Digital Brand Protection Glossary

Digital Brand Protection Glossary

Brand Protection, Content Protection & Anti-Piracy Glossary

[A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

Alibaba Anti-Counterfeiting Alliance (AACA)

The Alibaba Anti-Counterfeiting Alliance is an association of brand owners, rightsholders, trade associations and the Alibaba Group to collaborate on the protection of intellectual property rights across the Group’s platforms. The Alliance has specific Industry Working Groups (IWG), chaired by brand owners, to share best practices and define strategic changes. For example, Louis Vuitton Chairs the ‘Luxury Goods’ IWG.


Alibaba IP Protection Platform

The Alibaba IP Protection Platform is the Alibaba Group’s centralised portal for reporting intellectual property infringements. All Alibaba ecommerce platforms are covered and all infringement types. The portal is Alibaba’s equivalent to Amazon’s Brand Registry or eBay’s VeRo program. The portal can be accessed at:


Amazon Brand Registry

Amazon Brand Registry is Amazon’s portal for reporting intellectual property infringements and policy violations. Amazon also provides webforms for reporting IPR infringements, however, it is advisable for larger brand owners or SMEs predominately selling via Amazon to register for Brand Registry to support brand protection activities. The port is Amazon’s equivalent to Alibaba’s IPPP or eBay’s VeRo program. More information can be accessed at:


Amazon Buy Box

The Amazon Buy Box is the system for displaying which seller is set as the default buying option when a customer goes to a product listing. As Amazon enables third-party merchants to list against an ASIN on Amazon, each product listing may be available from multiple merchants at any given time. Amazon automatically selects the best value merchant which has the product available for the customer, putting them in the Buy Box. This prevents the customer having to choose for a seamless shopping experience.


Anti-Counterfeiting Group (ACG)

The Anti-Counterfeiting Group is the UK trade association which supports brand owners in tackling counterfeiting. For more information:



Anti-piracy is the general name given to measures predominately designed to tackle copyright infringement of media content. Also referred to as Content Protection – the aim is to prevent, enforce and reduce the unauthorised use of works protected by copyright. Online piracy is conducted through numerous methods including; BitTorrent, Cyberlockers, Streaming and Stream Rippers. Anti-piracy measures also include educating internet users regarding the dangers and damage caused by digital piracy and supporting innovative legal services which prevent the proliferation of piracy through the provision of legitimate access to digital content.


ASIN (Amazon Standard Identification Number)

An ASIN is Amazon’s own method of cataloguing each product sold across all Amazon regional platforms. Each product is assigned a unique code identifier, which other Amazon merchants can also list against (in certain circumstances). ASINs are a 10-character long string starting with “B” which is normally observable in URL of the product listing. As ASINs are designed to uniquely identify a product, duplicate products being listed under a new ASIN can be reported as a policy violation.


B2B (Business-To-Business)

B2B is a business model where a business sells goods or services to other businesses (as opposed to an end-consumer). For example, B2B ecommerce platforms generally offer production volumes far greater than retail focused platforms, with factories and wholesalers often offering the ability to customise products to specification. B2B platforms typically will have a Minimum Order Quantity (MOQ) requiring the purchaser to order a large volume per transaction, or require an ongoing business relationship. Knock-off items can be imported from B2B platforms, with branding added within the territory the item is to be sold, to avoid detection through customs.


B2C (Business-To-Consumer)

B2C is a business model where a business sells goods or service directly to a consumer (as opposed to another business). For example, B2C ecommerce platforms generally develop a more retail oriented design to attract customers, recommend products based on previous purchases and sell items individually. AliExpress operates as a hybrid platform, with both B2B and B2C elements.



Bitcoin is an example of a cryptocurrency (or crypto-asset), infamous for its association with the Dark Web and the Silk Road marketplace. Whilst the Bitcoin blockchain is public, users can transact with relative anonymity. Other cryptocurrencies have developed blockchains designed for privacy and have replaced Bitcoin as the currency of choice for online illicit activity.



BitTorrent is a protocol designed to efficiently share files across a peer-to-peer (P2P) network. A user downloads a BitTorrent client (a piece of software) i.e. µTorrent which enables connection to the P2P network. The user then locates the content to download, typically using an index website i.e. The Pirate Bay and connect to the swarm of other users downloading (and uploading) the content. The files are not stored or hosted on a central sever, but form a network between the peers. BitTorrent is particularly problematic for content industries due to the resiliency of the decentralised network. For a full set of BitTorrent related terms see:



A blog is a subcategory of website, named by combining “web” and “log” together. Traditional blogs were used by individuals or small groups as a journal, or to share information. Popular blogging platforms include Blogspot/Blogger or Tumblr. Blogs are also commonly used for unauthorised file sharing of media content or as a method for counterfeiters to drive traffic to infringing webstores. As the infringement is contained on another website, blogs are often passed over by automated brand monitoring software.


Bounce Rate

Bounce rate a search engine optimisation term used to describe the percentage of users who click a link to a website/webpage but then also immediately click back or leave the page. Having a high bounce rate is a sign of low engagement with the content on the webpage, which indicates to the search engine that the user did not have a good experience, or the content was not relevant to the search term which generated the link to the webpage. As such, marketers monitor bounce rate and try to implement tactics to reduce the bounce rate.


Brand Protection

Brand protection is the general name given to measures predominately designed to tackle trade mark infringements and brand abuse. Digital brand protection is typically defined overly narrow as a pure anti-counterfeiting term, which reduces the maximum overall impact of a digital brand protection strategy. Brand protection should encompass a range of activities which flow from the brand’s first principles, designed to defend brand reputation, promote brand trust and deliver engaging digital experiences for people.


Bulletproof Hosting

Bulletproof hosting is the general name given to webhosts which promise to not comply with abuse notices for common categories of abuse including spam, the sale of prescription medicines and online gambling. Typically, bulletproof hosts do not have intellectual property protection policies and therefore do not respond to notices of IP infringement. Most bulletproof hosts will only have provisions for child abuse and terrorism related activities and are therefore attract customers seeking a webhost which will not terminate their service. Bulletproof hosts facilitate a range of illicit activities and charge a premium to reflect this.


C2C (Consumer-To-Consumer)

C2C is a business model where a consumer sells directly to another consumer. For example, C2C ecommerce platforms are a huge growth area facilitating individuals and SMEs in digital enterprise. C2C platforms often have an associated niche, such as additional social features or for handcrafted goods to foster a community, rather than the more transactional nature of most B2C ecommerce platforms.


CAPTCHA (Completely Automated Public Turing test to tell Computer and Humans Apart)

A CAPTCHA is a test to prevent automated abuse or websites, requiring users to complete a test if the network suspects access is being requested from automation, rather than a real person. CAPTCHA’s often provide visual tests which are easily completed by a human, i.e. partial image recognition but which automated systems struggle to complete effectively. Such systems prevent brand monitoring and anti-piracy tools which fully rely on automation, as the volume of automated requests is usually impaired by CAPTCHAs.


Case Management

Case management is a vital process in evidence gathering and handling to ensuring a case is sufficiently robust for judicial scrutiny. Given the legal nature of digital brand protection and anti-piracy work, effective case management creates a workflow and method of recording information which could potentially be required as evidence in court.


ccTLD (Country Code Top-Level Domain)

See TLD. ccTLDs are reserved for specific countries or territories. For example, the ccTLD for Russia is “.ru” and the Soviet Union still has the ccTLD “.su”. Each ccTLD has its own terms of use and can limit ownership of a ccTLD to citizens. Only those living in the European Union can purchase a “.eu” ccTLD. A full list can be accessed:


CDN (Content Delivery Network)

A CDN is a distributed network of webservers, typically geographically dispersed, working together to reduce the delivery time of content of the internet. For example, Google manages as large CDN which enables YouTube users to access audiovisual content from a close-by webserver, to reduce latency in the delivery of the content.


Cease And Desist Letter (C&D)

A C&D is a letter is sent to an infringer requesting they stop committing an act and do not restart the act in the future. Commonly used for intellectual property infringement.


CHIS (Covert Human Intelligence Source)

CHIS is the name for intelligence obtained from a covert source i.e. test purchase investigator. Brand owners may conduct test purchases from both digital and physical stores to determine whether the product is infringing and obtain other information by evaluating the product and delivery. Some digital platforms, including instant messaging apps, will require a form of CHIS to prove the infringement as encryption may prevent the platform from observing the infringement.


Click Scam

A click scam is a type of online scam whereby the user is tricked into clicking a website hoping to obtain specific content, only to be redirected to links which download malicious software or phishing scams. Hoax piracy websites often draw significant traffic advertising new releases before other platforms only to lead users to scams and malicious software. Another method commonly employed is hoax ‘download’ buttons, which resemble the actual download button, or even obscure the button, diverting traffic away from the desired content to scams.



Clickbait is the term used to describe titles, hyperlinks, thumbnails or any content that entices users with a manipulative approach and fails to deliver added value. Clickbait is used to drive traffic, generally to increase revenue earned through serving ads.


Cloud Computing

Cloud computing is the on-demand delivery of computing services. Cloud services can include the provision of servers, storage, databases, security etc. For example, Microsoft’s Azure platform. Cloud computing often provides a low-cost, secure method of distributing pirated content and even creating websites which promote the sale of counterfeits. Cloud service providers often face abuse of their own brand within their network including scam advertising and phishing.



Cloudflare is a company providing security services and a Content Delivery Network (CDN). Cloudflare offer a range of tools to help websites manage security and optimisation. Cloudflare also offer a free service, whilst providing only a limited number of features, still offers significant benefits to users. Operators of illicit websites, offering unauthorised content or promoting counterfeit items often use Cloudflare’s free service to hide their website IP address. When performing a WHOIS on a website using Cloudflare, the IP address and therefore webhost will appear to be Cloudflare. Brand owners and rightsholders then have to notify Cloudflare to obtain the ‘true’ webhost of the infringing content to then submit an abuse notice to; use this webform:



Clustering is the general term used for mapping connections between related entities. Clustering is an investigative process followed by law enforcement agencies and vendors alike, using a range of tools and processes. Through clustering, commercial-scale targets can be identified for actioning.


Content Governance

Content governance is the general name given to the range of measures and policies a platform implements to ensure platform trust and safety. Content governance is wider than IP protection, including policy issues, online harassment and customer safety issues. Given the broad net of content governance, brand owners and rightsholders should understand all the measures a platform has in place to protect stakeholders, as they add another layer of protection.


Content ID

YouTube’s Content ID system is the automated recognition tool based on fingerprinting technology. A vital tool for digital rights management to protect content on YouTube, for more information click here.


Content Protection

See Anti-Piracy. Content Protection is the general name given to measures predominately designed to tackle copyright infringement of media content. Also referred to as Anti-Piracy – the aim is to prevent, enforce and reduce the unauthorised use of works protected by copyright. Online piracy is conducted through numerous methods including; BitTorrent, Cyberlockers, Streaming and Stream Rippers. Anti-piracy measures also include educating internet users regarding the dangers and damage caused by digital piracy and supporting innovative legal services which prevent the proliferation of piracy through the provision of legitimate access to digital content.



Conversion is the process of getting a user to perform a specific action i.e. getting a visitor to a webstore to purchase an item. Conversion is often used in digital marketing as the measurement of success for an ad or ad campaign.


Counter Notification

A counter notification is a formal process of a reported infringer responding to a DMCA compliant takedown notice. If a rightsholder reports an alleged infringement, but the uploader feels the notice is incorrect they can issue a counter notification. Both the filing of a notice and a counter notice have serious legal consequences and should be considered with due care.



A counterfeit is an unauthorised imitation of an item infringing a trade mark. For a full EU definition, see the link below, specifically Article 2(5):


CPM (Cost Per Mille)

Cost per Mille is the cost to the advertiser for presenting one thousand impressions of an advertisement, typically expressed in US dollar.


Customs Recordation

Customs recordation is the process of brand owners and rightsholders providing customs officials with registered IPR for customs officials to seize infringing items.



A cyberlocker is a website providing direct links to download content. In terms of anti-piracy, cyberlockers host infringing content and provide an unauthorised means to download the content. For example, “”.



Cybersquatting is the practice of registering a domain name which includes the trade mark or brand name of a third-party organisation. The aim of cybersquatting is to extort money from the brand owner. Often, digital ads are displayed on a parked page, generating revenue prior to selling the domain name.


Dark Web

The dark web is content not accessible via normal means of accessing the internet. Users require specific software i.e. TOR to access the network. The dark web provides a layer of anonymity and has become synonymous with illicit online activity.


Deep Web

The deep web is content not indexed by search engines i.e. webpages which require a user to be logged in are part of the deep web.


Digital IP Protection (DIPP)

The general name given to the wide range of measures which can be implemented to protect copyrights, trade marks, designs and patents. DIPP is a broad term encompassing both brand protection and content protection. A DIPP strategy includes all intellectual property rights owned by a rightsholder and organises the protection implementation plan around rightsholders’ first principles to maximise the over impact of any digital activities.


Digital Rights Management (DRM)

Digital rights management is the general name given to technological tools designed to restrict access to copyright protected works.


DMCA (Digital Millennium Copyright Act)

DMCA is a US copyright law which has become the de facto standard for most internet copyright takedown procedures. Given the dominance of US tech companies in the west, DMCA has become the standard reporting procedure Digital IP Protection practitioners have become accustom to. Webforms for reporting trade mark infringement often follow the structure used for DMCA submissions.


DNS (Domain Name System)

DNS is often described as the phonebook of the internet. DNS provides the process for translating a readable domain name into an IP address.


DoH (DNS Over HTTP(S))

DoH is a protocol for performing DNS resolution over HTTP or HTTPS (encrypted HTTP). The aim of DoH is to increase security and privacy online. However, implementation could create issues for rightsholders which heavily rely on website blocking orders.


Domain Backorder

See Snapback. Domain backordering is the process of acquiring a domain name upon the expiration of the registration period. Many registrars offer auto-registration tools to prevent customers losing their domain name to backordering.


Domain Name

A domain name is a string that through the DNS process can be used to access a website.


Domain Name Portfolio

Domain name portfolio is the name given to the collection of domain names held by a person or organisation. Brand owners often own a number of domain names, some which point to an active website and whilst some domain names are held to prevent brand abusers registering the domain name and causing brand damage.



Doxing is the process of identifying and publishing private information about a person or organisation. Doxing utilises open source techniques and often involves hacking, information is then either published, or used to extort a victim.



Dropshipping is an inventory-free business model. Click here for more information.



Ecommerce is the general name to commercial activity being conducted over the internet.



Encryption is the process of encoding data to provide privacy to the sender and recipient.



Digital fingerprinting is the process of mapping content in order to uniquely identify and search for fingerprint matches. YouTube’s Content ID system works by fingerprinting videos uploaded and then flagging potential matches to the rightsholders. Fingerprinting is often used in conjunction with digital watermarking for the protection of expensive media content i.e. live sports broadcasts.



A forum is a website that creates communities through posts on a thread. For example, Reddit. Users contribute to the conversion by adding a comment. Many Forums facilitate the distribution of pirated content by sharing links, often using link protectors to avoid automated detection systems.



Framing is when a website fully embeds a third-party website or webpage to be viewed. This practice often causes confusion to the user who may be unaware they are not on the website of the third-party.


GDPR (General Data Protection Regulation)

GDPR is a piece of EU law designed to protect the personal data of internet users. GDPR places onerous duties on website owners to ensure end-users are aware of any tracking software that is being used, any data being collected and how the data will be processed. A result of the new regulation meant many registrars decided to not publish certain details on WHOIS information.



Geolocation is the process of mapping an internet user’s physical location. Mobile devices and apps often track user location and can be used to geolocate a person.


Grey Market

The grey market is a secondary market where the goods have not been obtained by an authorised process. Grey market goods are often then sold below the price level brand owners would like, potentially undermining the authorised sales channels. Items sold on the grey market are often sold to grey market sellers by authorised resellers which are having trouble selling out old stock.


gTLD (Generic Top-Level Domain)

See TLD. A generic TLD does not related to a specific country or territory. For example, the generic TLD “.com” is shortened from the word ‘commerce’. A full list can be accessed:



A social media handle is the general name given to the account name which a user can be reached on a social media platform, often depicted with an “@” sign. A username can be different to the handle, the handle will always be a unique identifier of the user on the platform.


HTML (Hyper Text Markup Language)

HTML is the standard language used to create websites. HTML is often utilised with CSS and other languages to generate the appearance of the website.


IANA (Internet Assigned Numbers Authority)

IANA is the function of ICANN responsible for maintaining and overseeing the allocation of IP addresses and autonomous system numbers and DNS root zone coordination.


ICANN (Internet Corporation for Assigned Names and Numbers)

ICANN is the organisation responsible for keeping the internet secure and allocating space. ICANN is responsible for accrediting registrars.



Impersonation is the process of a person or organisation imitating another person or organisation with the aim of causing confusion. Impersonation is often used on social networks to divert traffic away from official accounts and drive traffic towards infringing content or online scams.



An impression is often used in digital marketing as a measurement of one ad being served. Digital marketers want to convert impressions into clicks to direct potential customers to a webstore or service.



See KOL. An influencer is an individual with the ability to impact the decision-making process of another user, usually used in context of social media marketing. An influencer will typically have a large audience, or a strong connection to a niche audience, therefore making the opinion of the influencer relevant and visible to a group of people.



Intelligence is information obtain that has been evaluated by a set procedure and risk assessment to be used in an investigation.


Intelligence Requirement

The intelligence requirement (or gap) is the process of an investigator evaluating what intelligence is missing from the investigation that is needed to proceed.



Intermediary is the general name given to any service provider which facilitates an act. In terms of Digital IP Protection, an intermediary could be a webhost, registrar, payment processor etc.


Invalid WHOIS

See WHOIS. Registrars are required to ensure WHOIS information is accurate and up-to-date. If the information is not accurate i.e. the address does not exist, then it can be reported to the register to action. Typically, registrars contact the registrant and ask them to update the information. If the registrant cannot be reached or fails to update the WHOIS information the registrar must suspend service to the registrant. Individuals and organisations creating websites for illicit purposes often use false information in the WHOIS and ignore requests to update.


ISP (Internet Service Provider)

An ISP is the term often used in a general context to describe an organisation providing services to access the internet, including webhosting, domain name registration, internet transit etc.


Key Opinion Leader (KOL)

See Influencer. A Key Opinion Leader is an individual with the ability to impact the decision-making process of another user. KOL is the preferred term in China for influencers and use platforms such as WeChat, Weibo and live streaming to connect with their audience.



A knock-off is a general term used to describe an imitation item, used typically when the item does not bare any registered trade marks which would give rise to a claim of counterfeiting. The term knock-off can be used as a catch-all for copies of a product.



Law Enforcement Agency. For example, a police force or trading standards.



A leecher is part of the BitTorrent peer-to-peer network. A leecher is a peer within the network who does not have 100% of the data available. The term is often used negatively for peers who do not upload as much data as they download. For a full set of BitTorrent related terms see:


Link Protector

A link protector is a service to shorten URLs. For example, “”. Link protectors can help obscure the destination of the URL and avoid detection from automated systems.


Lookalike Domain

A lookalike domain is a domain name designed to cause confusion with a well-known website. Common tactics are replacing the letter “i” with the letter “l”. Lookalike domains can be used to create websites to divert traffic, damage brand reputation or promote the sale of infringing products. Lookalike domains are also commonly used in phishing scams where the scammer registers the domain name for the sole purpose of connecting the lookalike domain to a mail server to then extract information from either employees or customers. As such, lookalike domains present a risk even if the domain name is not connected to an active website.



Malware is the name given to malicious software which causes damage to a computer or network through unauthorised access.



An online marketplace is a platform which enables third-party merchants to create listings to sell to either businesses or consumers. For example,



Mcommerce is the term used to cover ecommerce activity specific to mobile devices. Generally, it is reserved for platforms which target mobile usage over desktop. For example, Mcommerce platforms often only operate through a mobile app or have an optimised mobile platform, providing a weaker experience when accessing through a desktop browser.


Minimum Advertised Pricing (MAP)

MAP is a contractor agreement with a distributor to not sell a product below a certain price level. MAP agreements have no impact on grey market sellers. Competition law in many jurisdictions impacts minimum pricing models and should be given due considering before applying any such policies in practice.


Mobile App

A mobile app is a piece of software developed for a mobile device, typically a smartphone or tablet. Mobile apps are commonly made for Android and iOS as the two dominate mobile operating systems.


MSRP (Manufacturer Suggested Retail Price)

MSRP is a recommended price model. Also referred to as Recommended Retail Price (RRP). As the model is merely a recommended pricing structure, rather than a binding agreement MSRP generally does not cause the same competition law concerns as MAP.



A multi-uploader is a pirate website that collates links from various cyberlockers and organises them for users to access infringing content. As many cyberlockers comply with copyright infringement notices, or even provide tools for automated takedowns, multi-uploaders provide many links, so the user has back-up options if one of the links to infringing content no longer works.


NOC (Network Operations Center)

NOC email addresses are often identified when running a WHOIS query. Brand owners and rightsholders often submit infringement claims to NOC abuse email addresses, with poor levels of compliance. Generally, a specific abuse email address, a dedicated IP abuse email address or a dedicated webform should be sought to submit a takedown notice. Most NOC are not equipped to handle IP abuse claims.


Online-To-Offline (O2O)

Online-to-offline is the process of connecting digital experience with physical experiences. For example, digital first brands expanding into creating their own physical branded stores to offer products. It can also be the process of connecting physical stores with digital experiences, for example, putting QR codes on products in stores to scan for additional information or services.


Open Source

Open source information is information available to the public and not obtain via convert means or proprietary databases. Open source information can be difficult to obtain although it is publicly available. For example, conducting reconnaissance on a suspected infringer’s social media profiles, or using public databases such as Companies House to obtain information.


Organic Link

An organic link is a link generated by a search engine in response to a query. When a user enters a query the results typically show a mix of sponsored ads and organic links. Organic links are delivered due to relevance and authority regarding the user’s query.


OSINT (Open Source Intelligence)

OSINT is the process of obtain information from open sources and then applying a risk assessment and evaluation procedure. The intelligence can then be supplement with other intelligence to assess the investigation.


Packet Sniffing

Packet sniffing is the process of analysing network traffic at the packet level. Packet sniffing can be used for network analysis and provides insight into infrastructure supporting a network or operation.


Parallel Import

A parallel import is an item imported into a country without the authorisation of the brand owner. Often, the same product can have different specification or pricing model in different territories, importin an item from one country to another can get around regional restrictions. Given the products are not counterfeit parallel import issues can be hard to enforce in certain jurisdictions. EU law enables the enforcement of parallel imports from outside of the EEA – as such Amazon and other platforms has specific policies to handle such complaints.


Parasite Brand

A parasite brand or lookalike brand is a brand built by imitating a well-known brand. Watch companies suffer from parasite brands which closely copy the design but use cheaper components and their own logo to avoid claims of counterfeiting. Parasite brands also tend to copy marketing techniques, with many examples of official ad campaigns being photoshopped to replace the official item with the item from the parasite brand.


Parked Domain

A parked domain is a registered domain name which is not attached to any website. Many registrars and online service providers enable owners of parked domains to run ads to generate revenue on parked domains.


Payment Processor

A payment processor handles the payment system for ecommerce. For example, Mastercard, Visa or PayPal. In China third-party e-payment processors Alipay and Tenpay are commonly used for digital and offline purchases. Payment processors will often respond to intellectual property abuse notices by suspending the provision of service to the infringer, thus cutting of the money supply.


Payment Services Directive

The Payment Services Directive is a new directive to be implemented by EU members states by September 2019. The aim is to improve security around payment processing across the EU, adding ‘strong customer authentication’ for electronic payments.


Peer-To-Peer Network

A decentralised network whereby peers connect to other peers rather than a central platform.



Phishing is a scam in which scammers send emails (spam) attempting to trick recipients into revealing sensitive data which can then be used to extort or steal money from the victim.



Piracy is the general term used to describe digital copyright infringement. For a full EU definition, see the link below, specifically Article 2(6):



Pogo-sticking is related to bounce rate. However, pogo-sticking measures a longer chain of user activity to determine whether search results clicked on provided the user with a relevant result. If a user clicks a link, but then quickly clicks off and clicks another link provided by the same query, the user is deemed to still be looking for relevant information. This signals to the search engine which link provided relevant and sufficient information to satisfy the user’s search query.


PPC (Pay Per Click)

PPC is used in digital advertising to describe a payment model. The advertiser only pays when a user clicks the ad, rather than each impression. This is to ensure return on investment on an ad campaign, rather than serving impressions to irrelevant users who do not engage with the ad.


Privacy Protection Provider

A privacy protection provider enables a registrant of a domain name to hide personal data from the WHOIS search. A privacy protection provider replaces the registrant’s name and details with that of the provider, the provider is deemed to be a responsible party which will respond to abuse claims and other notices effectively. Due to GDPR, such services are less relevant as most registrars are not publishing information to ensure compliance with the regulation.


Proxy Server

A proxy server is an intermediate server which a connection is made to obscure the source IP address from the destination. Proxy servers can be used to access content restricted to specific territories.


QR Code

A QR code is a machine-readable code, much like a barcode by typically square in shape. Mobile devices can scan QR codes to install apps or obtain further information. In China the use of QR code is very high and part of Alibaba and Tencent approach to connecting online and offline experiences.



Recommerce is the term used to describe ecommerce of second-hand items. A truncation of recycling and ecommerce.


Referring Site

A referring site is a website providing hyperlinks to another website. Websites engaged in illicit activities often use a chain of referring sites to mask the infringement from automation.


Regional Internet Registry

Regional Internet Registry is an organisation responsible for managing the allocation of internet number resources in a region. Currently, there are five regions covering the world.



A registrant is the name given to the individual or organisation purchasing a domain name from a registrar. The registrant is often the website owner / operator, although, third-party companies do offer services to hold domain names on behalf of a client.



A registrar is the organisation selling the use of a domain name to a registrant. Registrars are accredited by ICANN and are responsible for ensuring the WHOIS details are accurate. Registrars typically sell domain names on a yearly basis; therefore, the registrant must pay a renewal fee to maintain the registration.


Registry Operator

A registry operator is the entity responsible for maintaining the administrative databases of domains and generating zone files. Also referred to as a Network Information Center (NIC).


Reputation Monitoring

Reputation monitoring is the general name given to the process of monitoring online reputation of an individual or organisation. High profile individuals i.e. CEO are often depicted in fake ads promoting scams, for example, creating a hoax advert claiming a CEO has made lots of money investing in Bitcoin. The ads use a clickbait style to entice users. Reputation monitoring also can include general observations about online opinion regarding a person or brand, which may influence the marketing or communication tactics employed by the company to positively impact perceptions.


Reverse Image Search

A reverse image search is the process of searching a search engine for a specific image. Google, along with many other search engines, offer this feature. Users can click on an item to search the internet for matching or similar images. Images can also be uploaded, in specific formats to search. This can be useful for identifying use of copyright protected images being used without authorisation or to detect other locations of counterfeit items being advertised with the same image.


Reverse Proxy Server

See proxy server. A reverse proxy server is a proxy server that operates for the server, obscuring the server which delivered the request.


Risk Assessment

A risk assessment is the general term used to analyse potential risk from a given activity, piece of information, intelligence or platform etc. A risk assessment should be codified and applied consistently to ensure comparisons can be made and therefore effectively aid decision-making processes.



Robot.txt is a voluntary standard which requests search engines to not index a certain website or webpage.



A seeder is part of the BitTorrent peer-to-peer network. A seeder uploads data to the network enabling other peers to access the data to download. For a full set of BitTorrent related terms see:


SEM (Search Engine Marketing)

SEM is the general name given to the use of search engines as part of a marketing strategy. Both organic rankings, developed through SEO and sponsored ads can be utilised to drive traffic to a website.


SEO (Search Engine Optimisation)

SEO is the general name given to the process of building a website or developing content in order to gain search engine ranking by Google and other major search engines. SEO is a complex area of marketing covering a range of activities and tactics. The lower financial cost of marketing through SEO makes it a popular choice for individuals and SMEs.


SEO Manipulation

SEO manipulation is the process of trying to ‘game’ the algorithms which determine ranking. Often referred to as ‘black hat SEO’. Search engines regularly update their algorithms to detect and penalise such practices, however, websites set up for short term gain through illicit activities can exploit SEO manipulation techniques.


SERP (Search Engine Results Page)

SERP is the page delivered when a user enters a query into a search engine. For example, when conducting a Google-search, the index of listings delivered is the SERP.



See Domain Backordering. Snapback is the process of acquiring a domain name upon the expiration of the registration period. Many registrars offer auto-registration tools to prevent customers losing their domain name to backordering.


Social Commerce

Social commerce is the general name given to ecommerce platforms which incorporate social elements into the shopping experience. For example, Depop. The goal is to replicate the fun element to shopping into the digital experience. Social commerce also exploits the concept of ‘virality’, often creating incentives to promote the sharing of listings.


Social Engineering

Social engineering is used in the context of exploiting a user to divulging confidential or sensitive information which can then be used to attack an organisation or network. Human interfaces with a network can often be the cause of security breaches and security measures must consider how such risks can be minimised.


Social Entertainment

Social entertainment is similar to social commerce; however, it mixes social functions with entertainment features. Tencent in China is particularly expert as this business model.


Social Media Handle Portfolio Management

Managing a portfolio of social media handles is as important to brand owners and rightsholders as the more established market of domain name portfolio management. Ensuring names which may cause confusion are protected from being registered by a third-party, or seizing social media handles from third-party infringers helps protect social media channels.


SOCINT (Social Media Intelligence)

Social media intelligence is a subcategory of OSINT. SOCINT is the general name given to information obtained from social media accounts which is then evaluated and passed through a risk assessment to aid an investigation.


Sponsored Ad

A sponsored ad is a listing returned on a search engine, social media platform or marketplace that is displayed prominently due to the brand owner purchasing advertising space, rather than being delivered organically.



Spoofing is the general name given to the process of masking the source of a request to trick the destination as to the source. For example, a spoofed email may appear to be from a legitimate company, however, the email is sent by a scammer attempting to use the credibility of the spoofed brand to extract sensitive information.


SSL (Secure Socket Layer)

SSL is an encryption security protocol designed to increase privacy and data integrity. Typically, when a web browser displays a padlock next to the URL in the address bar, the website the user is connected to has an SSL certificate to verify communication between the user and server is encrypted. However, the padlock is incorrectly assumed to verify the legitimacy of the website, which is a tactic often used by infringers creating websites for illicit trade.


Status Code

A status code is a HTTP response which denotes the status of the server being connected to. For example, 404 Page Not Found.


Stream Ripping

Stream ripping is the general name given to software which enable a user to convert a stream into a downloadable file. For example, using software to bypass YouTube’s DRM and download a YouTube video as a file. Stream ripping often breaches copyright laws and laws designed to prevent the circumvention of DRM.



Streaming is the general name to the category of websites which make content available to stream, without needing to download the file directly to the user’s device. Legitimate streaming services include Netflix and Hulu. Unauthorised streaming services often target films, television content and live sports.



A subdomain is a subdivision of a website. For example, “” is a subdomain of “”. Subdomains are often used to for specific sections, such as the portion of the website commerce will be handled or for mobile users to connect to. Websites engaged in illicit trade often divide a website using subdomains to target a section to a specific brand or audience.


Surface Web

See deep web. The surface web is the portion of the web that is indexed by search engines.


Terms Of Service (ToS)

Terms of Service are vital in supporting digital IP protection and content governance efforts. Responsible online platforms will publish terms of service for all users of the platform, which governs the behaviour and content on the platform. Reading ToS of a platform is recommended before submitting any legal notices or requesting specific action.


Test Purchase

A test purchase is the process of purchasing a product suspected of infringing an intellectual property right to analyse the product and other factors associated with the purchase. Also known as trap purchase.


TLD (Top-Level Domain)

A TLD is the last portion of a domain name. For example, the “.com” section of a domain name. TLDs can be either generic or country code.


TOR (The Onion Router)

TOR is an open-source, free software aimed to increase anonymity and privacy through online communications. TOR is used to access overly networks, or the dark web, which has become synonymous with illicit activities. TOR is also used by journalists and other groups which require a layer of secrecy in the work they conduct. For example, a journalist will want to prevent information regarding their sources from being detected.


Transit Provider

A transit provider is an ISP allowing traffic to pass through their network. Transit providers are vital to the internet infrastructure as they enable smaller ISPs to connect to larger ISPs and deliver a fully connected network of networks.


UDRP (Uniform Domain-Name Dispute-Resolution Policy)

UDRP is an ICANN developed process for trade mark owners to dispute the registration of a domain name which includes their trade mark, and meets other specific criteria. UDRP is WIPO administered as a form of alternative dispute resolution. UDRP can be cheaper and faster than a full judicial process to reclaim a domain name.



Upcycling is the process of converting an item into a product of ‘higher quality’. Upcycling therefore customises a product, but should not be confused with counterfeiting.


URL (Uniform Resource Locator)

A URL is the address used to access content on the internet.


URS (Uniform Rapid Suspension System)

URS is another form of alternative dispute resolution to suspend an infringing domain name which meets specific criteria. URS is far more restrictive in application than UDRP and is not commonly used in comparison.


User Agent

A user agent is software that enables the network to identify the application type and deliver the appropriate content. Through browser extensions, the user agent can be spoofed, enabling a user to access the variants of a website aimed at different devices.


User Uploaded Content (UUC)

UUC is the general name given to a platform which enables users to directly upload content. For example.



Vcommerce is the general name given to ecommerce delivered over voice-enabled devices. For example, ecommerce conducted over an Amazon Echo device using Alexa.


VeRo (Verified Rights Owner program)

VeRo is eBay’s process for reporting intellectual property infringements. All regional eBay platforms are covered, and other owned eBay ecommerce platforms follow the same reporting processes. The system is eBay’s equivalent to Alibaba’s IP Protection Platform or Amazon’s Brand Registry. For more information:


Virtual Machine

A virtual machine is the emulation of a computer system. Using emulation software, a PC can run a virtual machine which appears to be an actual computer. For example, using a virtual machine to run a Linux distribution within the Windows Operating System. Using a virtual machine is vital when conducting cyber-investigations.


VPN (Virtual Private Network)

A VPN is software used to add security and privacy by extending a private network across a public network. A VPN can be used when accessing a public Wi-Fi hotspot to add a layer of security through encryption. However, VPNs can also be used to circumvent website blocking orders.



Digital watermarking is the process of adding data to an image, music or video file which can be detected and monitored using specialist software. A watermark can either by highly visible or completely imperceptible. Digital watermarking is often used in combination with fingerprinting for high value content such as films and live sport.


Web Archive

A web archive is a website dedicated to archiving internet content. For example, “”. Through web archives, older versions of websites can often be discovered.


Web Crawler

A web crawler is the general name given to software used to automate the process of following hyperlinks on websites and webpages and extracting information. Also known as web spider.



A webhost is the service provider enabling a website to be connected to the internet for users to access. The website and related files are stored on the webhost servers, with connectivity provided to enable accessibility.


Website Blocking Orders

A website blocking order is a type of injunction which states a service provide must prevent access to a specific website through technical measures. In the UK, website blocking orders are the primary tool used by the content and media industries. Website blocking orders have also been used against websites offering for sale counterfeit items. Typically, a website blocking order will be obtained against broadband providers, which then apply technological measures to prevent their customers from accessing the website covered by the order. The efficacy of website blocking orders is heavily debated, and new technological changes could restrict the capability of such orders.


Website Builder

A website builder is a platform that provides tools for the creation of websites. For example. Wix. Such platforms offer a range of features, often including drag and drop solutions to simply the process.



WHOIS is the protocol for querying information regarding a domain name, such as information about the registrant, registrar, webhost, IP address etc. For example, Domain Tools can be used to search for such information about a domain name.


WIPO (World Intellectual Property Office)

WIPO is the international organisation responsible for promoting the creation and protection of intellectual property. WIPO is a sub-agency of the United Nations.