Tag Archives: .de

After 21 Years, ICANN Going Back to Germany

For the first time in 21 years, ICANN will hold a public meeting in Germany in October 2020 the global domain name overseer announced at its public meeting in Panama last week.

DENIC, the .de ccTLD registry, and eco, the German Association of the Internet Industry will be joint hosts of ICANN’s 69th public meeting to be held in Hamburg from 17 to 22 October 2020. The previous meeting held in Germany was ICANN’s second, held in Berlin in May 1999.

Back in 1999, the meeting details available on the ICANN website reflect an organisation in the making with issues much different from facing it today, although some remain the same such as budgetary issues. Back then issues discussed were the development of many of the committees and groups that are either still in existence today or were in their infancy and have evolved into other bodies.

“After Berlin in 1999, this is the first time in 20 years that we have brought an ICANN conference to Germany,” says Oliver Süme, Chair of the Board of eco – Association of the Internet Industry. “With eco, DENIC, and the City of Hamburg, strong partners from industry and politics have joined to achieve this goal.”

“An open, free, and secure Internet is a strategic priority for DENIC. The commitment of the German Internet Community has been honoured with the decision to bring the ICANN meeting to Hamburg. This will offer a good opportunity to put the German and European perspectives to the table at an even broader level,” says DENIC Board Member Dr. Jörg Schweiger. DENIC operates Germany‘s top-level domain .DE, which currently – with close to 16.3m domains under management – is the second-largest country-targeted namespace on the Internet.

Alongside the country-targeted ones, there are also generic domain suffixes, including – on offer for several years now – ones with a clear regional focus. The City of Hamburg actively supported the registration of the new top-level domain .hamburg, so that, for example, the Hamburg police website can now be reached at www.polizei.hamburg.

The organisers expect around 2,500 to 3,500 attendees to participate in this conference from academia, the tech community, politics, industry, and civil society: “Hamburg is smart and innovative, and is therefore a suitable setting for such an important conference of the international Internet community,” says Hamburg’s Senator of Economic Affairs, Frank Horch.

The hosting partners had submitted their application to ICANN in November 2016, under the coordination of the Hamburg Convention Bureau.

DENIC Restricts Publicly Available Registrant Data Following GDPR Introduction

DENIC have introduced significant changes to the publicly available data available through Whois requests for .de domain names that will see registrant data drastically restricted and only available to law enforcement bodies as a result of the European Union’s General Data Protection Regulation (GDPR) that came into effect on 25 May.

The changes in data publicly available for the German country code top level domain (ccTLD) will see that next to the contact details of the domain name registrant, such as name, email and postal address, DENIC will only record two additional email addresses for contact purposes as well as the technical data of the domain name.

The two email addresses recorded in addition to the registrant data will be non-personalised. They will be under the registrar’s responsibility and will serve as points of contact for general and technical requests as well as for enquiries or notifications about a possible unlawful or improper use of the domain. Also, DENIC will continue to record such technical data, including name server or DNS key information, that is needed to establish the functionality of the domain.

In addition to the domain status data (“registered”/”unregistered”), as of 25 May, only the domain name’s technical data and the two email addresses for the specified contact purposes (General Request and Abuse) will be available via the Domain Query. Those data relating to the technical contact and zone administrator (Tech-C, Zone-C) as well as to the administrative contact (Admin-C) previously output here will no longer be recorded and consequently not displayed anymore.

DENIC will still provide registrant data where legally required to public authorities acting within the framework of their public powers (including law enforcement, hazard prevention or seizing orders). DENIC will also disclose registrant data, on the basis of case-by-case assessments and upon submission of evidence of a legitimate interest, to such parties who own a right to a name or trademark that may be violated by the domain, or to such claimants who have obtained an enforceable title against the domain registrant and seek judicial seizure of the registrant’s claims defined in the domain contract, under civil law. In all other cases, DENIC will provide no information on the registrant.

For evaluating the legitimate interest of enquiries and for the subsequent provision of the relevant data, DENIC will use both automated and non-automated processes.

DENIC’s amended policies as laid down in the DENIC Domain Terms and Conditions and DENIC Domain Guidelines are published on the DENIC website.

ICANN Finally Approves Temporary Specification To Comply With EU’s GDPR, With 7 Days To Spare

It was adopted on 14 April 2016 and after a 2-year transition period it becomes enforceable on 25 May 2018. Yet despite this timeframe, ICANN only approved a Temporary Specification for gTLD Registration Data to comply with the European Union’s General Data Protection Regulation on 17 May, with a draft published on 11 May. But it only gives registries and registrars 7 days to finalise and implement changes to their systems, or 14 days if they started when the draft was published. That is if they waited for ICANN’s snail-like process to take place.

The GDPR has been developed by the European Commission to give individuals more control over their data that businesses hold, including domain name Registries and Registrars. It also applies to businesses outside of the EU that hold data on citizens and residents of the EU. It’s impact is far-reaching and penalties for breaches are severe – fines of up to €20 million or up to 4% of the annual worldwide turnover, whichever is greater.

ICANN’s approval of a Temporary Specification [pdf] is the result of 12 months of consultation with the community and “is an important step towards bringing ICANN and its contracted parties into compliance with GDPR,” said ICANN’s Chair Cherine Chalaby. “While there are elements remaining to be finalised, the adoption of this Temporary Specification sets us on the right path to maintaining WHOIS in the public interest, while complying with GDPR before its 25 May enforcement deadline.”

One can’t help but feel it’s an extraordinary failure by ICANN and the community given the time they’ve had to develop a solution. The Temporary Specification will be revisited by the ICANN Board in 90 days, if required, to reaffirm its adoption. And whether the Temporary Specification meets European Commission’s requirements remains to be seen. In early April the EC’s Article 29 Data Protection Working Party wrote to ICANN [pdf] noting they weren’t satisfied with what ICANN had then proposed.

So what will happen on 25 May? Registry Operators and Registrars will still be required to collect all WHOIS information for generic top level domains (gTLDs). However, WHOIS queries will only receive “Thin” data in return, which includes only technical data sufficient to identify the sponsoring Registrar, status of the registration, and creation and expiration dates for each registration, but not personal data. For third parties with legitimate interests in gaining access to the non-public data held by the Registry Operator or Registrar, there are still ways to access that data. Queries can be made through the sponsoring Registrar and they are obligated to respond in a reasonable time. If a response is not received, ICANN will have a complaint mechanism available. If it is thought individual parties are not complying with their obligations under these temporary specifications or their agreements with ICANN, ICANN’s Contractual Compliance Department can be contacted to file a complaint.

The changes are not unlike those being implemented by several European country code top level domain (ccTLD) registries. And while quite a few Registries and Registrars will have been waiting (or rather sweating) on ICANN’s announcement this week, some decided they couldn’t wait and have been developing solutions on what they believed ICANN’s response would have been.

Within Europe, some ccTLDs, such as the Austrian registry nic.at have implemented a “thin” model for individuals registering domain names, but legal entities or businesses will continue to have “thick” WHOIS data published. Others such as DENIC, the German ccTLD registry, will only record the contact details of the domain name registrant, two additional email addresses as contact points for abuse reports and general and technical requests as well as the usual technical domain data, which is similar to the ICANN model.

Registrars are frustrated. One, the German EPAG, which is part of the Tucows group, spoke of their frustrations to Domain Pulse at the Domain Pulse conference (unrelated) in Munich in February.

“We wish that ICANN had started work on this a year ago,” said Ashley La Bolle, Managing Director of EPAG Domainservices GmbH. “Of course, we will try to accommodate changes, but in absence of new consensus policies, we have to develop solutions that we believe will ensure our own compliance with the law.”

“The domain industry has been really late to the game on GDPR implementation,” La Bolle went on to say. She noted how frustrating it was that the entire industry was slow to develop solutions and that solutions were only beginning to be finalised back then. The changes require significant resources to be thrown at implementing changes. In an industry that operates on razor-thin margins, it’s not an ideal situation.

“The GDPR requires contracts to be revised, additional staff training, and customer education. Our approach has been to change our systems and processes to handle as much of the impact of the GDPR as possible so that our customers can continue to use our services as they always have.”

It has also been claimed that the changes will be a boon for cybercriminals. While Krebs on Security admit that while “cybercriminals don’t use their real information in WHOIS registrations … ANY information they provide — and especially information that they re-use across multiple domains and cybercrime campaigns — is invaluable to both grouping cybercriminal operations and in ultimately identifying who’s responsible for these activities.” And while some cybercriminals do take advantage of privacy protection services, “based on countless investigations I have conducted using WHOIS to uncover cybercrime businesses and operators, I’d wager that cybercrooks more often do not use these services.”

Krebs also notes that while “it is true that the European privacy regulations as they relate to WHOIS records do not apply to businesses registering domain names … the domain registrar industry — … operates on razor-thin profit margins and which has long sought to be free from any WHOIS requirements or accountability whatsoever. Krebs believes they “won’t exactly be tripping over themselves to add more complexity to their WHOIS efforts just to make a distinction between businesses and individuals.”

“As a result, registrars simply won’t make that distinction because there is no mandate that they must. They’ll just adopt the same WHOIS data collection and display polices across the board, regardless of whether the WHOIS details for a given domain suggest that the registrant is a business or an individual.”

ICANN Announces DENIC eG as New ICANN-Designated Agent to Support Registrar Data Escrow Services

ICANN today (15 May) announced it has entered into an agreement with DENIC eG as an ICANN-designated agent to support Registrar Data Escrow (RDE) services on the ICANN organization’s behalf. DENIC eG is a not-for-profit cooperative headquartered in Frankfurt, Germany and is the operator of the ccTLD .DE.

ICANN selected DENIC through a competitive Request for Proposal initiated in August 2017, following requests from the registrar community to expand the RDE program, in part to meet regional challenges such as the European Union’s General Data Protection Regulation.

Background

The Registrar Data Escrow program is intended to protect registrants in the event of registrar failure or termination of a Registrar Accreditation Agreement (RAA). Ensuring the successful transfer of a domain name sponsorship aligns with the ICANN org’s objective to support a healthy, stable, and resilient unique identifier ecosystem and is consistent with its Mission and Bylaws (Section 1.1) that states, “ICANN coordinates the allocation and assignment of names in the root zone of the Domain Name System (DNS) and coordinates the development and implementation of policies concerning the registration of second-level domain names in generic top-level domains (gTLDs).”

The 2013 Registrar Accreditation Agreement requires registrars to deposit a copy of gTLD registration data with either the ICANN org or with an ICANN-approved RDE agent at its own expense. Since 2007, Iron Mountain has acted as the sole ICANN-designated RDE agent, which has accepted and processed the registrar escrow deposits on behalf of ICANN org. DENIC eG is the second ICANN-designated RDE agent available to registrars. Registrars may also utilize Third Party Providers approved by both ICANN and the registrar; for more information on the Registrar Data Escrow Program and other Third Party Providers see: https://www.icann.org/resources/pages/registrar-data-escrow-2015-12-01-en.

This ICANN announcement was sourced from:
https://www.icann.org/news/announcement-3-2018-05-15-en

DENIC Splits Non-Member Operations From Core .DE Registry

The German ccTLD registry DENIC is to split its non-member business areas from its core business of running the .de registry, the organisation announced last Friday. The change is happening because its non-member complementary business does not comply with its statutory Cooperative assignment – the management and operation of the .de top level domain. Continue reading DENIC Splits Non-Member Operations From Core .DE Registry

SIDN Signs Up For nic.at Anycast Network RcodeZero In More Industry Consolidation

The Dutch and Austrian ccTLD managers, SIDN and nic.at, have signed a cooperation agreement under which all domains managed by SIDN will additionally be hosted on the nic.at anycast network RcodeZero DNS. The agreement was announced by SIDN’s CEO Roelof Meijer and nic.at CEO Richard Wein on the sidelines of the ICANN meeting in San Juan, Puerto Rico.

“We are very happy and proud to offer our technical services to the third largest European ccTLD,” says Richard Wein, CEO of nic.at. The agreement covers the almost 6 million domains registered under .nl, .amsterdam, .aw and .politie and sees SIDN becoming the biggest customer of the RcodeZero TLD DNS network. A network which already hosts twelve different TLDs at thirteen highly available redundant locations all over the world.

Roelof Meijer, SIDN’s CEO, explains the reasons why they decided for RcodeZero DNS: “First of all, it was important for us to have a partner under EU jurisdiction and data protection law. Secondly, we were impressed by nic.at’s technical know-how and flexibility, as well as their readiness to develop their product further based on our needs.” In recent years, SIDN has constantly been improving and optimising its DNS infrastructure with anycast partners to guarantee the best possible availability of .nl domains.

RcodeZero DNS will soon be expanded with additional nodes in Australia and South America to provide better performance and lower latency for customers in those areas, too. However, RcodeZero DNS, had other attractions for a technician, as confirmed by Marc Groeneweg, Coordinator of DNS Ops Team at SIDN: “It’s important for us to have comprehensive statistics and real-time DNS traffic information to further analyse our infrastructure, as a basis for continued improvement of our infrastructure.“

The technical work of integrating all Dutch domains into the network has just been completed and the set-up is now ready for public production.

The agreement is a sign of further consolidation and expansion within the top level domain registry industry, using their experiences in areas such as security among others. In the security area, a big issue for business worldwide, the domain name business is one of the leading providers of online security solutions. Some registries, such as nic.at and SWITCH, the Swiss registry operator, also run CERTs.

Others, such as CIRA, the Canadian ccTLD manager, has been active in recent months signing agreements with Uniregistry, DNS.PT (Portugal’s .pt) and InternetNZ (New Zealand’s .nz) to provide global domain name system services. SIDN itself has acquired a controlling stake in Connectis, one of the Netherlands' leading suppliers of secure log-in solutions and redesigned SPIN, their open-source system for protecting the internet and end-users against insecure IoT devices in home networks. And DENIC, the German (.de) ccTLD manager, has been approved as an authorised New gTLD Data Escrow Agent to offer both to ICANN-accredited registrars and registries an escrow service which fully complies with the European legal framework.

Registries Aren’t Content Police, But Keeping Trust Is Reputationally Important: Domain Pulse

Registries universally said they’re not content police in a discussion on domain name take down processes involving legal counsels from the operators of 6 European registries, both generic and country code TLDs. However processes vary among the registries.

The discussion involved representatives from dotSaarland, DENIC (.de), SWITCH (.ch), SIDN (.nl), DNS Belgium (.be) and Nominet (.uk) at the Domain Pulse conference in Munich Friday, the annual event that rotates between Germany, Switzerland and Austria.

One registry that does make decisions on takedowns, or suspensions as they’re often called, and the content on the sites using the domain names, is SWITCH. Anna Kuhn explained how SWITCH was rather unusual in that they were both a registry and operated a national Computer Emergency Response Team (CERT), which gave them some additional expertise. However SWITCH still doesn’t make decisions on content, only on domain names involved in the hosting malware and phishing Combatting cybercrime, Kuhn explained, is one of the roles of the registry operator.

Volker Greimann from dotSaarland, the only new gTLD operator in the panel discussion, said .saarland is in a different position to the country code top level domain (ccTLD) registries as they have a direct contract with ICANN. Additionally, the Saarland regional government said they don’t want their new generic top level domain (new gTLD) to be a haven for crime. The gTLD for the German state has an anti-abuse rule in their terms and conditions that requires domain names to not ruin the reputation of the Saar region.

Horst explained the German registry's position of the German registry in this respect: “DENIC is not the right point of contact to which to turn when it comes to content. If DENIC were to evaluate content and delete, at its own discretion, domains through which websites with questionable content can be accessed, this would be equivalent to censorship. In a democracy based on the separation of powers, no one can seriously support law enforcement by the private sector. This philosophy of DENIC's is, by the way, also reflected by the unanimous opinion of the German courts.”

The courts, Horst explained, have always sided with DENIC’s view that they also aren’t in a position to judge on what is illegal content and that complaints should always go to the registrant if they can be contacted.

SIDN’s Maarten Simon said SIDN will never just take down a domain name and that contacting the registry should be a last resort. However Simon also noted .nl domain names are much more trusted by Dutch people than any other TLD. And that this trust is both in SIDN’s interest to protect so that internet users continue to want to visit sites using the Dutch ccTLD and businesses want to register .nl domain names. Building trust benefits SIDN’s bottom line as more .nl domain names are registered. For complaints regarding .nl domain names, there is an independent appeals board with a number of judges and professors with the expertise to deal with complaints.

Peter Vergote from DNS Belgium also noted how .be has nothing to do with judging content hosted using a .be domain name, so to get a domain name suspended a complaint has to give necessary evidence such as a court order to have a domain name taken down.

Vergote echoed Simon’s views on .nl in that DNS Belgium deeply cares about the quality of the .be zone and it’s their sincere duty to do what they can without taking unnecessary risks. While they are more active than in the past on dealing with complaints, they will never evaluate content on a website. This position has been backed by a court order from a Belgian court that states deciding illegal content is up to the courts and can’t be done by DNS Belgium. When it comes to phishing though, DNS Belgium treats this differently and will take action without a court order if they are advised from a competent body that a domain name is used for phishing.

But DNS Belgium will never take it upon themselves to suspend a domain name that’s suspected of being used for phishing because that’s a content evaluation. Additionally Vergote said a phisher is unlikely to put their correct identity in Whois. DNS Belgium suspends around a dozen domain names per month with complaints largely driven by government agencies and rarely from private individuals or organisations.

So what about the domain names that are required to be taken down, or suspended? For SIDN, Simon explained the procedure starts with a form to be completed on the SIDN website where the complainant explains why the domain name should be taken and what they’ve done to date to complain. If the complaint is clear cut SIDN will go to the registrar and get the domain name taken down. SIDN receives about 20 requests per year and take down one, maybe 2, each year out of the 5.8 million .nl registrations.

Nominet’s Wenban-Smith commented on the futility of removing or suspending a domain name because even if they do, the content still exists. Nominet doesn’t allow child abuse or content that promotes criminal activity on .uk domain names. But Nominet doesn’t make decisions on what is illegal content but does cooperate with those who can such as law enforcement. For those wishing to make complaints, Nominet doesn’t take requests from those outside the UK. In 2017 Wenban-Smith said Nominet suspended 16,000 .uk domain names in 2017.

Global Domain Registrations Climb Up, But .NET and New gTLDs Slide Down: Verisign

Global domain name registrations continue to rise, with approximately 332.4 million registrations at the end of 2017 across all top level domains, according to the latest Verisign Domain Name Industry Brief out today. The increase for the fourth quarter was approximately 1.7 million domain names, or 0.5%, from the third quarter and 3.1 million, or 0.9%, year over year.

Within this slight increase there are notable declines – that of .net which declined to 14.5 million at the end of December from 15.0 million at the end of the third quarter and 15.3 million at the end of 2016. Five years ago at the end of 2012 there were 14.9 million .net registrations.

There was also a decline in the total number of new generic top level domains (new gTLDs) registrations. Among the new gTLDs there were approximately 20.6 million registrations, or 6.2% of total registrations across all TLDs. This was a decrease of approximately 0.5 million registrations, or 2.4% for the quarter, and approximately 5.0 million registrations (19.5%) year over year. The top 10 ngTLDs represented 48.9% of all new gTLD registrations.

But of course there were increases. The big behemoth, .com, saw registrations rise to 131.9 million at the end of 2017 compared to 130.8 million 3 months earlier, 126.9 million 12 months ago and 106.2 million at the end of 2012.

Total country code top level domain (ccTLD) registrations were approximately 146.1 million, a 1.0% increase over the third quarter of 2017, and a 2.4% increase year over year. Registrations at the end of the third quarter of 2017 were 144.7 million, 142.7 million 12 months ago and 110.2 million 5 years ago when the 12 month growth rate for ccTLDs was 21.6% in 12 months.

Without including .tk, ccTLD registrations increased approximately 0.7 million in the fourth quarter of 2017, a 0.5% increase compared to the third quarter of 2017 and ccTLDs increased by approximately 2.3 million registrations, or 1.8%, year over year.

The top 10 ccTLDs as of 31 December were .cn (China), .tk (Tokelau), .de (Germany), .uk (United Kingdom), .ru (Russian Federation), .nl (Netherlands), .br (Brazil), .eu (European Union), .fr (France) and .au (Australia). As of the end of 2017, there were 302 global ccTLD extensions delegated in the root, including Internationalised Domain Names (IDNs), with the top 10 ccTLDs composing 65.5 percent of all ccTLD domain name registrations.

New .com and .net domain name registrations totalled 9.0 million during the fourth quarter of 2017 compared to 8.8 million for the fourth quarter in 2016 and 8.0 million 5 years earlier in 2012.

2018 Domain Pulse Motors Into View With Focus On Digital Future

The 2018 Domain Pulse conference is motoring into view and will be held at BMW World in Munich on 22 and 23 March. The annual conference this year is organised by DENIC, the German registry with a focus on the digital future as well as the state of the domain name industry. The conference rotates between Germany, Switzerland (SWITCH) and Austria (nic.at).

The free conference is a great way of getting to know the German-speaking domain name market with a few hundred people from registries, registrars and resellers, domain investors and a range of other participants from the domain name world. And fear not if you’re not a German speaker. Most, if not all, presentations in German are translated into English [this writer certainly hopes so!] and there are plenty of great opportunities to network and get to know the key players in the German, Swiss and Austrian domain name industries, including the usual evening event. Already around 250 people have registered.

The conference, as always, has a focus on presentations and panels dealing with domain names, but also covers a range of other topics. This year there will be a look at the future with presentations on the governance of the Internet of Things, a futurologist looking at “digital enlightenment”, smart mobility and connected driving, another on security, terrorism and fear and another on privacy and security in the digital space.

And of course, there will be presentations on domain names with one of the most important and interesting topical discussions likely to be on the upcoming European General Data Protection Regulation. The GDPR is intended to strengthen and unify data protection for individuals in the European Union. This has an impact on any business that stores personal information on European citizens and the domain name business.

And that’s just day one! Day 2 will kick off with a presentation from Wolfgang Kleinwächter who will look at internet governance in 2018. There will also be a panel discussion on the notice and takedown debate from a registry perspective involving representatives from dotSaarland, DENIC, SWITCH, SIDN, DNS Belgium and Nominet, a discussion on how to overcome registration growth slowdown and an update on what’s been happening in 2017 from the 3 co-hosts.

To register for the free 2018 Domain Pulse, check out the programme and nearby hotels, or even see who else is going, go to:
https://www.domainpulse.de/

E-Shops Selling Counterfeit Goods Often Use Re-Registered Brand Domains, European Study Finds

Companies letting their domain names expire are often finding e-shops are re-registering their domain names and using them to market trademark infringing, or counterfeit, goods. But there’s no correlation between the use of the domain name prior to the e-shop and what the e-shop sells.

The study by the European Union Intellectual Property Office (EUIPO) [pdf], through the European Observatory on Infringements of Intellectual Property Rights, was on online business models used to infringe intellectual property rights. The study found when domain names were available for re-registration the entities operating the e-shops would systematically re-register the domain names and shortly after set up e-shops marketing goods suspected of infringing upon the trademarks of others. It was a characteristic that the prior use of the domain names was completely unrelated to the goods being marketed on the suspected e-shops. There were examples of domain names previously used by politicians, foreign embassies, commercial businesses and many other domain name registrants.

The study was conducted in 2 phases. Phase one looked at .dk (Denmark) from October 2014 to October 2015. During this period 566 .dk domains were re-registered by suspected infringers of trademarks immediately after the domain names had been given up by their previous registrants and became available for re-registration. Phase 2 looked at Sweden, which as a Scandinavian country would be assumed comparable with Denmark, Germany and the United Kingdom, which have very well-developed and large e-commerce sectors, and a country with a large e-commerce sector in southern Europe, Spain.

Phase 2 found the same phenomenon previously documented in Denmark also occurs in the Swedish, German, British and Spanish ccTLDs.

According to the study, the “total number of detected e-shops suspected of infringing the trade marks of others using a domain name under the ccTLD” ranged from 2.9% in .de (Germany) to 9.5% in .se (Sweden) while the “total number of detected e-shops suspected of infringing the trade marks of others using a domain name under the ccTLD where the domain name had been previously used by another registrant” ranged from 71.1 % of suspected e-shops in .uk (United Kingdom) to 81.0% in .es (Spain). The average was 5.41% across all ccTLDs in the study and 75.35% respectively.

Based on the research, the researchers believe it must be considered likely that the same also occurs in other European countries with well-developed e-commerce sectors.

An analysis of the 27,970 e-shops in the study identified a number of patterns including shoes were the product category most affected, accounting for two-thirds (67.5%) of the suspected e-shops and then clothes, accounting for 20.6%, while 94.6% of the detected suspected e-shops used the same specific e-commerce software.

Additionally, 40.78 % of the detected suspected e-shops in Sweden and the United Kingdom were registered through the same registrar, 21.3 % of all the e-shops used the same name server and a quarter (25.9%) of the suspected e-shops had the hosting provider located in Turkey, 19.3 % in the Netherlands and 18.3 % in the United States.

Even if the domain name was previously used for the marketing of goods, the study found the current e-shops were marketing a different type of product at the time of analysis. The study examined 40 case studies that indicated the sole reason for re-registration of the domain names is to benefit from the popularity of the website that was previously identified by the domain name. The benefits would include search engine indexing, published reviews of services and/or products and links from other websites that have not yet taken the current use into consideration. The case studies used also indicate a high degree of affiliation between the e-shops is likely. The research seems to indicate that what on the surface seems like thousands of unrelated e-shops are likely to be one or a few businesses marketing trade mark infringing goods to European consumers.

The 140 page study is available for download from:
https://euipo.europa.eu/tunnel-web/secure/webdav/guest/document_library/observatory/documents/reports/Research_on_Online_Business_Models_Infringing_IP_Rights.pdf