WIPO Arbitration and Mediation Center

ADMINISTRATIVE PANEL DECISION

Blue Cross and Blue Shield Association, Empire HealthChoice Assurance, Inc. dba Empire Blue Cross Blue Shield and also dba Empire Blue Cross v. Private Whois Service / Search and Find LLC. / Michigan Insurance Associates / 4 Letter Domains Inc. / New York Health Ins.

Case No. D2010-1699

1. The Parties

1.1 The Complainants are Blue Cross and Blue Shield Association of Chicago, Illinois, United States of America, represented by Hanson Bridgett LLP, United States of America and Empire HealthChoice Assurance, Inc. dba Empire Blue Cross Blue Shield and also dba Empire Blue Cross of New York, New York, United States of America, represented by Morgan Lewis & Bockius LLP, United States of America.

1.2 The Respondents are Private Whois Service of Nassau, Bahamas; Search and Find LLC. of Las Vegas, Nevada, United States of America; Michigan Insurance Associates of Detroit, Michigan, United States of America; 4 Letter Domains Inc. of Marlboro, Massachusetts, United States of America; New York Health Ins. of New York, New York, United States of America.

2. The Domain Name(s) and Registrar(s)

2.1 The disputed domain names (together the “Domain Names”) are as follows:

(i) <bluecrossblueshieldmn.com>, <bluecrossblueshieldofgeorgia.com>, <bluecrossblueshieldofmichigan.com>, <bluecrossblueshieldoftexas.com>, (the “BlueCross BlueShield Domain Names”)

(ii) <bluecrossofidaho.com> and <empirebluecross.com> (the “BlueCross Domain Names”)

(iii) <bcbsm.net> and <bcbs.net> (the “BCBS Domain Names”),

(iii) <akbcbs.com>, <cobcbs.com>, <ctbcbs.com>, <hibcbs.com>, <iabcbs.com>, <idbcbs.com>, <inbcbs.com>, <kybcbs.com>, <mebcbs.com>, <nebcbs.com>, <nmbcbs.com>, <nvbcbs.com>, <ohbcbs.com>, <pabcbs.com>, <sdbcbs.com>, <wabcbs.com> and <wibcbs.com> (the “State BCBS Domain Names”)

2.2 The Domain Names are all registered with Internet.bs Corp (the “Registrar”).

3. Procedural History

3.1 The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on October 7, 2010. As at the date the Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”), “Private Whois Service” was recorded as the registrant of the Domain Names in the publically available WhoIs. “Private Whois Service” is the “privacy” service of the Registrar.

3.2 On October 8, 2010, the Center transmitted by email to the Registrar, a request for registrar verification in connection with the Domain Names. On October 8, 2010, the Registrar transmitted by email to the Center its verification response in which it stated:

“respondents are using our Domain Privacy service called ‘Private Whois’, while we cannot disclose their personal details, we can confirm there are at least 2 distinct entities involved. In our opinion it should be filed an UDRP complaint for each domain. You will notice that each domain is using a different email address AND the postal address looks very similar but is NOT identical”

3.3 On October 10, 2010 the Registrar sent a further email to the Center in which it stated “[p]lease note that some registrants decided to disclose their personal information” and then purported to disclose four different registrants for the domain names <bluecrossblueshieldmn.com>, <bluecrossblueshieldofmichigan.com>, <empirebluecross.com> and <bcbs.net>.

3.4 The Center sent an email communication to the Complainant on October 14, 2010 providing the registrant and contact information disclosed by the Registrar, and inviting the Complainant to submit an amendment to the Complaint. The Complainant filed an amended Complaint on October 19, 2010 together with a Supplemental Statement in which it argued that the purported contact information provided by the Registrar had “been falsified” and that the four Domain Names in issue were controlled or owned by the same person.

3.5 The Center verified that the Complaint together with the amended Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).

3.6 In accordance with the Rules, paragraphs 2(a) and 4(a), the Center formally notified the Respondent of the Complaint, and the proceedings commenced on October 22, 2010. In accordance with the Rules, paragraph 5(a), the due date for Response was November 11, 2010. The Respondent did not submit any response. Accordingly, the Center notified the Respondent’s default on November 12, 2010.

3.7 The Center appointed Matthew S. Harris as the sole panelist in this matter on Thursday, November 18, 2010. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.

3.8 On Monday, November 22, 2010 the Panel took the unusual but not unprecedented¹ step of issuing a Procedural Order directed to the Registrar putting the Registrar on notice that having reviewed the file the Panel was (a) minded to make a number of comments critical of the Registrar’s conduct in its published decision (the details of which comments and the grounds for the same being set out in the Order); and (b) likely to invite the Center to bring this decision to the attention of ICANN for such further investigation or action in relation to the Registrar’s activities and business practices as ICANN considered appropriate. In light of this, the Procedural Order out of procedural fairness provided the Registrar with the opportunity to respond to the issues by no later than Friday, November 26, 2010. The Order stated that whilst the Registrar was under no obligation to submit a submission in this respect, should it fail to do so, this might result in the Panel drawing adverse inferences of fact against the Registrar in respect of the issues raised.

3.9 The Registrar did not file a submission in response to the Procedural Order.

4. Factual Background

4.1 There are two Complainants in these proceedings. The first is the Blue Cross and Blue Shield Association (“BCBSA”). It is a not-for-profit corporation based in Illinois. BCBSA licenses 39 independently operated “Blue Cross and Blue Shield Association Member Plans” to provide health and life assurance, health care delivery services and related goods and services.

4.2 In 2009 the gross revenue of licensees exceeded USD 356 billion and roughly 1 in 3 U.S. residents were enrolled in a Member Plan.

4.3 BCBSA and its predecessors in business have been using the terms “Blue Cross” and “Blue Shield” and variations and combinations of the same since 1934. It and its “Member Plans” have been using the acronym “BCBS” for “Blue Cross and Blue Shield” since 1982 and as a mark in commerce since August 1994.

4.4 BCBSA is the also owner of 223 United States federal trade mark and service mark applications and registrations many of which incorporate the terms “Blue Cross” or “Blue Shield” or variations or combinations of these terms. These marks include:

(i) U.S. registered trade mark no 71536214 for the word mark BLUE-CROSS filed in September 1947 and registered in class 36; and

(ii) U.S. registered trade mark no 73437189 for the word mark BLUE SHIELD filed in August 1983 and registered in class 36.

4.5 BCBSA uses various domain names that comprise the terms “bluecross”, “blueshield” or “bcbs” or variations of combinations of such terms, many of which were first registered in 1998.

4.6 The second Complainant is Empire HealthChoice Assurance Inc (“Empire”), a company registered in the State of New York. It is a “Member Plan” and licensee of BCBA and has been trading under the names EMPIRE BLUE CROSS BLUE SHIELD and/or EMPIRE BLUE CROSS since 1985. It has used the domain name <empireblue.com> in respect of its activities since 2000.

4.7 The issue of the identity of the underlying registrants or registrant of the 25 Domain Names in these proceedings is one that is addressed in greater detail later on in this Decision. The Domain Names were registered between 2000 and 2008 with the vast majority registered on May 1, 2008. The Domain Names at the date of the Complaint were all being used to display pages generated by pay–per-click services or diverted Internet users to a website operating from another domain name on which such a page was displayed. Three types of pages were being displayed. In particular:

(i) All the State BCBS Domain Names displayed a page with the heading “Welcome to Insurance Plus.com”. Beneath that was the text “For resources and information on Auto Insurance and Life insurance”. To the left of the screen was a list of “related searches” all of which were insurance related and which included “Health insurance quote”.

(ii) Four of the Domain Names displayed a page in the same format as the page displayed for the BCBS Domain Names but with the heading “Welcome to healthportals.com”. Underneath that heading was the text “For resources and information on Blue Cross Blue Shield and Health insurance”. The related searches on the left of the screen were all health related with a large number of the links incorporating the words “Blue Cross” and some the words “Blue Cross Blue Shield”. At the bottom of the page there was also a list of further “related searches” all which appeared to be health related.

(iii) Three of the Domain Names displayed a pay-per-click page where the domain name was displayed at the top of the page and to the right of which was a search box. Below that were a series of “Sponsored Listing” all of which appeared to be related to health insurance providers. To the right was a list of “related searches” all of which appeared to have health associations. At the bottom of the page was another search box.

4.8 By October 12, 2010 the webpages displayed in relation to each of the Domain Names changed with all displaying pages in either (a) exactly the same format as the “Welcome to healthportals.com” pay-per-click page; or (b) exactly the same format as the “Welcome to InsurancePlus.com” webpage save that the text heading instead read “Welcome to Department of Insurance”.

4.9 At Annex A to this Decision is a table of the Domain Names. In that table against each of the Domain Names is displayed its date of registration, the name of the “underlying registrant” disclosed by the Registrar (if so disclosed) and details of which of the different types of pay-per-click page that operated from which domain name (a) at the time of the Complaint and (b) as at October 12, 2010.

4.10 So far as the four Domain Names in respect of which the Registrar has purported to give underlying registration details are concerned the following common dealings are apparent:

(i) In the case of each of the four Domain Names the Registrar is recorded as hosting the Domain Name from August 6, 2009.

(ii) There are a large number of examples of the name servers (being the name servers of different pay-per-click services) in respect of each of these four Domain Names changing at the same time and to the same servers.

5. Parties’ Contentions

A. Complainant

5.1 The Complainants refers to BCBSA’s registered marks and claims common-law trade mark rights in the mark “BCBS”. They assert that each of the Domain Names is confusingly similar to these trade marks. In the case of each of the State BCBS Domain Names it claims that the Domain Names can be read as a reference to the BCBS mark combined with two letter abbreviations for US States (i.e. ky – Kentucky, mn – Minnesota, oh – Ohio, etc.)

5.2 The Complainants also claim that Empire has common law trade mark rights in the mark EMPIRE and that the Domain Name <empirebluecross.com> is confusingly similar to that trade mark.

5.3 The Complainants contend that the Respondent has no right or legitimate interest in the Domain Names, in that the Respondent is not affiliated or licensed to use the relevant marks and that it is not known by the marks nor are the Domain Names used in connection with a bona fide offering of goods or services. It is claimed that this is prima facie evidence that there is no rights or legitimate interest.

5.4 The Complainants further contend that the Domain Names have been registered “to get a free ride off the fame of [the] Complainant’s marks”, asserting that this is a case where the Domain Names are “so obviously connected with the complainant and its services that its very use by someone with no connection with the complainant suggests bad faith” (citing the case of Toyota Jidosha Kabushiki Kasha d/b/a Toyota Motor Corporation v. S&S Enterprises Ltd, WIPO Case No. D2000-0802 as authority for that proposition). Reference is also made in this respect to the decisions of Blue Cross and Blue Shield Association (BCBSA) v. Domain Deluxe, WIPO Case No. D2005-0209 and Blue Cross and Blue Shield Association v. Garrett Ltd./John Nunley, WIPO Case No. D2003-0028.

5.5 The Complainants further contend that the Respondent has recently shown “a general pattern of misuse of famous trade marks for illegitimate purposes”, citing Henkel Corporation v. Private WhoIs Service/Katarzyna Bienika, WIPO Case No. D2010-0147 and Association Robert Mazars v. Private Whois Service, c/o mazarsrevenge.com, WIPO Case No. D2009-0183.

5.6 On the issue of bad faith use, the Complainants assert that the Respondent’s activities involve an attempt to attract for commercial gain Internet users to his or her websites by creating a likelihood of confusion with the Complainants’ marks. In this respect it refers to the links appearing on those websites that are said to direct Internet users to the “Complainants’ licensees and competitors” and asserts that the Respondent is “presumably” earning revenue from those links.

5.7 Last the Complainants refer to five letters before action sent on October 5, 2010 in respect of the <bluecrossblueshieldofmichigan.com>, <bluecrossblueshieldmn.com>, <bcbs.net>, <bluecrossblueshieldoftexas.com>, and <empirebluecross.com> Domain Names sent to the relevant email address displayed in relation to the Domain name and address to the “Registrant of [the Domain Name in question]”. It claims that it received no response to any of the letters and relies upon the statement in Encyclopaedia Britannica, Inc. v. John Zuccarini and The Cupcake Patrol a/ka Country Walk a/k/a Cupcake Party, WIPO Case No. D2000-0330 that “[a respondent’s failure] to respond to Complainant’s efforts to make contact provide strong support for a determination of "bad faith" registration and use”.

5.8 The Complainants seek the transfer of all the Domain Names to BCBSA, with the exception of <empirebluecross.com>, which it asks be transferred to Empire.

B. Respondent

5.9 No Response was filed to the Complainant.

6. Discussion and Findings

6.1 There are no exceptional circumstances within paragraph 5(e) of the Rules so as to prevent this Panel from determining the dispute based upon the Complaint, notwithstanding the failure of any person to lodge a formal Response.

6.2 Notwithstanding that default, it remains incumbent on the Complainants to make out their case in all respects under paragraph 4(a) of the Policy. Namely the Complainants must prove that:

(i) the Domain Names are identical or confusingly similar to a trade mark or service mark in which the Complainants have rights (paragraph 4(a)(i)); and

(ii) the Respondent(s) have no rights or legitimate interests in respect of the Domain Names (paragraph 4(a)(ii)); and

(iii) the Domain Names have been registered and are being used in bad faith (paragraph 4(a)(iii)).

6.3 However, under paragraph 14 of the Rules, where a party does not comply with any provision of the Rules, the Panel shall “draw such inferences therefrom as it considers appropriate”.

6.4 The Panel will address the three aspects of the Policy listed above in turn. However, before it does so it is necessary to address in some detail the procedural issues that have arisen in this case. In particular, these are (a) who is or are the Respondent(s) for the purposes of these proceedings and whether the proceedings can proceed as a single set of proceedings; and (b) the Registrar’s conduct in connection with these proceedings.

A. Identity of the Respondent

6.5 This Panel has previously considered the issue of identifying the proper respondent in a case where, at the time that a complaint is brought, the disputed domain name is registered with a “privacy service” of the sort operated by the Registrar in this case. See RapidShare AG, Christian Schmid v. PrivacyAnywhere Software, LLC, Mikhail Berdnikov (Protected Domain Services Customer ID: DSR-2262893, Protected Domain Services Customer ID: DSR-2092987) WIPO Case No. D2010-0894. RapidShare was a case where the registrar was named as the respondent; the registrar (as is now common practice among reputable registrars – a point to which this Panel returns later in this Decision) disclosed the underlying registrant but demanded that the registrar nevertheless be designated as the formal respondent.

6.6 Against that background the Panel commented as follows:

“Procedural significance of naming the ‘right’ Respondent

6.14 The question of who is formally named in the Complaint, is, in the view of the Panel, in reality not that significant in this case.

[The Panel then cited the reasoning in paragraph 5.5 to 5.16 of the decision of Mrs. Eva Padberg v. Eurobox Ltd, WIPO Case No. D2007-1886 and continued to summarise the reasoning as follows]

6.15 So to summarise, from a purely procedural perspective, it is not particularly significant who is named as a respondent in the heading of a complaint. Further, a complainant will also usually satisfy its procedural obligations under the Policy by identifying as the ‘respondent’ the person or persons named in the publically available WhoIs register at the time that the Complaint is filed with the Center. Further, although a sensible practice has evolved in cases where a domain name is registered in the name of a privacy service and the privacy service operator has revealed the underlying registrant, of the Center bringing that information to the attention of the complainant and giving the complainant an opportunity to amend its complaint accordingly, there is no obligation on a complainant to do so. In the Mrs. Eva Padberg case supra the question was whether the complainant was required to change the name of the respondent in circumstances where the name revealed was obviously a false one. However, as a matter of principle there seems to be no good reason to be found in the Policy or the Rules as to why amendment should otherwise be required, provided that the complaint accurately reflected the WhoIs details publically available at the time that the complaint was lodged at the Center (and subject to the obligations of additional disclosure imposed by paragraph 3(b)(v) of the Rules).

6.16 It is for that reason that the Panel rejects the [r]egistrar’s contention that the [c]omplainants ‘ought’ to have amended the [c]omplaint when the underlying registration details were provided to it. The [c]omplaint from a procedural perspective was correctly filed and could quite properly progress without amendment.

Substantive significance of naming the ‘right’ Respondent

6.17 Of course, procedural compliance [on filing] is not the end of the matter. Who exactly is to be treated as the correct ‘respondent’ for the purposes of the complaint still can be a matter of significance. It is against that person that the question of rights or legitimate interests must be judged and the question of bad faith must be assessed. That is why in the words of this Panel in the Mrs. Eva Padberg case supra, disclosure of the identity of the underlying registrant may be of ‘crucial importance’. It may lead a complainant on a train of enquiry that reveals further information and evidence that is directly of relevance to these issues.

6.18 That said, who is named as the formal respondent in proceedings in practice often does not really matter. The reason for this is the motives and interests of the person who de facto controls the domain name and has been responsible for its registration that will usually be significant when addressing issues under the Policy. Take for example the position of an agent who has registered a domain name in his name on behalf of another. If the person actually controlling the domain name registered that domain name in bad faith, it is no answer to this that the named agent had no knowledge of a complainant’s mark and so far as he alone was concerned had acted in good faith. To hold otherwise would drive a coach and horses through the operation of the Policy. In such circumstances the knowledge of the principal is to be imputed to the agent. There is no reason why a privacy service should be treated in different way to any other agent in this respect.

Dealing with Multiple Respondents

6.19 Nevertheless procedural difficulties still remain. One of these arises directly in the present proceedings. That is the question as to what is the correct procedure where proceedings have been commenced in relation to multiple domain names registered with a single privacy service that in response to a verification request reveals that there is more than one underlying registrant.

6.20 This issue of multiple respondents recently came before the Panel in Accor v. Jose Garcia, Jan Cerny, N/A,Dopici Nasrat, WIPO Case No. D2010-0471. In that case the Panel stated:

‘4.2 The starting point is that normally it is not possible to commence a single UDRP proceeding in relation to domain names registered in the name of more than one person. Paragraph 3(c) of the Rules state that ‘The complaint may relate to more than one domain name, provided that the domain names are registered by the same domain-name holder’, and although this is permissive rather than a proscriptive provision, the intent of the drafters of the Rules seems reasonably clear. So in a case where a complaint is filed against multiple unconnected respondents, a panel may continue that case against one of the respondents and dismiss it against the others (see for example The Cartoon Network LP, LLLP v. Mike Morgan, WIPO Case No. D2005-1132). [Footnote: ‘With respect to consolidation of multiple domain names and respondents under the Policy, where there is an element of connection and common control, see also the learned panellist discussion in Speedo Holdings B.V. v. Programmer, Miss Kathy Beckerson, John Smitt, Matthew Simmons, WIPO Case No. D2010-0281.’]

4.3 However, in considering whether there are multiple respondents, what is important is the identity of the registrants at the date that the complaint became ‘pending’. The reason for this is that under paragraph 8(a) of the Policy a domain name cannot be transferred ‘during a pending administrative proceeding’ and as a consequence any change in registration details after that date can be disregarded. In the opinion of the Panel and for the reasons given in detail in Mrs. Eva Padberg v. Eurobox Ltd., WIPO Case No. D2007-1886, a case is pending as soon as it has been ‘initiated’ by a complainant; i.e. when a complaint has been sent to an ADR Provider (see paragraph 3(a) of the Rules). Alternatively, it becomes pending at the very latest when a registrar has been notified of the existence of the complaint.

4.4 Further, if a panel considers that notwithstanding any change in registration details the relevant domain names are in fact controlled by the same person or persons, the proceedings can still continue (see, for example, General Electric Company v. Marketing Total S.A, WIPO Case No. D2007-1834 and Western Union Holdings, Inc. v. Private Whois Escrow Domains Private Limited / Comdot Internet Services PVT. LTD., Laksh Internet Solutions Private Limited., Pluto Domain Services Private LTD., Compsys Domain Solutions Private Limited, supra).’

6.21 So there are two questions that must be addressed in this case. The first is whether the fact that at the time the proceedings were commenced the WhoIs register recorded the same privacy service as the registrant of the Domain Names means that the case can be treated as proceeding against a single Respondent. The second is whether, regardless of the details recorded on the register, the domain names are de facto controlled by the same entity. It is convenient to deal with the issue of common control first.”

6.7 In Rapidshare the Panel concluded that where the underlying registrants were disclosed then ordinarily proceedings could not continue formally as a single set of proceedings if there was no common control, but then proceeded to suggest a procedural mechanism as to how in such circumstances, the proceedings might still be permitted to proceed, without the need to file fresh proceedings.

6.8 In the present case before the Panel has reached the conclusion that there is prima facie common control notwithstanding the contentions of the Registrar that there is more than one registrant and it consequentially follows that the proceedings can formally continue as one set of proceedings. The reasons for this are as follows.

6.9 So far as the State BCBS Domain Names are concerned (which are 17 of the 25 Domain Names in issue), the evidence of common control and/or ownership is overwhelming. In particular:

(i) all these Domain Names were registered on the same day; i.e. January 5, 2008;

(ii) all these Domain Names adopted a common format; i.e. they comprised a combination of the letters BCBS preceded with two initials that correspond to the mailing abbreviation for a U.S. state;

(iii) all these Domain Names have been used to divert traffic to the same pay-per-click parking page; i.e., the “insuranceplus.com” pay-per-click page and then the “Department of Insurance” pay-per-click page.

6.10 The only sensible explanation of this evidence is that these Domain Names were registered and have been used by the same person.

6.11 So far as the Domain Names where the Registrar listed four different underlying registrants are concerned, again the Panel considers them to be under common control or ownership. The reason for this are the common dealings identified by the Complainants in these Domain Names in the Supplemental Statement and which are identified in paragraph 4.10 of this Decision. Another factor is that in the same Statement the Complainant brought forward evidence that prima facie suggested that the details provided by the Registrar in relation to these Domain Names were fictitious. In particular, the Complainants’ lawyers both conducted searches in the United States where according to the addresses provided by the Registrar, the relevant registrants were located and was unable to verify the existence of any entity under any of the names provided. Further, the telephone numbers provided either did not match up with details for the numbers found on the Internet or when rung and answered revealed an entity different from that purportedly disclosed.

6.12 Maybe there are answers to all of the points put by the Complainant in respect of these four domain names. But prima facie this is evidence of common control or ownership. In the absence of any compelling evidence on this issue to the contrary, the Panel holds for the purposes of these proceedings that this is the case.

6.13 Next it seems more likely than not that the Domain Names <bluecrossblueshieldofgeorgia.com>, <bluecrossblueshieldoftexas.com> and <bluecrossofidaho.com> are under common control. The reasons for this are (a) the common format of those domain name; i.e. the use of the words “bluecrossof” or “bluecrossblueshieldof” combined with a U.S. state; and (b) all three Domain Names were also registered on the same day; i.e. February 15, 2004.

6.14 That leaves just one Domain Name unaccounted for; i.e. <bcbsm.net> but the Panel considers that they should be treated as belonging to the same category as the <bluecrossblueshieldofgeorgia.com>, <bluecrossblueshieldoftexas.com> and <bluecrossofidaho.com> Domain Names. Although registered on a different date and is constructed in a different manner, there is the fact that the pay-per-click pages displayed followed a similar format and history to at least two of the other three domain names; i.e. at the time of the Complaint they took the format “Domain Name pay-per-click” and then all changed to “Department of Insurance” pay-per-click pages.

6.15 That might still suggest 3 different registrants in this case, but there are further common features that potentially connect these various groups of domain names together. There is the rather obvious linking facts that (a) all of the Domain Names appear to allude to BCBSA in some form or other and have been used (as is explained in greater detail later on in this Decision) to take advantage of BCSA related trade marks; (b) purported common refusal (when one takes into account the conclusion that none of the disclosed “registrants” appear to exist) of “registrants” to give valid underlying registration details; (c) in all cases the same Registrar has been used; and (d) the same Privacy service has been used.

6.16 However, there are more specific common features. In particular

(i) <bluecrossblueshieldoftexas.com> in common with those four registrations where underlying registrants were purportedly disclosed not only shares a common format with one of those four Domain Names but at all times has also redirected users to the same “healthportals.com” pay-per-click page.

(ii) two of the Domain Names registered on February 15, 2004 on October 12, 2010 diverted Internet users to the same “Department of Insurance” pay-per-click page used by all the State BCBS Domain Names

6.17 Last, but not least, there is the fact that none of the Respondents have taken part in these proceedings either formally or informally in such a way so as to suggest that they have any real independent existence.

B. Registrar Conduct

6.18 Four Seasons Hotels Limited v. Internet bs Corporation/Private Whois Service, WIPO Case No. D2009-1657 was a case involving the same Registrar and in common with the current case a Procedural Order was issued directed to the Registrar in respect of its failure to disclose the underlying registrants in respect of the domain names in issue. In contrast to the present case, the Registrar decided to put in submissions to justify its conduct.

6.19 The Registrar is, therefore, already very familiar with the reasoning in Four Seasons Hotels Limited case, but given the Panel’s conclusion that the Registrar’s conduct should be brought to the attention of ICANN it is perhaps useful to set it out again in the body of this Decision. In particular, in that case the Panel stated as follows:

“6.2 The Panel has considered whether it is necessary to comment on the Registrar’s conduct in this case, given that ultimately it has provided contact details for the registrant (albeit ones that do not appear to clearly identify a legal entity). This suggests that the Registrar may have thought better of its initial conduct in this case. Nevertheless, the information has now been provided after purported ‘approval from [its] customer’. In short, the Registrar appears to continue to maintain that whether or not this information is provided is ultimately for its ‘customer’ to decide. The Panel disagrees and is concerned that the Registrar (or other registrars) may seek to take a similar position in future. It is therefore appropriate for the Panel to address this issue.

6.3 This is not the first occasion on which the Registrar refused to provide details of an underlying registrant behind what would appear to be its ‘Private WhoIs Service’. In Association Robert Mazars v. Private Whois Service, c/o mazarsrevenge.com, WIPO Case No. D2009-0183, the Registrar took a similar position. Once again it claimed that the issue of disclosure was a matter not for it but for its customer. The explanation offered was as follows:

‘while we are very happy and willing to assist the Center in order to go ahead with the UDRP, we have also a contract with our customers and the Private Whois service is intended to prevent third parties to obtain the real identity of the [sic] domain holder. Please note in our opinion section 3.7.7.3. of the ICANN Registrar Accreditation Agreement does not applies [sic] to the case as we do not own the domain on behalf of a third party, instead the owner of the domain has elected not to publicly disclose personal data using a service commonly known as Private Whois or Whois Privacy and Private Whois is not a person nor an identity. We also automatically forward your emails to the owner, so we can assume the domain owner is aware of the dispute as long as they are checking their email in a regular basis.‘

6.4 Further justification was offered by the Registrar in its submission filed in response to the Procedural Order. It contended the following:

(i) Whois privacy services were ‘admit[ed] and accept[ed]’ by ICANN under ‘the RDE document’.

(ii) That the rationale for the provision of the service was the prevention of spam. It accepted that if the underlying information was provided in the course of UDRP proceedings, this would not be used by the Panel for spamming purposes. However, it contends that:

‘communications between Panelist and Registrant are published and easily accessible in electronic format and that's where spamming activities could benefit from such a disclosure of confidential data.’

(iii) That the operation of the Policy is not frustrated by its service because all emails forwarded to it in relation to the Policy would be forwarded to the underlying registrant. The Privacy service operated by the Registrar involves the display in the publically available WhoIs details for the domain name of ‘rotating’ or changing email addresses. Recognising that this might cause communication difficulties and following the decision in Association Robert Mazars v. Private Whois Service, c/o mazarsrevenge.com, WIPO Case No. D2009-0183, the Registrar has adopted a procedure whereby on the notification of proceedings on the Policy the email address displayed in relation to the relevant domain names is ‘locked’.

(iv) That it did not know when the Respondent asked it to disclose its customer details, but that it ‘comes as no surprise that [it] didn’t provide such details as it would defeat the purpose of the Private WhoIs Service’.

(v) That it initially thought the fact that the proceedings had been directed against it was a ‘mistake’ (whether this is a reference to the fact that it was named as the Respondent in the proceedings or that a procedural order was directed to it qua registrar is unclear). It then proceeds to claim that the panelist in this case ‘probably just vented a little excessively his frustration about having to abide by the same rules and regulations as all the registrars’. It then went on to advise the Panel to:

‘focus on his mission instead of wasting time and energy on matters that are absolutely out of his scope and that anyway are irrelevant to the case. If the Panelist’s goal is to demonstrate that in fact Internet.bs Corp. is the domain’s legal owner or Registrant we can simply demonstrate he is absolutely wrong, as the domain was registered in 1998, years before our company was created. Furthermore we would have no problem admitting of being the owner of a domain if this were the case.’

(vi) Lastly, it excused the fact that it had not provided billing information in this case on the grounds that the Center had not asked for it. In particular, it referred to the wording of the Center's request which sought:

‘... full contact details (i.e., postal address(es), telephone number(s), facsimile number(s), e-mail address(es)) that are available in your WHOIS database for the domain name registrant, technical contact, administrative contact and billing contact, for the above domain name(s);‘ (Registrar’s emphasis).

6.5 The Panel is unconvinced by the explanations offered by the Registrar for its conduct in both this case and Association Robert Mazars v. Private Whois Service, c/o mazarsrevenge.com supra.

6.6 The Registrar’s primary purported justification for the offering of a WhoIs privacy service is the prevention of spam. However, the Registrar’s suggestion that this is a valid justification for non disclosure to UDRP provider in the course of proceeding under the Policy makes little sense. The Registrar contends that there is a problem because “communications between Panelist and Registrant are published”. What the Registrar means by this is unclear and perhaps here the Registrar is confused as to the respective functions of Panel and Center. But whichever is intended, the statement is logically confused and simply wrong as a matter of fact.

6.7 It is logically confused because at its heart what is important here is proper identification not of addresses per se but of the identity of the registrant. It is this identity that the Registrar is seeking to disguise and yet disclosure of that identity is not a source of spam.

6.8 It is also wrong as a matter of fact since neither the email information (or for that matter real world addresses) provided by a registrar either to the panel or the Center in proceedings will as a matter of course be published. As an examination of recent WIPO decisions will show, email addresses (and real world addresses) rarely appear in published decisions. In these rare cases where they do appear, this will normally be as a result of a positive decision by a panelist that the disclosure of this information is either necessary for the purposes of the decision or there is some other public interest in disclosure.

6.9 Next, it would appear that the Registrar has misunderstood the nature of the Procedural Order, and appears be proceeding on the misapprehension that the Panel was engaged in some general attack on the legality of WhoIs privacy services as a whole. This is not the case.

6.10 The issues surrounding the offering of WhoIs privacy services are complex and controversial. The Panel understands, for example, that in due course ICANN will at some point in the future be releasing an ‘RFP for a third WHOIS study area on Proxy and Privacy services’. For present purposes it is sufficient to record the fact that notwithstanding that these services are now de facto offered by a number of registrars, no express provision for them in the Registration Accreditation Agreement (‘RAA’) that governs the relationship between ICANN and registrars. At times the two are difficult to reconcile.

[...]

6.13 However, perhaps more immediately significant in the present case is the issue of the non-compliance of the Registrar with the requirement that it provide the Center with billing contact details for the underlying registrant. In the Panel’s assessment, a Registrar is obliged to provide these to the Center in compliance with paragraph 2(a)(i)(b) of the Rules (which directly binds the Registrar by reason of paragraph 3.8 of the RAA and paragraph 1 of the Policy). For the Registrar not to do so would seem to involve a breach of the Rules and, consequentially, the RAA.

6.14 Notwithstanding, the Registrar’s assertion that it is ‘operating in full compliance with ICANN policies and rules’, the Registrar does not appear substantively to contest this. Instead, its position seems to be that it cannot be blamed for not providing this information because the Center did not ask for it. It refers instead to the wording of the Center's verification request (set out above) which was said simply to request details of billing information in the WhoIs details for the Domain Name.

6.15 The Panel believes this to be an excessively narrow reading of the Center’s request. It is clear that the Center was making a request for details in the context of proceedings under the Policy. Paragraph 2(a)(i) of the Rules refers to information:

“(A) shown in the domain name’s registration data in Registrar’s WhoIs database for the registered domain-name holder, the technical contact, and the administrative contact and (B) supplied by Registrar to the Provider for the registration’s billing contact”

It is, therefore, quite clear that information in relation to the ‘registration’s billing contact’ is quite distinct from the information held in any publically available WhoIs database. This can and should have been provided to the Center to enable it to fulfill notification obligations vis à vis the underlying domain name holder.

6.16 The Registrar’s stance is also in marked contrast to the seemingly common practice of reputable registrars that operate a domain name ‘privacy service’ to disclose details of the underlying registrant to the Center in response to the Center’s verification request (see, for example, footnote 2 to the Association Robert Mazars decision supra).

6.17 From a practical perspective it is important that those who offer WhoIs privacy services operate in this way. A refusal by a registrar to disclose to a requesting Policy provider the underlying owner or holder of a domain name (and their contact details) hidden behind a ‘privacy service’ in proceedings under the Policy, involves a potential threat to the operational integrity of the Policy. Registrars who operates [sic] in this fashion potentially provide a tool that enable cybersquatters to conduct their activities in secrecy and to help them avoid the extent of their abusive activities becoming public; thereby depriving complainants, potential complainants and panels with information that is potentially highly relevant to the assessment of abusive behaviour. For a registrar to participate in facilitating or aiding these activities risks undermining the operation of the Policy. For the reasons already given, the Panel considers this to be contrary to the provisions of the Policy. It is undoubtedly contrary to its spirit.

6.18 The Registrar’s appeal to the terms of its contract with its customers is also circular and self serving. The Registrar presumably determines the contractual terms on which it offers its ‘privacy service’. Should the Registrar contractually bind itself in a way that threatens to frustrate the operation of the Policy, that provides no excuse for its conduct. If the requirement of disclosure causes the Registrar difficulty with its customers, then it has no one to blame for that difficulty but itself.

6.19 The Registrar’s actions in this case also have to be understood in the specific context of the facts of this dispute. As the Panel has already stated this is a clear cut case of cybersquatting. It is disappointing to the Panel that the Registrar has decided to take such a stance in this case on the issue of providing the identity and contact details of the holder of the disputed domain given that context.

6.20 In the circumstances, the Panel invites the Center to bring a copy of this decision to the attention of ICANN to take such investigation and action in relation to the Registrar as it considers appropriate.”

6.20 The Panel in the Four Seasons Hotels Limited case then went on to address the Registrar’s contention that the Panel in issuing a Procedural Order in this case and suggesting that it was appropriate to bring the Registrars conduct to the attention of ICANN was acting outside of the scope of its function and powers. The Panel concluded that there was ample authority and justification in the Rules and in previous cases for taking this step and cited nine other cases in which panels had decided to adopt that approach.

6.21 It would appear that notwithstanding the decision in Four Seasons case the Registrar’s position has not changed. This is sadly so notwithstanding the fact that, for the reasons given later on this decision, this is once again a case involving clear and obvious examples of cybersquatting.

6.22 However, there is another factor in this case which is particularly disturbing and which cannot be excused simply as a difference of views as to how a registrar should act in cases where “privacy services” are provided. That is the statement in response to the Center’s initial request for registrar verification. In particular, at that time the Registrar maintained that there were multiple registrants and although it would not disclose their identities, it expressed the “opinion” that separate proceedings should be commenced in relation to each Domain Name.

6.23 As has already been described, the Panel has reached the conclusion that this case can proceed on the assumption that there is a single underlying registrant. In part that conclusion is based on an assessment of what the position is on the balance of probabilities on the basis of the limited information and evidence before it. What exactly the Registrant knew about each registration is unclear, and perhaps there is information it has that was not before the Panel such that would make separate proceedings appropriate. However, there is a series of the Domain Names in this case, where it does not appear that there can be any serious argument that there is more than a single entity behind the registrations. These are the 17 State BCBS Domain Names. For these Domain Names, and for the reasons already explained, the evidence of single ownership and control is overwhelming.

6.24 That means that even though the Registrar must have prima facie known that at least the vast majority of the Domain Names in these proceedings were controlled by a single entity, it nevertheless attempted to persuade the Center that individual proceedings should be commenced in respect of each one. Of course, had the Complainant been persuaded by that “opinion” or required consequently to present separate cases, the consequences for the Complainant would have been significant. It would have necessitated 25 different sets of proceedings with all the costs and logistical difficulties that this involved, in circumstance where the Registrar likely prima facie knew that in the case of at least 17 Domain Names only one set of proceedings was required.

6.25 The inevitable and unpalatable conclusion for this Panel is that the Registrar deliberately and cynically wished to frustrate the practical operation of the UDRP. That it took that stance in a case of obvious wholesale cybersquatting is doubly disturbing.

6.26 In the circumstances, the Panel invites the Center to bring the Registrar’s actions in this case to the attention of ICANN for it to take such investigation and take such action as it considers appropriate in the circumstances.

C. Identical or Confusingly Similar

6.27 The Panel is persuaded by the Complainants’ argument that BCBSA is the owner of unregistered common law trade mark rights in the term “BCBS”. It notes that a similar conclusion was reached by the panel in of Blue Cross and Blue Shield Association (BCBSA) v. Domain Deluxe, WIPO Case No. D2005-0209. Where those rights are claimed is not expressly stated, but it is obvious that they are claimed in the United States and the Panel accepts that this is a jurisdiction in which such rights are recognised.

6.28 The BCBS Domain Names and the State BCBS Domain Names all incorporate the BCBS marks in their entirety. In those cases where the Domain Names comprise the letters “bcbs”, those additions do not so detract from the letters “bcbs” so as to prevent a finding of confusing similarity (for a further explanation as to what is meant by that term and why and in what circumstances a domain name that incorporates a mark in its entirety will be held to be confusingly similar to that mark, see Research in Motion Limited v. One Star Global LLC, WIPO Case No. D2009-0227). The Panel accepts that the State BCBS Domain Names can be most sensibly understood as the BCBS mark in combination with abbreviations for U.S. States. Further so far as the marks BCBS Domain Names are concerned, one is (if one disregards the “.net” top-level domain) identical to that mark. In the case of the other, there is merely the addition of the letter “m”.

6.29 In the case of the Bluecross Domain Names the Panel similarly finds that these Domain Names are confusingly similar to at least U.S. registered trade mark no 71536214. In the case of the BlueCross BlueShield Domain Names the Panel finds that these Domain Names are confusing similar to at least U.S. registered trade mark no 71536214 and U.S. registered trade mark no 73437189. The addition of references to the U.S. States and or the term “Empire” in these Domain Names again does not detract from the relevant marks so as to prevent a finding of confusing similarity.

6.30 Last, the Panel accepts that the Complainant Empire is the owner of U.S. unregistered common law trade mark rights in the term “Empire”. In the circumstances, the Panel concludes that the <empirebluecross.com> Domain Name is also confusingly similar to that mark.

6.31 In the circumstances the Panel holds that the Complainants have satisfied the requirements of paragraph 4(a)(i) of the Policy in relation to all of the Domain Names.

D. Rights or Legitimate Interests

6.32 It is clear in this case that all the Domain Names are being used for use with a “domain name parking” or “pay-per-click” services. It is possible for use of a domain name for a parking site with advertising revenue generating sponsored links to provide a legitimate interest within the meaning of paragraph 4(a)(ii) of the Policy. For example, if a registrant intends to profit from the descriptive nature of the word or words in the domain name without intending to take advantage of a third party’s rights and reputation in that term, then it may have a legitimate interest in the domain name (see Section 2.2 of the WIPO Overview of WIPO Panel Views on Selected UDRP Questions). On the other hand, if the owner of the domain name in question is using it with such a service in order to unfairly capitalise upon or otherwise take advantage of a similarity with another’s mark then such use would not provide the registrant with a right or legitimate interest in the domain name (see, for example, the decision of the three member panel in Express Scripts, Inc. v. Windgather Investments Ltd. / Mr. Cartwright, WIPO Case No. D2007-0267).

6.33 Essentially, therefore, in this case the assessment of rights or legitimate interests boils down to the question; is the Respondent using the Domain Names with the Complainants’ marks in mind and with a view to taking unfair advantage of the reputation of those marks?

6.34 This is a question that is addressed in greater detail when assessing the question of bad faith. For the reasons that are explained in greater detail under the heading of bad faith below, the Panel has reached the unequivocal conclusion that all the Domain Names have been both registered and used with a view to taking unfair advantage of the reputation of the Complainant‘s trade marks. In the circumstances, the Panel finds that the Respondent has no rights or legitimate interests in the Domain Names. Accordingly, the Complainants have made out the requirements of paragraph 4(a)(ii) of the Policy.

E. Registered and Used in Bad Faith

6.35 As the Panel has already stated, it seems clear that all the Domain Names have for some time been used in connection with a “pay-per-click” or “domain name parking” service. It is now well-known how these sorts of services operate. A domain name owner “parks” the domain name with a domain name parking service provider. The service provider then generates a page that incorporates sponsored links or links to sponsored links. When an Internet user clicks on these sponsored links, the entity sponsoring that link will make a payment. This “click-through revenue” is then ordinarily split between the domain name parking service provider and the owner of the domain name (see, for example, Owens Corning v. NA, WIPO Case No. D2007-1143).

6.36 The generation of revenue from domain name parking activities is not necessarily activity in bad faith. However, it is use in bad faith within the scope of paragraph 4(b)(iv) of the Policy where the registrant is using the domain name in this manner because of its similarity to a mark or name of another person in the hope and expectation that that similarity would lead to confusion on the part of Internet users and result in an increased number of Internet users being drawn to that domain name parking page (see, for example, Express Scripts, Inc., supra). The confusion that is usually relevant here is the confusion that draws the Internet user to the respondent's website in the first place (for example, confusion that leads an Internet user to type the domain name into his Internet browser). It does not matter that when the Internet user arrives at the pay-per-click site that it then becomes clear that the website is unconnected with the trade mark holder.

6.37 There is little doubt that all of the Domain Names have been used to take illegitimate advantage of confusion with the Complainants’ marks. There are a number of reasons for this. First, in some cases the Internet user appears to be diverted to a page operating under a different domain name that inherently has health services associations (for example “healthportals.com”). Second, in all cases the pay-per-click links appearing from the Domain Names are overwhelmingly insurance, and in many cases health insurance, related. In some cases Blue Cross and/or Blue Shield are expressly mentioned. No doubt the choice of the specific links appearing on the relevant pages (as is often the case with links on pay-per-click parking pages) were in large part chosen by the domain name service provider and/or the algorithm that it uses to select links. But it now seems clear that under the Policy a registrant is deemed to be responsible for and to have knowledge of such use (see, for example, Grundfos A/S v. Texas International Property Associates, WIPO Case No. D2007-1448 and Aubert International SAS and Aubert France SA v. Tucows.com Co., WIPO Case No. D2008-1986). Third, there is the nature of the Domain Names themselves. The Panel accepts that the most natural reading of them is as involving a reference to the Complainant BCBSA and in the case of the <empirebluecross.net> to the Complainant Empire.

6.38 Similarly, the Panel has no doubt in concluding that the Domain Names were all registered in bad faith, notwithstanding (a) that one of them appears to have been initially registered as long ago as the year 2000; (b) there is no evidence before the Panel as to how those Domain Names were used other than recently or (c) that due to transfers of the Domain Names to new registrants the question of bad faith registration can and should be considered from a date later than the date of first registration (as to which see paragraph 3.7 of the WIPO Overview of WIPO Panel Views on Selected UDRP Questions and paragraphs 6.19 to 6.23 of ehotel AG v. Network Technologies Polska Jasinski Lutoborski Sp.J., WIPO Case No. D2009-0785).

6.39 The reason for this is that in the absence of any evidence to the contrary, evidence of recent use is often the best available evidence as to registrant’s intentions at the date of registration. The Panel means by this not necessarily that this shows that in each case the registrant had pay-per-click parking use in mind (in many cases that might well have been in the case, but such services have only become prevalent in recent years), but instead that it evidences a more general intention to take unfair advantage of a confusing similarity with the Complainants’ marks. Further, once again there is the nature of the Domain Names themselves. This is a case where it is difficult to conceive of a legitimate purpose in registering the Domain Names without the authorisation of the Complainants (as to what is meant by “legitimate” in this context see Mr. Talus Taylor, Mrs. Anette Tison v. Vicent George Warning/Fayalobi Interaction Management, WIPO Case No. D2008-0455) and in the absence of any evidence or argument to the contrary, the Panel concludes that the Respondent had no such legitimate use in mind.

6.40 In the circumstances the Panel holds that the Complainants have made out the requirements of paragraph 4(a)(iii) of the Policy.

7. Decision

7.1 For all the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel orders that:

(i) the domain names, <bluecrossblueshieldmn.com>, <bluecrossblueshieldofgeorgia.com>, <bluecrossblueshieldofmichigan.com>, <bluecrossblueshieldoftexas.com>, <bluecrossofidaho.com>, <akbcbs.com>, <bcbsm.net>, <bcbs.net>, <cobcbs.com>, <ctbcbs.com>, <hibcbs.com>, <iabcbs.com>, <idbcbs.com>, <inbcbs.com>, <kybcbs.com>, <mebcbs.com>, <nebcbs.com>, <nmbcbs.com>, <nvbcbs.com>, <ohbcbs.com>, <pabcbs.com>, <sdbcbs.com>, <wabcbs.com> and <wibcbs.com> be transferred to the Blue Cross and Blue Shield Association.

(ii) the domain name <empirebluecross.com> be transferred to Empire HealthChoice Assurance, Inc.

7.2 Further the Panel invites the Center to bring the Registrar’s conduct in this case to the attention of ICANN for it to take such further investigation and take such actions as ICANN considers appropriate in all the circumstances.

Matthew S. Harris
Sole Panelist
Dated: December 1, 2010

ANNEX A TO DECISON D2010-1699

¹ See Four Seasons Hotels Limited v. Internet bs Corporation/Private Whois Service, WIPO Case No. D2009-1657 and the cases referred to in that decision.