WIPO Arbitration and Mediation Center

ADMINISTRATIVE PANEL DECISION

Orange Brand Services Limited v. Registration Private, Domains by Proxy, LLC / Park Ave, miniOrange Incorporated

Case No. D2019-1170

1. The Parties

Complainant is Orange Brand Services Limited, United Kingdom, represented by Archer & Angel, India.

Respondent is Registration Private, Domains by Proxy, LLC, United States / Park Ave, miniOrange Incorporated, United States, represented by UDRP Legal, United Kingdom.

2. The Domain Name and Registrar

The disputed domain name <miniorange.com> (the “Domain Name”) is registered with GoDaddy.com, LLC (the “Registrar”).

3. Procedural History

The Complaint was filed with the WIPO Arbitration and Mediation Center (the “Center”) on May 21, 2019. On May 21, 2019, the Center transmitted by email to the Registrar a request for registrar verification in connection with the Domain Name. On May 22, 2019, the Registrar transmitted by email to the Center its verification response disclosing registrant and contact information for the Domain Name which differed from the named Respondent and contact information in the Complaint. The Center sent an email communication to Complainant on May 23, 2019 providing the registrant and contact information disclosed by the Registrar, and inviting Complainant to submit an amendment to the Complaint. Complainant filed an amended Complaint on May 24, 2019.

The Center verified that the Complaint together with amended Complaint satisfied the formal requirements of the Uniform Domain Name Dispute Resolution Policy (the “Policy” or “UDRP”), the Rules for Uniform Domain Name Dispute Resolution Policy (the “Rules”), and the WIPO Supplemental Rules for Uniform Domain Name Dispute Resolution Policy (the “Supplemental Rules”).

In accordance with the Rules, paragraphs 2 and 4, the Center formally notified the Respondent of the Complaint, and the proceedings commenced on June 4, 2019. In accordance with the Rules, paragraph 5, the due date for Response was June 24, 2019. The due date for submission of the Response was extended to June 28, 2019 in accordance with paragraph 5(b) of the Rules. The Response was filed with the Center June 27, 2019. On June 28, 2019, Complainant submitted a request to be allowed to file a supplemental filing. On July 1, 2019, Respondent sent an email communication to the Center opposing the admission of any supplemental filing from Complainant into the record.

The Center appointed Robert A. Badgley, David Taylor and Diane Cabell as panelists in this matter on July 26, 2019. The Panel finds that it was properly constituted. Each member of the Panel has submitted the Statement of Acceptance and Declaration of Impartiality and Independence, as required by the Center to ensure compliance with the Rules, paragraph 7.

4. Factual Background

Complainant is a wholly-owned subsidiary of Orange SA, a French company. Complainant and Orange SA, as well as other affiliates within the Orange Group, will be referred to hereafter in the singular as “Complainant”. Complainant began operating in 1994 and is now one of the largest telecommunications firms in the world.

Complainant has operations in more than 200 countries, and owns thousands of ORANGE or ORANGE‑formative trademarks registered in jurisdictions around the world. For instance, the word mark ORANGE, registration No. 94511028 was registered in France on March 15, 1994. Complainant has put into the record substantial evidence that the “Orange Brand” is one of the 100 most valuable brands in the world, that Complainant spends considerable sums on marketing and advertising of the “Orange Brand,” and that its customer base and overall global sales are very large.

It appears from the record that Complainant is best known for its telecommunications services. Complainant also provides myriad services including: personal communications services, business information technology services, healthcare information services, entertainment services, e-commerce services, and “security activities”. Complainant describes this latter category as “supporting customers to secure their businesses, safeguard their data and protect their brand image against cyber-attacks”. Complainant states that it performs its “security activities” under the name “Orange Cyberdefense”.

According to Complainant, it has been “offering a range of cyber security products and services for many years, securing sensitive infrastructure for multinational companies”. Complainant states that, in January 2016, it “formed a new group entity ‘Orange Cyberdefense’ to bring together all of Complainant’s corporate security activities”. Annexed to the Complaint are various documents describing Complainant’s cyber security offerings, though most if not all of these materials postdate the registration of the Domain Name at issue in this case.

The record is also replete with third-party articles recognizing the strength of the ORANGE mark, including the success of “Orange Business Services”, which at some point in time also incorporated cyber security services. These materials, however, do not contain much if any discussion of cyber security activities. Rather, they largely tout Complainant as a leading telecommunications firm, which also has a considerable global presence in the Internet, television, and mobile services areas.

Complainant has a substantial Internet presence, and owns numerous domain names – including <orange.com> – to maintain its Internet presence.

The Domain Name was registered on January 8, 2012 by the founder of Respondent’s business. The Domain Name resolves to Respondent’s commercial website.

Respondent was incorporated in the State of New Jersey, United States of America (“United States”), in December 2012. Respondent provides Single Sign-On (“SSO”) and 2-Factor Authentication (“2FA”) “authentication solutions”. According to Respondent, SSO is a service “that permits a user to use one set of logon credentials to access multiple applications”. Respondent asserts that its SSO tool allows users “to integrate SSO quickly and secure access to over 4,500 apps”.

Respondent states that its 2FA tool grants a user access “only after presenting two pieces of evidence (factors)”. According to Respondent, its “2-Factor Plugin provides secure logins to multiple cloud applications”.

Respondent has participated in IT security conferences in various cities since 2013 to advertise its SSO and 2FA solutions, which are sold under Respondent’s “miniOrange” brand. Respondent has also advertised its services in Business News Daily. Respondent’s miniOrange business has also been featured or mentioned in various computer tech periodicals. As of 2018, Respondent asserts, it has more than 100,000 small and midsize business customers. Respondent’s revenue in 2018 reached USD 1 million.

The record contains several communications over the years between Respondent and its customers, as well as several invoices of miniOrange customers. Neither party has put into the record any evidence of consumer confusion between Complainant’s ORANGE marks and either Respondent’s miniOrange SSO and 2FA offerings or the Domain Name.

The CEO and co-founder of Respondent, Anirban Mukherji, submitted an affidavit with the Response. Mr. Mukherji states that he was born in India and educated in Boston, Massachusetts, United States. He states that he has 20 years’ experience in “software security.” Discussing the motivation behind the Domain Name, Mr. Mukherji states:

“The motivation behind the name (‘miniOrange’) came from two companies that were doing great at that time; Microsoft and Apple. Inspired by Microsoft’s humble beginnings (starting in a garage), our business had a similar ‘micro’ beginning (a small office that housed 4 engineers) – hence we choose the name ‘mini’. Apple was also a well‑known company that inspired us, so we chose an alternative fruit – ‘orange’. There was nothing more behind the name, and we were never aware of the Orange Brand Service company or its security services since it never existed at that time. Their own website says it started in 2016.”

Complainant’s counsel sent Respondent a cease-and-desist letter on March 27, 2018. Respondent’s CEO Mr. Mukherji responded by email dated April 6, 2018, stating that he was willing to settle the matter amicably and suggesting a conference call. Complainant’s counsel followed up to set up a call from early May to mid-July 2018, getting no response from Respondent. Complainant’s counsel sent a follow-up cease-and-desist letter on July 17, 2018 and a follow-up email on November 3, 2018. Respondent did not reply to either of these missives.

5. Parties’ Contentions

A. Complainant

Complainant asserts that it has satisfactorily proven each of the three elements required under paragraph 4(a) of the Policy for a transfer of the Domain Name.

B. Respondent

Respondent asserts that it is engaged in a legitimate business activity and its services do not overlap with those offered by Complainant under the ORANGE marks. Respondent denies any intent to target or trade off the fame of Complainant’s marks.

6. Discussion and Findings

Paragraph 4(a) of the Policy lists the three elements, which Complainant must satisfy with respect to the Domain Name:

(i) the Domain Name is identical or confusingly similar to a trademark or service mark in which Complainant has rights; and

(ii) Respondent has no rights or legitimate interests in respect of the Domain Name; and

(iii) the Domain Name has been registered and is being used in bad faith.

With regard to Complainant’s request to file a supplemental filing, the Panel considers that the record takes ample account of the facts and evidence that were reasonable available to Complainant at the time of filing the Complaint. Noting that Complainant did not provide any specific reasons as to why any supplemental filing should be allowed, and also noting Respondent’s opposition to Complainant’s provision of any such filing, the Panel has not considered it necessary for the Parties to be allotted extra opportunity to provide additional submissions, and has proceeded to render its decision on the material provided in the case record to date.

A. Identical or Confusingly Similar

The Panel concludes that Complainant has rights in the mark ORANGE through widespread registration and use amply demonstrated in the record. The Panel finds further that the Domain Name is confusingly similar to that mark. The Domain Name incorporates the mark ORANGE in its entirety, and adds the descriptive word “mini”. This additional word does not prevent the confusing similarity between the mark and the Domain Name.

Complainant has established Policy, paragraph 4(a)(i).

B. Rights or Legitimate Interests

Pursuant to paragraph 4(c) of the Policy, Respondent may establish its rights or legitimate interests in the Domain Name, among other circumstances, by showing any of the following elements:

(i) before any notice to you [Respondent] of the dispute, your use of, or demonstrable preparations to use, the Domain Name or a name corresponding to the Domain Name in connection with a bona fide offering of goods or services; or

(ii) you [Respondent] (as an individual, business, or other organization) have been commonly known by the Domain Name, even if you have acquired no trademark or service mark rights; or

(iii) you [Respondent] are making a legitimate noncommercial or fair use of the Domain Name, without intent for commercial gain to misleadingly divert consumers or to tarnish the trademark or service mark at issue.

Respondent formed a New Jersey corporation named miniOrange, Inc. shortly after registering the Domain Name in 2012, and since then has used the Domain Name to host a website offering Respondent’s SSO and 2FA authentication services. Respondent has carried on its business continuously for several years using the miniOrange brand and the Domain Name, and Respondent appears to have built up a perfectly legitimate business in its relatively narrow area of authentication services. The fact that the services sold under Respondent’s miniOrange brand have received favorable notice in third-party tech publications, coupled with the fact that the massive record introduced by Complainant is devoid of any evidence of consumer confusion, suggests that Respondent is engaging in legitimate commercial activity through use of the Domain Name within the meaning of Policy, paragraph 4(c)(i).

Although it is beyond dispute that ORANGE is a well-known mark in the area of telecommunications, and that the mark also enjoys considerable recognition in many jurisdictions in connection with other activities pursued by Complainant under the ORANGE and ORANGE -formative marks, it is not established in this record that Respondent had Complainant’s mark in mind when registering the Domain Name to pursue its business activities. Even if one considers that both Complainant and Respondent offer services under the rubric of cyber security, two factors predominate here. One, the products and services offered by the Parties are not truly similar in nature. Two, Complainant’s services in the area of “cyber security”, however defined, do not appear to have been very extensive (and well known) at the time Respondent registered the Domain Name and began its miniOrange business.

The Panel observes further that the word “orange” is a common word and, as Respondent noted in its Response with examples, there are many businesses around the world using the word “orange” as a trademark or as part of a trademark in connection with various goods and services.

Complainant has failed to establish paragraph 4(a)(ii) of the Policy.

C. Registered and Used in Bad Faith

Paragraph 4(b) of the Policy provides that the following circumstances, “in particular but without limitation”, are evidence of the registration and use of the Domain Name in “bad faith”:

(i) circumstances indicating that Respondent has registered or has acquired the Domain Name primarily for the purpose of selling, renting, or otherwise transferring the Domain Name registration to Complainant who is the owner of the trademark or service mark or to a competitor of that Complainant, for valuable consideration in excess of its documented out of pocket costs directly related to the Domain Name; or

(ii) that Respondent has registered the Domain Name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that Respondent has engaged in a pattern of such conduct; or

(iii) that Respondent has registered the Domain Name primarily for the purpose of disrupting the business of a competitor; or

(iv) that by using the Domain Name, Respondent has intentionally attempted to attract, for commercial gain, Internet users to Respondent’s website or other online location, by creating a likelihood of confusion with Complainant’s mark as to the source, sponsorship, affiliation, or endorsement of Respondent’s website or location or of a product or service on Respondent’s website or location.

Given the Panel’s decision above on the “rights or legitimate interests” element, it is not necessary for the Panel to determine whether Respondent has registered and used the Domain Name in bad faith. Even so, the Panel observes for the sake of completeness that there is not adequate evidence in this record to support a finding, on a balance of probabilities, that Respondent unfairly sought to take commercial advantage of Complainant’s ORANGE mark when registering the Domain Name.

The Panel observes further that, as far as this record reveals, Respondent has not sought to sell the Domain Name to Complainant or anyone else at a profit, has not registered a vast number of infringing domain names, and has not engaged in other types of activity that mark a true cybersquatter. Rather, it appears that Respondent has been going about its business as an authentication services provider for the past six years.

Whether Complainant has any kind of trademark infringement or unfair competition cause of action against Respondent is not for this Panel to address or decide. The Panel is confined to applying the elements of the Policy, which is focused chiefly on abusive registrations of domain names or, put another way, clear cases of cybersquatting. This is not such a case.

Complainant has failed to establish Policy paragraph 4(a)(iii).

7. Decision

For the foregoing reasons, the Complaint is denied.

Robert A. Badgley
Presiding Panelist

David Taylor
Panelist

Diane Cabell
Panelist
Date: August 14, 2019