Guidelines to handle trademark infringement incidents

IRM author: CERT SG / Jean-Philippe Teissier
IRM version: 1.1

Preparation

1

Objective: Establish contacts, define procedures, gather information to save time during an incident.

  • Maintain a list of all legitimate trademarks belonging to your company and its subsidiaries. This will help in assessing the situation at hand and prevent you from starting an infringement procedure on an outdated trademark, an unrelated legitimate website or social network account.
  • Establish a thorough, evidence-based information list related to your trademarks to support your legal rights:
    • Name(s), legitimate domain names and social media accounts used by your company and its subsidiaries;
    • Your trademarked words, symbols, taglines, graphics…
    • Trademark registration numbers if applicable;
    • International and federal/local trademark registration offices (USPTO, INPI, etc.) where registered trademarks have been labelled as such if applicable;
    • Any other document establishing clearly that a trademark belongs to your company.
  • Prepare trademark infringement e-mail forms. You will use them for every trademark infringement case, if possible in several languages. This will help speed up things when trying to reach out the registrar, service provider and any other relevant party during the procedure.
  • Promote a central domain management system using normalized WHOIS fields.
  • Promote an ethical online advertisement to avoid appearing in parked domain names.

Internal contacts

  • Maintain a list of all people involved in trademark registration in the company especially those part of the legal and PR departments.
  • Maintain a list of all people accredited to take decisions on trademarks and eventual actions regarding trademark infringement. If possible, obtain a written agreement that gives you the ability to take this kind of decisions.

External contacts

  • Establish and maintain a list of external contacts within registrars and service providers involved in trademark issues.

Identification

2

Objective: Detect the incident, determine its scope, and involve the appropriate parties.

Trademark infringement Detection

  • Deploy active monitoring of domain names registration through registries’ zones updates whenever possible or brand alert services such as DomainTools;
  • Set up feeds to monitor usernames, pages and groups on social networks;
  • Analyze HTTP referrers in website logs to identify fraudulent content downloads and fraudulent mirroring of your websites;
  • Set up brand name monitoring with specialized search engines.

Leverage automation whenever possible to trigger alarms and improve reaction times.

Involve appropriate parties

  • As soon as an infringement is detected, contact the people in your company who are accredited to take a decision if you haven’t been empowered to do so on your own.

The decision to act on the fraudulent domain name, group or user account must be taken as soon as possible.

Collect evidence

  • Collect evidence of infringing domain names, websites, specific URLs (e.g. Facebook vanity URL), pages, groups or account details.
  • Make a time-stamped copy of the infringing material (page, group, blog, forum, micro-blogging timeline, etc) and take screenshots if possible.

Containment

3

Objective: Mitigate the infringement effects on the targeted environment.

  • Evaluate the impact of the trademark infringement:
    • Can it be used for traffic redirection (cybersquatting, typosquatting, SEO)?
    • Can it be used for spoofing, counterfeiting or scamming (cybersquatting with redirect to the corporate website)?
    • Can it be used to slander the brand?
  • Evaluate the visibility of the infringing component:
    • Website visibility (ranking).
    • Number of fans or followers on social medias.
  • Monitor the dormant, infringing domain for signs of fraudulent activities:
    • See IRM-13-Phishing and IRM-14-Scam for more information.

Remediation

4

Objective: Take actions to stop the trademark infringement.

In most trademark issues, monitoring is usually sufficient. Remediation must be started only if there’s an impact on your company or its subsidiaries.

Domain name

  • Contact the domain name owner and hosting service provider to notify them of the trademark infringement and ask them to remove the fraudulent content.
  • Contact the domain name registrar to notify them of the trademark infringement and ask them to deactivate the associated domain name or to transfer it to you.
  • Ask the domain name owner or registrar to redirect all DNS requests to your name servers if possible.
  • If neither the domain name owner nor the registrar comply with your requests, initiate an Uniform Domain-Name Dispute-Resolution Policy (UDRP) procedure if you are empowered to do so or ask the internal contacts to conduct it.

Social network account

  • Contact the service provider of the infringing page, group or account to notify them of any violation of their Trademark Policies or Terms of Service and ask them to deactivate the infringing account.
  • Ask the service provider to transfer the trademarked account to an existing company account if possible.

In both cases, send e-mails to the contact addresses of the registrar or service provider. There’s generally an e-mail address to report abuse, legal or copyright issues.

Fill out a trademark or abuse complain form if available.

Recovery

5

Objective: Come back to the previous functional state.

Assess the end of the infringement case

  • Ensure that the infringing domain name, page, group or account are down or redirected to your company.
  • Keep monitoring the infringing domain name, page, group or account. Sometimes a website can reappear later.
  • Acquire the infringing domain name when it is available on the market.

Aftermath

6

Objective: Document the incident’s details, discuss lessons learned, and adjust plans and defences.

  • Consider what preparation steps you could have taken to respond to the incident faster or more efficiently.
  • Update your contacts-lists and add notes as to what is the most effective way to contact each involved party.
  • Consider what relationships inside and outside your organization could help you with future incidents.
  • Collaborate with legal teams if a legal action is required.