Partner
In today’s business environment, domain names and websites are often key assets when a target company is being acquired during a merger/acquisition. Due diligence with respect to the domain name(s) and any websites is essential. In general, due diligence is the process by which the buyer verifies various aspects of the transaction. Due diligence is needed for any type of M&A whether the deal is structured as an asset purchase or an equity transfer.
Domain name due diligence requires specialized attention. Domain name due diligence is separate and distinct from website due diligence, which involves verifying traffic, search engine optimization, revenue generation, operational costs, technical aspects, etc. Domain name due diligence is much narrower and involves verifying the following:
For each category, the seller should provide the relevant information that can be confirmed by the buyer. For example, the seller should provide a list of all domain names registered, whether in use or “parked.” The information must identify who is the registrar, the current registrant, the history of the domain name and who holds current administrative rights. In general, domain names are not “owned” in the traditional sense. Domain names are allowed or authorized by a not-for-profit organization called the International Corporation for Assigned Names and Numbers (“ICANN”). ICANN authorizes commercial businesses, like GODADDY.com, to assign domain names. Such companies are called “registrars” and the person or entity to whom the domain name is assigned is a “registrant.” A registrant has the right to use the domain name. The registrant is often the same person/entity who has administrative control — that is, the administrator who can make or request changes related to the domain name.
It is important to verify that the seller is the current registrant, the current administrator and that the seller has a good “chain of title” going back to the original registration of the domain name. If not, Seller should be required by the Purchase Agreement to provide documentation sufficient to clear any title irregularities and ensure that the buyer obtains verifiable status as the registrant and administrator. In general, to clear title, Seller should provide relevant Transfer/Assignment of Domain Name Agreements or Releases of Claims to Domain Name. Due diligence with respect to right to use and chain of title will also verify the ability of the seller to transfer rights to the domain name to the buyer.
The seller should provide a similar list with respect to potentially infringing domain names. The seller is in the best position to know what domain names have been created to compete with and potentially syphon off traffic and revenue. The buyer should verify this list and conduct independent research. Attention should focus on domain names that are the same except for different extensions like .net, .org, etc.
In addition, each category should be covered by seller representations and warranties. For example, with respect to trademark infringement, a sample seller representation and warranty might look like this:
Representation and Warranty: SELLER has the sole right to use the Domain Name and the Domain Name and SELLER’s use of the Domain Name has not and does not infringe upon any trademark rights held by any third party. SELLER has received no notice — formal, informal or otherwise — that the Domain Name or Seller’s use of the domain name has violated or is violating the trademark rights of any third party.
The buyer should, of course, take steps to verify that the domain name is not infringing on trademarks in the relevant marketplace. Buyers should also consider whether hold harmless and indemnity provisions are needed with respect to potential IP infringement claims.
Contact Revision Legal
For more information about domain name due diligence or other legal issues related to internet law and M&As, contact the trusted internet lawyers at Revision Legal at 231-714-0100.
Traditionally, WHOIS databases maintained by registrars provided public access to registrant name, address, email, and administrative contact information for every registered domain name. GDPR’s implementation in 2018, followed by ICANN’s adoption of a Temporary Specification for gTLD Registration Data, fundamentally changed this. Most European registrars and many global registrars now redact all personally identifying registrant information from public WHOIS records.
For M&A due diligence involving domain names, this means that publicly accessible WHOIS alone is no longer sufficient verification. The buyer must require the seller to provide direct access to the registrar account, registrar-generated ownership certificates, and transfer authorization codes as part of the seller’s disclosure obligations. Purchase agreements for transactions involving domain assets should include representations that the seller will provide all information necessary to complete the transfer of record and all administrative credentials.
Chain of title for domain names is more complex than it appears because domain names can be transferred multiple times over their registration history. A domain first registered in 1995 may have passed through three or four owners before reaching the current registrant. Each transfer creates a potential gap in the ownership record. If an earlier transfer was not properly documented or an expired registration was allowed to lapse and then re-registered by a new party, there may be a latent adverse claim that surfaces post-closing.
Tools like DomainTools and the Wayback Machine’s DNS records can reconstruct portions of a domain’s registration history. Reverse WHOIS searches can identify other domains registered by the same registrant, which is relevant to evaluating the seller’s overall domain portfolio and any pattern of domain acquisition that might raise trademark concerns. For high-value domain names, a full historical search combined with a legal opinion on chain of title is prudent.
Acquiring a domain name in an M&A transaction does not insulate the buyer from trademark infringement claims by third parties who hold trademark rights in the domain name’s component words. A buyer who acquires a domain that was originally registered in bad faith can inherit the seller’s liability under the Anticybersquatting Consumer Protection Act, 15 U.S.C. § 1125(d), because the statute’s in rem action runs against the domain name itself, not only against the original bad-faith registrant.
Full trademark clearance means: conducting a comprehensive search of U.S. and relevant international trademark databases for marks identical to or confusingly similar to the domain name; reviewing the results with trademark counsel to assess likelihood-of-confusion risk; searching PACER for any pending or prior litigation involving the domain name; and checking UDRP case databases for any prior proceedings involving the domain.
ICANN’s transfer policies impose a 60-day lock on domain transfers following a change of registrant. This lock, implemented in 2016, means that if the domain transfer at closing changes the registered owner’s name, email address, or organization, the domain will be locked against further transfer for 60 days. For transactions where the buyer plans to re-brand or change registrars promptly after closing, this lock can create operational complications. Counsel should address this timing constraint in the closing timeline.
Transfer authorization codes—also called EPP codes or auth-info codes—are one-time-use passwords issued by the registrar that authorize the transfer of a domain to a new registrar. They must be provided by the seller as part of the closing deliverables. If the domain is hosted at a registrar that uses a different transfer mechanism, the seller should provide all credentials and consents necessary to complete the transfer within the timeframe specified in the purchase agreement.
If you are structuring an M&A transaction and need guidance on domain name due diligence, trademark clearance, or the documentation for domain transfers, contact the internet and business lawyers at Revision Legal at 231-714-0100.
Artificial intelligence has become part of nearly every business operation. Businesses now use AI tools to write marketing copy, generate product images, compose emails, draft social media posts, and produce video and audio content at a scale that was not possible a few years ago. The efficiency gains are real. But so are the legal […]
Read more about The Risks of Using AI-Generated Content in Your Business
Receiving a cease and desist letter can feel alarming. One minute you are running your business as usual, and the next you are staring at a legal demand accusing you of trademark infringement, copyright violation, breach of contract, or some other wrong. The situation can escalate quickly if not handled properly. But receiving a cease […]
Read more about How to Respond to a Cease and Desist Letter
Learn what counts as deceptive pricing in e-commerce, including false discounts, hidden fees, drip pricing, and fake urgency. Revision Legal’s internet law attorneys help online retailers stay compliant with FTC rules.
Read more about What Counts as Deceptive Pricing in E-Commerce?