Large-Scale Registration of Domains with Typographical Errors
Benjamin Edelman - Berkman Center for Internet & Society - Harvard Law School

[ Background - Specific Registered Domains - Analysis - Conclusions - Support This Work ]

Abstract

The author reports more than eight thousand domains that consist of minor variations on the addresses of well-known web sites, reflecting typographical errors often made by Internet users manually typing these addresses into their web browsers. Although the majority of these domain names are variations of sites frequently used by children, and although their domain names do not suggest the presence of sexually-explicit content, more than 90% offer extensive sexually-explicit content. In addition, these domains are presented in a way that temporarily disables a browser's Back and Exit commands, preventing users from exiting easily. Most or all of the domains are registered to an individual previously enjoined by the FTC from operating domains that are typographic variations on famous names, and these domains remain operational subsequent to an injunction ordering their suspension.

 

Related Projects

Background

This document investigates the registration of domain names that are minor typographical variations on well-known names in which the registrant lacks any legal right -- a practice sometimes called "typosquatting." The registrations reported here are also notable in at least three additional respects: First, many of these registrations feature invalid WHOIS data, failing to correctly report the name and contact information of a domain's registrant. (This is generally as described in the author's June 2002 Large-Scale Intentional Invalid WHOIS Data: A Case Study of 'NicGod Productions' / 'Domains For Sale'.) Second, many unexpectedly provide sexually-explicit content, even though their domain names do not suggest the availability of such content. (This is generally as described in the author's May 2002 Domains Reregistered for Distribution of Unrelated Content: A Case Study of 'Tina's Free Live Webcam'.) Finally, many make it difficult for a user to exit the site, blocking the ordinary operation of a web browser's Back and Close commands.

Of the domains reported here, most or all are registrations by John Zuccarini, doing business under multiple names including Mars Attack, Music Wave, Party Night Inc, Phayze 1 Phayze 2, and RaveClub Berlin. These many names (and their associated invalid WHOIS data) make it difficult to determine whether any given domain is in fact registered by Zuccarini, or whether domains were instead registered by others, but the author has endeavored to report only domains registered by Zuccarini.

Mr. Zuccarini's domain registrations have produced a series of legal challenges. According to a recent FTC press release, Zuccarini has faced seven federal court cases (including cases under the federal Anticybersquating Consumer Protection Act, or ACPA) and 56 UDRP arbitration proceedings (including UDRP challenges from Abercrombie & Fitch, American Airlines, the Backstreet Boys, Encyclopaedia Britannica, Hewlett Packard, Neiman-Marcus, Target, Voicestream, and Yahoo). (See Google listings of decisions from WIPO and the National Arbitration Forum.) In October 2001, the FTC brought suit against Zuccarini, challenging what the FTC called his "copycat" web addresses as well as his "mousetrap" techniques of preventing web users from exiting his sites. (The FTC's site provides their complaint, temporary restraining order, and preliminary injunction.) In May 2002, the FTC won a permanent injunction against Zuccarini (see the FTC's May 2002 update), barring Zuccarini from registering domains that are misspellings or other variations on third-party domain names, and further prohibiting him from obstructing a visitor's exit from a site. Nonetheless, eight months after the injunction was issued, the author's research demonstrates that the enjoined behavior continues: More than five thousand domains remain registered to Zuccarini or the company names he previously used; the overwhelming majority are typographical variations on well-known trademarks, popular phrases, and personal names. Most of Zuccarini's domains still provide traps to delay or confuse a user's attempts to exit, and most still provide extensive sexually explicit content. The remainder of this document details these findings and their implications.

Update: September 3, 2003: Zuccarini has reportedly been found and arrested. See news coverage from the Associated Press.

 

Specific Registered Domains

The author has located more than 8,800 domains registered, according to their WHOIS data, to John Zuccarini or his various company names (as identified by the FTC). This quantity is generally consistent with prior FTC reports of "more than 5,500" domains registered by Zuccarini; some domains may have expired in the interim, while others may have been added, and the FTC may not have been aware of all of Zuccarini's registrations.

The links below provide an alphabetical listing of the domains registered to Zuccarini. Each domain's entry includes selected additional information about it, including the domain's registrar, partial WHOIS data, and a categorization of the content posted on the domain's web site or post-redirection target.

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z numbers

Due to the large number of domains registered by Zuccarini, the author has selected a sample of domains that reflect typographical errors on some of the most popular domain names and on domain names often used by children.

Highlights

Since the majority of Zuccarini's domain registrations are variations on other domain names, this site provides a system for users to help characterize the connections between Zuccarini's registrations and the domains he targeted with typographical variations. For example, the domain name "woldmap.com" (sic) is a variation on the name "worldmap.com." To submit such a variation to the database ont his site, follow the links marked "If this domain name contains a typo, suggest the name it derives from." The author will review all submissions and will post frequent updates to this site. In the future, the author may also post summary statistics of these results, and the author hopes to send messages to the registrants of the original domains to alert them to Zuccarini's variations on their domain names.

Reporting includes only Zuccarini names listed in .COM, .NET, and .ORG zone files of January 23, 2003 and March 21, 2003. Domains omitted from these zone files are omitted from the author's data collection systems and from his subsequent analysis. Pending UDRP decisions are one frequent cause of omission from zone files and therefore from the author's reporting; domains with pending UDRP decisions are omitted from zone files due to their REGISTRAR-HOLD status.


Analysis and Summary Statistics

Invalid WHOIS Data and Obfuscation. As described by the FTC, Zuccarini's use of multiple identities makes it difficult to confirm that the domains at issue are indeed his. Of the domains reported here, registrations are made in the name of John Zuccarini, Mars Attack, Music Wave, Party Night Inc, Phayze 1 Phayze 2, and RaveClub Berlin. Registrations are made from countries including the United States, the Bahamas, Burkina Faso, France, the Netherlands, and Switzerland. It is possible -- indeed, highly likely -- that Zuccarini holds numerous additional domains beyond those reported above. The author selected the domains reported here on the basis of multiple factors linking them to Zuccarini; relevant factors include WHOIS data, registrars used, DNS and web site configuration, and web content.

Registrars Used. Of Zuccarini's registrations reported here, most used registrars Joker.com (4,583 domains, 54.7% of those reported here) and Key-Systems GmbH (3,289 domains, 37.3%). As discussed below, these two registrars are both based in Germany, producing potential jurisdictional complications in the resolution of disputes regarding Zuccarini's registrations. Zuccarini also registered domains with Register.com (66) and Network Solutions (49). No other registrar registered more than ten of Zuccarini's domains.

Content Provided. At least 7,904 of Zuccarini's domains (90.0%) provide redirection to the site amaturevideos.nl, a sexually-explicit site that uses "mousetrapping" to prevent direct exit via a browser's Back button or via other ordinary browser commands. Provision of sexually-explicit content may be profitable to Zuccarini via at least two independent avenues: First, the FTC's complaint suggests that Zuccarini may have profited in part from affiliate fees paid to him when visitors make purchases from the sexually-explicit sites that are the targets of his redirects. Second, to the extent that Zuccarini anticipates selling domains to the registrants who hold the "real" sites on which Zuccarini's domains are variations, providing sexually-explicit content may increase the registrants' willingness to pay. (See related discussion in "Domains Reregistered for Distribution of Unrelated Content: A Case Study of "Tina's Free Live Webcam.") An additional 342 of Zuccarini's domains (3.9%) forward users to sites offering digital music downloads and tools; the domains that redirect to this content are variations on the names of products used to obtain digital music files.

Reconfiguration of Zuccarini Domains: Notwithstanding the court's injunction requiring the termination of Zuccarini's use of these domains, Zuccarini seems to maintain the ability to access and reconfigure his domain names. According to Verisign Registry WHOIS data, 7,547 of Zuccarini's domains (85.7% of those reported here) have had a configuration change since April 9, 2002, when the injunction was issued. Such changes are typically made only by a domain's registrant.

Domain Creation and Expiration Dates: According to data in WHOIS, the overwhelming majority of Zuccarini's domains were registered between August 1999 and March 2002. (However, fifteen domains were registered prior to August 1999. Eighteen domains were registered between April 2002 and August 2002, though none were registered since that time.) Most of Zuccarini's domains are slated to expire in 2003, but some will expire in January 2004, and a handful show expiration dates as late as May 2006.

Interaction of Typographical Variations with Trademarks: Mr. Zuccarini's registrations consist of variations both on trademarks and on generic terms. To the extent that Zuccarini's registrations are variations on trademarks (e.g. verizonwierless.com), the UDRP applies under its "confusingly similar" standard (section 4.a.i). To the extent that Zuccarini's registrations are variations on generic domains (e.g. woldmap.com), the UDRP does not apply, for the UDRP would not protect those generic domains on which certain of Zuccarini's domains are variations. Of course, there may as yet be no consensus (within the ICANN policy framework, or under governing national law) as to the rights of the registrant of a generic domain in typographical variations on that generic domain.

 

Conclusions

The continued operation of Zuccarini's domains suggests a possible failure of the various laws and policies to date brought to bear on his activities. UDRP challenges have proven effective for those domains targeted by specific UDRP actions. However, the UDRP entails a cost of several thousand dollars per domain (including both filing costs and attorneys fees), so UDRP expenses might well reach to the millions of millions of dollars due to the number of domains registered by Zuccarini. In this context, the FTC's en masse approach seems more likely to be effective. However, the FTC's action and the court's subsequent injunction seem to have failed to fully prevent the harm at issue, for Zuccarini continues to hold domains that seem to violate the court's injunction. Nonetheless, Zuccarini's current "mousetrapping" is somewhat less effective than his prior implementation, yielding fewer popup windows when a user attempts to close a Zuccarini site, suggesting that the FTC's injunction may have yielded improvement in this regard.

Jurisdictional issues may make the situation particularly difficult to resolve: Zuccarini has reportedly moved to the Bahamas (cite), from which extradition would likely be required to enforce a judgment of an American court. In addition, an American court may lack any way to order foreign registrars to take action, and Zuccarini's primary registrars (Joker.com and Key-Systems GmbH) are based in Germany. To improve compliance in the future, an American court might order specific actions by registrars and might send copies of its order directly to registrars (rather than relying on the defendant to do so, as explained in the court's permanent injunction). Even so, non-US registrars may refuse to comply. Concerned parties might seek to convince ICANN to address the situation -- perhaps by requiring registrars, under the terms of their accreditation agreements, to comply with orders of American courts. (The current Registrar Accreditation Agreement requires, in section 3.7.7.10, only that a registrar abide by orders from courts in the registrar's jurisdiction and in the jurisdiction of the registrant -- the latter provision effectively unusable in the face of heterogeneous and invalid WHOIS data.) Of course, such an approach would raise jurisdictional problems of its own; American registrars might protest a symmetrical duty that required their submission to orders from non-US courts. Alternatively, the UDRP might be modified to better address the possibility of large-scale offenders with hundreds or thousands of domains -- avoiding the jurisdictional problems inherent in suits in national courts, but expanding the UDRP's evidentiary and procedural scope to accommodate the increased complexity of larger cases. For now, the jurisdictional provisions of existing policies allow Zuccarini to contest UDRP decisions against him (under UDRP rule 4.k) via suits in German courts; Zuccarini has contested rulings against him in claims brought by Toyota, Vanguard, and Classmates Online Inc., as documented in links 67-69 of UDRPLaw.net's appeals page.

Meanwhile, pending a widening of jurisdiction over registrars or of the UDRP, courts that seek to enjoin behavior like Zuccarini's may take certain actions to increase the likelihood of registrar compliance. Whenever possible, courts could list all the specific domains to be transferred, cancelled, or put on hold -- giving registrars complete clarity as to the requested action, rather than demanding that they determine which domains are held by a particular offender. With the help of plaintiffs' counsel and experts if needed, along with the power of discovery, a court might be better able to identify the offender's domains than would the registrars at issue. When invalid WHOIS data makes it particularly difficult to identify the offender's domains, bringing this process under the control of the court relieves the burden on registrars who, in the face of difficult decisions and uncertain obligations, might otherwise choose to do nothing. In addition, anticipating registrars' fear of ambiguity in the wording of an injunction, a court might list prohibited activities with ever-greater specificity. The Zuccarini injunction shows room for improvement in this regard: It prohibits "operating, publishing, or disseminating web sites or pages with domain names that are misspellings of other domain names" (clause L.1.) -- a restriction that might be alleged to leave open the question of what constitutes a "misspelling" and that might thereby discourage some registrars from taking action.

The FTC advises that individuals who believe they have been victimized by Mr. Zuccarini can register their complaints via a toll-free telephone call to 1-877-FTC-HELP (1-877-382-4357).

 

Support This Work

Partial support for this project was provided by the Berkman Center for Internet & Society at Harvard Law School. The author seeks additional financial support to continue this and related projects. Please contact the author with suggestions.

 


Last Updated: September 3, 2003 - Sign up for notification of major updates and related work.
An earlier version of this article was posted in January 2003, offering an initial listing of approximately 5,500 domains registered by Zuccarini.