$200,000 Asking Price, But One Fatal Problem: The Timeline
This decision is a useful reminder that trademark priority and domain name chronology are not the same thing. The Complainant undoubtedly possessed trademark rights predating the Respondent’s acquisition of <rapidpay.com>, but the Panel focused on the question that ultimately matters in cases involving descriptive or brandable domain names: why did the Respondent acquire the domain name in the first place? The answer, according to the Panel, was not trademark targeting, but rather the inherent value of the phrase “rapid pay” itself. Continue reading commentary here.
Join us for this year’s Levine Lecture featuring Nick Gardner, who will present: “26 Years of Deciding UDRP Cases—What Does a Panelist Actually Do, and Why? How Will AI Change This?“ A veteran of UDRP practice, Nick’s experience ranges from early landmark English court cases to presiding over hundreds of disputes as a leading WIPO and Nominet panelist. The session will include an introduction by Zak Muscovitch, opening remarks by Tony Willoughby, and closing remarks from Gerald Levine.
Register Here! | CIIDRC Webinar Series 27 | AI and Domain Name Disputes | June 24, 2026
We hope you will enjoy this edition of the Digest (vol. 6.22) as we review these noteworthy recent decisions with expert commentary. (We invite guest commenters to contact us):
‣ $200,000 Asking Price, But One Fatal Problem: The Timeline (rapidpay.com *with commentary)
‣ No U.S. Reputation, No U.S. Rights, No UDRP Win: Panel Finds RDNH (brytebyte.net *with commentary)
‣ The Good Samaritan Domain Registrant: Panel Recognizes Legitimate Cybersecurity Research (optic2000.ad *with commentary)
‣ A Viral Game, Competing Domain Names, and a Difficult UDRP Question (sprunki.org *with commentary)
‣ Different Industry, Different Customers, Different Story: Why the Nexon Complaint Failed (nexonpartners.net *with commentary)
$200,000 Asking Price, But One Fatal Problem: The Timeline
Green Dot Corporation v. Cyber Capital Technology, Ltd, WIPO Case No. D2026-0947
<rapidpay.com>
Panelists: Mr. Wilson Pinheiro Jabur (Presiding), Ms. Harini Narayanswamy, and Mr. Gerald M. Levine
Brief Facts: The US-based Complainant, founded in 1999, is a financial and bank holding company that operates as its primary domain names <greendot.com> and <rapidpaycard.com>. The Complainant is the owner, amongst others, of the US trademark registrations for the word mark RAPID! PAYCARD (October 31, 2006) and RAPID! (May 29, 2007). The Complainant acquired the RAPID! PAYCARD solution on January 25, 2017, having had the aforementioned trademark registrations assigned to it in November 2018. The disputed Domain Name was acquired by the Respondent on August 29, 2015 and is being offered for sale for USD $199,998. The Respondent is based in Hong Kong, China, and trades descriptive, common-word and brandable domain names for development or sale.
The Complainant alleges that the Respondent is not actively using the disputed Domain Name, rather offering it for sale for an amount that far exceeds the Respondent’s out-of-pocket expenses in registering the disputed Domain Name. Under additional submissions, the Complainant acknowledges that the terms “rapid” and “pay” are dictionary words on their own; however, the combination of them together is not descriptive or dictionary and the Respondent’s choice to register the disputed Domain Name combining these terms was not coincidental. The Complainant also submits that the searches conducted on a restricted date range search from January 2015 to September 2015 on <google.com.hk>, reveal multiple links referencing the Complainant and its business.
The Respondent contends that the disputed Domain Name consists of “Rapid Pay”, a plainly descriptive phrase that refers to fast or instant payment services, a concept widely used across the financial and payment industries. The Respondent notes that the Complainant operates in the payroll and prepaid debit card sector, a heavily regulated, jurisdiction-specific market governed by local banking, payments, and employment law, and tied to U.S. payroll infrastructure. The Respondent further contends that the Complainant launched (or rebranded) its “Rapid! Pay” mobile application only in the last quarter of 2020, five years after the Respondent acquired the Domain Name, making it implausible that the Respondent could have the Complainant in mind when registering the disputed Domain Name.
Held: Based on the available record, the Panel finds that the Respondent acquired the disputed Domain Name because of its inherent potentially descriptive or generic character. As reflected in WIPO Overview 3.1, section 2.10.1, panels have recognized that domain names composed of dictionary words or phrases may support a respondent’s rights or legitimate interests where they are used, or demonstrably intended to be used, in connection with their dictionary meaning and not to trade off third-party trademark rights. See also WIPO Overview 3.1, section 3.1.1. In the present case, there is no indication or evidence that the Respondent targeted the Complainant or sought to capitalize on the reputation of its mark.
The Panel concludes that while the Complainant’s trademark registrations predate the acquisition of the disputed Domain Name, the Complainant’s predecessor in title was required to disclaim “Paycard”. “Paycard” differs from “rapid pay” which carries a different concept and describes a different function, namely the fast payment of something. The Complainant’s rights in RAPID! and RAPID! PAYCARD does not automatically grant the Complainant exclusive rights in “rapid pay” which, as the Respondent appropriately indicated, is in wide use. The Panel also notes that the Domain Name is being offered for sale, but this is not sufficient on its own, considering the circumstances of this case, to conclude that the Complainant has satisfied its burden of proving registration and use in bad faith.
The Respondent did not target the Complainant or its trademark rights because the Complainant did not prove that the Respondent registered the disputed Domain Name due to its significance in relation to the Complainant or its trademarks. Further, the Complainant did not prove that its marks were notorious or well-known at the time that the Respondent registered the disputed Domain Name, nor did it assert or provide any evidence of any use of “rapid pay” at that time. WIPO Overview 3.1, section 3.8.1. The Complainant also did not provide any evidence showing that the Respondent was targeting the Complainant. The Panel finds more likely than not that the Respondent registered the disputed Domain Name due to its value as a descriptive domain name.
RDNH: The majority of the Panel does not consider that the present record warrants a finding of RDNH. The Complainant has demonstrated rights in the RAPID! and RAPID! PAYCARD trademarks which predate the Respondent’s acquisition of the disputed Domain Name, and the disputed Domain Name contains the term “rapid” together with the payments-related term “pay”. Although these circumstances are insufficient, in the present case, to establish that the Respondent targeted the Complainant or its trademarks, they provided a basis for the Complainant to submit its claim for determination under the Policy.
The majority of the Panel also notes that the Complainant relied on the offer for sale of the disputed Domain Name and asserted that it had sent a cease-and-desist letter and subsequent reminders without receiving a reply. The Respondent disputes having received those communications. While these circumstances do not alter the Panel’s conclusion on the merits, the majority of the Panel is not persuaded that the Complaint was filed in bad faith or primarily to harass the Respondent. Accordingly, the majority of the Panel declines to make a finding of Reverse Domain Name Hijacking. Mr. Levine would have found RDNH.
Complaint Denied (RDNH by Minority)
Complainant’s Counsel: CSC Digital Brand Services Group AB, Sweden
Respondent’s Counsel: Cylaw Solutions, India
Commentary Edited and Approved by ICA General Counsel, Zak Muscovitch:
This decision is a useful reminder that trademark priority and domain name chronology are not the same thing. The Complainant undoubtedly possessed trademark rights predating the Respondent’s acquisition of <rapidpay.com>, but the Panel focused on the question that ultimately matters in cases involving descriptive or brandable domain names: why did the Respondent acquire the domain name in the first place? The answer, according to the Panel, was not trademark targeting, but rather the inherent value of the phrase “rapid pay” itself.
The chronology proved decisive. The Respondent acquired the domain name in August 2015. Although the Complainant owned registrations for RAPID! and RAPID! PAYCARD that predated that acquisition, the Panel found that the Complainant failed to establish that its marks were sufficiently well known in 2015, or that “rapid pay” had any demonstrated association with the Complainant at that time, such that the Respondent was likely to have acquired the domain name with the Complainant in mind. Indeed, the Panel expressly noted that the Complainant “did not prove that its marks were notorious or well-known” when the domain name was acquired and “did not assert or provide any evidence of any use of ‘rapid pay’ at that time.”
That evidentiary gap became particularly significant because the disputed domain name consisted of a commercially attractive phrase with an obvious descriptive meaning in the payments industry. The Panel accepted the Respondent’s position that “rapid pay” naturally conveys the concept of fast or instant payments and that the domain name was more likely acquired for its descriptive or brandable value than because of any association with the Complainant. As the Panel observed, the Complainant’s rights in RAPID! and RAPID! PAYCARD did not automatically confer exclusive rights in the phrase “rapid pay,” particularly where that phrase carried a different meaning and appeared to be widely used in connection with payment services.
The decision is also notable for its treatment of the six-figure sale price. The domain name was offered for sale for nearly USD $200,000, yet the Panel declined to view that fact as evidence of cybersquatting. This aspect of the decision reflects a well-established but sometimes overlooked principle of UDRP jurisprudence: a high asking price is not inherently suspicious. Where a respondent acquires a domain name because of its descriptive or generic qualities, the subsequent attempt to sell it at a substantial profit may simply reflect the market value of the asset rather than evidence of bad-faith targeting. Once the Panel concluded that the Respondent more likely acquired the domain name because of its descriptive value, the sale offer largely lost its significance as evidence of bad faith.
The RDNH portion of the decision is also worthy of note. Although the Panel unanimously rejected the Complaint, the majority declined to find Reverse Domain Name Hijacking. The majority reasoned that the Complainant possessed trademark rights predating the Respondent’s acquisition of the domain name and that the disputed domain name combined the term “rapid” with a payments-related term. In the majority’s view, those circumstances provided a sufficient basis to bring the case, even though they ultimately fell well short of proving targeting.
The dissenting panelist’s position is particularly compelling. The chronology difficulties were evident before the Complaint was filed. The Respondent acquired the domain name in 2015, yet the Complainant appears to have had little evidence demonstrating that “rapid pay” had any meaningful association with it at that time. Coupled with the descriptive nature of the phrase itself, the case presented significant obstacles to establishing bad-faith registration. While reasonable minds can differ on whether those deficiencies crossed the threshold for RDNH, the dissent underscores the growing expectation that sophisticated complainants carefully assess chronology and targeting before invoking the UDRP against valuable descriptive domain names.
Congratulations to Ankur Raheja, our Editor-in-Chief, who successfully represented the Respondent.
No U.S. Reputation, No U.S. Rights, No UDRP Win: Panel Finds RDNH
Bryte Insurance Company Limited v. Uchenna Nwoke, WIPO Case No. D2026-1233
<brytebyte.net>
Panelist: Mr. Nick J. Gardner
Brief Facts: The Complainant is a South African commercial risk and insurance company whose BRYTE brand emerged in 2016–2017 following its acquisition by Fairfax Financial Holdings. It holds registered trademarks for BRYTE in South Africa (December 2018) and Botswana (September 2018) only. The disputed Domain Name was registered on February 27, 2025, by an information technology professional based in Washington, United States. At the time of the Complaint, the disputed Domain Name resolved to an active website operated under the trading name “BryteByte”, presenting IT consulting services including website design and builds, data migration, cloud delivery, and security and observability services.
The Complainant alleges that the Respondent must have been aware of the BRYTE mark at registration given its substantial reputation, and that the disputed Domain Name prevents the Complainant from reflecting its mark in a corresponding domain name and creates a false impression of association or endorsement. The Respondent contends that he independently coined the name “BryteByte” as a technology brand for a planned IT consulting company, combining “Bryte” and “Byte” to convey technological capability, and that his IT consulting services are entirely different from the Complainant’s insurance business, which is restricted to Africa.
Held: The Complainant’s own evidence includes a screenshot of the Respondent’s website showing a bona fide technology consulting business. Under paragraph 4(c)(i) of the Policy, rights or legitimate interests may be demonstrated by use, or demonstrable preparations to use, the domain name in connection with a bona fide offering of goods or services before any notice of the dispute. The combination “BryteByte” is an independently intelligible and commercially coherent technology brand name that conveys associations with technology, computing, and digital services. The Respondent’s account of independent derivation is corroborated by multiple unrelated third-party businesses, demonstrating that pairing a phonetic variant of “bright” with “byte” is a natural and independently recurrent usage in the technology sector, rather than a name uniquely associated with the Complainant. Furthermore, the Respondent is a U.S.-based IT professional, while the Complainant’s trademark registrations are confined to African jurisdictions.
As to registration in bad faith, the central question is whether the Respondent, at the time of registration in February 2025, had the Complainant’s BRYTE mark in mind and intended to exploit it in some manner. The Panel finds no credible basis for such an inference. The Complainant’s trademarks are confined to African jurisdictions, and there is no evidence of any trademark, advertising, or consumer recognition in the United States where the Respondent resides. “Bryte” is a phonetic spelling of the common English word “bright”, and “byte” is a standard computing term. The resulting composite “BryteByte” is a name that carries entirely different commercial connotations from the Complainant’s insurance brand. The Respondent has provided a coherent and internally consistent account of independent derivation. The Panel finds that account credible and sees no reason to doubt it: As to use in bad faith, the website content is inconsistent with any attempt to exploit the Complainant’s mark.
RDNH: The Panel finds that a finding of RDNH is warranted in the present case for the following reasons, taken cumulatively. First, the Complainant’s own evidence demonstrated that the Respondent was operating what appears to be a bona fide active IT consulting business and there was no basis for concluding that the Complainant was being targeted. Second, the Complainant knew at the time of filing that its trademark registrations were confined entirely to African jurisdictions and that it had no registered rights in the United States. Third, a basic investigation prior to filing would have revealed the existence of multiple established third-party businesses operating under the “BryteByte”, “Bright Byte”, or phonetically equivalent names in the technology sector.
Pertinently, the Respondent has drawn the Panel’s attention to the existence of Bryte, Inc., a Silicon Valley sleep technology company founded in 2016 that operates at <bryte.com> and has raised over USD $44 million in venture capital. That company’s domain is not merely confusingly similar to the Complainant’s BRYTE trade mark: it is identical to it. The Complainant has taken no account of the fact that it does not have a monopoly in the use of the term “bryte” and there is in the U.S. at least one substantial unrelated entity using precisely that term in unadorned form. Finally, the Complainant is represented by an experienced intellectual property law firm. A reasonably diligent investigation by competent IP counsel prior to filing the Complaint would have revealed the above matters, all of which critically undermine the Complaint.
Complaint Denied
Complainant’s Counsel: Adams & Adams Attorneys, South Africa
Respondent’s Counsel: Self-represented
Commentary Edited and Approved by ICA General Counsel, Zak Muscovitch:
The most striking feature of this decision is not that the Complaint failed, but that the Panel found the deficiencies should have been obvious before it was filed. The Complainant’s own evidence showed that the Respondent was operating an active IT consulting business under the name “BryteByte”. This was not a parked page, a PPC landing page, or a passive holding case. The disputed domain name resolved to a functioning website offering technology consulting services that were entirely unrelated to the Complainant’s African insurance business.
The Panel was also unpersuaded by the Complainant’s attempt to infer targeting from the presence of the term “Bryte”. As the decision notes, “Bryte” is a phonetic variation of the common English word “bright”, while “byte” is a standard computing term. The combination “BryteByte” is, therefore, a natural and commercially coherent technology brand. The Respondent’s explanation for independently adopting the name was found credible and was reinforced by evidence showing that numerous unrelated businesses had independently adopted similar “Bryte”, “Bright Byte”, and related technology-oriented names.
Geography also mattered. The Complainant’s trademark registrations were confined to South Africa and Botswana. The Respondent, meanwhile, was a U.S.-based IT professional operating a U.S.-focused technology consulting business. The Panel found no evidence that the Complainant enjoyed any meaningful trademark recognition in the United States, or any basis to conclude that the Respondent was likely aware of the Complainant when he registered the domain name. In that respect, the case reflects a growing number of decisions emphasizing that trademark rights, standing alone, do not establish targeting – particularly where the parties operate in different industries and different parts of the world.
The RDNH finding is where the decision becomes particularly instructive. The Panel did not merely conclude that the Complainant failed to prove its case. Rather, it found that a reasonably diligent pre-filing investigation would have uncovered facts fundamentally inconsistent with the Complaint. The decision serves as a reminder that complainants cannot simply point to trademark registrations and assume targeting, especially where the respondent is operating an apparently legitimate business under a plausible and independently derived name.
The RDNH finding is also notable for another reason. The Respondent drew the Panel’s attention to the existence of Bryte, Inc., a substantial U.S. technology company operating under the identical name “Bryte” and from the domain name bryte.com. As the Panel observed, the Complainant’s trademark is not unique to it, at least in the United States. The existence of a significant third-party user employing the exact same term materially undermined any suggestion that the Respondent’s adoption of “BryteByte” necessarily pointed to the Complainant. In the Panel’s view, a reasonably diligent pre-filing investigation would have revealed this and other facts that critically weakened the Complaint.
The decision expressly emphasizes that the Complainant was represented by an experienced intellectual property law firm and concludes that competent pre-filing diligence would have revealed the existence of the Respondent’s bona fide business, the geographical limitations of the Complainant’s trademark rights, and the prevalence of unrelated third-party “Bryte” users. Taken together, those facts rendered the Complaint fundamentally unsustainable.
The Good Samaritan Domain Registrant: Panel Recognizes Legitimate Cybersecurity Research
<optic2000.ad>
Panelist: Mr. Jeremy Speres
Brief Facts: The Complainant, a well-known French optical goods and services group founded in 1969 with over 1,200 stores, holds registered trademark rights in OPTIC 2000 (French trademark effective February 22, 2008), previously recognized as a well-known mark by a UDRP panel in 2012. The Respondent is a U.S.-based cybersecurity researcher and founder of consultancy Seralys, specializing in security vulnerabilities arising from internal domain name collisions a risk that arises when organizations use unregistered internal domain names for services such as Microsoft Active Directory. In December 2024, while conducting routine Internet-wide security scanning, the Respondent discovered that the Complainant’s network was using <optic2000.ad> as an internal Active Directory domain name that had not been registered in the public DNS, creating risks of credential leakage and exposure of the Complainant’s internal network topology. The Respondent registered the disputed domain name on December 17, 2024, asserting that he did so to prevent malicious third parties from exploiting the vulnerability and to facilitate responsible disclosure to the Complainant.
On March 7, 2025, the Respondent emailed the Complainant at “security@optic2000.com”, fully disclosing the vulnerability and unconditionally offering to transfer the domain name at no charge. Having received no response, the Respondent reported the matter to the French national cybersecurity authority (CERT-FR) on December 2, 2025. The Complainant filed its Complaint on December 11, 2025, apparently never having received the Respondent’s disclosure email; the Respondent reiterated his unconditional transfer offer on December 15 and December 19, 2025, again without response from the Complainant. The disputed domain name resolves to a blank webpage and was never used for any commercial purpose. The Complainant alleges bad-faith registration and use on the basis that the registration prevents it from developing its business in Andorra and disrupts its activities, relying on the doctrine of passive holding, while the Respondent contends that his registration constitutes legitimate noncommercial fair use conducted in the public interest, and seeks a finding of Reverse Domain Name Hijacking.
Held: The Panel found that the disputed domain name was identical to the Complainant’s OPTIC 2000 trademark but concluded that the Respondent had registered and initially used the domain name as part of legitimate cybersecurity research rather than to target the Complainant’s trademark rights. The Panel accepted the Respondent’s evidence that he discovered a potentially serious security vulnerability arising from the Complainant’s use of “optic2000.ad” as an internal Active Directory domain, registered the domain name to prevent malicious exploitation of that vulnerability, repeatedly attempted to notify the Complainant, and offered to transfer the domain name without charge.
The Panel characterized the Respondent as a “Good Samaritan” whose actions were consistent with responsible vulnerability disclosure practices and found no evidence of commercial gain, trademark targeting, or bad-faith intent. Nevertheless, because the Respondent repeatedly and unconditionally consented to transfer the domain name and confirmed that he had no continuing interest in retaining it, the Panel ordered transfer of the domain name to the Complainant. The Panel issued a substantive decision on the merits notwithstanding the consent to transfer, emphasizing the public interest in recognizing the legitimacy of responsibly conducted cybersecurity research and the relative scarcity of domain name decisions addressing such circumstances.
RDNH: The Respondent’s RDNH request was denied. The Panel found that the Complainant most likely never received the Respondent’s pre-Complaint vulnerability disclosure email of March 7, 2025, because the Respondent chose to use security@optic2000.com, an address the Complainant confirmed it had not provisioned. The post-Complaint email of December 15, 2025, did not contain the unconditional transfer offer or specific vulnerability details, and the Panel found it insufficient to have given the Complainant adequate grounds to assess the Respondent’s good faith before filing the Amended Complaint.
Transfer
Complainant’s Counsel: GUIU IP, France
Respondent’s Counsel: Self-represented
Commentary Edited and Approved by ICA General Counsel, Zak Muscovitch:
This decision presents a fascinating counterpoint to Equifax v. KnowBe4, which we covered last week in Vol. 6.21. In Equifax, the Panel ordered transfer of <equifax-credit.com>, concluding that a cybersecurity training company crossed the line by registering and using a domain name incorporating a famous trademark in connection with simulated phishing exercises conducted as part of its commercial security-awareness platform.
In the present case (Optic2000), by contrast, the Panel confronted a respondent who deliberately registered a domain name identical to the complainant’s trademark for cybersecurity-related purposes and nevertheless concluded that the conduct was legitimate, benevolent, and entirely consistent with good faith.
The comparison illustrates how two cybersecurity-related domain name disputes can produce dramatically different outcomes.
The procedural posture makes the decision particularly unusual. Although the Panel ultimately ordered transfer of the domain name, it did so not because the Complainant proved cybersquatting, but because the Respondent repeatedly and unconditionally consented to transfer. The Panel nevertheless issued a detailed merits decision, recognizing a broader public interest in clarifying that responsibly conducted cybersecurity research may, in appropriate circumstances, constitute a legitimate interest under domain name dispute policies.
The contrast begins with the purpose of the registration. In Equifax, the Panel concluded that the Respondent’s use of a domain name incorporating the EQUIFAX mark formed part of its commercial security-awareness platform and that the realism of simulated phishing campaigns using well-known brands enhanced the attractiveness and value of those services to paying customers. The majority found that this commercial benefit was sufficient to take the Respondent’s conduct outside the realm of legitimate fair use and into the sphere of trademark exploitation. The Panel was also influenced by the absence of any demonstrated need to use famous third-party marks rather than fictitious brands, generic terminology, or other training methods, and by the lack of evidence that the Respondent employed such alternatives in its phishing simulations.
In Optic2000, the facts were fundamentally different. The Respondent did not register the domain name to improve a commercial training product, sell cybersecurity services, or enhance the attractiveness of any offering to customers. Rather, he registered the domain name after discovering a potentially serious Active Directory vulnerability arising from the Complainant’s use of an unregistered internal domain name. He repeatedly attempted to notify the Complainant, reported the issue to the French cybersecurity authorities, never used the domain name for commercial purposes, and repeatedly offered to transfer it without compensation. Although the Panel expressed concern about certain aspects of the Respondent’s disclosure efforts, it ultimately characterized him as a “Good Samaritan” and concluded that his conduct was consistent with industry best practices relating to responsible vulnerability disclosure.
What makes the comparison particularly instructive is that the Optic2000 Panel appears to have addressed precisely the concern that drove the result in Equifax. The Equifax majority was troubled by the prospect that cybersecurity companies could systematically register trademark-corresponding domain names to enhance the commercial value of their services. The concurring opinion went even further, warning that permitting such conduct could normalize widespread registration of famous marks under the guise of security awareness training.
The Optic2000 decision demonstrates that not all cybersecurity-related registrations raise that concern. There was no suggestion that the Respondent maintained a portfolio of trademark-corresponding domain names, offered cybersecurity services built around registrations of famous marks, or sought to derive any commercial advantage from the registration itself. The registration was tied to a specific vulnerability affecting a specific organization and was accompanied by repeated efforts to return control of the domain name to the trademark owner. In that respect, the registration functioned less as a commercial asset and more as a protective measure.
The decisions also highlight a broader question concerning the proper scope of the UDRP and related domain name dispute policies. As discussed in connection with Equifax, one may reasonably question whether the UDRP was designed to adjudicate disputes involving simulated phishing exercises conducted within closed cybersecurity training environments. The Equifax Panel ultimately answered that question affirmatively, finding sufficient commercial exploitation of the trademark to bring the dispute within the Policy’s ambit. Optic2000, however, fits even less comfortably within the traditional cybersquatting paradigm. The Respondent was not attempting to sell products, divert consumers, impersonate the Complainant for commercial gain, monetize traffic, or extract payment from the trademark owner. Indeed, the Panel expressly recognized that the Respondent’s conduct may have benefited the Complainant by identifying and helping to mitigate serious security vulnerability before a malicious actor discovered it.
Perhaps the most important contribution of the decision is its recognition that legitimate cybersecurity research can, in appropriate circumstances, constitute a bona fide interest under domain name dispute policies. Whereas Equifax focused on the commercial benefits derived from trademark-based phishing simulations, Optic2000 focused on the Respondent’s purpose, conduct, transparency, and lack of commercial motive. The result is a useful reminder that cybersecurity-related registrations should not be viewed as a monolithic category. The critical question remains the same one that lies at the heart of the UDRP itself: whether the domain name was registered to exploit the trademark value of another party’s mark, or for some independent legitimate purpose. The Panels reached different answers in Equifax and Optic2000 because, on the facts before them, they were ultimately addressing very different kinds of conduct.
In the end, the Respondent lost the domain name but won on the merits. The transfer resulted from his unconditional consent rather than any finding of cybersquatting. The lasting significance of the decision lies not in the transfer itself, but in the Panel’s careful recognition that responsibly conducted cybersecurity research, undertaken without commercial exploitation of another’s trademark, can constitute a legitimate interest under domain name dispute policies. That discussion may ultimately prove more influential than the disposition of the domain name itself.
A Viral Game, Competing Domain Names, and a Difficult UDRP Question
ShinStar LLC v. Dung Kieu, WIPO Case No. D2026-1210
<sprunki.org>
Panelist: Mr. Andrew D. S. Lothian
Brief Facts: The Complainant is a Colorado limited liability company incorporated on September 19, 2024, which operates a website at <sprunki.com> offering an online music game called “Sprunki”, a fan-made modification (“mod”) of the popular game Incredibox, involving beat-making and character-based sound creation. The Complainant claims to have first used its SPRUNKI trademark in commerce on September 19, 2024. However, the Complainant did not originate the Sprunki game or coin the term: the game was created by an independent developer using the online handle “NyankoBfLol,” released on the Scratch and Cocrea platforms from August 24, 2024, and rapidly achieved viral popularity. The evidence before the Panel indicates that none of the above game versions were produced by the Complainant, and that the Complainant has no affiliation with the developer “NyankoBfLol”.
The Respondent registered the disputed Domain Name on September 22, 2024, three days after the Complainant’s incorporation, and operated a website hosting the Sprunki game, which had been played 34,768 times and accumulated 1.3 million “likes” by the time of the Complaint. Significantly, the Complainant’s own website as of September 23, 2024, under the heading “Access the Game,” listed the disputed Domain Name alongside its own as one of the locations where the Sprunki game could be played online. The Respondent did not file a Response. The Respondent had been found to have registered and used domain names in bad faith in four prior UDRP proceedings involving different complainants’ game-related trademarks.
Held: In the present case, the Panel notes that the Respondent registered the disputed Domain Name within three days of the Complainant registering its own “Sprunki”-related domain name (<sprunki.com>), which it did on September 19, 2024, also the date of the Complainant’s incorporation. The Complainant alleges that it used its domain name in commerce with effect from September 19, 2024, based on its United States trademark registration. However, this claim is typically of limited evidentiary value on its own in administrative proceedings brought under the Policy. On the record in the present case, the proximity in timing of the registration of the disputed Domain Name cannot avail the Complainant, even though it comes three days after the registration of the Complainant’s own domain name as set out above. The record does not suggest the presence of a scenario that would be consistent with section 3.8.2 of the WIPO Overview 3.1.
On the balance of probabilities, both of the Parties seem to have registered their respective “Sprunki”-related domain names and gathered resources about the game at around the same time as each other, most probably in light of the online popularity created by the activity of others. It must be added that the Complainant’s open encouragement to Internet users visiting its own website to access the disputed Domain Name as one of the locations where “Sprunki” might be played online, does not suggest that the Complainant itself considered at the material time that the Respondent was taking unfair advantage of any (then nascent) rights that the Complainant would later go on to develop. The Panel finds that the Respondent did not register the disputed Domain Name in bad faith targeting of the Complainant or its trademark rights because the Complainant has not established that it had relevant trademark rights at the time that the Respondent registered the disputed Domain Name. WIPO Overview 3.1, section 3.8.1.
Complaint Denied
Complainant’s Counsel: The GigaLaw Firm, Douglas M. Isenberg, Attorney at Law, LLC, United States
Respondent’s Counsel: No Response
Commentary Edited and Approved by ICA General Counsel, Zak Muscovitch:
The Panel’s decision is a useful reminder that trademark rights and online popularity are not necessarily the same thing. Although the Complainant possessed a registered trademark and operated a successful website devoted to the viral “Sprunki” game, the evidence showed that it neither created the game nor coined the term. Instead, both parties appear to have arrived at the same opportunity at roughly the same time, namely the rapid emergence of a popular fan-created game developed by a third party. While the Respondent registered <sprunki.org> only three days after the Complainant registered <sprunki.com>, the Panel correctly focused on the broader factual context rather than the timing in isolation. On the evidence before it, both parties appeared to be reacting to the same viral phenomenon rather than the Respondent targeting any nascent trademark rights that the Complainant was only beginning to develop.
The Complainant’s position was nevertheless understandable. The Respondent had previously been found to have registered and used game-related domain names in bad faith, registered the disputed domain name only days after the Complainant registered its own corresponding domain name, and was operating a competing website built around the same rapidly growing online phenomenon. Viewed in isolation, those facts could reasonably give rise to suspicions of opportunistic conduct. The difficulty for the Complainant was that the record ultimately pointed to a different conclusion: both parties appeared to be capitalizing on the popularity of a game created by an unrelated third party, and the evidence did not establish that the Respondent registered the disputed domain name because of any trademark rights that the Complainant had developed. The Panel was therefore correct to focus on targeting rather than mere chronology or coincidence.
The decision also highlights an important distinction between trademark rights and trademark targeting. While the Complainant owned a trademark registration, the game itself had been created by an unrelated developer and had already achieved substantial popularity through independent online platforms. The Panel was understandably reluctant to infer that the Respondent registered the disputed domain name because of the Complainant when the evidence suggested that both parties were reacting to the same independently created viral phenomenon.
Perhaps the most damaging fact for the Complaint was the Complainant’s own conduct. As the Panel noted, the Complainant’s website expressly identified the disputed domain name as one of the places where Internet users could play the Sprunki game. That fact significantly undermined the theory that the Respondent was unfairly targeting the Complainant’s rights. It is difficult to argue that a domain name was registered in bad faith to exploit a complainant’s trademark when the complainant itself was directing users to that very domain name during the relevant period. The Panel rightly treated this as powerful evidence regarding the parties’ contemporaneous understanding of the situation.
The Respondent’s prior adverse UDRP history makes the result particularly noteworthy. The Panel was plainly aware that the Respondent had been found to have acted in bad faith in several previous cases. Nevertheless, the decision demonstrates an important principle: prior bad acts cannot substitute for proof of bad faith in the case actually before the Panel. Even a respondent with an unfavorable history is entitled to prevail where the evidence does not establish that the disputed domain name was registered because of the complainant’s trademark rights.
More broadly, the decision serves as a reminder that the UDRP is designed to address trademark targeting, not merely opportunism. The Panel appears to have accepted that both parties were opportunistically capitalizing on the popularity of a viral game created by somebody else. But opportunism alone is not enough. The critical question under the Policy remains whether the respondent registered the domain name because of the complainant’s trademark rights. Here, the Panel concluded that the Complainant failed to establish that threshold proposition. Without evidence that the Respondent targeted the Complainant rather than the underlying popularity of the Sprunki phenomenon itself, the Complaint could not succeed.
Different Industry, Different Customers, Different Story: Why the Nexon Complaint Failed
NXC Corp. v. Haytham Sabry, WIPO Case No. D2026-1392
<nexonpartners.net>
Panelist: Mr. John Swinson
Brief Facts: The Complainant is a South Korean-founded video game publisher specialising in online PC and mobile games, listed on the Tokyo Stock Exchange, with major franchises including MapleStory, KartRider, and Dungeon&Fighter available in over 190 countries. The Complainant holds a large globally distributed portfolio of NEXON trademarks, the earliest being U.S. trademark (registered August 28, 2001 in Class 41), and has more recently expanded into cryptocurrency investment. The Respondent, an Egyptian national, registered the disputed Domain Name on April 4, 2025, and six days later incorporated Nexon Partners L.L.C-FZ in the Meydan Free Trade Zone in Dubai, as the sole shareholder, with a business licence covering own-account investment activities (Class 36). The Respondent uses the disputed Domain Name exclusively for business email communications; no website has been established.
The Complainant alleges that the disputed Domain Name was used to create the Respondent’s website (which is a computer-generated parking page without advertisements), which incorporates the Complainant’s registered mark, thereby giving the false impression that the website is operated by the Complainant or that the Respondent is in some way associated with the Complainant. The Respondent contends that the name “Nexon Partners” was selected after “Nexus Partners” proved too crowded in the financial services sector, and was adopted independently without reference to the Complainant or its gaming business. The Respondent further notes that the term “nexon” is not exclusively associated with the Complainant across all jurisdictions and classes and that his field of activity is entirely distinct from that of the Complainant, whose core business lies in the gaming and entertainment sector.
Held: The Respondent has rebutted the Complainant’s prima facie showing and asserts that it is operating a legitimate business using the disputed Domain Name. The Respondent provided a significant volume of evidence to show that the Respondent is the founder, sole shareholder of Nexon Partners L.L.C-FZ, that this business is operational, and has been operational before notice of this dispute. The Panel carefully considered the Respondent’s evidence in detail, and concluded that, more likely than not, the Respondent is operating a bona fide business using the disputed Domain Name. The Respondent’s business does not appear to involve computer games or cryptocurrency. It appears to provide services directed at sophisticated businesses involved in complex investment transactions. It is unlikely that the Complainant’s customers would be the kind of customers that the Respondent is seeking to attract.
The Respondent operates in an entirely different commercial sector, and there is no evidence to demonstrate that the Respondent sought to capitalize on the Complainant’s reputation or has engaged in any conduct that could reasonably be interpreted as targeting. The Respondent also provided evidence that other businesses legitimately use “nexon” as part of their name or branding and asserts that the Respondent’s adoption of “Nexon Partners” was driven by independent commercial considerations, which the Panel considers believable. This further supports the conclusion that the Respondent’s adoption of the name was likely independent of the Complainant’s reputation. There is no evidence before the Panel of any bad faith use of the disputed Domain Name by the Respondent. The evidence in the case file as presented does not indicate that the Respondent’s aim in registering the disputed Domain Name was to profit from or exploit the Complainant’s trademark.
Complaint Denied
Complainant’s Counsel: KAI International IP Law Firm, Republic of Korea
Respondent’s Counsel: Al Tamimi & Company, Egypt
Commentary Edited and Approved by ICA General Counsel, Zak Muscovitch:
The decision is a useful reminder that even highly distinctive and well-known trademarks do not automatically confer exclusivity across all industries, geographies, and commercial contexts. The Complainant’s NEXON mark is undoubtedly famous in the online gaming sector, and the Respondent adopted the name “Nexon Partners” only days before establishing a financial services company. Nevertheless, the Panel correctly focused on the question that matters most under the UDRP: whether the Respondent registered the disputed domain name because of the Complainant and its trademark rights. On the record before it, the Panel concluded that the answer was no.
One of the more notable aspects of the decision is that the Panel appears to have accepted the Respondent’s explanation for adopting the name “Nexon Partners” despite the undeniable fame of the NEXON mark in certain sectors. In many cases involving highly distinctive marks, panels are understandably skeptical when respondents claim to have independently selected an identical term. Here, however, the Respondent did considerably more than merely offer a denial. He produced substantial evidence showing the creation and operation of a real investment business, his incorporation of Nexon Partners L.L.C-FZ shortly after registering the domain name, and actual business activity predating notice of the dispute. The existence of a functioning business substantially strengthened the credibility of the Respondent’s narrative.
The decision also demonstrates the continued importance of context in assessing targeting. Although the Complainant argued that it had expanded beyond gaming into cryptocurrency investment and related activities, the Panel was persuaded that the Respondent’s business occupied a fundamentally different commercial sphere, serving sophisticated investment clients rather than consumers of games or entertainment products. The disputed domain name was used primarily for email communications and resolved only to a standard parking page, and the record contained no evidence of phishing, impersonation, fraudulent communications, or attempts to pass itself off as the Complainant. The Panel was further influenced by evidence showing that other businesses legitimately used “Nexon” as part of their names or branding, making the Respondent’s claim of independent adoption more plausible. Taken together, these factors supported the conclusion that the Respondent had not selected the disputed domain name in order to capitalize on the Complainant’s reputation.
The decision is also notable because it demonstrates the evidentiary burden that complainants face when confronting an apparently legitimate business. It is often relatively straightforward to establish bad faith where a respondent is operating a PPC site with infringing links, impersonating the complainant, or otherwise engaging in conduct suggestive of trademark exploitation. It is considerably more difficult where the respondent presents substantial evidence of a bona fide business operating in a different industry and directed at a different customer base. In such circumstances, panels frequently return to the core UDRP question: where is the evidence of targeting?
Ultimately, this was a case in which the Complainant possessed a strong trademark portfolio but could not establish the critical nexus between its rights and the Respondent’s registration of the disputed domain name. The Panel’s analysis reflects a disciplined application of a foundational UDRP principle: trademark rights alone are not enough. The Policy is directed at bad-faith targeting of trademark owners, and where credible evidence points to independent adoption and legitimate business activity, even a well-known trademark may not be sufficient to carry the complainant across the finish line.
Disclaimer: The facts are taken from the decisions themselves and have not been independently verified. The editors and publishers accept no responsibility for their accuracy.
Ankur Raheja is the Editor-in-Chief of the ICA’s new weekly UDRP Case Summary service. Ankur has practiced law in India since 2005 and has been practicing domain name law for over ten years, representing clients from all over the world in UDRP proceedings. He is the founder of Cylaw Solutions.
He is an accredited panelist with ADNDRC (Hong Kong) and MFSD (Italy). Previously, Ankur worked as an Arbitrator/Panelist with .IN Registry for six years. In a advisory capacity, he has worked with NIXI/.IN Registry and Net4 India’s resolution professional.