WHAT IS CYBERSQUATTING?
Cybersquatting is the bad-faith registration and use of a domain name that would be considered confusingly similar to an existing trademark, for example CADDNA.org (see below) or AppleProducts.com. Whereas “apple” can be a generic term, here it is clearly used in reference to Apple, Inc. Cybersquatters often conduct a variety of illegal and illicit practices: they can deliver malware, sell counterfeit goods, host phishing schemes, steal identities, and make money from deceptive advertising ruses. They also often use highly sophisticated automated programs to acquire Internet domain names on a massive scale, which means they exploit Internet users on a massive scale.
For a glossary of terms, click here.
HOW DOES IT AFFECT INTERNET USERS?
Internet users may find themselves diverted to a cybersquatted site when they try to navigate to their favorite brand site by typing the domain name incorrectly into the browser bar. A slip of the finger that creates a typo or spelling mistake could land the Internet user on a domain name owned by a cybersquatter explicitly intended to exploit user errors. Sometimes, a creative search of a brand+product domain name (BrandProduct.com) will yield the same result.
And once they’re there? At best, it’s a frustrating experience for Internet users. The Internet user may try again and land on his or her desired target. Or they might not be so lucky. They may already have been exposed to malware and phishing schemes that could steal their personal information, commandeer their computer, or jeopardize the proper operation of their systems. Or they might be diverted to sites that sell counterfeit goods or offer unsavory content.
HOW DOES IT AFFECT BUSINESSES?
Cybersquatting has evolved over the past decade into a sophisticated form of online cybercrime. Brand owners lose resources that could be better spent towards innovation and job creation to schemes that can be perpetuated by cybersquatted sites. Some issues include:
- Pay-per-click sites: Brands pay for clicks on advertisements hosted on infringing sites.
- Theft through phishing activities
- Malware attacks
DO BRAND OWNERS AND CONSUMERS HAVE ANY SUPPORT?
The burden of policing the domain name space and protecting consumers falls heavily on brands, and they have little recourse to combat existing infringements and deter future infringements.
OPTION #1: FILE A LAWSUIT AGAINST A CYBERSQUATTER USING THE ACPA
Congress enacted the Anticybersquatting Consumer Protection Act (ACPA) in 1999 as an initial means for brand owners to seek redress against cybersquatters, back when cybersquatters used to register domain names that infringed on brand owners’ trademarks and hold them for ransom until the brand owner paid up.
But today, the practice has evolved to a point where cybersquatters are no longer dependent on domain name sales for profit. Automated programs acquire domain names and set up pay-per-click sites on a massive scale with minimal human involvement, allowing cybersquatters to draw in millions in advertising dollars. As a result, it is possible for operators to control and monetize hundreds of thousands, or even millions, of Internet domain names.
There are two other problems. First, cybersquatters tend to register relatively few domain names per brand, preferring instead to build volume by infringing on a few domain names from many brands. As a result, brands can usually only pursue a cybersquatter for a handful of domain namesat a time. Given the resources that a lawsuit requires, this is an unsustainable Second, judges tend to award damages on the low end of the spectrum, sometimes as little as $1,000 to $2,000 per domain name. So, filing ACPA action against a cybersquatter is often ineffective and expensive for brands, and a weak deterrent to cybersquatters – proof positive that it is time to update the law.
There is a third issue – the issue that the true identities of cybersquatters can often stay hidden behind false registration information and privacy services, making it difficult to bring them to court in the first place. This is why better verification of registration information is also key to combating cybersquatting.
OPTION #2: FILE A UDRP COMPLAINT
Brand owners may file an infringement complaint using the Uniform Domain-Name Dispute-Resolution Policy (UDRP), a set of rules ICANN developed to resolve disputes. This option is of little help to brand owners and consumers because cybersquatters are allowed to carry on undeterred and in fact may remain anonymous.
The cost for brand owners to file a UDRP against every infringement would be prohibitive. Even if they did, the most severe penalty allowable under the UDRP is to force a cybersquatter to relinquish the domain name in dispute. That is no deterrent to cybersquatters with thousands of domain names. And they can easily replace a relinquished domain name with another infringing site.
OPTION #3: DEFENSIVELY REGISTER DOMAIN NAMES
Brand owners routinely register defensive domain names to keep them out of the hands of bad actors. However, bad actors may devise an endless number of possible domain names that include typos or that combine trademarks with other words, making it impractical and cost prohibitive for brand owners to keep pace.