Shaping the future of
online brand protection
INTERVIEW WITH DAVID BARNETT
BRAND PROTECTION STRATEGIST | STOBBS
David Barnett is an expert online brand protection consultant and analyst. He has almost 20 years’ experience in the online brand-protection industry, serving clients across a range of sectors and industries. He started his career at Envisional in 2004, subsequently moving to NetNames (2007) and CSC (2016). Since July 2023, David has been working as Brand Protection Strategist at Stobbs. He is an experienced thought leader, with an extensive portfolio of articles and experience of speaking at industry events and is author of ‘Brand Protection in the Online World’.
Tell us a bit about your journey as an online brand protection expert. Based on your experience it seems that you have been working within this sector from the day it emerged.
I started in the industry as a Brand Protection Analyst at Envisional, a small, Cambridge-based start-up, in 2004. At that time, the Internet was rather different, not least in terms of the much smaller numbers of online channels to be monitored. However, some of the types of infringement, and the methods used by bad actors, have persisted to the current day. Much of my work during this time has involved working on the configuration of Internet monitoring tools and analysing the results identified, so as to identify the findings of greatest potential concern to our clients. This has enabled me to keep a close eye on trends and threats in the overall landscape as they have evolved.
What are the most prevalent threats to online brands today, and how have these evolved over the past years?
In some senses, the threats to brands are the same as they have always been, and depend on the type of company. Issues such as counterfeiting (which is relevant to manufacturers of physical goods), fraud (relevant to financial service providers and other entities holding customers’ personal details) and digital piracy (relevant to providers of content which may be distributed in digital form) remain significant areas of concern – since they result most directly in financial loss for the brand owner – even if the ways in these threats are manifested have changed over time. Really, much of the evolution of the Internet – such as the emergence and development of channels such as social media, mobile apps, etc. – has resulted in changes to the ways in which online crime can be carried out, even if the overall goals of bad actors (usually driven by financial gain) have remained similar.
Organizations will also be targeted through other types of brand infringement (traffic misdirection, false claims of affiliation, negative brand association, negative comment, etc.), although these overlap into areas where reputational – rather than directly financial – issues are at stake. However, this can of course also affect a company’s financial performance, through damage to brand value and customer behaviors.
At the current time, newer technologies such as those related to Web3 (notably cryptocurrency, blockchain domains and NFTs) and artificial intelligence are often foremost in brand owners’ minds, even if the landscape here is relatively new and the nature and scale of the associated threats remains yet to be seen.
Can you provide an overview of how the new gTLD programme works and why it’s important for brands to be aware of it?
The new gTLD programme initially launched in 2012, and essentially consists of the addition to the Internet of a wide range of new generic domain-name extensions (top-level domains, or TLDs). A little over 1,000 new extensions have been launched in the intervening 11 years. Many of these were intended to be descriptive of the type of website content, and to reduce customer confusion, although uptake has not been at as large a scale as anticipated, and in fact the new-gTLDs have been disproportionately utilised by the creators of fraudulent sites, partly due to low-cost registrations with relatively lax requirements.
A new round of applications is set to launch in 2026, and it is essential for brands to keep a close eye on this space as it develops. Some organizations may wish to apply to run their own branded domain-name extension (a ‘dot-brand’), which will give them full control over all domain applications over this TLD, although it’s a fairly costly and technically-demanding project to do so. Failing that, brands will want to utilize blocking or alerting mechanisms where possible, and to monitor the landscape, to gain visibility of potentially-threatening third-party registrations as they appear. Companies may also want to consider defensive registrations across the new extensions, or taking advantage of the new TLD space for their website presence – especially as the availability of short unregistered domain names across traditionally popular extensions such as .com is already significantly limited.
How has the introduction of new gTLDs impacted the domain name landscape from a brand protection perspective? What can we expect to see with the future introduction of the new top-level domains?
Much of the risk is really that there are now more options available to would-be registrants of fraudulent domains, and the benefits of defensive registrations by brand owners are increasingly seeing diminishing returns. This is resulting in a landscape where proactive monitoring in real time is increasingly becoming the most effective way of targeting infringements. We have also seen that many of the TLDs from the first round are highly utilized by infringers, and the same may be true in subsequent rounds. It is also noteworthy that some of the new extensions have potential for security concerns in their own right, with examples such as .zip, which has the potential for abuse through confusion with the file-name suffix.
How do you see the intersection of emerging technologies, like artificial intelligence and machine learning, as well as web3, shaping the future of online brand protection?
One of the main issues is the fact that the development of AI – often involving the scraping of data from social-media and other platforms, and thereby driving an increased push towards a restriction of access to this content – may itself drive an increased adoption by users of Web3 technologies, which are inherently decentralized and have an emphasis on users being able to curate their own content and avoid regulation and restriction.
AI itself raises a number of open questions, such as the legal implications and uncertainty over ownership of AI-generated content.
AI itself is also likely to facilitate the production of fraud-related content, even if not necessarily changing the types of attack which are possible.
Web3 developments may also much complicate the online landscape, through the appearance of a range of distributed channels which may be extremely difficult to monitor, combined with factors such as the risk of domain-name collisions (i.e. the same domain name potentially appearing on multiple different blockchains, or common to both Web3 and Web2 (‘classic’ domain name) content. We are also seeing the emergence of new types of threats, such as blockchain domain names comprising imagery or artworks – brand protection technologies will need to evolve in order to address these types of content.
Overall, though, AI is also likely to bring benefits for brand-protection service providers, raising the possibility for much more sophisticated monitoring and enforcement technologies – such as improved capabilities for image recognition, video analysis, sentiment analysis, automated prioritization of results, clustering analysis, learning of patterns in new infringement trends, and so on.
Could you share some best practices or actionable steps for businesses, both large and small, to bolster their online brand protection efforts?
Really, much of the top-level advice is the same as it has always been – specifically, ensuring that brand owners maintain an IP portfolio which is in good shape, and utilizing this as the basis for a proactive ongoing brand monitoring program of monitoring and enforcement, combined with a robust domain security posture. It is also essential to keep on top of new trends as they emerge, which is where partnering with a strong brand-protection service provider can help.
Other factors which have traditionally been seen as good practice also continue to hold true – engaging with customers, encouraging them to serve as brand ‘ambassadors’ and report infringements, responding positively to negative feedback without taking an overly heavy-handed approach to enforcement, operating with clarity about the use of official online channels, utilization of product verification and tracking technologies, and so on, will always be beneficial.
