WIPO Arbitration and Mediation Center
ADMINISTRATIVE PANEL DECISION
Cyberbit Ltd. v. Mr. Kieran Ambrose, Cyberbit A/S
Case No. D2016-0126
1. The Parties
The Complainant is Cyberbit Ltd., of Herzliya, Israel, represented by Eitan, Mehulal & Sadot, Israel.
The Respondent is Mr. Kieran Ambrose, Cyberbit A/S of Fyn, Denmark.
2. The Domain Name and Registrar
The disputed domain name, <cyberbit.com> (the “Domain Name”), is registered with Name.com LLC (the “Registrar”).
3. Procedural History
The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on January 20, 2016. On January 21, 2016, the Center transmitted by email to the Registrar a request for registrar verification in connection with the Domain Name. On the same date the Registrar transmitted by email to the Center its verification response confirming that the Respondent is listed as the registrant and providing the contact details. In response to a notification by the Center that the Complaint was administratively deficient, the Complainant filed an amendment to the Complaint on January 25, 2016.
The Center verified that the Complaint together with the amended Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).
In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the Complaint, and the proceedings commenced on January 26, 2016. In accordance with the Rules, paragraph 5, the due date for Response was February 15, 2016. The Respondent did not submit any response. Accordingly, the Center notified the Respondent’s default on February 16, 2016.
The Center appointed Tony Willoughby as the sole panelist in this matter on February 22, 2016. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.
4. Factual Background
The Complainant is an Israeli company engaged in the business of cyber security. It is a subsidiary of Elbit Systems Limited, which is a major Israeli-based player in the defence industry. It has sales approaching USD 3 billion.
The Complainant is the proprietor of International Trade Mark Registration No. 917258001 CYBERBIT (device mark) registered August 20, 2015 in class 9 for cyber collection systems and a wide variety of associated goods. The registration is based upon an Israeli application dated June 1, 2015 for the same mark. That application does not yet seem to have matured into a registration.
The Complainant won the 2015 Frost & Sullivan Global Cyber Intelligence and Security Competitive Strategy Innovation and Leadership Award.
The Panel has not been informed as to the date of commencement of the Complainant’s business, but the citation for that award contains the following passage: “In its relatively short time operating in the cyber business, CYBERBIT has managed to own impressive, high-end, stand-alone products and fully integrated solutions that provide end-to-end capabilities to its intelligence and cyber security customers.”
The Domain Name was registered on July 19, 2003 and is not currently in use.
The Respondent is a Danish-based individual who on the Complainant’s evidence (Annex A2) was trading through his company, Cyberbit A/S (also referred to as “Cyberbit”), at least as long ago as November 5, 2008. It is not known if the company is still trading. One of the contributors to Annex A2 describes the company as a merchant processor.
On June 10, 2015 an individual acting on behalf of the Complainant emailed the Respondent enquiring as to whether the Domain Name was for sale, but received no reply.
5. Parties’ Contentions
The Complainant contends that the Domain Name is identical to the Complainant’s CYBERBIT registered trade mark; that the Respondent has no rights or legitimate interests in respect of the Domain Name; and that the Domain Name was registered and is being used in bad faith.
The Respondent did not reply to the Complainant’s contentions.
6. Discussion and Findings
According to paragraph 4(a) of the Policy, for this Complaint to succeed in relation to the Domain Name, the Complainant must prove each of the following, namely that:
(i) The Domain Name is identical or confusingly similar to a trade mark or service mark in which the Complainant has rights; and
(ii) The Respondent has no rights or legitimate interests in respect of the Domain Name; and
(iii) The Domain Name has been registered and is being used in bad faith.
In coming to a decision, the Panel has to have regard to paragraph 15(e) of the Rules and in particular the following sentence, namely:
“If after considering the submissions the Panel finds that the Complaint was brought in bad faith, for example in an attempt at reverse domain name hijacking or was brought primarily to harass the domain name holder, the Panel shall declare in its Decision that the Complaint was brought in bad faith and constitutes an abuse of the administrative proceeding.”
B. Identical or Confusingly Similar
The Domain Name comprises “cyberbit", which is in substance the Complainant’s corporate name and registered trade mark (albeit that the latter is a device mark), and the “.com” generic Top Level Domain (“gTLD”) identifier.
It being permissible to ignore the gTLD identifier for the purpose of assessing identity and confusing similarity under paragraph 4(a)(i) of the Policy, the Panel is satisfied that the Domain Name is substantially identical to the Complainant’s registered trade mark.
C. Rights or Legitimate Interests
While it is for the Complainant to prove all three elements of paragraph 4(a) of the Policy, in the case of the second element (paragraph 4(a)(ii) of the Policy) it is generally sufficient in the first instance for the Complainant to make out a prima facie case calling for an answer from the Respondent. As this Panel explained in Julian Barnes v. Old Barn Studios Limited, WIPO Case No. D2001-0121,
“While the overall burden of proof is on the Complainant, this element involves the Complainant proving matters, which are peculiarly within the knowledge of the Respondent. It involves the Complainant in the often impossible task of proving a negative. In the Panel’s view the correct approach is as follows: the Complainant makes the allegation and puts forward what he can in support (e.g. he has rights to the name, the Respondent has no rights to the name of which he is aware, he has not given any permission to the Respondent). Unless the allegation is manifestly misconceived, the Respondent has a case to answer and that is where paragraph 4(c) of the Policy comes in. If the Respondent then fails to demonstrate his rights or legitimate interests in respect of the Domain Name, the complaint succeeds under this head.”
The Complainant’s case under this element of the Policy is that (a) “the Domain Name comprises, in full, the [Complainant’s] trading name and trade mark”; (b) “there is no evidence that the [Respondent] has been or is commonly known by the disputed Domain Name or has acquired any trademark or service mark rights in it”; (c) “the lack of responsiveness of the [Respondent] and the lack of use of the Domain Name suggest that the holding of the Domain Name is no longer of interest to the [Respondent]”; (d) when the Respondent did operate a website connected to the Domain Name it was “a website that was ripping-off its customers and involved in monetary scams”.
The Panel is puzzled by (b) above. In the Complaint the Complainant acknowledges that the Respondent has an email address connected to the domain name, <cyberbit.eu>,1 and quotes from a website indicating that the Respondent has a company named Cyberbit A/S, which is also referred to simply as “Cyberbit”. True, the website from which the extracted quote was taken accuses the Respondent’s company of ripping off its customers, but quite clearly the Respondent’s company is (or was at that time) commonly known as either Cyberbit or Cyberbit A/S.
The matter is of significance in light of paragraph 4(c)(ii) of the Policy, which provides:
“Any of the following circumstances, in particular but without limitation, if found by the Panel to be proved based on its evaluation of all evidence presented, shall demonstrate your rights or legitimate interests to the domain name for purposes of Paragraph 4(a)(ii):
(ii) you (as an individual, business, or other organization) have been commonly known by the domain name, even if you have acquired no trademark or service mark rights;”
While it is the case that the Respondent is an individual with a name which in no way resembles the Domain Name, it is a fact that in the Complaint the Complainant treats the Respondent and his company as one when it talks of the Respondent’s use of the Domain Name (see above). The Panel regards this as a reasonable approach for the Complainant to have adopted and proposes to do the same.
In the view of the Panel the Respondent manifestly has a legitimate interest in a domain name such as the Domain Name, which reflects his company name. The Complainant has produced evidence showing that some of the Respondent’s customers believe the Respondent’s style of business to be a “rip-off”, but there is no suggestion that the Respondent’s business is or was anything other than a genuine commercial operation.
The Complainant has failed to satisfy the Panel that the Respondent has no rights or legitimate interests in respect of the Domain Name. Accordingly, the Complaint fails.
D. Registered and Used in Bad Faith
There is a more fundamental reason for dismissing the Complaint. Paragraph 4(a)(iii) of the Policy requires the Complainant to establish to the satisfaction of the Panel that the Domain Name was both registered and is being used in bad faith. Yet the Complaint (in both its original and amended forms) omits altogether the section of the online complaint form headed “C. The domain name(s) was/were registered and is/are being used in bad faith.”.
This omission from the amended Complaint is particularly surprising in that the notification by the Center that the original Complaint was administratively deficient and required an amendment (section 3 above) was in the following terms: “The Complaint does not describe why the domain name(s) should be considered as having been registered and used in bad faith by the Respondent as required by the Policy, Paragraph 4(a)(iii) and Rules, Paragraph 3(b)(ix)(3).”
In the section of the original Complaint dedicated to the second element of the Policy (“The Holder has no rights or legitimate interests in respect of the Domain Name”) the Complainant asserted that the Respondent had no continuing interest in the Domain Name as it was making no use of it and had previously operated it to connect to a website ripping off its customers and that in light of that there was “a risk of confusion and/or association and/or dilution of [Respondent’s] trademarks rights by the continued holding of the Domain Name by the [Respondent].” This all related to the use and/or non-use of the Domain Name and featured no reference to the Respondent’s motive in registering the Domain Name.
The Complainant amended the Complaint in response to the Center’s notification by:
(a) inserting two references to “registration and use in bad faith” (merely the words, nothing of substance): and
(b) expanding upon the references to the Respondent’s use of the Domain Name to rip-off his customers; and
(c) asserting that the continued holding of the Doman Name by the Respondent “prevents the [Complainant], which is the owner of the trademark from reflecting the mark in a corresponding domain name.”
None of those amendments addressed the issue as to how the Respondent could have registered the Domain Name in 2003 with a bad faith intent directed at the Complainant and/or its CYBERBIT trade mark in mind, a trade mark which was first applied for in Israel on June 1, 2015.
While it is possible that the Respondent was not the first registrant of the Domain Name, the Complainant has not produced any evidence directed to that point and the Complainant’s own evidence (that relating to the alleged scamming on the part of the Respondent) features a blog about the Respondent’s trading style and payment processing services dating back to November 5, 2010.
It is conceivable that the Complainant might have acquired unregistered trade mark rights in respect of its Cyberbit name prior to 2015, but the Complainant has produced no evidence at all of any reputation or goodwill in respect of that name prior to 2015. It produced substantial evidence in the form of extracts from the consolidated accounts of “Elbit Systems Limited and its subsidiaries” to show that the group of which the Complainant is a part had substantial trade over the years 2012-2014, but nothing going back to earlier years and nothing referable to the Complainant. Moreover, the citation for the 2015 Frost & Sullivan Global Cyber Intelligence and Security Competitive Strategy Innovation and Leadership Award, which was won by the Complainant in 2015 (see section 4 above) seems to indicate that the Complainant was a relatively recent arrival on the scene in 2015.
The Complainant has failed to satisfy the Panel that the Domain Name was registered and is being used in bad faith.
E. Reverse Domain Name Hijacking (“RDNH”)
RDNH is defined in paragraph 1 of the Rules as meaning “using the Policy in bad faith to attempt to deprive a registered domain name holder of a domain name.”
In this case the Respondent has not sought a finding of RDNH, but, as paragraph 15(e) of the Rules makes clear (see A above), such a finding is not dependent upon a request from the Respondent. If abuse is apparent on the face of the case papers, the Panel is under an obligation to declare it. See Goway Travel Limited v. Tourism Australia, WIPO Case No. D2006-0344 (“The Rules specifically put the burden on the Panel to determine whether a complainant has tried to use the Policy in bad faith to attempt to deprive a registered domain name holder of a domain name.”). Thus, findings of RDNH have been made not only in cases where no such finding has been sought by the respondent, but also in cases where there has been no response (M. Corentin Benoit Thiercelin v. CyberDeal, Inc., WIPO Case No. D2010-0941).
It seems difficult to believe that a member company of such a prestigious group of companies as that headed by the Complainant’s parent company could have deliberately set out to abuse the process by launching such a fundamentally flawed complaint. Nonetheless, it is the case that the original Complaint omitted the section dealing with bad faith registration and use. How did it come to be removed? Was it a conscious decision or an error? When the deficiency was drawn to the Complainant’s attention by the Center and the invitation to file an amended Complaint was taken up, why was the deficiency not properly addressed? The amendments were purely cosmetic.
The deficiencies must have been obvious to anyone remotely familiar with the Policy. The Domain Name was first registered in 2003 nearly twelve years before the Complainant acquired its registered trade mark rights. The Respondent through his Danish company, Cyberbit A/S, a payment processing company, was to the Complainant’s knowledge at the time of filing the Complaint using the Domain Name at least as long ago as 2008, seven years before the Complainant acquired its registered trade mark rights. None of the evidence relating to the Respondent’s use of the Domain Name supports any contention that the Respondent was at any time targeting the Complainant or its trade mark.
If the Complainant did not launch the Complaint (and pursue the matter by way of the amended Complaint) knowing that it was doomed to failure, a matter upon which the Panel comes to no concluded view, it was nonetheless, in the Panel’s view, at the very least culpably reckless as to the Complaint’s prospects of success and thus guilty of an abuse of this administrative proceeding.
For the foregoing reasons, the Complaint is denied and the Panel finds the Complainant to have engaged in RDNH.
Date: February 26, 2016
1 Annex 1 to the Complaint includes a copy of an email sent by the Complainant to a “cyberbit.eu” address, but which bounced-back, thereby reflecting the Complainant’s belief that the Respondent does not, in fact, have such an email extension.