The domain name SmartPrivacy.com was registered in 2001 and was apparently acquired in 2016 by OneTrust LLC. The company also registered the mark SMARTPRIVACY in 2017.
Meanwhile, British company Gazey and Partners LLP trading as Privacy Partnership, acquired rights to the mark SMART PRIVACY in the UK, in 2016.
The ensuing UDRP focused on that missing space:
Complainant started using its European Union trademark SMART PRIVACY and adds that there is no evidence showing that it knew of the Complainant’s trademark before its first use of the SMARTPRIVACY trademark or that the Respondent has somehow targeted the Complainant with the registration and use of the disputed domain name.
The sole panelist at the WIPO found no evidence of the domain SmartPrivacy.com being used or acquired in bad faith and ordered it to remain with the Respondent. At the same time, he declined the Respondent’s request to deliver a finding of Reverse Domain Name Hijacking.
The domain transfer was denied.
ARBITRATION AND MEDIATION CENTER – ADMINISTRATIVE PANEL DECISION
Gazey and Partners LLP trading as Privacy Partnership v. Privacy service provided by Withheld for Privacy ehf / Muthu Balasubramaniam, One Trust Case No. D2022-3138
The Parties
The Complainant is Gazey and Partners LLP trading as Privacy Partnership, United Kingdom, represented by Zek Legal, United Kingdom.
The Respondent is Privacy service provided by Withheld for Privacy ehf, Iceland / Muthu Balasubramaniam, One Trust, United States of America (“United States”), represented internally.
The Domain Name and Registrar
The disputed domain name smartprivacy.com is registered with NameCheap, Inc. (the “Registrar”).
Procedural History
The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on August 25, 2022. On August 25, 2022, the Center transmitted by email to the Registrar a request for registrar verification in connection with the disputed domain name. On August 25, 2022, the Registrar transmitted by email to the Center its verification response confirming that the Respondent is listed as the registrant and providing the contact details. In response to a notification by the Center that the Complaint was administratively deficient, the Complainant filed an amended Complaint on August 26, 2022.
The Center verified that the Complaint together with the amended Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).
In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the Complaint, and the proceedings commenced on August 30, 2022. In accordance with the Rules, paragraph 5, the due date for Response was September 19, 2022. The Response was filed with the Center on September 19, 2022.
The Center appointed Assen Alexiev as the sole panelist in this matter on September 23, 2022. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and
Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.
Factual Background
The Complainant develops privacy solutions for businesses. It provides educational and technical solutions to companies, institutions, legal entities, etc.
The Complainant is the owner of the following trademark registrations for the sign SMART PRIVACY (the “SMART PRIVACY trademark”):
− the European Union trademark SMART PRIVACY with registration No. 015086416, registered on June 8, 2016 for goods and services in International Classes 9, 35, 41, 42, and 45; and
− the United States trademark SMART PRIVACY with registration No. 6263262, applied on October 11, 2017, and registered on February 9, 2021 for goods in International Class 9. The element “PRIVACY” in this trademark is disclaimed, and the trademark does not indicate a date of first use or first use in commerce.
The Complainant’s official website is located at the domain name smartprivacy.co.uk registered on February 28, 2017.
The Respondent is a trust transformation and privacy service provider in United States. The Respondent is the owner of the United States trademark SMARTPRIVACY with registration No. 5576027, applied on March 2, 2017 and registered on October 2, 2018 for services in International Class 41, with first use in commerce on February 24, 2017.
The disputed domain name was first registered by a third party on June 26, 2001. On July 26, 2016, the Respondent acquired the disputed domain name. It currently redirects to the Respondent’s website at “www.privacyconnect.com”.
Parties’ Contentions
Complainant
The Complainant submits that the Parties are competitors on the privacy services market. The Complainant states that the disputed domain name is confusingly similar to its SMART PRIVACY trademark, because it incorporates this trademark and is used for promoting the Respondent’s website at “www.privacyconnect.com” which operates on the privacy services market like the Complainant.
According to the Complainant, the Respondent has no rights or legitimate interests in respect of the disputed domain name. It submits that the Respondent’s United States trademark SMARTPRIVACY was registered in October 2018 – more than one year after the Complainant registered its European Union trademark SMART PRIVACY, so according to it the Complainant’s trademark has priority. The Complainant adds that the Respondent acquired the disputed domain name after the Complainant registered its SMART PRIVACY trademark and its domain name smartprivacy.co.uk.
The Complainant maintains that the Respondent never used the disputed domain name or its SMARTPRIVACY trademark because the disputed domain name was only used to redirect Internet users to the Respondent’s website at “www.privacyconnect.com”, which offers services in International Class 41 that fall within the scope of the Complainant’s SMART PRIVACY trademark. According to the Complainant, the Respondent’s United States trademark SMARTPRIVACY does not give rise to rights of the Respondent because it and the disputed domain name have never been used in connection with a bona fide offering of goods or services.
The Complainant contends that the disputed domain name was registered and is being used in bad faith. It
notes that it registered the European Union trademark SMART PRIVACY in 2016 and the
smartprivacy.co.uk domain name on February 28, 2017, while the Respondent filed the application for registration of its United States trademark SMARTPRIVACY on March 2, 2017.
The Complainant points out that the Respondent operates in the same market as the Complainant and has its co-headquarters in London. According to the Complainant, it was therefore impossible for the Respondent not to know when registering its SMARTPRIVACY trademark and the disputed domain name that the Complainant was using the same trademark. The Complainant adds that the disputed domain name was acquired by the Respondent in 2017 and that the Wayback Machine records show that it has not been used before the registration of the Complainant’s SMART PRIVACY trademark and before the creation of the Complainant’s website at “www.smartprivacy.co.uk”.
The Complainant maintains that from the beginning the Respondent took and has been using the disputed domain name to parasitize on the Complainant’s SMART PRIVACY trademark. According to the Complainant, the Respondent’s trademark registration in the United States was made in bad faith after the Complainant’s SMART PRIVACY trademark registration in the European Union, and has not been used for more than five years after its registration, so it cannot be a relevant defense against infringement. The Complainant maintains that the disputed domain name was registered primarily for the purpose of disrupting the business of the Complainant who is a competitor of the Respondent. In the Complainant’s view, the Respondent wants to create confusion by using the Complainant’s SMART PRIVACY trademark in the disputed domain name to divert customers to its own website. The Complainant maintains that it is predictable for potential customers to think that the companies that use the same trademark in the same market and have headquarters in London are related. The Complainant concludes that even if a customer of the Complainant realizes that the disputed domain name is not belonging to it, after accessing the disputed domain name and finding itself at “www.privacyconnect.com”, such user may no longer try to find the Complainant and would receive services from the Respondent which would be unfair competition.
Respondent
The Respondent maintains that it has rights or legitimate interests in respect of the disputed domain name because it has a United States trademark SMARTPRIVACY and has used the disputed domain name in connection with a bona fide offering of goods or services before notice of this dispute. The Respondent states that it applied for registration of the SMARTPRIVACY trademark on March 2, 2017, and the registration date of this trademark is October 2, 2018. The Respondent points out that the United States Patent and Trademark Office (“USPTO”) records reflect for the Respondent’s trademark a first use date of February 24, 2017, and first use in commerce on February 24, 2017.
The Respondent notes that its SMARTPRIVACY trademark differs from the disputed domain name only in the addition of the “.com” generic top-level domain, and a registered trademark creates a right of use in commerce in the United States, where use in commerce includes use in a domain name, so the Respondent’s rights and legitimate interests continue to the present through the Respondent SMARTPRIVACY trademark.
The Respondent submits that, starting with its first use in commerce in February 2017, it has consistently used its United States trademark SMARTPRIVACY to sell workshop services, including in Seattle, Washington DC, Minneapolis, Washington, and San Francisco, United States, Milan, Italy, Zurich, Switzerland, Paris, France, Dublin, Ireland, Madrid, Spain, Munich and Berlin, Germany, Brussels, Belgium, Amsterdam, Netherlands, Singapore, and Luxembourg. According to the Respondent, the Complainant has provided no evidence showing any use beyond the registration of its European Union trademark SMART PRIVACY prior to the registration of the smartprivacy.co.uk domain name, and there is no evidence of any use of the same domain name earlier than August 11, 2018 – almost a year and a half after the Respondent began marketing its services under the SMARTPRIVACY trademark. The Respondent states that this shows that the Respondent has used the disputed domain name in connection with a bona fide offering of goods or services before notice of the dispute and, therefore, the Respondent has rights or legitimate interests to the disputed domain name. The Respondent concludes that the registration of the disputed domain name by the Respondent, the commencement of the use by the Respondent of its SMARTPRIVACY trademark in commerce, and the use of the disputed domain name by the Respondent to sell services under the SMARTPRIVACY trademark within a span of a few months shows a stronger interest of the Respondent in the disputed domain name.
The Respondent denies that the disputed domain name has been registered and used in bad faith. It maintains that it has used its United States trademark SMARTPRIVACY in commerce before the
Complainant started using its European Union trademark SMART PRIVACY and adds that there is no evidence showing that it knew of the Complainant’s trademark before its first use of the SMARTPRIVACY trademark or that the Respondent has somehow targeted the Complainant with the registration and use of the disputed domain name.
The Respondent maintains that it registered the disputed domain name to further its own business. After acquiring the disputed domain name in late 2016, it started to market events under the SMARTPRIVACY trademark in February 2017 and to use the disputed domain name to offer its services branded under its SMARTPRIVACY trademark. The Respondent notes that the Complainant registered the
smartprivacy.co.uk domain name on February 28, 2017 – several months after the Respondent’s registration of the disputed domain name in 2016, and four days after the Respondent’s first use of the SMARTPRIVACY trademark on February 24, 2017. The Respondent points out that although the registration date for the Complainant’s European Union trademark SMART PRIVACY is June 8, 2016, the Complainant’s application for registration of its United States trademark SMART PRIVACY was filed only on October 11, 2017, and this application stated, “FIRST USE: NONE” and “USE IN COMMERCE: NONE”.
The Respondent adds that when the Complainant’s United States trademark SMART PRIVACY was registered on February 9, 2021, its registration still stated, “Filed Use: No” and “Currently Use: No.”
The Respondent further states that the Complainant has submitted no evidence that its SMART PRIVACY trademark was famous or widely known. The Respondent notes that the 2017 Privacy Tech Vendor Report published by the International Association of Privacy Professionals (“IAPP”) listed 99 companies, including nine in headquartered in the United Kingdom, as well as the Respondent, but did not mention the Complainant or the Complainant’s SMART PRIVACY trademark. The Respondent also notes that the Complainant was likewise missing in an October 2017 Forbes article listing numerous vendors in the privacy technology space. The Respondent concludes that the privacy industry’s apparent lack of familiarity with the Complainant shows that its European Union trademark SMART PRIVACY was not famous or widely known during the relevant Respondent activities in 2017, and that it was quite possible for others in the privacy industry to be unaware of the Complainant’s trademark. The Respondent states that there is no evidence of use of the Complainant’s smartprivacy.co.uk domain name until August 11, 2018 – almost a year and a half after the Respondent began marketing services under its SMARTPRIVACY trademark.
The Respondent maintains that it did not intend to create a likelihood of confusion with the Complainant’s European Union trademark SMART PRIVACY when it registered the disputed domain name because it did not know about this trademark. The Respondent notes that it was established in the United States on May 26, 2016, and on July 26, 2016, it acquired the disputed domain name. According to the Respondent, no evidence shows that, during the Respondent’s first sixty days of existence, it became aware of the Complainant’s European Union trademark SMART PRIVACY at all or that its newly-founded company should have had greater knowledge of the Complainant than the wider privacy industry.
The Respondent asks the Panel to make a finding of reverse domain name hijacking. According to the Respondent, the Complainant knew or should have known of the Respondent’s rights or legitimate interests in the disputed domain name. The Respondent notes that the Complainant repeatedly states that the Respondent “never used” the disputed domain name or its SMARTPRIVACY trademark, although the Complainant’s own evidence shows that the Respondent used this trademark and the disputed domain name to market its services throughout 2017. The Respondent adds that the Complainant should have known of the Respondent’s use of its SMARTPRIVACY trademark as the USPTO sent the Complainant a
provisional full refusal for the registration of the Complainant’s United States trademark because of the Respondent’s application for its SMARTPRIVACY trademark, which indicated use in February 2017 and preceded the Complainant’s filing of its United States trademark application for the SMART PRIVACY trademark.
Discussion and Findings
Pursuant to the Policy, paragraph 4(a), the Complainant must prove each of the following to justify the transfer of the disputed domain name:
the disputed domain name is identical or confusingly similar to a trademark or service mark in which the Complainant has rights;
the Respondent has no rights or legitimate interests in respect of the disputed domain name; and
the disputed domain name was registered and is being used in bad faith.
Identical or Confusingly Similar
The Complainant has provided evidence and has thus established its rights in the SMART PRIVACY trademark.
The Panel notes that a common practice has emerged under the Policy to disregard in appropriate circumstances the generic Top-Level Domain (“gTLD”) portion of domain names for the purposes of the comparison under the Policy, paragraph 4(a)(i). The Panel sees no reason not to follow the same approach here, so it will disregard the “.com” gTLD portion of the disputed domain name.
The relevant part of the disputed domain name is therefore the second-level domain portion “smartprivacy”, which consists of the two elements of the SMART PRIVACY trademark, omitting the space between them.
As discussed in section 1.7 of the WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (“WIPO Overview 3.0”), the test for identity or confusing similarity typically involves a side-by- side comparison of the domain name and the textual components of the relevant trademark to assess whether the mark is recognizable within the disputed domain name. In the present case, the SMART PRIVACY trademark is plainly recognizable in the disputed domain name, so the Panel finds that the disputed domain name is confusingly similar to the SMART PRIVACY trademark in which the Complainant has rights.
Rights or Legitimate Interests
The Complainant maintains that the Respondent does not have rights or legitimate interests in the disputed domain name, stating that the Respondent’s United States trademark SMARTPRIVACY was registered in October 2018 – more than one year after the Complainant registered its European Union trademark SMART PRIVACY, and that the Respondent acquired the disputed domain name after the Complainant registered its SMART PRIVACY trademark and its domain name smartprivacy.co.uk. The Complainant alleges that the Respondent never used the disputed domain name or its SMART PRIVACY trademark because the disputed domain name was only used to redirect Internet users to the Respondent’s website at “www.privacyconnect.com”. According to the Complainant, the Respondent registered and used the disputed domain name to extract profit from the goodwill of the Complainant’s trademark by diverting and attracting the Complainant’s customers, and to disrupt the Complainant’s business.
The Respondent maintains that it has registered and used the disputed domain name in connection with a bona fide offering of goods or services before notice of the dispute. In support of this statement, the Respondent points out that it acquired the disputed domain name on July 26, 2016 and has a United States trademark SMARTPRIVACY with first use in commerce on February 24, 2017. The Respondent submits that, starting in February 2017, it has consistently used its SMARTPRIVACY trademark to sell workshop services in numerous cities around the world. According to the Respondent, the Complainant has provided no evidence showing its use beyond registration of the Complainant’s European Union trademark SMART PRIVACY prior to the registration of its smartprivacy.co.uk domain name, and there is no evidence of any use of the smartprivacy.co.uk domain name earlier than August 11, 2018, almost a year and a half after the Respondent began marketing services under its SMARTPRIVACY trademark.
The Complainant has indeed submitted no evidence that it has carried out any business activities under the SMART PRIVACY trademark prior to August 11, 2018, and there is no evidence showing that the Respondent was aware of the Complainant prior to that date.
The evidence in the case shows that the Complainant registered its European Union trademark SMART PRIVACY on June 8, 2016, but its United States trademark SMART PRIVACY was registered only on February 9, 2021. The element “PRIVACY” in the Complainant’s United States trademark is disclaimed, and it does not indicate a date of first use or first use in commerce. The Complainant’s domain name smartprivacy.co.uk was registered on February 28, 2017, and the Wayback Machine contains no record of any website at this domain name prior to August 11, 2018. The 2017 IAPP Privacy Tech Vendor Report and the October 2017 Forbes article “Top 10 Hot Data Security And Privacy Technologies” submitted by the Respondent, do not mention the Complainant. In view of the above and the lack of evidence in the case that the Complainant has carried out activities under the SMART PRIVACY trademark prior to August 11, 2018, the Panel is unable to conclude that the Respondent knew of the Complainant at an earlier date, so the Panel accepts as more likely than not that the Respondent did not have such knowledge prior to August 11, 2018.
The disputed domain name was acquired by the Respondent on July 26, 2016. The Respondent’s United States trademark SMARTPRIVACY was applied for on March 2, 2017 with first use in commerce on February 24, 2017. Both events took place before August 11, 2018, so the Panel accepts as more likely that the Respondent has acquired the disputed domain name and applied for its trademark without knowledge of the Complainant.
The copies of the Respondent’s website at the disputed domain name as of April 8, 2017 provided by both Parties show that at that time the Respondent has used the disputed domain name for a website advertising many “SmartPrivacy Workshops by OneTrust” in different cities in the United States, Europe, and Asia, described as “Half-day local workshops for privacy pros focused on tools and best practices to operationalise compliance.” The website makes it clear that the workshops were organized by the Respondent. It does not mention the Complainant, and the services offered by the Respondent fall within the scope of its United States trademark SMARTPRIVACY. In view of the above and the lack of any evidence that the Respondent knew of the Complainant and targeted it with its use of the disputed domain name, it therefore appears more likely that the Respondent has registered and used the disputed domain name independently and to carry out its own business plans before notice of the dispute.
As discussed in section 2.12 of the WIPO Overview 3.0, Panels have recognized that a respondent’s prior registration of a trademark which corresponds to a domain name will ordinarily support a finding of rights or legitimate interests in that domain name for purposes of the second element. The existence of a respondent trademark does not however automatically confer rights or legitimate interests on the respondent. For example, panels have generally declined to find respondent rights or legitimate interests in a domain name on the basis of a corresponding trademark registration where the overall circumstances demonstrate that such trademark was obtained primarily to circumvent the application of the UDRP or otherwise prevent the complainant’s exercise of its rights (even if only in a particular jurisdiction). Absent evidence of such circumstances indicating pretext however, panels have been reluctant to reject a respondent trademark registration out of hand.
In view of the overall circumstances of this case, the Panel finds no support for a finding that the Respondent’s United States trademark SMARTPRIVACY was obtained primarily to circumvent the application of the UDRP or to otherwise prevent the Complainant’s exercise of its rights. Rather, its registration and use by the Respondent appears to have been made in good faith and for purposes that appear to be legitimate.
For the above reasons, the Panel finds that the Complainant has failed to establish that the Respondent does not have rights or legitimate interests in the disputed domain name.
Registered and Used in Bad Faith
As discussed above in relation to the issue of the Respondent’s rights or legitimate interests in the disputed domain name, there is no evidence to support a finding that the Respondent knew of the Complainant in 2016, when it acquired the disputed domain name, and no evidence to support a finding that the Respondent has targeted the Complainant with the registration and use of the disputed domain name or that it has engaged in any of the scenarios listed in paragraph 4(b) of the Policy. Rather, it appears from the sequence of the relevant events that the Respondent has registered and used the disputed domain name independently and to carry out its own business plans, which appear to be legitimate.
Therefore, the Panel finds that the Complainant has failed to establish that the Respondent has registered and used the disputed domain name in bad faith.
Reverse Domain Name Hijacking
The Respondent asks the Panel to make a finding of reverse domain name hijacking (“RDNH”). According to the Respondent, the Complainant knew or should have known that the Respondent has rights and legitimate interests in the disputed domain name based on the Respondent’s use of the disputed domain name throughout 2017 and on the Respondent’s United States trademark SMARTPRIVACY, which indicated first use in February 2017.
Paragraph 15(e) of the UDRP Rules provides that, if “after considering the submissions the panel finds that the complaint was brought in bad faith, for example in an attempt at Reverse Domain Name Hijacking or was brought primarily to harass the domain-name holder, the panel shall declare in its decision that the complaint was brought in bad faith and constitutes an abuse of the administrative proceeding”. RDNH is furthermore defined under the UDRP Rules as “using the UDRP in bad faith to attempt to deprive a registered domain- name holder of a domain name.”
The Panel finds that the circumstances of the present dispute do not warrant a finding of RDNH. The Complainant has failed to establish two of the elements of the Policy, but the relationship between the Parties involves complex issues of fact and law regarding concurrent and possibly conflicting trademark rights (better addressed in a court) and there is no basis to conclude that the Complainant could not believe in good faith that it may succeed in this proceeding. As discussed in section 4.16 of the WIPO Overview 3.0, panels have consistently found that the mere lack of success of a complaint is not itself sufficient for a finding of RDNH.
Therefore, the Panel declines to make a finding of RDNH.
Decision
For the foregoing reasons, the Complaint is denied.
/Assen Alexiev/ Assen Alexiev Sole Panelist
Date: October 7, 2022
