Michigan Education Special Services Association v. Ozanich, Kirk / messa.org
Claim Number: FA2303002036376
Complainant is Michigan Education Special Services Association (“Complainant”), represented by James R. Duby of DUBY LAW FIRM, Michigan, USA. Respondent is Ozanich, Kirk / messa.org (“Respondent”), Michigan, USA.
REGISTRAR AND DISPUTED DOMAIN NAME
The domain name at issue is <messa-us.org>, registered with Google LLC.
The undersigned certifies that he has acted independently and impartially and to the best of his knowledge has no known conflict in serving as Panelist in this proceeding.
Richard Hill as Panelist.
Complainant submitted a Complaint to Forum electronically on March 19, 2023; Forum received payment on March 19, 2023.
On March 20, 2023, Google LLC confirmed by e-mail to Forum that the <messa-us.org> domain name is registered with Google LLC and that Respondent is the current registrant of the name. Google LLC has verified that Respondent is bound by the Google LLC registration agreement and has thereby agreed to resolve domain disputes brought by third parties in accordance with ICANN’s Uniform Domain Name Dispute Resolution Policy (the “Policy”).
On March 23, 2023, Forum served the Complaint and all Annexes, including a Written Notice of the Complaint, setting a deadline of April 12, 2023 by which Respondent could file a Response to the Complaint, via e-mail to all entities and persons listed on Respondent’s registration as technical, administrative, and billing contacts, and to postmaster@messa-us.org. Also on March 23, 2023, the Written Notice of the Complaint, notifying Respondent of the e-mail addresses served and the deadline for a Response, was transmitted to Respondent via post and fax, to all entities and persons listed on Respondent’s registration as technical, administrative and billing contacts.
Having received no response from Respondent, Forum transmitted to the parties a Notification of Respondent Default.
On April 19, 2023, pursuant to Complainant's request to have the dispute decided by a single-member Panel, Forum appointed Richard Hill as Panelist.
Having reviewed the communications records, the Administrative Panel (the "Panel") finds that Forum has discharged its responsibility under Paragraph 2(a) of the Rules for Uniform Domain Name Dispute Resolution Policy (the "Rules") "to employ reasonably available means calculated to achieve actual notice to Respondent" through submission of Electronic and Written Notices, as defined in Rule 1 and Rule 2. Therefore, the Panel may issue its decision based on the documents submitted and in accordance with the ICANN Policy, ICANN Rules, Forum's Supplemental Rules and any rules and principles of law that the Panel deems applicable, without the benefit of any response from Respondent.
Complainant requests that the domain name be transferred from Respondent to Complainant.
PRELIMINARY ISSUE: IDENTITY THEFT
Complainant alleges that the named registrant, “Ozanich, Kirk”, is one of its employees, but that he did not register the disputed domain name. As of August 24, 2018, the Forum had not received any further response from the named Respondent and proceeded with the Panel appointment. The Panel has taken the following rules and precedent into account in making a determination on not redacting Respondent’s identity.
According to Policy ¶ 4(j), “[a]ll decisions under this Policy will be published in full over the Internet, except when an Administrative Panel determines in an exceptional case to redact portions of its decision.” In Wells Fargo & Co. v. John Doe as Holder of Domain Name <wellzfargo.com>, FA 362108 (Forum Dec. 30, 2004) and Wells Fargo & Co. v. John Doe as Holder of Domain Name <wellsfargossl>, FA 453727 (Forum May 19, 2005), the panels omitted the respondents’ personal information from the decisions, pursuant to Policy ¶ 4(j), in an attempt to protect the respondents who claimed to be victims of identity theft from becoming aligned with acts the actual registrants appeared to have sought to impute to the respondents.).
However, according to Forum Supplemental Rule 15(b), “All requests pursuant to Policy paragraph 4(j) and Rule 16(b) to have a portion of the decision redacted, must be made in the Complaint, the Response, or an Additional Submission that is submitted before the Panel’s decision is published.” (emphasis added). Rule 1 defines “respondent” as “the holder of a domain-name registration against which a complaint is initiated;” and Forum Supplemental Rule 1(d) further defines “the holder of a domain-name registration” as “the single person or entity listed in the WHOIS registration information at the time of commencement.” The Panel notes precedent which holds the registrar-confirmed registrant of a disputed domain (per the WHOIS at commencement of the proceeding) the proper respondent, notwithstanding the possibility that said respondent’s identity was stolen. See, e.g., Banco Bradesco S/A v. Gisele Moura Leite, D2014-0414 (WIPO Apr. 30, 2014).
In the instant case, there has been no request in the Complaint to redact any portion of the decision, nor has there been a Response or an Additional Submission. Consequently, the Panel finds that it is not warranted to redact Respondent’s name and location from the Panel’s decision,
A. Complainant
Complainant states that it is an educational employee health insurance administration company. Complainant has rights in the MESSA mark through its registration of the mark in the United States in 2003.
Complainant alleges that the disputed domain name is identical or confusingly similar to its MESSA mark as it incorporates the mark in its entirety and merely adds a hyphen, the geographical abbreviation “us”, and the “.org” generic top-level-domain name ("gTLD"). Complainant cites UDRP precedents to support its position.
According to Complainant, Respondent lacks rights or legitimate interests in the disputed domain name. Respondent is not commonly known by the disputed domain name, nor has Respondent been authorized by Complainant to use its MESSA mark. Respondent has not used the disputed domain name in connection with a bona fide offering of goods or services or a legitimate non commercial of fair use. Instead, Respondent uses the disputed domain name to pass off as Complainant in furtherance of a fraudulent email phishing scheme. Specifically, fraudulent emails were sent from the disputed domain name, purporting to have been sent by an employee/field representative of Complainant, in an attempt to have a payment diverted to Respondent's bank account, with the signature block of the fraudulent emails displaying Complainant’s business name/mark, the name of the actual impersonated employee/field representative, and the actual mailing address of Complainant. Complainant cites UDRP precedents to support its position.
Further, says Complainant, Respondent registered and uses the disputed domain name in bad faith. Respondent is engaged in a fraudulent email phishing scheme. Respondent registered the disputed domain name with false, misleading and inaccurate WHOIS contact information. Respondent had actual knowledge of Complainant’s rights to the MESSA mark prior to registering the disputed domain name. Complainant cites UDRP precedents to support its position.
B. Respondent
Respondent failed to submit a Response in this proceeding.
Complainant owns the mark MESSA and uses it in connection with its educational employee health insurance administration business.
Complainant’s rights in its mark date back to 2003.
The disputed domain name was registered in 2023.
Complainant has not licensed or otherwise authorized Respondent to use its mark.
The disputed domain name is used in furtherance of a fraudulent email phishing scheme. The signature block of the fraudulent emails displays the name of one of Complainant’s actual employees, Complainant’s mark, and Complainant’s actual physical address.
Paragraph 15(a) of the Rules instructs this Panel to "decide a complaint on the basis of the statements and documents submitted in accordance with the Policy, these Rules and any rules and principles of law that it deems applicable."
Paragraph 4(a) of the Policy requires that Complainant must prove each of the following three elements to obtain an order that a domain name should be cancelled or transferred:
(1) the domain name registered by Respondent is identical or confusingly similar to a trademark or service mark in which Complainant has rights; and
(2) Respondent has no rights or legitimate interests in respect of the domain name; and
(3) the domain name has been registered and is being used in bad faith.
In view of Respondent's failure to submit a response, the Panel shall decide this administrative proceeding on the basis of Complainant's undisputed representations pursuant to paragraphs 5(f), 14(a) and 15(a) of the Rules and draw such inferences it considers appropriate pursuant to paragraph 14(b) of the Rules. The Panel is entitled to accept all reasonable allegations set forth in a complaint; however, the Panel may deny relief where a complaint contains mere conclusory or unsubstantiated arguments. See WIPO Jurisprudential Overview 3.0 at ¶ 4.3; see also eGalaxy Multimedia Inc. v. ON HOLD By Owner Ready To Expire, FA 157287 (Forum June 26, 2003) (“Because Complainant did not produce clear evidence to support its subjective allegations [. . .] the Panel finds it appropriate to dismiss the Complaint”).
The disputed domain name incorporates Complainant’s MESSA mark in its entirety and merely adds a hyphen, the geographical abbreviation “us”, and the “.org” generic top-level-domain name ("gTLD"). The addition of a hyphen, a geographical abbreviation and a gTLD fails sufficiently to distinguish a disputed domain name from a mark per Policy ¶ 4(a)(i). See General Motors LLC v. Domain Admin, Privacy Protection Service INC d/b/a PrivacyProtect.org, FA 1656166 (Forum Feb. 12, 2016) (finding respondent’s <gm-uzbekistan.com> domain name confusingly similar to complainant’s GM mark as the addition of the geographic term “uzbekistan” is inconsequential to a Policy ¶ 4(a)(i) analysis). Therefore the Panel finds that the disputed domain name is confusingly similar to Complainant’s mark per Policy ¶ 4(a)(i).
Complainant has not licensed or otherwise authorized Respondent to use its MESSA mark. Respondent is not commonly known by the disputed domain name: under Policy ¶ 4(c)(ii), WHOIS information may be used to determine whether a respondent is commonly known by the disputed domain name. See Amazon Technologies, Inc. v. Suzen Khan / Nancy Jain / Andrew Stanzy, FA 1741129 (Forum Aug. 16, 2017) (finding that respondent had no rights or legitimate interests in the disputed domain names when the identifying information provided by WHOIS was unrelated to the domain names or respondent’s use of the same). Where the WHOIS is related to the disputed domain name, the Panel may still find that the respondent lacks rights or legitimate interest in the disputed domain name if the respondent lacks authorization to use the complainant’s mark and the respondent fails to provide affirmative evidence in support of its identity. See Ripple Labs Inc. v. Jessie McKoy / Ripple Reserve Fund, FA 1790949 (Forum July 9, 2018) (finding that, although the respondent listed itself as “Jessie McKoy / Ripple Reserve Fund” in the WHOIS contact information, it did not provide any affirmative evidence to support this identity; combined with the fact that the complainant claimed it did not authorize the respondent to use the mark, the respondent is not commonly known by the domain name). Here, the WHOIS information for the disputed domain name identifies the registrant as “Ozanich, Kirk / messa.org” but Respondent provides no affirmative evidence in support of this identity and no evidence in the record suggests Respondent is authorized to use the MESSA mark. Therefore, the Panel finds that Respondent is not commonly known by the disputed domain name per Policy ¶ 4(c)(ii).
Respondent attempts to passes off as Complainant in furtherance of a fraudulent email phishing scheme. Specifically, Complainant presents evidence showing that fraudulent emails were sent from the disputed domain name, purporting to have been sent by an employee/field representative of Complainant, in an attempt to have a payment diverted to Respondent's bank account. Using a disputed domain name to pass off as a complainant for the purpose furthering an email phishing scheme may not be a bona fide offering of goods or services or a legitimate noncommercial or fair use per Policy ¶¶ 4(c)(i) or (iii). See Emerson Electric Co. v. Adilcon Rocha, FA 1735949 (Forum July 11, 2017) (finding that respondent’s attempt to pass off as complainant through emails does not constitute a bona fide offering of goods or services and, as such, respondent lacked rights or legitimate interests in the disputed domain name). The Panel therefore finds that Respondent fails to use the disputed domain name to make a bona fide offering of goods or services or a legitimate noncommercial or fair use per Policy ¶¶ 4(c)(i) or (iii). And the Panel finds that Respondent does not have rights or legitimate interests in the disputed domain name.
Respondent has not presented any plausible explanation for its use of Complainant’s mark. In accordance with paragraph 14(b) of the Rules, the Panel shall draw such inferences from Respondent’s failure to reply as it considers appropriate. Accordingly, the Panel finds that Respondent did not have a legitimate use in mind when registering the disputed domain name.
Indeed, as already noted, uses the disputed domain name to pass off as Complainant in order in furtherance of a fraudulent email phishing scheme. Registration of a confusingly similar domain name to pass off as a complainant in a phishing scheme can evince bad faith registration and use per Policy ¶ 4(a)(iii). See Airbnb, Inc. v. JAMES GRANT, FA1760182 (Forum Dec. 28, 2017) (“Using a misleading email address to defraud unwary customers certainly constitutes bad faith.”). Thus the Panel finds that Respondent registered and uses the disputed domain name in bad faith per Policy ¶ 4(a)(iii).
Further, Respondent registered the disputed domain name with actual knowledge of Complainant’s mark: the signature block of the fraudulent emails displays Complainant’s business name/mark, the name of the actual impersonated employee/field representative, and the actual mailing address of Complainant. While constructive notice is insufficient to demonstrate bad faith, actual knowledge of a complainant’s rights in a mark prior to registration may be evidence of bad faith per Policy ¶ 4(a)(iii). See Custom Modular Direct LLC v. Custom Modular Homes Inc., FA 1140580 (Forum Apr. 8, 2008) (“There is no place for constructive notice under the Policy.”); see also Orbitz Worldwide, LLC v. Domain Librarian, FA 1535826 (Forum Feb. 6, 2014) (“The Panel notes that although the UDRP does not recognize ‘constructive notice’ as sufficient grounds for finding Policy ¶ 4(a)(iii) bad faith, the Panel here finds actual knowledge through the name used for the domain and the use made of it.”); see also Univision Comm'cns Inc. v. Norte, FA 1000079 (Forum Aug. 16, 2007) (rejecting the respondent's contention that it did not register the disputed domain name in bad faith since the panel found that the respondent had knowledge of the complainant's rights in the UNIVISION mark when registering the disputed domain name). The Panel finds that Respondent had actual knowledge of Complainant’s rights in the mark prior to Respondent’s registration of the disputed domain name and that this constitutes bad faith under Policy ¶ 4(a)(iii).
Finally, Complainant alleges that the WHOIS information is false, because the name of the registrant is the name of one of Complainant’s employees, however that employee did not register the disputed domain name. Since the name in question, “Ozanich, Kirk”, is not a very common name, the Panel finds that it is unlikely that a different person with that same name registered the disputed domain name. Thus, on the balance of the evidence before it, the Panel finds that the WHOIS information is false. Registration of a confusingly similar domain name using false information can evince bad faith registration and use per Policy ¶ 4(a)(iii). See Farouk Systems, Inc. v. Jack King / SLB, FA1505001618704 (Forum June 19, 2015) (finding bad faith registration and use pursuant to Policy ¶ 4(a)(iii) where the respondent had provided false contact information when registering the disputed domain name). Thus the Panel finds that Respondent registered and uses the disputed domain name in bad faith per Policy ¶ 4(a)(iii).
Having established all three elements required under the ICANN Policy, the Panel concludes that relief shall be GRANTED.
Accordingly, it is Ordered that the <messa-us.org> domain name be TRANSFERRED from Respondent to Complainant.
Richard Hill, Panelist
Dated: April 20, 2023
Click Here to return to the main Domain Decisions Page.
Click Here to return to our Home Page