Home / Industry

Domain Squatting Disputes: How WHOIS Lookup Tools Can Help

Reverse domain name hijacking (RDNH) can be considered a severe threat to any honest-to-goodness small business or your average website owner. It refers to the practice wherein trademark owners attempt to cease a long-time domain’s operation by filing a Uniform Domain-Name Dispute-Resolution Policy (UDRP) dispute to the Internet Corporation for Assigned Names and Numbers (ICANN). In some cases, these domains already existed even before someone else filed a trademark for them.

Unfortunately, RDNH claims aren’t necessarily valid or filed with reason. Gray areas concerning trademarks, common law rights, and rightful domain ownership are constant in most resolutions. However, WHOIS lookup tools can help respondents up their chances of retaining their domains.

The SteveJobs[.]com Case

In December 2019, The Steve Jobs Archive, LLC, a trust run by Steve Jobs’s widow, Laurene Powell Jobs, won the right to own the domain name SteveJobs[.]com. It was previously owned by a South Korean national who goes by the name Steve Jobs Kim for nearly two decades. He used the domain to offer consulting services and publish technology-related news.

The National Arbitration Forum (NAF) panel concluded that the name “Steve Jobs” obtained common law trademark protection before the domain was registered. The name, after all, has become synonymous with Apple, Inc. and its commercial activities. NAF also stated in its decision that the respondent might be misleading website visitors into thinking that it represents Steve Jobs and Apple to some degree.

Among the experts who went up in arms about the decision was domain and intellectual property rights lawyer Paul Keating. In a post, he argued that the respondent never used the domain in bad faith and has owned it for years. He also stressed that Steve Jobs never used his name to represent any Apple goods and services or never treated his name as a brand during his lifetime.

RDNH cases are known for being extremely tricky. In many instances, exceptions to UDRP and World Intellectual Property Organization (WIPO) restrictions are made to resolve disputes. As such, decisions are often subjective and possibly at the expense of the “little guy.” But are respondents utterly helpless in such a case?

How a WHOIS Lookup Tool Can Help

WHOIS lookup tools provide a means for cyber investigators and rightful domain owners to uncover ill motives from claimants and protect themselves from RDNH. Such tools allow them to look up available WHOIS records to reveal information associated with a domain. Below are some other uses of WHOIS lookup tools:

  1. Conducting background checks on domain owners: A WHOIS lookup tool can be used to run background checks on claimants in the event of disputes. It reveals an owner’s company and contact details that can be used to build a profile and prove the use of the domain in bad faith, for example.
  2. Validating potential business partners and acquirers: A study revealed that 59% of companies claim they suffered a breach due to a third party in 2018. Cyber risk assessors, business executives, and companies can rely on WHOIS API to perform due diligence on third-party vendors they plan to do business with or potential buyers of their organizations.
  3. Supporting cyber investigations: WHOIS lookup tools support e-discovery as well as digital forensics and incident response (DFIR) processes. Security researchers can use it for hunting down cybercriminals and gain an in-depth understanding of their infrastructure. They can also use it together with endpoint protection and detection tools to prevent malicious entities from interacting with their network.

Fighting Back RDNH with Strong Evidence

Going back to the SteveJobs[.]com case, Kim could have questioned (if he has not) the legitimacy of the trust’s claims by looking into its background. The trust is a relatively new company (it was incorporated in 2015), as records from a public database show.

Source: Opencorporates.com

Kim could have also pointed out that his domain has been up way before the foundation decided to use it. Here’s a snapshot of domain’s details which we’ve retrieved with the tool. As you can see, Kim’s domain was registered 16 years before the trust’s founding date.

Meanwhile, the company only obtained the trademark for “Steve Jobs” in South Korea in 2018. This only goes to show that it did not own the mark when the domain was created in 1999. The company also applied for the name and mark in several countries such as Mexico, China, Singapore, Canada, and Australia during the same year. Some of its applications are still pending.

Source: WIPO Global Brand Database

Additionally, Kim could have used WHOIS history records to provide further evidence of the disputed domain’s fair usage using a web archive capturing tool like Wayback Machine. He has, after all, consistently renewed its ownership and paid for its maintenance. Kim also did not attempt to hide any of his registration details, nameservers, and other pertinent WHOIS records, as most cybersquatters do.

Unfortunately for Kim, his appeals did not work. But while it’s easy to assume that respondents battling it out with a massive brand name or entity like Apple or Steve Jobs are destined to fail, that’s not always the case. In 2017, two brothers, Vincenzo and Giacomo Barbato, won the right to use the name “Steve Jobs” for their fashion line in the European Union. A simple WIPO search also reveals other trademark owners of the world-famous visionary’s name.

* * *

Protecting one’s brand marks on top of running a business is undeniably tough. WHOIS lookup tools like WHOIS API, along with other domain research and monitoring tools, can help you build your defense against unjust RDNH disputes as well as bolster your organization’s cybersecurity posture.

By WhoisXML API, A Domain Research, Whois, DNS, and Threat Intelligence API and Data Provider

Whois API, Inc. (WhoisXML API) is a big data and API company that provides domain research & monitoring, Whois, DNS, IP, and threat intelligence API, data and tools to a variety of industries.

Visit Page

Filed Under


Commenting is not available in this channel entry.
CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet




Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix


Sponsored byVerisign

Brand Protection

Sponsored byCSC