Home / Blogs

The Coding of Online Brand Protection

Moore’s law postulates that the number of transistors in an integrated circuit will double every two years. That law has given us smartphones and other devices with astonishingly diverse capabilities at ever lower costs. However, while it does not encompass online brand infringement, many trademark managers feel that their task is likewise expanding at exponential speed and imposing escalating costs.

Potential cybersquatting based in the more than one thousand new generic top level domains is only one new source of anxiety. While the jury is still out on the level of harmful cybersquatting and the efficacy of the new Rights Protection Mechanisms (RPMs) for new gTLDs, that ICANN program is hardly the only challenge. Online marketplaces, search engine results and app-based infringement are all rapidly growing concerns. Recently, the trademark counsel of one of the world’s most visited e-commerce websites confided to me that apps now constituted their largest new source of brand infringement. And the full costs of search engine-based pay-per-click (PPC) infringement are just beginning to be fully recognized.

Traditional service-based brand protection approaches are not well-configured to keep up with this rapid threat evolution. They generally rely on human impressions of a subset of suspect websites, rather than on metric-based analysis of the full scope of websites, apps, search results and online markets that can harbor infringement. Legacy methodologies don’t scale efficiently, both in terms of effective coverage and especially in terms of cost considerations. with even the largest corporations reluctant to employ them to address the full extent of significant online infringement challenges. And they are narrow and anecdotal rather than broad and holistic in approach, failing to provide the brand owner with a dynamic picture of the ever-shifting Internet environment.

Those deficiencies provide an opening for new providers offering metric-based pattern recognition approaches to uncovering not just obvious infringement at conspicuous websites but far more subtle but nonetheless significant infringement occurring throughout the online environment. Brand owners, and their marketing managers and legal counsel, are seeking to understand the broadened protection scope and potential cost efficiencies that can accompany a digitized approach to brand protection as a replacement for or supplement to legacy services. Brand protection software empowers the rights holder with data display, analysis and response prioritization tools not previously available.

Sophisticated domain investors and registrants—as well as app developers, e-commerce operators and search providers—with no intent to commit infringement should likewise understand how such software operates and the factors that may trigger brand owner concerns, so they can address them proactively to avoid unnecessary issues.

First Entrant

This article examines this new stage of brand protection evolution from the perspective of the first software offering in this field. That is BrandShield, the brainchild of its CEO, Yoav Keren, and his co-founders, Yuval Zantkeren and David Fridman. Keren received his BA in Physics and Economics from Tel Aviv University and his MBA from Northwestern University’s Kellogg School of Management. Deeply involved in the Internet infrastructure environment for a decade, Keren currently serves as a member of ICANN’s policymaking Generic Names Supporting Organization (GNSO) Council on behalf of its Registrar Stakeholder Group.

Keren was already aware of infringement issues through his position as CEO and Co-Founder of Domain the Net Technologies (DTNT), an ICANN-accredited registrar selling domains and related services to the public. As the new gTLD program underwent development he sensed that traditional brand protection services might be unable to efficiently scale into a vastly expanded gTLD space.

That insight triggered the development of a metric-based approach to brand protection. Bringing the product to market required three years of intensive software development, with the company’s proprietary software and algorithms protected by multiple patents.

Beyond Domain Names

In today’s online environment identifying domain names that are identical or confusingly similar to trademarks is necessary but insufficient. That legacy approach is similar to the parable about the person who lost his car keys at night searching beneath the street lamp, rather than where they were likely dropped, because that’s where the light was best. Such domains may not be engaged in any infringement activity that imposes economic costs on or harms a brand’s reputation. Meanwhile, websites with innocent domain names may constitute the virtual base for substantial infringement activity of a considerably more damaging nature.

BrandShield’s software shines a spotlight on formerly dark corners of the Internet. Infringement based in suspect domain names remains illuminated, but can be considered and prioritized in the context of broader information about ongoing brand infringement at seemingly innocent URLs, apps, search engines and online markets.

As Keren explains it:

To protect their brands, companies need to attack the problem by tracking infringement beyond the URL. An effective strategy now must include deep analysis that accounts for an infringing website’s content, rather than just a domain name match and an impression of the threat.

To address this challenge, the software incorporates deep content analysis that combines the collection of statistical data with keyword and semantic examination. This entails the following:

  • Analysis of website coding including Metatext and Metadata
  • Employment of natural language processing
  • Data structure mapping and analysis
  • SEO inspection
  • Search results analysis
  • Detection of brand-specific keywords
  • Website traffic information
  • Rating of website credibility using Alexa, Google and other sources

This process goes far beyond merely searching for suspicious domain names, with sophisticated software providing scope and cost-efficiency.

In addition to deep content analysis, the software also employs metric-based pattern recognition that collects and consolidates business intelligence data in real time to allow for contemporaneous identification of the most threatening sources of infringement. Additionally, activity-based monitoring employs interactive heuristics to find subterranean infringement that is undetectable to visual inspection. Heuristic machine learning technologies are also employed to provide the software with the capacity for continuous user feedback and customization, educating the algorithms and improving the results of subsequent scans.

Users can influence the customization process by inputting information related to:

  • Important keywords
  • List of the brand’s domain portfolio
  • Competitor websites
  • Countries in which the brand has business activities and contacts

The more supplementary information that is provided by the user, the more customized adjustments will be made to the scoring algorithms in order to provide the brand owner or manager with identification of infringement risks ranked by its own priorities.

As Keren puts it, “The more you teach the system, the better results you get.” He adds this thought, “Someone may register an infringing domain name, but there is nothing on the site, or there might be very little traffic to it. It’s important to know about these infringing domains and monitor them but they are not a top priority for takedown. At the same time, there may be hundreds of other websites with infringing content, significant traffic, high positions on search results and so on, making them a higher priority for enforcement action. The problem of brand infringement is much worse when it occurs in the content and metadata.”

The result of such a metrics-based approach is the production of intelligent prioritization lists that provide the brand owner with identification of the highest risks and compliance options, as well as an overall view of the evolving online environment impacting it. This allows for the monitoring of and responses to new infringement threats before they spin out of control.

Ongoing Software Evolution

Infringers are not static in their methodologies and neither can a software-based response be frozen in place. Since introduction of the basic software, BrandShield added new modules to combat infringement based in mobile apps and in pay-per-click (PPC) ads contained in search engine results. These additional capabilities are based in the reality that mobile app use increased by 115 percent in 2013 alone, and that Google serves up more than 5.6 billion paid search ad impressions every single day! And Google, while the largest in market share, is but one of multiple major search engines employed globally.

The mobile app module scans all major app stores for infringing apps, looking beyond identical or confusingly similar domain names to analyze app content, usage, reviews, developer data, and other attributes. It produces not just infringement identification but also threat prioritization.

The search engine PPC module particularly targets ads that employ a company’s trademarks to divert potential customers to other brands, as well as websites selling counterfeit goods or committing fraud. Through 24/7 continuous monitoring of paid search results it produces detailed abuse reports that include ad texts, target links and time-stamped screen shots categorized by search term, country and scan time. All of this documentation can become evidence in the legal context of subsequent arbitration or litigation enforcement actions. Such detailed history allows a brand to demonstrate, if challenged, that it was engaging in active policing of its trademark while limiting enforcement activities to the subset of infringers causing significant demonstrable harm.

Follow-up Action

Once online threats are identified and prioritized, action can be taken against the most serious infringement threats. Brandshield’s software can provide issuance of a cease-and-desist (C&D) notification through a module providing customizable letter templates as well as the automatic sending of C&D notices to multiple infringers. A rights holder may also elect to contact a web hosting provider, or a registrar when fraudulent activities are readily apparent or the registrant’s WHOIS information is incomplete or appears clearly inaccurate. Of course, the brand’s in-house or outside legal counsel should employ this capability judiciously, as overbroad utilization could have a negative impact on brand reputation—such as charges of being a “trademark bully” or reverse domain hijacker—and also constitute a waste of follow-up enforcement resources.

The same module that facilitates C&D actions can also help prepare complaints for ICANN dispute resolution processes. However, much of the infringement uncovered by new software technologies will not be susceptible to the filing of a UDRP or URS because those arbitration actions are geared to the rapid resolution of relatively simple fact questions involving domain names that are identical or confusingly similar to protected marks. Deep content analysis reveals complex and clandestine infringement that is not associated with suspect domain names, and the brand owner must therefore be prepared to follow up with appropriate trademark litigation against egregious offenders when a C&D letter fails to stop ongoing harm based in apps, search engines, or online markets.

The Waning of Defensive Domain Registrations?

One of the biggest complaints of major brands is the perpetual cost of maintaining a portfolio of hundreds or even thousands of defensive domain registrations—with a large percentage obtained through C&D;actions, UDRP filings, or trademark infringement litigation—with no intent to ever utilize them but simply for the purpose of keeping them “off the market”.

While BrandShield’s software provides a capability to facilitate anonymous acquisition of a domain that option is meant to be largely proactive—for the acquisition of domains that can be employed to extend a brand, and not for traditional defensive registration purposes.

Keren is adamant that large-scale defensive registrations were never very effective, and that they cannot continue as part of any cost-effective brand protection strategy in the new world of ever-expanding gTLDs:

Protective domain registrations have proved to be ineffective in protecting brands. It is like trying to capture the ocean with a five-gallon bucket. Brand abuse is more significant in websites that contain infringing content, that sell counterfeits, commit fraud and redirect to competitors. In many of these cases there is no infringement of any kind in the domain name. Even if there is, infringers can always register another variation of the brand as a domain name.

Now, with new gTLDs protective domain registration has become totally irrelevant. The cost of registering only the exact match of your trademark in all the new gTLDs, or even in only the relevant gTLDs, would be in the range of tens of thousands of dollars a year.

This doesn’t mean you do not need to register domain names any more, but the motivation should be more from a marketing perspective.

So far, the way that brand owners have dealt with the new gTLD program indicates that their thinking is changing along similar lines. New gTLDs that expected large numbers of defensive registrations by major brands have been mostly disappointed. That might have occurred if just a few dozen were entering the market, but with more than a thousand new strings coming online brand owners have realized that strategic alterations were required. Likewise, registrations in the new Trademark Clearinghouse (TMCH) have been substantially below expectations. One of the main advantages of a TMCH registration is the ability to engage in “sunrise” registrations of the registered mark at new gTLDs, but that has proven to be much less of an incentive than many had envisaged.

Surprisingly to some, the number of arbitration cases filed in regard to new gTLDs to date has been relatively small. While many clearly infringing domains have been registered, most of them are dark and thus are not presently engaged in the “bad faith use” required to bring a successful action. Where the elements to sustain an action are present, the traditional UDRP has been employed more than the new URS, notwithstanding its additional cost and time. Based upon anecdotal evidence, these UDRPs have largely involved domains that were an exact match for a company’s name or its brands, and the UDRP offers a means to obtain the transfer of that domain—while the URS remedy is suspension/non-resolution of the domain until the end of its registration term, when it becomes available for registration by the brand owner as well as any other third party.

ICANN has just established a discussion group to begin review of the first round of new gTLDs in preparation for the second; and staff has begun preparing detailed analyses of the new gTLD RPMs, with that document expected to be available by Spring 2015. Ultimately this process may lead to consideration of proposals to change the details of subsequent rounds of the gTLD program, including the RPMs, as well as to overall UDRP reform. There is also a strong possibility that the “second round” of new gTLDs may not be a round at all, in terms of having discrete opening and deadline dates for application submission, but simply a permanent opening of an application window under somewhat revised rules. But a second round, whether discrete or open-ended, appears unlikely to occur before 2017.

All those decisions are down the road, and right now brand owners must deal with the reality of more than a thousand new gTLDs up and running by the end of 2015.

Marketing Enhancement

BrandShield’s software can also inspect the websites of authorized partners to assure that their activities are in compliance with agreed upon standards relating to brand style, format and usage. While falling within the realm of contractual compliance rather than infringement enforcement, maintaining these standards is nonetheless important. Another proactive feature is the ability to monitor online activities relating to competitors’ brands so that Internet marketing efforts can be compared, and consideration can be given to whether available domains could be employed toward gaining an online advantage.

For brand marketers, the production of monthly updates on how their brand and key words are trending online can inform important decisions about marketing strategies, including those based in new gTLDs generally or a .brand gTLD specifically. As stated by one online marketing expert, “In the past, many have thought of trademark monitoring as something for lawyers.  But now, for digital marketers, tracking the use of your brand and competitors throughout the digital world is increasingly important and can help provide important data on what you can and should be doing with your gTLD, if you have one, as well as what new digital addresses you may want to acquire.”
Thus, in addition to infringement detection and prioritization, this type of software also provides tools for competition enhancement.

Developing Market Acceptance

While on the market for less than a year, BrandShield has already achieved substantial market penetration, with customers including major corporations and organizations. Cost-efficiency may be one reason, in addition to the broad and customizable software capabilities.

When utilized by a company’s employees and in-house trademark counsel, this new genus of software offers an affordable means for real-time monitoring of infringement activity and the making of intelligent, data-based decisions about what enforcement options and priorities are optimal at a given point in time. For outside counsel, the system offers a means by which clients may receive much better analysis of infringement challenges and advice regarding appropriate responses. And for the marketing department, new information can inform strategic planning for online campaigns.

An “Iron Dome” Technology

Keren’s analogizes BrandShield’s metrics-based approach to Israel’s well-known missile defense system. Elaborating, he explains, “You can think of it as an “Iron Dome” approach to brand protection. It monitors infringement threats from their inception, determines which will never reach their target and which can inflict real damage, and provides a variety of interception tools to take them out.”

Continuing, he made these observations about the future of brand protection in the third decade of the public Internet:

In this new era, the old ways of protecting your brand will not suffice. Ensuring your brand is safe can be impossible on your own. We believe only sophisticated technologies, such as ours, that adjust to the ongoing and vibrant change of the Internet, will be able to deal with the new brand protection and cyber security challenges.

Given the substantial profits available to online infringers and counterfeiters, the most sophisticated—aware that they can no longer hide in plain sight—will undoubtedly seek ways to evade this new metric-based brand protection approach.

Asked about that, Keren responds, “We believe we have the capacity to evolve as fast as the infringers do, and even to get ahead. In the end, we provide the cat and they are the mice.”

By Philip S. Corwin, Senior Director and Policy Counsel at Verisign

He also serves as Of Counsel to the IP-centric law firm of Greenberg & Lieberman. Views expressed in this article are solely his own.

Visit Page

Filed Under


Philip,Thanks for outlining the necessary elements for Alex Tajirian  –  Sep 14, 2014 5:16 PM


Thanks for outlining the necessary elements for a successful online brand protection mechanism. My brief comment focuses on the difficultly of a comprehensive solution and on who is best equipped to provide a solution.

A good starting point for the magnitude of the problem is looking at email spam, which goes unabated, albeit at a fraction of its potential damage, despite optimistic predictions by notable technologists. Online brand protection is much more complex but shares the cat-and-mouse solution progress.

The best providers of a technological solution are the major search engines, as they have a large chunk of the input data required, the most sophisticated statistical and algorithm models. Thus, the question is whether they have the necessary incentives. One can argue that cleaning up the mess will improve the quality of search results. Nevertheless, Google’s competitors have a huge incentive to claim that their algorithms better protect online brand owners and thus, search users and brand owners. However, the absence of such claims makes me believe that a comprehensive solution is much harder to come by.

Thus, although some start-ups, as you point out, are working on the problem, they are better off concentrating on technology niches and methodologies that the major search engines have not yet incorporated. This gives them a chance to be acquired instead of be leapfrogged.

Nevertheless, the analogy with Israel’s Iron Dome is misleading, as a number of reputable researchers have shown its technological limitations and others have pointed out its strategic failures.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Threat Intelligence

Sponsored byWhoisXML API


Sponsored byVerisign

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global


Sponsored byDNIB.com

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign