3.0”), section 1.7. The Complainant holds trademark registrations for the CISCO mark, which the Domain Name incorporates in its entirety. The addition of dictionary terms does not avoid a finding of confusing similarity. See id., section 1.8. As usual, the generic Top-Level Domain (“gTLD”) “.com” is disregarded as a standard registration requirement. See id., section 1.11.2.

Accordingly, the Panel finds that the Domain Name is confusingly similar to the Complainant’s registered CISCO trademarks and concludes that the Complaint satisfies the first element of the Policy.

B. Rights or Legitimate Interests

Paragraph 4(c) of the Policy gives non-exclusive examples of instances in which the respondent may establish rights or legitimate interests in the domain name, by demonstrating any of the following:

(i) before any notice to it of the dispute, the respondent’s use of, or demonstrable preparations to use, the domain name or a name corresponding to the domain name in connection with a bona fide offering of goods or services; or

(ii) that the respondent has been commonly known by the domain name, even if it has acquired no trademark or service mark rights; or

(iii) the respondent is making a legitimate noncommercial or fair use of the domain name, without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark or service mark at issue.

Because a respondent in a UDRP proceeding is in the best position to assert rights or legitimate interests in a domain name, it is well established that after a complainant makes a prima facie case, the burden of production on this element shifts to the respondent to come forward with relevant evidence of its rights or legitimate interests in the domain name. See WIPO Overview 3.0, section 2.1.

The Complainant in this proceeding has demonstrated trademark rights, the lack of permission to use its well-known CISCO mark, and the Respondent’s lack of use of the Domain Name for anything but fraudulent emails and PPC advertising. The burden shifts to the Respondent to produce evidence of rights or legitimate interests. The Respondent has not done so. The Panel concludes that the Complainant prevails on this second element of the Complaint.

C. Registered and Used in Bad Faith

The Policy, paragraph 4(b), furnishes a non-exhaustive list of circumstances that “shall be evidence of the registration and use of a domain name in bad faith”, including the following (in which “you” refers to the registrant of the domain name):

“(iii) you have registered the domain name primarily for the purpose of disrupting the business of a competitor;

(iv) by using the domain name, you have intentionally attempted to attract, for commercial gain, Internet users to your website or other online location, by creating a likelihood of confusion with the complainant’s mark as to the source, sponsorship, affiliation, or endorsement of your website or location or of a product or service on your website or location.”

The Respondent, a former CISCO partner and self-described “CISCO PSC”, is not precisely a competitor of the Complainant; rather it obtained some form of limited licensee – seemingly as a ruse to perpetuate a fraud. The Respondent was clearly aware of the Complainant and its marks at the time the Domain Name was registered and, indeed, had entered into a partnership agreement with Cisco, since terminated, including a limited license to display CISCO marks, but not to create or use the Domain Name. The record establishes the probability that the Respondent engaged in a months-long scheme involving the registration and use of the Domain Name to impersonate Cisco employees in an attempt to induce a Cisco partner to disclose confidential business information that could have been used to defraud the partner or Cisco of money or goods, as well as to disrupt Cisco’s business relationship with the partner. WIPO panels have found bad faith within the meaning of the Policy in such cases where a domain name is used for fraudulent emails to solicit confidential information. See WIPO Overview 3.0, section 3.4.

Moreover, the Respondent has also permitted the Domain Name to be used since for PPC advertising, misdirecting consumers to the commercial websites of others, including competitors. This is also considered bad faith under the Policy, even if a search algorithm places the links and third parties rather than the Respondent profit from the results, as the Respondent remains responsible for the misuse of the Domain Name exploiting the Complainant’s trademark. See id., section 3.5.

In these circumstances, the Respondent’s use of a domain proxy service and failure to respond to communications from the Complainant and the Center may be viewed as supporting the inference of bad faith.

The Panel concludes that the Complainant has established the third element of the Complaint.

7. Decision

For the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel orders that the Domain Name, <ciscobrandprotection.com>, be transferred to the Complainant.

W. Scott Blackmer
Sole Panelist
Date: August 12, 2021