Brand Abuse and IP Infringements – Part 2: Enforcement and Return on Investment

In the first article in this two-part series, we looked at the impact of brand abuse and infringements against intellectual property (IP) on an organisation's brand value. In this second article, we delve into how action against enforceable infringements can deliver tangible return on investment (ROI) for a brand, and demonstrate the importance of a robust brand protection programme.

Enforceable infringements and ROI

Providing that a company has sufficient protection of its IP (e.g. trademarks registered in the appropriate product classes and geographic regions), there are typically a range of enforcement options available for the removal of infringing content. The existence of infringements can produce direct financial loss to an organisation; their removal allows some or all of this lost or diverted revenue to be reclaimed. This is clearly demonstrated in the following cases:

• Fraudulent copycat sites, designed to harvest user log-in credentials and provide access to funds through phishing
• Fake, branded sites selling counterfeit goods

Taking down these types of infringement also directly benefits a brand's consumer base, protecting customers from fraud, or substandard, non-legitimate goods that may put their safety at risk. For example, counterfeit versions of certain product types - such as electronics, automotive parts, safety equipment, pharmaceuticals and cosmetics - are particularly prone to exposing consumers to danger^[1]. Reported cases include drugs that contain either no active ingredient or incorrect ingredients^[2], toxic ingredients appearing in cosmetics^[3] or children’s products^[4], and instances of faulty electrical goods providing a risk of electric shock or fire^[5].

Even where an infringement is less obviously impactful, its presence online can still result in financial losses for the brand owner. Consider the case of a (cybersquatted) domain whose name contains a trademarked brand name with no significant content other than a parking page. If this domain receives significant amounts of web traffic - through users reaching the site via mistyping the URL or a search engine listing - and this traffic is monetised (e.g. via the inclusion of pay-per-click links), the owner of the fake domain can potentially generate revenue that should legitimately be going to the brand owner. If the brand in question is able to reclaim this domain through an acquisition process, it can also reclaim its web traffic, and a proportion can be converted to generate revenue for the brand owner. The table below demonstrates how this may be quantified in practice.

Table 1: Sample return-on-investment calculation for a reclaimed domain (using example values)

Similar techniques also exist for estimating the ROI associated with removing counterfeit or otherwise non-legitimate items on standalone e-commerce sites or marketplaces, or for estimating the total value of delisted goods. The calculations take account of factors like assumptions regarding the proportion of users who would buy a legitimate item if the counterfeits were unavailable, and the numbers of items available in the individual listings.

The figure below provides a case study showing the numbers of enforcement actions per month for a company in the movie industry focused on piracy of hard goods (i.e. DVDs, Blu-ray, etc.), over the first 24 months of its service with CSC. Note the initial 'spike' of activity, corresponding to the pre-existing 'landscape' of infringements, followed by a rapid decrease to eventual low levels as a successful enforcement programme greatly reduced the online availability of infringing items.

Figure 1: Example of number of enforcement actions per month over a two-year period with CSC

The importance of brand protection

A proactive brand protection programme allows an organisation to monitor for online infringements relating to its brand, and take remedial action, including the removal of the infringing content. This not only protects the organization from losses to brand value, but also shields its customers from exposure to harmful content and substandard goods.

Enforcement action is a key element of the suite of brand protection services offered by CSC, whose teams of experienced analysts offer a number of different methodologies for the takedown of infringing content. Considering activity on e-commerce marketplaces alone, over two million listings have been removed on behalf of our brand-owner customers since the start of 2016; an average of over 38,000 listings per month.

In many cases, the removal of individual infringements directly results in the ability for the brand owner to reclaim sizeable amounts of 'lost' revenue. Analysis of the statistics associated with enforcement action can allow a company to quantify the return on investment associated with its brand protection programme and can provide a compelling case for its continuation.

References

[1] https://www.ice.gov/features/dangers-counterfeit-items

[2] https://www.eurekalert.org/pub_releases/2015-04/uoc--fmt041615.php

[3] https://www.thefashionlaw.com/five-arrested-in-counterfeit-perfume-ring-scheme/

[4] https://www.theguardian.com/technology/2018/dec/02/whether-youre-unaware-or-dont-care-counterfeit-goods-pose-a-serious-threat

[5] https://www.theguardian.com/technology/2018/jun/06/dangerous-fake-electrical-goods-sold-amazon-ebay-investigation

This article was first published on 6 November 2020 at: 
https://www.cscdbs.com/blog/brand-abuse-and-ip-infringements-roi/

Also published at:
http://www.circleid.com/posts/20201112-brand-abuse-and-ip-infringements-part-2-return-on-investment/

Brand Abuse and IP Infringements – Part 1: Brand Impact

In this two-part blog series, we take a closer look at brand abuse and intellectual property (IP) infringements. In this first article, we explore the components making up a company's IP and how online content can affect a brand's value, both actual and perceived.

IP and brand value

The IP held by an organisation - i.e. the portfolio of brands, trademarks, and other intangible assets that provide it with its distinctiveness, and protect it from unfair competition in the marketplace - contributes a significant proportion to the total value of the business. A number of factors make up the total value attributable to IP, including initial creation costs, and its potential to generate future revenue^[1].

An organisation's brand will have a financial market value itself; a related concept is brand equity, which affects the value of the products and services associated with that brand. Brand equity is affected by factors like brand visibility (how well known the brand is to consumers, and its perception in the market), and customer loyalty (having a guaranteed income from an established customer base)^[2]. These factors drive certain behaviours in the market; for example, the willingness of consumers to trust a new, unfamiliar product from an established brand^[3].

The value of a brand as a proportion of the total value (market capitalisation) of the associated company can vary greatly, and is dependent on a number of factors, including company size and industry sector. For smaller organisations, which have fewer tangible assets, the brand value tends to be a larger proportion of the total value of the company. Companies where the brand name provides a significant part of their appeal (e.g. luxury goods companies, where "the company is the brand") may have proportionately higher brand values. For example, a 2007 study^[4] found that the brand value for jewellery retailer Tiffany was 75% of the company's total market capitalization. Considering a range of large brands across a spectrum of different industries, the value of a brand might typically represent something like one fifth of the total value of an organisation on average^[5]. Interbrand's 2020 'Best Global Brands' study aims to quantify the values of the 100 most valuable brands, in a list topped by Apple ($323B), Amazon ($201B), and Microsoft ($166B)^[6].

Brand damage and brand protection

Brand protection services, such as those offered by CSC, can help organisations identify online brand abuse and infringements against their IP, and take remedial action. The types of findings identified vary widely. They include reputation issues (negative comment and activism, brand association with undesirable content, etc.), unauthorised use of IP by bad actors (associated with the sale of counterfeit items or the creation of lookalike sites associated with fraudulent activity), and other brand issues, like brand dilution and uses of branded material by third parties. Some of these may result in generalised damage to the perception of a brand, which may affect its value but be hard to quantify, while others have directly measurable financial impacts. Similarly, the enforcement options available for the removal of damaging content varies significantly, dependent on the type of content.

Online content that creates reputational damage to a brand may be protected by the freedom-of-speech argument, where there are few or no routes for takedown. However, there is still value in brand owners monitoring for negative comments, as it provides awareness of the issues being discussed, and can provide an opportunity for the company to take remedial action. This action can include making changes to work practices, or broadcasting positive marketing messages to counteract the negative chatter. Left unchecked, reputation damage can have a significant detrimental effect on brand value. A recent report stated the value of Facebook dropped by $147 billion (7.4%) in a year in the wake of advertiser boycotts in response to the company's policies on hate speech^[7]. Other prominent organizations have also been subject to damaging stories and campaigns over the years. Nestle has been subject to an extended series of boycotts since the 1970s in response to their policies on baby-milk marketing, groundwater extraction, and promotion of unhealthy products. More recently, Oxfam was associated with accusations of sexual misconduct, bullying, and harassment by staff, resulting in significant dips in their levels of donations and volunteering. Google has also been accused of poor staff practices and user data breaches^[8].

A range of IP infringement types can also have significant effects on the value of a brand. When Christopher Bailey joined the Burberry organisation in 2001, he found a brand that had been significantly damaged, in part due to a proliferation of counterfeits. Fashion designer and retailer Alex Eagle notes that "Burberry check … became ubiquitous with fake goods, meaning it had lost its exclusivity". Working his way up to Chief Creative Officer in 2014, Bailey aimed to tackle these issues through a combination of promotional events, launches of new product across differing price brackets targeted at a variety of customer demographics, and - crucially - keeping "ahead of the copycat" by making products available in-store immediately after being exhibited at fashion shows. In doing so, he was able to help bring about an increase in share value of over 700% in 15 years^[9].

A programme of online monitoring and enforcement (where possible) against IP infringements can help an organisation protect its brand value. In part, simply being seen proactively defending the brand can be beneficial, increasing customer confidence, and making the company a less attractive target for infringers. Aside from these less quantifiable contributions to brand value, having an active brand protection programme in place, and removing individual infringements, also directly impacts revenue and profit. Standard techniques exist for estimating the value of these actions, providing a measure of return on investment. We'll cover that next in the second article in this series.

References

[1] https://www.ipwatchdog.com/2018/04/24/intellectual-property-valued-selling-business/id=96098/

[2] https://www.prophet.com/2016/09/brand-equity-vs-brand-value/

[3] https://www.forbes.com/sites/ryanerskine/2017/08/12/what-is-a-brand-really-worth/#7b17d6df2299

[4] https://seekingalpha.com/article/47276-interbrand-value-and-market-cap-a-more-meaninful-comparison

[5] https://www.linkedin.com/pulse/how-much-enterprise-value-brand-jonathan-knowles

[6] https://www.interbrand.com/thinking/best-global-brands-2020-download/

[7] https://www.campaignlive.co.uk/article/facebook-brand-value-falls-amazon-consolidates-top-spot-brandz-ranking/1688075

[8] https://www.alva-group.com/blog/how-to-measure-the-cost-of-a-bad-reputation/

[9] https://www.bbc.co.uk/news/entertainment-arts-41818169

This article was first published on 4 November 2020 at:
https://www.cscdbs.com/blog/brand-abuse-and-ip-infringements/

Also published at: 
http://www.circleid.com/posts/20201110-brand-abuse-and-ip-infringements-part-1-brand-impact/

Coronavirus: Online Threats Going Viral - Part 5: Social Media

by David Barnett and Alexandra Midgley

For our final blog in this series looking at the online risks associated with COVID-19, we focus on social media.

The popularity of social media channels means that they are extremely susceptible to exploitation by cyber criminals and other infringers, particularly during the coronavirus crisis. In an earlier post in this series, we discussed the use of social media for the distribution of phishing-related content, but CSC has also noted marked activity relating to the creation of fake accounts relating to COVID-19, and the distribution of incorrect or misleading information.

Many social media pages referencing the coronavirus are simply personal blogs, or feeds providing general information on health and well-being. However, others offer news, tracking, or other updates relating to the spread of COVID-19, in many cases with no affiliation to officially verified sources or channels.

Figure 1: Examples of coronavirus-related profiles on: (top) Instagram (referencing the official website of the World Health Organization); (middle) Facebook; (bottom) Twitter

In our study, we found a range of different content that could potentially be associated with scams, including profiles linking to:

• A site soliciting donations, purportedly for the purchase of supplies for a local hospital
• Sites offering healthcare products for sale
• Sites offering coronavirus tracking services

Figure 2: Examples of sites linked from coronavirus-related social media profiles: (i) a donations page; (ii) an e-commerce site selling face masks; (iii) a site offering a coronavirus tracking service

Numerous cases of the spread of fake, coronavirus-related news across social media have also been reported. This creates significant concern in a climate where the availability of accurate information is crucial, not only to avoid scams, but also to combat the spread of the disease. Some of the most prolific areas of content include anti-vaccination groups, claims that the virus has been bio-engineered by government^[1], and content linking COVID-19 to the spread of 5G technology.

Although some social media platforms are becoming more proactive in combating fake or harmful content, some content will invariably make it through. In these cases, brand owners may wish to consider directly requesting content removal.

CSC has experience in combating this. Most recently, a technology service provider brought an urgent case to our attention, where two videos had been posted falsely stating that one of the company's 5G technology products had caused the coronavirus outbreak, and that it was attempting to cover it up. CSC approached the social media platform and requested removal of the content on multiple grounds, including breaches of trademark and site policy, resulting in a removal of the content within three hours.

What can brand owners do?

CSC's social media monitoring services are able to identify relevant content within profiles and usernames, or individual posts, using a combination of direct site monitoring, information from search engines, and comprehensive data feeds drawn directly from social media sites. We generally advise brand owners to incorporate an element of social media monitoring into any holistic brand-protection service. Many social media sites operate intellectual property protection programmes where brands or their brand protection provider can request the removal of infringing content, although the exact criteria and requirements for enforcement vary from site to site.

If you see social media posts incorporating branded promotional content in conjunction with undesirable material, you should consider contacting your marketing service providers to control the context and placement of your content.

Finally, there will be some harmful content that is not associated with any particular brand, and individual users can contact the sites directly, using public online tools covering all matters outside of intellectual property issues. Due to the nature of scams in general, we normally expect social media sites to be compliant with requests for the removal of such content.

Reference

[1] https://www.bbc.co.uk/news/technology-51646309

This article was first published on 23 April 2020 at:
https://www.cscdigitalbrand.services/blog/coronavirus-online-threats-part-5/

Also published at:
http://www.circleid.com/posts/20200427-coronavirus-online-threats-going-viral-part-5-social-media/

Coronavirus: Online Threats Going Viral - Part 4: Phishing

In part four of this series of posts looking at emerging Internet content relating to coronavirus, we explore phishing.

In times of crisis, cybercriminals invariably take advantage of the growing concerns of the public. In the case of the coronavirus, they have done so by sending phishing e-mails that play on the fears surrounding the spread of the illness.

A number of reports have emerged of e-mails purporting to provide advice or assistance relating to COVID-19, but which are actually 'hooks' to spread malicious content, or to drive people to websites intended to harvest personal details. Many of the phishing e-mails use the names of trusted organisations such as the World Health Organization (WHO) or the U.S. Centers for Disease Control and Prevention (CDC) to add credibility to their content. A report published on March 20, 2020 stated that victims of online scams had lost £960,000 in coronavirus-linked cases since the start of February^[1].

Some e-mails encourage the user to open an attachment that may contain malware. Identified cases include examples where attackers run code on a user's computer or track their movements, steal information through keylogging, or lock files on the user's device and demand a ransom for their reinstatement. Other instances have been reported of malicious files being distributed through copies of healthcare company or government agency websites^[2,3].

Figure 1: Examples of identified coronavirus-related scam e-mails: (i) mail containing potentially-malicious attachments; (ii) mail offering the sale of a 'vaccine' but actually likely to be associated with an advance-fee fraud

Some types of phishing e-mails drive users to lookalike websites intended to harvest log-in details; others directly solicit for payments. One particular case asked for Bitcoin donations, allegedly to aid the CDC in the search for a vaccine^[4].

References to coronavirus have also been used in more familiar types of phishing campaign, such as those targeting financial-services brands. In one example, we identified phishing sites targeting numerous different banks, all hosted on a mortgage-related domain name in a sub-directory named 'COVID-19'. Additionally, a banking client was subjected to a phishing attack using a site hosted on the domain name [brand]covid-19.com.

Fraudulent coronavirus communications may purport to provide benefits. One reported SMS-based scam offered free iPhones to encourage recipients to click a link to a fake site. Other reported scams include e-mails offering payday loans, tax rebates, insurance schemes or trading advice in response to the crisis, or offering products billed as coronavirus cures^[5,6].

Figure 2: Example of a fake government website hosted on a coronavirus-specific domain name, associated with a phishing scam using an SMS message offering a tax refund

As the crisis has progressed, there has been a rise in phishing activity over social media, typically involving fake accounts. Given the speed with which content can spread across social media - particularly in the current climate of fear - such scams have the potential to reach large numbers of people in a short time^[2].

How to keep your customers safe

It is important to keep your customers, as well as your own employees, safe by making them aware of how to spot a phishing e-mail. Tips for spotting phishing emails are generally the same as for most fraudulent campaigns. It may be a good idea to educate your customers as to what to expect from your company, and what a phishing scam may look like. Here are our tips for spotting a phishing e-mail:

1. Pay attention to the originating e-mail address and the host domain of any embedded links; fraudsters may attempt to pass off their messages as being from a legitimate organisation (say, company.com) by using variants of the official domain name, such as company.org, or company-safety.com, in order to construct a convincing sender address. Even if an e-mail appears to use the official domain name, it is possible this information may have been spoofed.


2. Hover over links without clicking them. Many fraudulent e-mails may show the legitimate domain in the visible link text while actually directing elsewhere. Bear in mind that even an e-mail linking to an official site may incorporate a malicious attachment.


3. Look out for anomalies in the e-mail text. A phishing e-mail could have:

• A generic rather than personalised greeting
• Spelling or grammatical mistakes
• Messaging that conveys a sense of urgency or has a deadline by when to act
• Other requests for personal information^[7]

How CSC can help brand owners

CSC’s Anti-Phishing service can aid brand owners in detecting fraudulent e-mails and associated websites that may incorporate their branding illegally to add credibility. Our technology makes use of a combination of honeypot e-mail accounts and other mail sources (i.e. customer abuse mailboxes, and feeds from anti-fraud and security providers) to attract as large a cross-section of general spam traffic as possible to detect phishing e-mails. E-mails are analysed, and embedded links crawled, to identify potentially fraudulent sites. We then use customer-specific rules to look for brand references and other associated keywords, in addition to comparing the fingerprint of the site against other known cases of fake content. When fraudulent content is detected - generally considered a contravention of terms and conditions by a number of internet service providers - we have a number of enforcement options to ensure the swift removal of the website.

References

[1] https://www.bbc.co.uk/news/uk-51964507
[2] https://www.mayerbrown.com/en/perspectives-events/publications/2020/03/dont-panic-stay-calm-legal-strategies-for-addressing-coronavirus-phishing-scams-in-hong-kong
[3] https://www.worldtrademarkreview.com/anti-counterfeiting/covid-19-phishing-warning-uspto-responds-wipo-election-microsoft-sued-news
[4] https://www.recordedfuture.com/coronavirus-panic-exploit/
[5] https://www.forbes.com/sites/mattperez/2020/03/16/coronavirus-scams-watch-out-for-these-efforts-to-exploit-the-pandemic/#443d4eaa6103
[6] https://news.sky.com/story/coronavirus-criminals-exploiting-covid-19-pandemic-with-email-scams-11959433
[7] https://us.norton.com/internetsecurity-online-scams-coronavirus-phishing-scams.html

This article was first published on 16 April 2020 at:
https://www.cscdigitalbrand.services/blog/coronavirus-online-threats-part-4/

Also published at:
http://www.circleid.com/posts/20200423-coronavirus-online-threats-going-viral-part-4-phishing/

Coronavirus: Online Threats Going Viral - Part 3: Mobile Apps

In part three of this series of posts looking at emerging Internet content relating to coronavirus, we turn our attention to mobile apps - another digital content channel that can be used by criminals to take advantage of people's fears about the health emergency for their own gain.

One of the most common attack vectors we have found in our analysis is the use of apps purporting to track the global progression of COVID-19, or provide other information, but which instead incorporate malicious content. In mid-March, CovidLock ransomware was reported. It was distributed through a coronavirus-specific domain name, and threatened to leak users' social-media information and delete smartphone file storage unless a Bitcoin ransom was paid^[1,2]. Prior to this, reports emerged of a number of online resources masquerading as legitimate coronavirus trackers, but which actually distribute malware. In one example, a website directed users to open an applet that could infect their device with AZORult, a piece of malware used to steal log-in credentials and banking information^[3]. An Android app named Corona Live 1.1 also purports to be an official coronavirus tracker that incorporates information from the (legitimate) Johns Hopkins tracker, but actually features malware, allowing attackers to record the victim's location, and access photos, videos and the camera on their device^[4].

In general, mobile apps can be downloaded from two main sources. The first of these is the group of main app stores such as Google Play, iTunes, Amazon Appstore, and Microsoft Store, but there are also a huge number of standalone app download sites. These are often called APK download sites, in reference to Android package file-format used for the distribution of Android mobile apps. Content on the main app stores tends to undergo a much more rigorous verification process for quality and legitimacy, while the APK sites can be less trustworthy, and may feature app versions that are non-legitimate, associated with malicious content, or are out-of-date (therefore lacking the most recent security patches). This said, even the main app stores are not immune to dangerous content. It was reported that the Iranian government distributed a piece of spyware in the guise of an Android app purporting to monitor for COVID-19 symptoms; this app was initially made available on the Google Play store, before being removed due to a violation of the marketplace's terms and conditions^[5,6].

Currently, a relatively small number of coronavirus-related apps are on offer across the main app marketplaces, comprising a mixture of information apps, health checkers, and infection trackers. Across the ecosystem of APK sites, however, a much larger range of mostly tracker apps is on offer. A simple search engine look-up for 'coronavirus' plus 'APK download' returns a significant number of listings. While some of the apps thus identified may be legitimate, they raise the potential for risk, for any of the reasons outlined above.

Figure 1: Examples of listings for coronavirus-related mobile apps on standalone APK-download sites

How can you mitigate these risks?

Mobile app monitoring across all marketplaces and APK sites should form part of any comprehensive brand protection service. CSC's monitoring system can search for brand terms in the name or description of mobile apps, or in the developer or seller names. Third-party apps incorporating branded content are of concern if any of the following apply:

1. The subject matter or app content is non-legitimate or malicious
2. Branding is illegitimately used, either as a means of claiming affiliation to add credibility, or to improve the look-and-feel of the app
3. Branding is incorporated into downloadable imagery or streamed content to increase the app's appeal

For infringing apps, it is often possible to take enforcement action to have the listing removed. Enforcement usually involves completing a webform or submitting an e-mail, detailing the infringement criteria the app meets. As for many areas of brand protection, the likelihood of success is dependent on the level of IP protection held by the brand owner, and specifically on whether trademarks are held in the appropriate classes.

References

[1] https://www.businessinsider.com/coronavirus-fake-app-ransomware-malware-bitcoin-android-demands-ransom-domaintools-2020-3
[2] https://www.domaintools.com/resources/blog/covidlock-update-coronavirus-ransomware
[3] https://www.businessinsider.com/hackers-are-using-fake-coronavirus-maps-to-give-people-malware-2020-3
[4] https://www.cnet.com/news/fake-coronavirus-tracking-apps-are-really-malware-that-stalks-its-users/
[5] https://www.recordedfuture.com/coronavirus-panic-exploit/
[6] https://blog.avast.com/iranian-coronavirus-app-collecting-sensitive-information-avast

This article was first published on 9 April 2020 at:
https://www.cscdigitalbrand.services/blog/coronavirus-online-threats-part-3/

Also published at:
http://www.circleid.com/posts/20200419-coronavirus-online-threats-going-viral-part-3-mobile-apps/

A Cautionary Tale of Reputational Damage: Striking the Right Balance with Brand Protection

by David Barnett, Lan Huang and Alexandra Midgley
with thanks also to Ernriel Bell and Agnes Czolnowska

In early March 2020, a well-known European fashion brand found themselves on the receiving end of a protest campaign on social media. The background to the case was the fact that, in 2019, the brand had launched a cease-and-desist (C&D) action against a small, UK-based company in response to their use of similar product names and sale of associated clothing merchandise. This resulted in significant legal and rebranding costs for the company and is just one of several cases where the brand had targeted other small organisations.

Many observers have viewed these actions as heavy handed, and the subsequent online commentary has generated a significant amount of negative press for the brand. The case "shine(s) a light on the potential negative PR implications when undertaking a brand enforcement programme," an intellectual property expert commented. "Even where a brand is legitimately enforced, brand owners must be alive to where issues may arise in relation to smaller businesses or individual use."

This is not the only organisation to take an (over-)enthusiastic approach to their brand protection efforts. In 2015, the Millennium and Copthorne Hotels group sent a notice to the Village Association for Copthorne - a small village in the UK, and the company's founding location - protesting against their infringing use of the Copthorne name in the association's web address. The hotel group eventually backed down, stating the letter was sent in error^[1].

In another case, Scottish brewery BrewDog issued a C&D against the owners of a pub planning to name it the 'Lone Wolf' - one of BrewDog's product names. BrewDog also eventually withdrew the action, following a campaign accusing the company of behaving like a 'multinational corporate machine.' A branding commentator at the time indicated that the backtracking by BrewDog could ultimately work in their favour, stating, "We've now got a business owner calling off his lawyers and favouring the underdog. That feels right for a challenger brand. Perhaps there's still a win available for them^[2]."

So how should brand owners address the issue of protecting their IP? Here are our top tips for getting it right.

1. Register your brand terms

As a minimum, CSC suggests that brands register all active brand terms in all relevant classes (i.e. product areas) and geographic jurisdictions. If a brand is able to achieve well-known trademark status, this can also open up further avenues for enforcement, making it possible to defend IP rights even in product classes where trademarks have not yet been registered.

2. Have a clear set of goals for your IP protection programme

Just because you can launch an action in a particular case, it doesn’t mean you should. In cases involving, for example, small companies operating in unrelated areas, with minimal risk of confusion, it may be advisable not to enforce. As with the case reported here, the risk is that an enforcement action can cause a large corporation to gain a reputation as a brand bully, and it is important to consider the risks of exacerbating an already inflamed situation. A brand owner should always be clear on the goals of their IP protection programme, and be willing to answer the question - in cases where an action results in backlash - was it worth it?

3. Look at potential infringements case-by-case

At CSC, we advise against sending automated C&D notices; every case is different, and it is important to consider whether a notice is necessary and, if so, what the appropriate style of wording is. C&D language can be overly severe and may not be concise, leaving room for dispute. In cases where notices should not have been sent, there is the risk of counter-claims for groundless threat - in these instances, the brand owner could then be liable for any damage and costs arising from the claim.

Before taking any action on a potential infringement, it is advisable to assess the case against the following questions:

1. Is there prominent and unauthorised use of the trademark?
2. Is there a likelihood of confusion, i.e. is the disputed use likely to mislead a general consumer into believing that the products and services are offered by the brand owner who owns the trademark?
3. Does the use of the trademarked name constitute bad faith or piggybacking on the brand owner's established brands and goodwill (i.e. unfair use for commercial gain)?
4. Does the use of the trademark cause harm or damage to the brand?

If the answer is 'yes' to these four questions, it may be appropriate for a brand owner to take action.

4. Personalise your C&Ds

If a potential infringement is identified, but bad faith cannot be definitively established, it may be best to contact the concerned parties using a personalised C&D. This should include:

• Education on the importance of the intellectual property
• Why and how there is a conflict of interest and how they have infringed; specifically which aspects of the brand use are most concerning
• How this can be mitigated without invoking costly legal battles

It is often the case that legitimate businesses are more likely to comply with infringement notifications, whereas those clearly using a trademark in bad faith are less likely to co-operate.

The general principle should be to treat the most serious cases more aggressively, escalating to a legal route if necessary. Only consider legal action when the infringer refuses to comply without sufficient reason, or if there is a clear case of malicious intent to monetise the trademark. Less egregious offenders can be sent a softer C&D, incorporating educational information. A C&D done well can even positively boost a brand owner's image and public relations.

References

[1] https://www.dailymail.co.uk/news/article-3059658/Village-fights-use-Residents-association-Copthorne-threatened-legal-action-multinational-hotel-chain.html
[2] https://www.theguardian.com/lifeandstyle/2017/mar/27/brewdog-backs-down-lone-wolf-pub-trademark-dispute

This article was first published on 7 April 2020 at:
https://www.cscdigitalbrand.services/blog/brand-protection-balance/

Also published at:
http://www.circleid.com/posts/20200514-reputation-damage-striking-the-right-balance-with-brand-protection/

Coronavirus: Online Threats Going Viral - Part 2: Marketplaces

In this second article about the online risks of coronavirus, we take a look at online marketplaces.

In the midst of the coronavirus crisis and the partial or total quarantines happening around the world, more people are turning to e-commerce for their purchases. This, combined with the increased demand for healthcare and healthcare-related products, is causing surges of activity on online marketplaces.

Perhaps least surprising is the growth in the number of listings for cleaning and hygiene products (e.g. hand sanitiser), as well as face masks, to the point that Amazon.com has reportedly banned new listings of certain classes of product to cope with demand^[1]. Many of the identified listings explicitly reference 'coronavirus' or 'COVID-19' in product titles or descriptions to attract web traffic.

Marketplace sales always carry inherent risks: items may not be as described, may be low quality or ineffectual, or in cases where the offers of sale purport to be for branded products, counterfeit. Therefore, it is important for consumers to carefully consider the sources they use, bearing in mind factors like seller identity and location, item price, product images, buyer reviews, and so on. Similarly, brand owners must implement programs to track activity on e-commerce marketplaces to identify branded listings that may offer counterfeits, use established brand names to drive traffic to third-party products, or sell legitimate items sourced through unauthorised routes in the supply chain.

Of particular concern during the current climate are listings offering coronavirus tests or cures. While tests for the virus do exist, there is no guarantee that those sold on marketplaces are either legitimate or effective and, given the medical nature of such products, counterfeits could have significant negative health implications. Listings for cures are perhaps more concerning still, particularly in view of the fact that (at the time of writing) no cure currently exists, and medical treatments simply aim to relieve the symptoms while giving the body an opportunity to fight the illness^[2]. In one case reported on March 21, a man was charged with manufacturing fake treatment kits containing harmful chemicals^[3]. Fake cures also raise the dangerous possibility of making consumers believe that they are in recovery, making them abandon the efforts to isolate to prevent the spread of the disease.

Figure 1: Example of a marketplace listing for a coronavirus test kit, stating a minimum order of 100,000 pieces with customised packaging options, making it likely to be associated with the supply chain for counterfeit tests

Figure 2: Example of a marketplace listing for an 'anti-coronavirus' essential oil product

As with coronavirus-related phishing attacks (discussed in detail later in this blog series), some listings may also refer to trusted organisations such as the Centers for Disease Control and Prevention or the World Health Organization in an attempt to claim endorsement or provide the appearance of legitimacy. This is not only an IP infringement but, more importantly, could be a danger to consumers.

How can CSC help?

CSC's technology for monitoring known marketplaces uses the sites' own built-in search functions to identify listings containing brand terms or relevant keywords. It then uses scraping and information drawn from APIs to pull information from the listing, such as the seller name, quantity of items, price, etc. Brand owners can make use of CSC's marketplace monitoring services to identify listings in which their brand terms are used. We can also aggregate the information obtained to calculate the total number of items offered by a particular seller, the total value of goods offered, and so on, to identify top sites and sellers.

When infringing listings have been identified, we make use of the various IP-protection programmes operated by marketplaces to have them removed - provided the brand owner has sufficient IP protection, e.g. registered trademarks. Infringing sellers can be suspended from the marketplace altogether or, following a successful takedown, brands can request a seller's contact details for further investigation.

References

[1] https://markets.businessinsider.com/news/stocks/amazon-marketplace-tips-for-sellers-following-coronavirus-uncertainty-2020-3-1029014647
[2] https://www.nhs.uk/conditions/coronavirus-covid-19/#treatments-summary
[3] https://www.bbc.co.uk/news/uk-england-london-51991245

This article was first published on 2 April 2020 at:
https://www.cscdigitalbrand.services/blog/coronavirus-online-threats-part-2/

Also published at:
http://www.circleid.com/posts/20200416-coronavirus-online-threats-going-viral-part-2-marketplaces/

Coronavirus: Online Threats Going Viral - Part 1: Domain Names

As news of the spread of the coronavirus (COVID-19) continues to emerge, CSC has undertaken the first in a series of studies looking at how the development of the crisis has affected online content. This first article looks at the numbers of registered domains with names containing coronavirus-related strings - 'coronavirus' or 'covid(-)19' (with an optional hyphen) - and analyses the types of content present on the associated websites.

In our investigation, we found 6,341 domains containing the string 'covid(-)19', and 11,552 domains containing 'coronavirus'^[1]. Many of these registered domain names include other terms implying that the associated websites feature neutral or informational content. However, significant numbers incorporate particular keywords suggesting that they could have been registered to take advantage of people’s fears surrounding coronavirus to attract web traffic. These domains may be used to create websites associated with scams, or with the intention of generating revenue.

Table 1: Total number of coronavirus-related domains containing keywords of particular interest

We further analysed this set of domains to determine^[2] when the domains were registered. This analysis shows that of the 2,000-plus domains for which creation dates were identifiable, only 17 domains (0.8%) were registered before 2020, and 68% (1,400+ domains) were registered since the start of March - i.e. just two weeks prior to the date of analysis.

Figure 1: Daily numbers of registrations of coronavirus-related domains featuring keywords of relevance

N.B. We truncated the graph at three days prior to the date of analysis, as there can typically be a delay of around two to three days between the date of domain registration and its inclusion and detection in the published zone file. Accordingly, the numbers of registrations shown for (at least) the two or three days prior to analysis are likely to be underestimates.

These figures provide a striking illustration of how escalating real-world issues can produce a flurry of corresponding activity online, with an enormous increase in registrations as countries began to announce lockdown measures throughout March. We can also see spikes in the domain-registration graph associated with specific events:

• The first announcements of the emergence of coronavirus outside China in late January
• The WHO announcement of COVID-19 as the specific strain on February 11
• The start of Italy's lockdown in late February^[3]

What's in a domain name?

Nearly 75% of the 2,646 domains with keywords of interest produced a live webpage response^[4]. Around three-quarters of these currently do not point to an active site, i.e. no page title, or a title suggesting that only a holding page is present. That said, even these may have been registered with a goal of monetising the domain name, either through pay-per-click links on the site or explicitly offering the domain name for sale.

Setting aside inactive domains still leaves around 500 coronavirus-related domains featuring relevant keywords and appearing to host active websites. Thirty-two of those 500 achieve significant web traffic, attracting over 8,000 Internet users per day between them. The websites resolve to a range of content, although just over a third resolve to active e-commerce sites offering face masks for sale. Others include: e-commerce sites selling coronavirus testing kits or other healthcare products; sites linking to online pharmacies; sites offering global coronavirus tracking functions; and a range of other informational sites.

Table 2: Description of content for coronavirus-related domains featuring keywords of relevance and attracting significant levels of web traffic

N.B. (i) Sites that do not currently include active website content are shown in italics.
(ii) Domain names are not shown, and any company names have been redacted.

Figure 2: Example screenshots of (top to bottom) high-traffic e-commerce sites offering the sale of face masks, or coronavirus testing kits; a coronavirus tracking site; and a site promoting an online pharmacy

Why does it matter to brands?

Registering a domain and creating an associated website is quick, simple, and essentially unregulated. This provides a range of opportunities for any would-be infringer and, as our findings have shown, can pose a variety of risks for internet users. Where physical products are being sold, the items could be manufactured using sub-standard materials, or without rigorous quality checks. Consumers run the risk that products may not just be ineffective, but actually harmful. Many of the identified e-commerce sites offered products using known and trusted brand names. The risk of these being counterfeit is one reason why brand owners should pay close attention to the developing landscape, and take appropriate enforcement action to protect their customers and their reputation.

The social risks of misinformation

Where unofficial sites use the name or branding of a legitimate health organisation (e.g. CDC or WHO) to appear official or lend credibility to its content, the public is at risk of incorrect safety information or a phishing attack. 

Figure 3: An example of a site infringing on CDC and WHO branding. The domain has been registered using a privacy-protection service to hide the contact details of the owner

Other identified websites offer coronavirus tracking mobile apps - a risk to the public in light of reports that some coronavirus tracking apps actually host malicious content or ransomware.

Recommendations for brand owners

As the coronavirus story continues to develop, it is advisable to monitor for third-party domain names - and material in other online areas - that may be using a brand name to lend credibility to site content or offer the sale of counterfeits. CSC's monitoring technology is able to search for brand-related appearances across a range of internet content types, and prioritise findings by the number and prominence of brand mentions, and their proximity to keywords or key phrases of particular relevance or concern. Following identification of infringing content, a rapid process of enforcement for the removal of damaging content can help to protect customers, company reputation, and revenue. Above all, throughout this developing crisis, it's most important to take all necessary precautions - both online and offline - to be safe and stay well!

References

[1] Numbers correct as of 18/03/2020
[2] Wherever this information is available via an automated look-up
[3] https://edition.cnn.com/2020/02/06/health/wuhan-coronavirus-timeline-fast-facts/index.html
[4] Excluding those that return no HTTP response, or generate an error code

This article was first published on 26 March 2020 at:
https://www.cscdigitalbrand.services/blog/coronavirus-online-threats-part-1/

Also published at:
http://www.circleid.com/posts/20200409-coronavirus-online-threats-going-viral-part-1-domain-names/

Holiday Shopping Events - 11.11, Black Friday and Cyber Monday e-commerce domain trends: Part 2

This is the second in a two-part series of articles looking at domain registrations associated with the 11.11, Black Friday, and Cyber Monday shopping events, following the introductory post published in early November.

During the shopping season, over a period between November 5 and December 8, we monitored the number of new domain registrations with names containing the strings '11(-)11,' 'black(-)friday' and 'cyber(-)monday' (with optional hyphens in each case).

We observed considerable activity over the five-week period, with significant increases in the numbers of domains (over 20%, in the case of Black Friday domains) compared to the total pre-existing at the start of the study period. Registrations also peaked close to the actual day of the shopping events, especially for Singles Day and Black Friday.

These data show that significant proportions of the Black Friday and Cyber Monday domains (20.5% and 31.5%, respectively) also feature e-commerce-related keywords in their domain names, suggesting they have been specifically registered to attract web traffic associated with Internet users interested in making online purchases across the period. In both cases, the registration activity spanned an extended period of several weeks in the run-up to the events, with the keywords 'deal' and 'sale' commonly used, as shown below.

A smaller proportion of the 11.11 domains (under 5%) also feature English-language e-commerce keywords. Inspection of the domain names suggests that many of them may not even have been registered with the 11.11 event in mind, and may simply be using '1111' as a generic string.

Similar to the trends seen in the set of pre-existing domains considered in the previous study, .com continues to account for the majority of new registrations in each of these three cases, though new generic top-level domains, such as .xyz, .site, and .online are also significant, accounting for notable proportions of the registrations.

Other observations from the sets of newly-registered domains

In addition to the domain names including e-commerce-related keywords, many of the event-specific domains registered during the monitoring period also include the names of known and trusted brands, as well as the names of online marketplaces.

While some of these may have been registered by the brand owners to promote their own e-commerce holiday events, a significant proportion certainly were registered by third parties. These individuals may be abusing the brand names to misdirect and monetise web traffic, by diverting users to their own content via re-direction or sponsored advertisements, or by offering the sale of counterfeit items. Amongst the brand names seen to have been used in this way are:

• For 11.11: The e-commerce sites Aliexpress, Tmall, JD, Suning, Gome and Pinduoduo, in addition to Bilibili (a Chinese video-sharing site themed around animation and games).
• For Black Friday: Amazon (including a range of mis-spellings), eBay, Paypal, Walmart, Apple (and iPhone), Netflix, Louis Vuitton, Hermes, Dr. Martens, Ugg, Uber, Ford, Toyota, Jeep and Sonos.
• For Cyber Monday: Walmart and Ugg (as also seen for the Black Friday domains), and Macy’s.

There’s also a suggestion that some of the '11(-)11' domains have been specifically registered with a Chinese-speaking audience in mind. These include examples making use of the keywords 'guanggunjie' (the Chinese name for Singles Day), 'mai' (the Chinese word for 'buy' or 'sell', depending on the intonation), and 'xianyu', the name of the Chinese-language sub-platform on the Taobao marketplace offering the sale of used goods.

Some of the identified sites appear to be non-infringing, and resolve either to generic stand alone e-commerce sites, or content relating to the brand owner’s own products or services. In these cases, the owners of the domains appear simply to be taking advantage of the buzz surrounding the holiday shopping events to drive web traffic to their own content.

Other sites feature links to third-party sites, such as examples that aggregate marketplace listings, and then link through to the official marketplace, to generate affiliate revenue from visitor clicks. Other domains were found to resolve to coupon or deal sites. These examples may also be of interest to brand owners, since it may be unclear whether the offer is being made by the referring site itself or by the brand in question. There is also a risk that these sites may collect customer information for their own use before forwarding the user on the to the official brand website.

However, a number of more egregious types of content were also identified. These include:

• Sites offering the sale of branded goods, which may be counterfeit. These examples may be particularly concerning, and misleading to customers, if the domain name includes the name of the brand being infringed.
• Domain names including the names of trusted brands, but which resolve to unrelated third-party sites, which in many cases feature e-commerce-related content.

Key take-aways

Across the period surrounding the 11.11, Black Friday, and Cyber Monday holiday shopping events, significant activity associated with the registration of directly-relevant domain names was identified. Much of this activity is legitimate, and the period does provide an opportunity for brand owners to take advantage of increased web traffic and event-specific web searches by internet users to promote their own goods and services. However, the increased activity also provides opportunities for unscrupulous infringers to abuse the names of trusted brands to drive visitors to their own content, or to sell counterfeit products.

The findings highlight the importance for brand owners not only to protect their intellectual property defensively, through the registration of a strategic domain portfolio, but also to proactively monitor for activity by third parties, to allow enforcement action to be taken as appropriate. The range of content types seen, and the keywords and top-level domains used, illustrate the requirement for this process to take as holistic an approach as possible.

This article was first published on 16 December 2019 at:
https://www.cscdigitalbrand.services/blog/holiday-shopping-events-part-2/

Holiday Shopping Starts Now! How will 11.11, Black Friday and Cyber Monday e-commerce domains trend? Part 1

The month of November marks the start of a busy shopping period in both the offline and online worlds, not only because of the proximity of the festive time of year, but also because of a number of specific commerce-related events. In this article - the first in a series of two - CSC looks at domain registration trends related to holiday shopping.

The concept of Singles Day (or Guanggun Jie, literally 'Single Sticks Holiday') began at Nanjing University in China in the early 1990s, marking November 11 (11.11 or double-11) as the day of celebration. But the commercial opportunities associated with the event were spotted in the late 2000s^[1], when the Alibaba marketplace starting using the date for its annual online sale in 2009^[2] and then trademarked the term double-11 ( 双十一) in 2012^[3]. Singles Day has subsequently grown to become the biggest shopping day in the world, with combined sales across Alibaba and JD.com alone totalling in excess of $44 billion in 2017^[4]. Though the occasion continues to grow in prominence, it remains most popular in the Far East, perhaps due to the coincidence of sharing the date with Veterans or Remembrance Day in the West.

In the US - and much of the western world - the period around Thanksgiving, on the fourth Thursday of November, has also long been popular with shoppers. Black Friday, the day after Thanksgiving, has traditionally been regarded as the start of the Christmas shopping season in the US. More recently, the coining of the following Monday as Cyber Monday was introduced, producing a four-day-long weekend designed to encourage consumers to shop online. Online sales on Cyber Monday have grown year-on-year since 2006, reaching almost $8 billion on 2018^[5].

The use of references to Singles Day, Black Friday, and Cyber Monday as ways of promoting e-commerce, and increasing sales for internet retailers, continues to remain common practice. Domains can be registered by individuals for a number of different reasons - in the context of Singles Day and the Thanksgiving weekend, domains can be used in the creation of event-specific e-commerce sites and to promote particular brands, marketplaces, or products.

Beyond this, the registration of domains can be profitable even in cases where no live site is configured. In many cases, domain names, including high-relevance keywords, can be registered on spec, to see which examples generate significant volumes of web traffic. This traffic can then be monetised by the site owner through the inclusion of sponsored advertisements (pay-per-click links) on the webpage. This practice alone can be of particular concern to a brand owner if their brand name is used in the domain name and the sponsored ads direct visitors to competitor sites.

In this study, we consider domains with names containing the strings '11(-)11'^[6], 'black(-)friday' and 'cyber(-)monday' (with optional hyphens in each case). The information is derived from domain name zone files, which are data files containing lists of registered domains, published by the registries responsible for the operation of particular domain name extensions (top-level domains, or TLDs). Zone files are available for the majority of generic TLDs (gTLDs such as .com, .net, etc.) new gTLDs, plus a selection of country-code TLDs (ccTLDs).

The following statistics show the numbers of pre-existing domains already registered at the start of November 2019.

These statistics illustrate the scale of domain name registrations relating to the November events, and the proportion of these domains, which - on the basis of the associated keywords - have presumably been registered to promote sites or attract traffic relating to e-commerce activity. For the Black Friday and Cyber Monday domains, significant proportions (26.1% and 34.9%, respectively) feature keywords pertaining explicitly to e-commerce. The share for 11.11 domains is rather smaller, due in part to the more generic nature of the string itself, and perhaps in part to targeting the Far East audience with less reliance on English-language keywords.

The TLD data shows that, although the majority of these sites exist on common, familiar gTLDs such as .com and .net, other new gTLDs (e.g., .xyz and .top), as well as ccTLDs (e.g., .uk and .dk) are also important.

In cases where brand names are explicitly being used to promote competitor products or offer the sale of counterfeits, this activity can be highly damaging to the brand owner, in terms of lost revenue and reputation damage.

CSC recommends that brand owners carry out proactive monitoring for the registration of new domains relating to their brands, which is particularly important at times of the year when e-commerce activity is at a high. Monitoring should also take a holistic approach, covering a wide range of relevant TLDs and keywords. Infringing domains can potentially be taken down via a range of enforcement processes. In some cases, other approaches may also be appropriate, such as attempting to dispute or acquire highly relevant or desirable domain names, or looking to launch a snapback procedure to register a domain after the expiration of its current registration period.

Our second article in this series will address trends in the numbers of new registrations across the Singles Day and Thanksgiving weekend events.

References

[1] https://www.telegraph.co.uk/black-friday/0/what-is-chinas-singles-day-and-how-does-it-compare-to-black-frid/
[2] https://econsultancy.com/singles-day-2018-alibaba/
[3] https://www.gtld.com/insights/blog/2014/11/happy-guanggun-jie/
[4] https://en.wikipedia.org/wiki/Singles%27_Day
[5] https://www.cnbc.com/2018/11/27/cyber-monday-sales-break-record-a-record-7point9-billion-spent-online.html
[6] This study excludes domains (deemed non-relevant) where the 11(-)11 string is immediately preceded or followed by another digit, e.g., 000000111111.com

This article was first published on 11 November 2019 at:
https://www.cscdigitalbrand.services/blog/how-will-black-friday-ecommerce-domains-trend/

External online threats to your brands

Domain name security and threat intelligence

With nearly 4 billion users and an associated economy of over $4 trillion, the Internet comprises a major ecosystem for businesses today. However, it also provides significant opportunities for criminals to take advantage of trusted brands for their own gain. There are a number of types of possible infringement, including trade in counterfeit goods, online fraud, digital piracy and other kinds of general brand abuse across a range of internet channels, which can have direct impact on the value of brands and the profitability of the associated organisations.

Many types of brand abuse (e.g. domain name infringements, false affiliation claims, unauthorised use of logos or other intellectual property, negative customer comments and brand guideline non-compliance from legitimate affiliates and partners) are familiar to brand representatives responsible for marketing and branding. However, the range of possible infringements extends much further than this, into more sinister areas with significant security implications.

One obvious area of online abuse that can directly affect a company’s bottom line - by way of customer losses and damage to brand reputation - is cybercrime (e.g. phishing). Research indicates that 65% of consumers would change suppliers following an experience of fraud or data breach. Currently 54% of businesses are only 'somewhat confident' in their ability to detect fraudulent activity, although a 2018 study found that 9% of organisations say that their most disruptive case of fraud in the previous two years had caused losses of $5 million or more, causing damage to brand strength, business and regulator relations and employee morale.

Phishing activity, where infringers aim to steal log-in credentials or other types of personal information, is often perpetrated through fake websites. This highlights the need to track the registration of brand-specific third-party domain names and monitor for subsequent changes to website content. However, associated activity can also occur across other channels, including standalone websites, social media and spam e-mails - all of which must be considered if the problem is to be addressed comprehensively. Social media is a common channel for the creation of fake profiles that can be used for executive impersonation and subsequent money-transfer scams.

With regard to domain name abuse, even cases where no live site content is present can be significant, since domains can be used purely for their e-mail functionality - that is, creating a convincing fake e-mail address from which to send phishing e-mails - illustrating the requirement to analyse mail-exchange records and track spam email traffic in order to identify fraudulent communications. In addition, criminals typically take a multi-stage approach to online fraud, with stolen credentials often traded online, frequently via carding websites and forums or on the Dark Web. Monitoring these deeper areas of the Internet can provide early warning of compromised accounts or credit cards, making it possible to deactivate them before significant financial losses take place.

Beyond classic brand infringements, the online appearance of malicious software (malware) can also have significant security implications for brand owners. Types of malware can include keyloggers which steal passwords and other confidential content, and ransomware which locks files and demands payment for their release. Malware is spread through visits to infected websites (e.g. accessed via search engine results or sponsored ads) and opening infected attachments in e-mails. In many cases, the spread of malware involves the use by criminals of brand-related hooks, encouraging users (i.e. customers or employees) to access the infected content. Malware can also open an organisation up to infiltration by hackers, though this can also arise as a result of employee social engineering or lax security policies. Hacking activity can damage an organisation in a number of different ways, including compromisation of sensitive customer records. At least nine high-profile cases, each involving access to more than 50 million sets of credentials, have been reported in the press since 2013. Cases of this nature can have significant direct financial implications, with the average cost to organisations of data breaches in 2018 estimated at over $5 million per incident.

Consequently, the implementation of a holistic brand protection programme should be a crucial requirement for brand owners, ensuring that responsibility for programme ownership - including budget provision - is shared across all relevant stakeholders. Online fraud and cybercrime go hand in hand with other types of infringement; to combat these risks, various departments (e.g. marketing, legal and IT security) need to work together. All might have different objectives, yet their common goal should be to keep their organisation protected, secure and safely operating online at all times.

This article was first published on 28 November 2019 at:
https://www.worldtrademarkreview.com/index.php/external-online-threats-your-brands

Image-Only Infringements

by Irene Oh and David Barnett

Introduction

Often in the context of brand protection services, we encounter online content that does not include any text-based reference to a brand name, but instead uses an image that is associated with the brand in question, or one of its products. This can be found on e-commerce sites, independent websites, social media posts or accounts, and is sometimes referred to as graphical brand-specific content.

Use of official images without authorisation from the rights owner, with or without the associated presence of a logo or a figurative trademark, can be deemed an infringement. Infringing images can comprise a logo or a figurative trademark (i.e. a registered trademark, or an image of a product copied from the brand owner’s official website or authorised store front, including a screenshot of a site taken from a mobile phone).

Detection

Detection of these types of results online can be difficult for the rights owner, particularly given the fact that the conventional way of searching for infringing results is via the use of text-based keywords, which may not effective at detecting images. In cases where detection of images is a required focus of the monitoring, it may instead be necessary to use generic product- or industry-specific search terms expected to appear in conjunction with the images of interest, though this approach can generate high volumes of non-relevant results.

Since image posting is becoming a more popular means for users to share Internet content, service providers are also being forced to up their game. Some of the most well-known online image-search tools have existed for some time now. However, some e-commerce sites, such as websites belonging to the Alibaba Group, have been developing similar functions, and allow their users to perform image searches across their websites.

However, as effective as these various image-search tools can be to bring back relevant results, there is still much scope for improvement. We have seen that a slight modification to an image, such as the removal or addition of a sentence within an image, can cause an 'un-matching' of the result from the search, thereby causing potentially-relevant results to be missed.

Enforcement actions: current state-of-play

Depending on the channel on which an image infringement is detected, we may be able to file a copyright complaint to request its removal; e-commerce sites such as eBay and the Alibaba Group do have procedures to report copyright infringements, and the Chinese sites Tmall and Taobao have a tool called Bazai, designed to help their fashion sellers protect their pictures from being stolen by another seller.

US-based sites, social media sites, and website hosting providers generally follow complaint procedures based on the Digital Millennium Copyright Act (DMCA), although DMCA filling is also widely used by others outside of the US.

The necessary requirements to start enforcement actions can vary, depending on where the infringing images are found; however, providing the link to the original image is generally a must when filling complaints.

Often, sites following DMCA processes, or those with any sort of copyright complaint procedure, are compliant and quick to take action on behalf of a brand. Nonetheless, we have experienced challenges in some countries where their copyright law is slightly different. For example, Allegro - a Polish e-commerce site - has had to adapt its policy to the Polish Copyright Act^[1]:

Copyright exception for out-of-commerce works

The amendment introduces a new form of exception based on the framework Memorandum of Understanding (MoU) on Key Principles on the Digitisation and Making Available of Out-of-Commerce Works, which was discussed in the European Commission in 2011.

An out-of-commerce work in the Polish Act means a work that is neither: available for customers in the course of trade with the consent of its copyright holder; nor placed on the market in the form of copies in number satisfying rational needs of customers; nor made available to the public in such a way that members of the public may access them from a place and at a time individually chosen by them.

In addition to copyright complaint, in cases where the image consists of a logo or registered figurative trademark, another option to have the image removed is to file a trademark infringement complaint. Of course, the feasibility of this option needs to be reviewed case-by-case.

Despite these possible enforcement routes, rights owners should also take note that some instances of image use may constitute fair use, in cases where education, parody, or reviews are involved. In these cases, there is a possibility that attempted enforcement action can have an adverse effect on public relations. Beyond this, our experience in the brand-protection industry suggests that many Internet users simply have virtually no knowledge of copyright law.

Enforcement actions: future developments

While it appears that many countries have mature image copyright complaints procedures in place, we have become aware this year of approval of a new EU directive on copyright, though this has not yet been implemented.

Reference

[1] http://communia-association.org/2015/12/17/summary-of-2015-amendments-to-the-polish-copyright-act/

This article was first published on 24 October 2019 at:
https://www.cscdigitalbrand.services/blog/image-only-infringements/