WIPO Arbitration and Mediation Center

ADMINISTRATIVE PANEL DECISION

WhatsApp Inc. and Facebook, Inc. v. Whois Agent, Domain Protection Services, Inc. / Julio Cesar Newton, Julio Cesar, Miguel Guerrero, Marketing y Webs Guerrero SL and Migue Guerrero

Case No. D2018-2711

1. The Parties

The Complainants are WhatsApp Inc. and Facebook, Inc. of Menlo Park, California, United States of America, represented by Hogan Lovells (Paris) LLP, France.

The Respondents are Whois Agent, Domain Protection Services, Inc. of Panama, Panama / Julio Cesar Newton, Julio Cesar, Miguel Guerrero, Marketing y Webs Guerrero SL and Migue Guerrero of San Fernando, Spain.

2. The Domain Names and Registrar

The disputed domain names <como-hackearfacebook.com>, <como-hackear-whatsapp.com>, <espiarconversacioneswapp.com> are registered with Name.com, Inc. The disputed domain names <espiar-whatsappya.com> and <hackear-whatsappya.com> are registered with NameCheap, Inc. (collectively, the “Registrar”).

3. Procedural History

The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on November 25, 2018. On November 27, 2018, the Center transmitted by email to the Registrar a request for registrar verification in connection with the disputed domain names. On November 27, 2018, the Registrar transmitted by email to the Center its verification response disclosing registrant and contact information for the disputed domain names which differed from the named Respondent and contact information in the Complaint. The Center sent an email communication to the Complainant on November 30, 2018 providing the registrant and contact information disclosed by the Registrar, and inviting the Complainant to submit an amendment to the Complaint. The Complainant filed an amended Complaint on December 5, 2018.

The Center verified that the Complaint together with the amended Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).
In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the Complaint, and the proceedings commenced on December 6, 2018. In accordance with the Rules, paragraph 5, the due date for Response was December 26, 2018. The Center received two seemingly automated email communications from a third party on December 6 and 27, 2018. The Respondent did not submit a formal response. Accordingly, the Center notified the Parties it will proceed to Panel Appointment on December 27, 2018.

The Center appointed Adam Taylor as the sole panelist in this matter on January 14, 2019. The Panel finds that it was properly constituted. The Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.

4. Factual Background

The Complainants operate the famous WhatsApp and Facebook messaging and social media services. The Complainants are part of the same group of companies and they are referred to collectively below as “the Complainant” unless it is necessary to refer to them separately. (The Respondents are similarly referred to collectively as “the Respondent”).

The Complainant’s trade mark portfolio includes the following European Union trade marks: No. 009986514 for WHATSAPP, filed May 23, 2011, registered October 25, 2011, in classes 9, 38 and 42, and No. 004535381 for FACEBOOK, filed August 5, 2005, registered June 22, 2011 in classes 35 and 38.

The disputed domain names were registered on the following dates:

<como-hackearfacebook.com>: November 26, 2015
<como-hackear-whatsapp.com>: February 5, 2018
<espiarconversacioneswapp.com>: June 1, 2018
<hackear-whatsappya.com>: August 6, 2016
<espiar-whatsappya.com>: August 6, 2016

As of May 2017, the disputed domain name <como-hackearfacebook.com> was used for a Spanish-language website offering an online service which claimed to enable the hacking of third party Facebook accounts. The website included the Complainant’s Facebook logo and blue colour scheme.

As of November 2018, the disputed domain names <como-hackear-whatsapp.com>, <espiarconversacioneswapp.com>, <espiar-whatsappya.com> and <hackear-whatsappya.com> were all associated with Spanish-language websites promoting an app which allegedly enabled users to spy on third party WhatsApp conversations. Download of this app required the user to supply personal information. All of the websites included the Complainant’s WhatsApp logo.

In a previous UDRP case filed by the Complainant, WhatsApp Inc. v. Migue Guerrero, Marketing y Webs Guerrero L, WIPO Case No. D2018-1631, the Respondent was found to have registered and used the following domain names in bad faith: <espiar-whatsapp.com>, <solowhatsapp.net>, <spy-whatsapp.com>, <wasap-web.com>, <whatsapps-free.com>, <comohackearwhatsapp.net> and <espiarconversacionesdewhatsapp.com>.

5. Parties’ Contentions

A. Complainant

The following is a summary of the Complainant’s contentions:

All of the disputed domain names are confusingly similar to the Complainant’s trade marks.

Four of the disputed domain names reproduce the Complainant’s marks in their entirety. The term “wapp” used in the disputed domain name <espiarconversacioneswapp.com> is a common abbreviation of the Complainant’s WHATSAPP trade mark. It is clear from the inclusion of the Complainant’s trade mark in the other disputed domain names, and from the nature of the use of disputed domain name <espiarconversacioneswapp.com>, that the Respondent registered this domain name precisely because he believed that it was confusingly similar to the Complainant’s trade mark.

The addition of various Spanish descriptive terms to the Complainant’s trade mark in each of the disputed domain names does not avoid confusing similarity.

The Respondent lacks rights or legitimate interests in the disputed domain names.

The Respondent has not authorised the Complainant to use its trade mark.

The use of the disputed domain names for suspicious services targeting the Complainant’s users is not a bona fide offering of goods or services.

The Respondent is not commonly known by the disputed domain names.

Nor can the Respondent claim that it has made legitimate non-commercial or fair use of the disputed domain names.

The disputed domain names were registered and are being used in bad faith.

The Respondent could not plausibly argue that it has no knowledge of the Complainant, given its fame. Indeed, the Respondent’s actual use of the disputed domain names to target the Complainant’s users evidences actual knowledge of the Complainant.

The Complainant has engaged in a pattern of conduct within the meaning of paragraph 4(b)(ii) of the Policy.

Use of the disputed domain names as part of a phishing scam and in connection with spyware constitutes use in bad faith within the meaning of paragraph 4(b)(iv) of the Policy.

Given the inherently distinctive nature of the Complainant’s trade marks, the Respondent could not have chosen the disputed domain names for any reason other than to take unfair advantage of the Complainant’s goodwill and reputation.

B. Respondent

The Respondent did not reply to the Complainant’s contentions.

6. Discussion and Findings

6.1 Preliminary Matter: Consolidation

The principles governing the question of whether a complaint may be brought by multiple complainants against multiple respondents are set out in section 4.11 of the WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition (“WIPO Overview 3.0”).

The Panel considers it appropriate to consolidate the Complainants on the grounds that that the Respondents have engaged in common conduct that has affected the Complainants in a similar fashion, namely use of the disputed domain names to target the Complainants’ users in a similar manner as outlined in section 4 above, and that it would be equitable and procedurally efficient to permit the consolidation, not least because the Complainants are part of the same group of companies,

The Panel is also satisfied that is appropriate to consolidate the multiple Respondents as the disputed domain names and corresponding websites are clearly subject to common control. The Complainant has established substantial commonalities between all five disputed domain names, including in terms of registrant contact information, domain name servers, IP addresses, the format of the disputed domain names themselves and the content and nature of the Spanish-language websites with which the disputed domain names have been associated.

As mentioned above, the Panel considers that consolidation would be fair and equitable to all parties, none of which have objected to consolidation.

6.2 Substantive Matters

Under the Policy, the Complainant is required to prove on the balance of probabilities that:

1. the disputed domain names are identical or confusingly similar to a trade mark in which the Complainant has rights;

2. the Respondent has no rights or legitimate interests in respect of the disputed domain names; and

3. the disputed domain names have been registered and are being used in bad faith.

A. Identical or Confusingly Similar

The Complainant has established rights in the marks WHATSAPP and FACEBOOK by virtue of its registered trade marks as well as unregistered trade mark rights deriving from the extensive and worldwide use those names.

Section 1.8 of the WIPO Overview 3.0 makes clear that, where the relevant trade mark is recognisable within the disputed domain name, the addition of other terms, whether descriptive or otherwise, would not prevent a finding of confusing similarity under the first element.

Here, the Complainant’s distinctive trade marks WHATSAPP and FACEBOOK are wholly incorporated into four of the disputed domain names: <como-hackearfacebook.com>, <como-hackear-whatsapp.com>, <espiar-whatsappya.com> and <hackear-whatsappya.com>.

In the case of the disputed domain name <espiarconversacioneswapp.com>, the Respondent has used “wapp” as an abbreviation of “WhatsApp”. The Complainant has produced online dictionaries showing that this is a common shorthand for the Complainant’s mark. In these circumstances, the Panel considers that the Respondent has utilised a “dominant feature” of the Complainant’s mark within the disputed domain name in accordance with section of 1.7 of WIPO Overview 3.0 (third paragraph).

Accordingly, the Panel is of the view that the Complainant’s marks are readily recognisable within each of the disputed domain names and that the addition of the following descriptive Spanish terms is insufficient to avert a finding of confusing similarity: “hackear” (meaning “to hack”), como hackear” (“how to hack”), “espiar” (“to spy”), “ya” (“already”) and “conversaciones” (“conversations”).

The Panel therefore finds that the Complainant has established the first element of paragraph 4(a) of the Policy.

B. Rights or Legitimate Interests

As explained in section 2.1 of WIPO Overview 3.0 , the consensus view is that, where a complainant makes out a prima facie case that the respondent lacks rights or legitimate interests, the burden of production shifts to the respondent to come forward with relevant evidence demonstrating rights or legitimate interests in the domain name. If not, the complainant is deemed to have satisfied the second element.

Paragraph 4(c) of the Policy gives examples of circumstances which, if proved, suffice to demonstrate that a respondent possesses rights or legitimate interests in a disputed domain name.

Here, the Complainant has not licensed or otherwise authorised the Respondent to use its trade mark.

As to paragraph 4(c)(i) of the Policy, all of the disputed domain names have been associated with websites which claim to offer services to spy on the Complainant’s users and which most likely involve phishing vis-à-vis those who attempt to use the Respondent’s services. Such activities cannot be said to constitute a bona fide offering of services.

Nor is there any evidence that paragraph 4(c)(ii) or (iii) of the Policy apply in the circumstances of this case.

The Panel finds that the Complainant has established a prima facie case of lack of rights or legitimate interests and there is no rebuttal by the Respondent.

The Panel concludes that the Respondent has no rights or legitimate interests in the disputed domain names and that the Complainant has therefore established the second element of paragraph 4(a) of the Policy.

C. Registered and Used in Bad Faith

It is obvious that the Respondent registered the disputed domain names with the Complainant’s distinctive and well-known trade marks in mind, not least given the Respondent’s use of the disputed domain names for services which target the Complainant’s users.

The Panel is further satisfied that the association of the disputed domain names with illicit services which claim to enable spying on the Complainant’s users, as well as with likely phishing activities in relation to users of the Respondent’s websites, constitutes registration and use of the disputed domain names in bad faith.

The Panel therefore finds that the Complainant has established the third element of paragraph 4(a) of the Policy.

7. Decision

For the foregoing reasons, in accordance with paragraphs 4(i) of the Policy and 15 of the Rules, the Panel orders that the disputed domain names <como-hackearfacebook.com>, <como-hackear-whatsapp.com>, <espiarconversacioneswapp.com>, <espiar-whatsappya.com> and <hackear-whatsappya.com> be transferred to the Complainant.

Adam Taylor
Sole Panelist
Date: January 16, 2019