DECISION

John Dilks v. PRIVACY ADMINISTRATOR / ANONYMIZE, INC.

Claim Number: FA1506001623023
PARTIES
Complainant is John Dilks (Complainant), represented by John
Berryhill, Pennsylvania, USA. Respondent is PRIVACY
ADMINISTRATOR / ANONYMIZE, INC. (Respondent), USA.
REGISTRAR AND DISPUTED DOMAIN NAME
The domain name at issue is <eht.com>, registered with eNom, Inc.
PANEL
The undersigned certifies he has acted independently and impartially
and to the best of his knowledge has no known conflict in serving as
Panelist in this proceeding.
Houston Putnam Lowry, Chartered Arbitrator, as Panelist.
PROCEDURAL HISTORY
Complainant submitted a Complaint to the FORUM electronically on June
5, 2015; the FORUM received payment on June 5, 2015.
On June 5, 2015, eNom, Inc. confirmed by e-mail to the FORUM that the
<eht.com> domain name is registered with eNom, Inc. and that
Respondent is the current registrant of the name. eNom, Inc. has
verified that Respondent is bound by the eNom, Inc. registration
agreement and has thereby agreed to resolve domain disputes brought
by third parties in accordance with ICANNs Uniform Domain Name
Dispute Resolution Policy (the Policy).
On June 11, 2015, the FORUM served the Complaint and all Annexes,
including a Written Notice of the Complaint, setting a deadline of July 1,
2015 by which Respondent could file a Response to the Complaint, via
e-mail to all entities and persons listed on Respondents registration as
technical, administrative, and billing contacts, and to
postmaster@eht.com. Also on June 11, 2015, the Written Notice of the
Complaint, notifying Respondent of the e-mail addresses served and
the deadline for a Response, was transmitted to Respondent via post
and fax, to all entities and persons listed on Respondents registration
as technical, administrative and billing contacts.

Having received no response from Respondent, the FORUM transmitted

to the parties a Notification of Respondent Default.
On June 9, 2015, pursuant to Complainant's request to have the
dispute decided by a single-member Panel, the FORUM appointed
Houston Putnam Lowry, Chartered Arbitrator, as Panelist.
Having reviewed the communications records, the Administrative Panel
(the "Panel") finds that the FORUM has discharged its responsibility
under Paragraph 2(a) of the Rules for Uniform Domain Name Dispute
Resolution Policy (the "Rules") "to employ reasonably available means
calculated to achieve actual notice to Respondent" through submission
of Electronic and Written Notices, as defined in Rule 1 and Rule 2.
Therefore, the Panel may issue its decision based on the documents
submitted and in accordance with the ICANN Policy, ICANN Rules, the
FORUM'S Supplemental Rules and any rules and principles of law that
the Panel deems applicable, without the benefit of any response from
Respondent.
RELIEF SOUGHT
Complainant requests that the domain name be transferred from
Respondent to Complainant.
PARTIES' CONTENTIONS
A. Complainant
I. Introduction
This Proceeding concerns the phenomena of domain hi-jacking and domain
laundering, in which a domain name is stolen from a victim having longestablished goodwill in two common law marks related to the domain name
and then surreptitiously subjected to multiple registrar transfers in order to
frustrate attempts to rectify the original hi-jacking. In order to avoid
detection by the domain registrant, the nameservers of the site remain as
originally set, so that the domain name appears to operate normally and to
resolve to the correct web server. In this manner, the original domain
registrant does not realize the domain name has actually been transferred
away, until the domain name has been transferred multiple times. The
continued maintenance of the domain name to resolve to the original
registrant's site, is itself an indication of the goodwill manifest in the
original registrant's mark, and clear evidence of the hijacker's intentions.
II. Identical or Confusing Similarity
The Complainant, John Dilks has been operating a news, local directory and
local advertising site at the site corresponding to the disputed domain name

since at least as early as having originally registered the domain name in

1997, the original creation date shown in WHOIS. Beginning in late 1999,
the Complainant began using the mark "It's your EHT.COMmunity".
As can be seen therein, Complainant's site relates to news of upcoming
events, a directory of local information, and links to local advertisers in the
area of Egg Harbor Township, New Jersey. The Complainant continued use
of the "It's your EHT.COMmunity" banner through mid-2002 in the same
form. The re-design was completed that month, and the design of the site
was updated as of August 2002. The re-designed site included a header
[redacted].
The header banner, comparable to a newspaper masthead to distinctively
identify the Complainant's news, directory and advertising site, continued
the previous use of the "It's your EHT.COMmmunity" mark, and added a
stylized presentation of "eht.com" as prominent marks, which the
Complainant continued to use, and still uses, to distinguish the
Complainant's site.
The current print-out is included, because it is believed likely that upon
being notified of this Proceeding, the Respondent will cease resolution of
the domain name to the Complainant's site - knowing that the subterfuge
has been detected. If not, however, the Panel may determine by the time
of appointment whether the Respondent has done so. It may seem unusual
that the Complainant is seeking transfer of a domain name that still
resolves to the Complainant's own site. That insidious aspect of the
underlying hi-jacking and multiple registrar transfers will be explained
further below.
As shown herein, the Complainant has continuously used the "It's your
EHT.COMmmunity" mark since at least as early as 1999 through the
present day, standing alone and as incorporated into the masthead. The
capitalized "EHT.COM" incorporated into that mark prominently emphasizes
"EHT.COM". Likewise, it's continuous use since 1999 has associated the
mark with the Complainant's website corresponding to the eht.com domain
name. Likewise, the Complainant's stylized and prominent use of
"eht.com" in the masthead since at least as early 2002 functions as a mark
signifying the Complainant's publication, alone or in prominent placement
in the masthead, beyond mere use of the eht.com domain name as an
address identifier. Furthermore, as shown in historical print-outs of the
corresponding website, the Complainant has consistently provided express
notice of its claim to "eht.com" and variations thereof as its mark.
The domain name here at issue - eht.com - constitutes the prominent
features of both the Complainant's "It's your EHT.COMmmunity" slogan, and

the stylized "eht.com" central logo to the masthead (as the entirety of the
textual component thereof). There is no question that the domain name is
confusingly similar to both marks, as the domain name is the reason why
"EHT.COM" figures prominently in them.
Based on the Complainant's longstanding use, for more than a decade of
exclusive publication of news, local directory information and advertising,
of "It's your EHT.COMmmunity" and "eht.com" marks; the Complainant
submits that domain name eht.com is confusingly similar with trade or
service marks in which the Complainant has rights.
III. Legitimate Rights Or Interests
The second criterion of the Policy requires a showing of lack of legitimate
rights or interests in the domain name by the Respondent. As noted above,
the only use of the domain name made by the Respondent has been to
continue to maintain resolution of the domain name to the Complainant's
site. Accordingly, this continued maintenance of the domain name to
resolve to the Complainant's content is effectively an admission by the
Respondent that any rights or interests in use of the domain name belong to
the Complainant. The sole reason the Respondent, and possibly others
acting in concert, have maintained this use of the domain name is to
deceive the Complainant and avoid, for as long as possible, the
Complainant's detection that the domain name had, in fact, been stolen
from the Complainant in the first place.
The Respondent cannot have legitimate interests in a domain name
acquired by theft, nor can the Respondent claim that its use of the domain
name to continue to resolve to the Complainant's website operates to
confer any sort of right or interest to the Respondent. This species of theft
was described in:
HandHeld Entertainment and Kieran O'Neil v. WhoisGuard
a/k/a WhoisGuard Protected
NAF Claim Number: FA0706001008008
http://www.adrforum.com/domaindecisions/1008008.htm
As indicated above, Respondent has hijacked the disputed
domain name and has subsequently attempted to pass
itself off as Complainant by resolving the disputed domain
name to Complainants own website. The Panel finds that
Respondents use is neither a bona fide offering of goods or
services pursuant to Policy 4(c)(i) nor a legitimate noncommercial
or fair use pursuant to Policy 4(c)(iii). See Crow v. LOVEARTH.net,

FA 203208 (Nat. Arb. Forum Nov. 28, 2003) (It is neither a bona
fide offerings [sic] of goods or services, nor an example of a
legitimate noncommercial or fair use under Policy 4(c)(i) & (iii)
when the holder of a domain name, confusingly similar to a
registered mark, attempts to profit by passing itself off as
Complainant . . . .); see also American Intl Group, Inc. v. Busby, FA
156251 (Nat. Arb. Forum May 30, 2003) (finding that the
respondent attempts to pass itself off as the complainant online,
which is blatant unauthorized use of the complainants mark and is
evidence that the respondent has no rights or legitimate interests
in the disputed domain name). [Emphasis Added]
Or as more succinctly stated in CIN - Corporao Industrial do Norte, S.A.
v. Huhan, Yuming Zhong, WIPO Case No. D2014-1865, "Having
misappropriated the disputed domain name, the Respondent would have
a very difficult time establishing any rights or legitimate interests."
The sequence by which the domain name was stolen from the
Complainant is shown in the sequence of historical WHOIS records
attached as Exhibit E. For the Panel's reference, the WHOIS records have
a header indicating "record date", which is the date of the capture, and a
"last updated date", indicating the most recent change to the WHOIS
data.
Starting at October 2013, the domain name is shown to be registered to
the Complainant, as it had been since its creation in 1997. Then, as of
an update in December 2013, the domain name is moved from Tucows
to an obscure registrar called "GRANSY S.R.O D/B/A SUBREG.CZ" and
registered to "Whois Protection" with an address in the Czech Republic.
The nameservers for the domain name are maintained as
"bluedomino.net" in order to keep the domain name resolving to the
Complainant's website.
The manner in which such a change is carried out is typically by
compromise of the domain registrant's administrative email address.
ICANN policy perversely requires two things: (1) that all communications
from the administrative email address be treated as authoritative by the
registrar, and (2) that the administrative email address must be
published in WHOIS accessible by anyone. On top of that, ICANN policy
requires domain registrants to periodically confirm their domain
registrations by clicking on a link within an email from the registrar.
Accordingly, all that is required to steal a domain name is to compromise
the administrative email address by various common methods - the most
common method among several being to fake the ICANN-required

registrar email, and then have that "confirmation click" lead the
registrant to a site operated by the criminal mimicking the registrar site,
at which the registrant provides their login details to the criminal. From
there, the thief has full control of the domain name, can change the
administrative email, obtain a transfer authorization code, and take the
domain name to a registrar in a difficult to reach jurisdiction. Because
there are sometimes methods by which a single unauthorized transfer
can be reversed, the criminal then proceeds to engage in multiple
registrar transfers, so that the ICANN Transfer Dispute Policy, and its
focus on a single transfer, becomes ineffective to recover the domain
name. Because registrars impose a 60 day restriction on transfers of
recently-transferred domain names, the trick is to move the domain to
successive registrars in 60 day intervals, while maintaining the same
nameservers to resolve to the original webserver, so that the domain
registrant does not notice the registrar transfers, because the site
continues to operate normally.
Proceeding through Exhibit E, the thief then proceeded to launder the
domain name through multiple further transfers. In March 2014, the
domain name was moved to Chinese registrar Onlinenic and registered
to a "Domain ID Shield Service CO., Limited" with an address in Hong
Kong. However, due to a rash of hijackings involving Onlinenic in the
course of 2014, and an ensuing investigation, the thief decided to move
the domain name to yet another registrar in September 2014. As can be
seen therein, the domain name was moved to, and now resides at,
Enom.com and registered to the Respondent, which is yet another
privacy service.
All the while, the Complainant continued to use its webhosting service,
as the domain name continued to resolve to the correct servers, and the
Complainant was none the wiser until recently.
Accordingly, the circumstances here are identical to those described in
HandHeld Entertainment cited above - the Respondent can have no
legitimate interest in having stolen the domain name, or having received
a stolen domain name from a first thief, while maintaining resolution of
the domain name to the victim's site, the Complainant here, in an
obvious subterfuge designed to delay detection.
IV. Bad Faith
The circumstances constituting bad faith registration and use of the
domain name are obvious and apparent. The domain name was
"registered" by stealing it, and then passing it through three registrars.
Quite possibly this chain of transfers involved multiple parties

concealing their identities by use of a series of privacy registration

services. Likewise, bad faith use is readily apparent by the stillmaintained subterfuge of resolving the domain name to the
Complainant's website, in order to delay detection past a point of
practical recovery methods.
In the event the current Respondent appears with a claim to have
"purchased" the domain name from an intermediate party, as some sort
of bona fide purchaser without notice, such claim would not explain why
the Respondent had purchased the domain name but has maintained
resolution of the domain name to the Complainant's website prominently still featuring the Complainant's "It's your
EHT.COMmmunity" and "eht.com" masthead - since the most recent
transfer of the domain name back in September 2014. There is no
credible explanation as to why one would purchase a domain name for
the apparent purpose of resolving it to a website with which one has no
association, but which is still the site of the Complainant from whom the
domain name was stolen. Additionally, it is certainly the case that the
Respondent could not have obtained good title from a thief through some
chain of laundering transactions.

Accordingly, it is manifestly clear in the manner that the domain

name has been registered and used that it has been done so in
bad faith, for the purpose of delaying notice of the theft of the
domain name in the hope of fobbing off a valuable three-letter
name to a naive purchaser at some future time.
B. Respondent
Respondent failed to submit a Response in this proceeding.
FINDINGS
(1)the domain name registered by Respondent is identical or
confusingly similar to a trademark or service mark in which
Complainant has rights; and
(2)Respondent has no rights or legitimate interests in respect of the
domain name; and
(3)the domain name has been registered and is being used in bad
faith.
DISCUSSION
Paragraph 15(a) of the Rules instructs this Panel to "decide a complaint
on the basis of the statements and documents submitted in
accordance with the Policy, these Rules and any rules and principles of
law that it deems applicable."

Paragraph 4(a) of the Policy requires Complainant prove the following

three elements to obtain an order cancelling or transferring a domain
name:
(1)the domain name registered by Respondent is identical or
confusingly similar to a trademark or service mark in which
Complainant has rights; and
(2)Respondent has no rights or legitimate interests in respect of the
domain name; and
(3)the domain name has been registered and is being used in bad
faith.
In view of Respondent's failure to submit a response, the Panel shall
decide this administrative proceeding on the basis of Complainant's
undisputed representations pursuant to paragraphs 5(e), 14(a) and
15(a) of the Rules and draw such inferences it considers appropriate
pursuant to paragraph 14(b) of the Rules. The Panel is entitled to
accept all reasonable allegations and inferences set forth in the
Complaint as true unless the evidence is clearly contradictory. See
Vertical Solutions Mgmt., Inc. v. webnet-marketing, inc., FA 95095 (Nat.
Arb. Forum July 31, 2000) (holding that the respondents failure to
respond allows all reasonable inferences of fact in the allegations of
the complaint to be deemed true); see also Talk City, Inc. v. Robertson,
D2000-0009 (WIPO Feb. 29, 2000) (In the absence of a response, it is
appropriate to accept as true all allegations of the Complaint.).
Identical and/or Confusingly Similar
Complainant claims unregistered common law trademark rights in Its your
EHT.COMmmunity and EHT.COM marks dating back to at least 1999. The
marks are used on or in connection with the operation of a news, local
directory, and local advertising website by Complainant. Registration with a
governmental authority or entity is not necessary to obtain rights in a
trademark under the UDRP. See Winterson v. Hogarth, D2000-0235 (WIPO
May 22, 2000) (finding that the Policy does not require that a complainants
trademark be registered by a government authority or agency in order for
the complainant to establish rights in the mark).
To acquire common law trademark rights, a complainant must show their
trademark(s) has acquired a secondary meaning. See Bond & Co. Jewelers,
Inc. v. Tex. Intl Prop. Assocs., FA 937650 (Nat. Arb. Forum Apr. 30, 2007)
(requiring complainant to establish secondary meaning before award said
complainant with common law trademark rights under the UDRP). Relevant
evidence of secondary meaning includes length and amount of sales under
the mark, the nature and extent of advertising, consumer surveys and media

recognition . . . (see Gourmet Depot v. DI S.A., FA 1378760 (Nat. Arb. Forum

June 21, 2011)), or, in some case, continuous use of the mark (see Assn of
Tex. Profl Educators, Inc. v. Salvia Corp., FA 685104 (Nat. Arb. Forum May
31, 2006) (holding that the complainant had demonstrated common law
rights in the ATPE mark through continuous use of the mark in connection
with educational services for over twenty-five years)). When determining
whether a complainant has established a secondary meaning, the most
important inquiry is to whether the relevant consuming public associates the
mark with the source of the goods or services on which the mark is used.
See AOL LLC v. DiMarco, FA 1275978 (Nat. Arb. Forum Sept. 9, 2009)
(Secondary meaning is acquired when in the minds of the public, the
primary significance of a product feature . . . is to identify the source of the
product rather than the product itself.). Complainant has provided a copy
of its website, which displays both marks and purports an update date of
October 6, 1999. This Panel finds this sufficient to establish secondary
meaning. Based upon this uncontroverted evidence, Complainant has
common law trademark rights for purposes of Policy 4(a)(i).
Complainant claims the <eht.com> domain name is confusingly similar to
the Its your EHT.COMmmunity and EHT.COM marks. The domain name
contains Complainants entire EHT.COM mark, and also the dominant portion
of the Its your EHT.COMmmunity mark, along with the gTLD .com. As a
general rule, a gTLD can never adequately distinguish a domain name from
the mark at issue because domain name syntax requires a TLD. See Trip
Network Inc. v. Alviera, FA 914943 (Nat. Arb. Forum Mar. 27, 2007)
(concluding that the affixation of a gTLD to a domain name is irrelevant to a
Policy 4(a)(i) analysis). The disputed domain name is confusingly similar to
the EHT.COM mark. This disputed domain name is generally confusingly
similar where the respondent includes the dominant portion of the mark in
the domain name at issue. See Quixtar Inv., Inc. v. Smithberger, D2000-0138
(WIPO Apr. 19, 2000) (finding that because the domain name <quixtar-signup.com> incorporates in its entirety the complainants distinctive mark,
QUIXTAR, the domain name is confusingly similar). This Panel finds the
disputed domain name is confusingly similar to the Its your
EHT.COMmmunity mark according to Policy 4(a)(i).
The Panel finds Policy 4(a)(i) satisfied.
Rights or Legitimate Interests
Complainant must first make a prima facie case Respondent lacks rights and
legitimate interests in the disputed domain name under Policy 4(a)(ii).
Then the burden shifts to Respondent to show it has rights or legitimate
interests. See Hanna-Barbera Prods., Inc. v. Entmt Commentaries, FA
741828 (Nat. Arb. Forum Aug. 18, 2006) (holding that the complainant must
first make a prima facie case that the respondent lacks rights and legitimate

interests in the disputed domain name under UDRP 4(a)(ii) before the
burden shifts to the respondent to show that it does have rights or legitimate
interests in a domain name); see also AOL LLC v. Gerberg, FA 780200 (Nat.
Arb. Forum Sept. 25, 2006) (Complainant must first make a prima facie
showing that Respondent does not have rights or legitimate interest in the
subject domain names, which burden is light. If Complainant satisfies its
burden, then the burden shifts to Respondent to show that it does have
rights or legitimate interests in the subject domain names.).
Complainant claims Respondent is not commonly known as the disputed
domain name, nor does Respondent have licensing rights that would allow it
to use Complainants marks in domain names. PRIVACY ADMINISTRATOR is
listed as the registrant of record for the disputed domain name. The record
is devoid of any evidence to indicate Respondent is either commonly known
as the disputed domain name or in possession of licensing rights. Where
such a lack of evidence exists, Respondent cannot have rights or legitimate
interests under Policy 4(c)(ii). See M. Shanken Commcns v.
WORLDTRAVELERSONLINE.COM, FA 740335 (Nat. Arb. Forum Aug. 3, 2006)
(finding that the respondent was not commonly known by the
<cigaraficionada.com> domain name under Policy 4(c)(ii) based on the
WHOIS information and other evidence in the record).
Complainant claims Respondents use of the disputed domain name fails to
consist of a bona fide offering of goods or services or a legitimate
noncommercial or fair use. Complainant was formerly the registrant and
owner of the disputed domain name, but Respondent illegally hijacked the
domain name. This clearly is not (i) a bona fide offering of goods or services
or (ii) a legitimate noncommercial or fair use. Keeping the nameservers the
same to conceal the hijacking is also not a bona fide offering of goods or
services or a legitimate noncommercial or fair use. It is further evidence to
buttress the claim of bad faith by concealing the hijacking. Respondent
continues to transfer the domain name to different registrars in an effort to
conceal Respondents true identity and to prevent recovery of the domain
name. Where a respondent has hijacked the complainants domain name
and used it to resolve to the complainants own website, prior panels have
found that the respondent was attempting to pass itself off as the
complainant, and subsequently declined to award the respondent rights
under Policy 4(c)(i) or Policy 4(c)(iii). See HandHeld Entertainment and
Kieran ONeil v. WhoisGuard a/k/a/ WhoisGuard Protected, FA
0706001008008 (Respondent has hijacked the disputed domain name and
has subsequently attempted to pass itself off as Complainant by resolving
the disputed domain name to Complainants own website. The Panel finds
that Respondents use is neither a bona fide offering of goods or services
pursuant to Policy 4(c)(i) nor a legitimate noncommercial or fair use
pursuant to Policy 4(c)(iii).). This Panel finds Respondent is not making a

bona fide offering or a legitimate noncommercial or fair use of the domain

name.
Respondent registered the domain name using a privacy service. This
means Respondent has not publicly associated itself with the domain name.
This means Respondent cannot have acquired any rights to the domain
name (or a similar trademark) merely by registering the domain name.
The Panel finds Policy 4(a)(ii) satisfied.
Registration and Use in Bad Faith
While Complainant does not make contentions that neatly fall within the
articulated provisions of Policy 4(b), these provisions are meant to be
merely illustrative of bad faith. Respondents bad faith may be demonstrated
under the totality of the circumstances. See Digi Intl Inc. v. DDI Sys., FA
124506 (Nat. Arb. Forum Oct. 24, 2002) (determining that Policy 4(b) sets
forth certain circumstances, without limitation, that shall be evidence of
registration and use of a domain name in bad faith); Twentieth Century Fox
Film Corp. v. Risser, FA 93761 (Nat. Arb. Forum May 18, 2000) (The
requirement in the ICANN Policy that a complainant prove that domain
names are being used in bad faith does not require that it prove in every
instance that a respondent is taking positive action. Use in bad faith can be
inferred from the totality of the circumstances even when the registrant has
done nothing more than register the names.).
Complainant claims Respondent has displayed bad faith registration and use.
Respondent has illegally hijacked the domain name and listed itself as the
registrant, rather than Complainant. Respondent continues to transfer the
domain name to different registrars in an effort to conceal Respondents true
identity and to prevent easy recovery of the domain name. In an effort to
conceal the hijacking, the disputed domain name has resolved to
Complainants own website at all times. Where the complainant was the
former owner of the domain name, this raises a rebuttable presumption of
bad faith registration and use even when the domain name still resolves to
Complainants web site. See InTest Corp. v. Servicepoint, FA 95291 (Nat. Arb.
Forum Aug. 30, 2000) (Where the domain name has been previously used
by the Complainant, subsequent registration of the domain name by anyone
else indicates bad faith, absent evidence to the contrary.); see also Verizon
Trademark Servs. LLC v. Boyiko, FA 1382148 (Nat. Arb. Forum May 12, 2011)
(The Panel finds that Respondents registration and use of the confusingly
similar disputed domain name, even where it resolves to Complainants own
site, is still registration and use in bad faith pursuant to Policy 4(a)(iii).).
Respondents actions constitute find bad faith under Policy 4(a)(iii).

Respondent registered the domain name using a privacy service. In the

commercial context, this raises a rebuttable presumption of bad faith
registration and use. Respondent has done nothing to rebut this
presumption. For this reason alone, the Panel will find bad faith registration
and use.
Frankly, this Panel has never seen this set of facts before. Respondents
hijacking of a domain name in this manner should constitute per se bad faith
registration and use of the domain name, even if the nameservers remain
the same. The Panel cannot conceive how such actions would ever
constitute anything but bad faith. Domain name owners should be vigilant to
avoid such hijackings in the future.
The Panel finds Policy 4(a)(iii) satisfied.
DECISION
Having established all three elements required under the ICANN Policy,
the Panel concludes relief shall be GRANTED.
Accordingly, it is Ordered the <eht.com> domain name be
TRANSFERRED from Respondent to Complainant.

Houston Putnam Lowry, Chartered Arbitrator, Panelist

Dated: Friday, July 10, 2015