The “use of a privacy or proxy registration service is not in and of itself an indication of bad faith … [but] the manner in which such service is used can in certain circumstances constitute a factor indicating bad faith.” WIPO Overview 2.0 paragraph 3.9. The second sentence has in mind registrar’s failure after it receives notice of a complaint from the Provider to disclose information about the beneficial owner of the domain name. The “common practice … to which reputable registrars offering such services appear to subscribe … [is to] disclose the details of the underlying registrant to the Center during UDRP proceedings in response to the Center’s verification request.” WSFS Financial Corporation v. Private Registrations Aktien Gesellschaft 2, D2012-0033 (WIPO March 5, 2012). In this case, the registrar identified another privacy or proxy service. The beneficial owner is buried under two layers of privacy. This is unusual but not unheard of.
The consensus view of privacy services set forth in the WIPO Overview is that
Identification by a registrar or privacy or proxy service of another such service as the purported registrant of the domain name may also constitute evidence of cyberflight and bad faith … (although such failure would not prevent a panel from deciding such cases, with the privacy or proxy service typically being regarded as the relevant respondent of record).
As the Panel notes in WSFS Financial, “for this practice to operate at all, it requires a registrar to control the privacy service in question and/or to have access to accurate underlying registrant data.” The procedure
can be defeated if behind the registrar’s service there is merely recorded the name of another third party privacy service (the so called ‘Russian doll’ scenario). Further, there appears to be no legitimate justification for such ‘Russian doll’ registrations. Indeed, panels have concluded that a Russian doll registration is evidence of bad faith.
A single domain name privacy service is more likely to provide the necessary information, and where it does not or the information is clearly fictitious the service itself stands in place of the beneficial owner. PepsiCo, Inc. v. Whois Privacy Protection Service, Inc., Abdulah Shmre, D2011-0016 (WIPO ).
The WIPO Overview includes the “Russian doll” scenario (without dubbing it as such)in the consensus view:
Identification by a registrar or privacy or proxy service of another such service as the purported registrant of the domain name may also constitute evidence of cyberflight and bad faith, as may failure in response to a UDRP provider’s request to timely confirm the identity and contact information of the registrant of the domain name where the registrant listed in the WhoIs is a privacy or proxy service (although such failure would not prevent a panel from deciding such cases, with the privacy or proxy service typically being regarded as the relevant respondent of record).
The Panel in WSFS Financial suggests that the “Russian doll” scenario “should be deemed sufficient to raise a prima facie case of bad faith registration and use.” This makes sense (and, in fact, is the practical realty) where the beneficial owner elects to remain hidden and neither of its proxies explain the owner’s choice of domain name.