This article was published on May 29, 2011

Welcome to the world of cybersquatting


Welcome to the world of cybersquatting

When Welsh actor Huw Marshall registered WayneRooney.com and WayneRooney.co.uk back in 2002, he probably didn’t expect that it would end up costing him £6,000.

You see, when he registered the domain name, Wayne Rooney – the future England and Manchester United football star – was a young 16-year old, just breaking into the Everton senior team.

The official story goes that Marshall was a big Everton fan, so he registered the two domains with the long-term view of setting up non-commercial fan websites. He never quite got ’round to it, and when Wayne Rooney made his big-money move from Everton to rival club Manchester United, that idea was put on ice.

In 2002, before ‘Wayne Rooney’ had been registered as a trademark, Marshall had been contacted by Rooney’s agent asking to buy the .com domain. According to Marshall in 2006:

“I said if they wanted it they were more than welcome to have it, but then that fizzled out and they never got back to me.”

Fast forward four years and Marshall receives a large legal document from the World Intellectual Property Organization (WIPO) in Geneva, stating that Rooney had filed for ownership of WayneRooney.com. Marshall opts to defend the case but in October 2006 is told he must hand the domain name over and cover £6,000 in legal costs.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

Similarly, the same month Marshall loses the rights to the .co.uk domain, when Nominet announces he must hand the domain name over.

Whilst it seems that Marshall wasn’t explicitly attempting to profit from the two Rooney domains, it was argued that he had procured the domains in bad faith, as he couldn’t prove that he was attempting to set-up fan sites. He had no prior knowledge of web design and it was evident that he hadn’t attempted to set-up a fan website.

And, it seems, there are many similar cases.

The world of cybersquatting

The practice of registering domain names with the intent of exploiting the ‘rightful’ owners has been fairly common over the years, and celebrities and businesses have often been required to go down legal avenues to secure the rights to domain names.

The practice is known as cybersquatting. But what constitutes ‘cybersquatting’ and how easy is it for trademark owners to secure domain names? Well, here’s a few other documented cases which will help illustrate what the powers that be look for when making their decisions.

Movie director Spike Lee won a case against a cybersquatter in 2004. Someone had procured spikelee.com and was using it to direct users to a pornographic website. WIPO ruled that the name had been registered in bad faith.

And then there is Jeff Burgar, who is perhaps one of the most notorious cybersquatters. Over the years, he has registered hundreds of famous people’s names, all of which redirected to his own website Celebrity1000.com. Those include CelineDion.com, MichaelCrichton.com and KevinSpacey.com. Burgar has attempted to defend himself at many WIPO judgements, and one of the most high profile ones was for TomCruise.com, back in 2006.

Burgar argued free speech and the first amendment in his defense, something that is actually legislated for in the Uniform Domain-Name Dispute-Resolution Policy (UDRP). But WIPO concluded that it had to weigh this up against trademark rights and the fact that Bulgar had been taking unfair commercial advantage of a trademark. Basically, on his re-direct website, there was third-party advertising.

Interestingly, Bulgar also argued that given it had taken Tom Cruise ten years to launch his claim for the domain, Cruise had implicitly agreed to Bulgar’s legitimate ownership. This, arguably, could have been a valid claim…but it was dismissed.

Then there are brands. Way back in 2000, the BBC took a cybersquatter to court who had been attempting to auction bbc1.com and bbc2.com, which are the names of the broadcaster’s two main terrestrial TV channels in the UK. The court ruled that the cybersquatter should hand over the domains and cover the BBC’s legal costs.

Conversely, it later transpired that the BBC paid $375,000 for the BBC.com domain name. The owner, Boston Business Computing, had legitimately obtained the domain and hadn’t been trying to exploit the British Broadcaster’s brand or trademark, but it clearly felt it needed to be adequately recompensed for transferring its website to bosbc.com. But that is the value of having a global brand identity – the BBC didn’t want its name being used by a third party on a .com domain.

Similarly, the BBC briefly attempted a legal challenge with the owners of BBC.org, which was – and still is – owned by a small Canadian computer club called ‘Big Blue & Cousins’. As it states on its website:

“Our first web page was published in 1994. We suffered a temporary challenge when, in December 1999, the British Broadcasting Corporation complained about our use of “BBC” in our domain name. However, we had a strong case and ultimately prevailed. The BBC just dropped their request.”

And Internet giant Microsoft took umbrage with Canadian teenager Mike Rowe, who set up a website at the domain MikeRoweSoft.com. The story made international headlines, when in early 2004 Rowe received a letter from Microsoft’s Canadian legal team asking him to hand the domain over, due to its phonetic resemblance to Microsoft. The company’s subsequent offer of $10 to cover his domain name registration costs was met with a request for a much more substantial compensation request of $10,000. This was thus deemed to amount to cybersquatting and Rowe was issued with a 25-page cease and desist order and a document from WIPO.

Needless to say, the negative publicity led to an out-of-court settlement and an acknowledgement that Microsoft had been a little too aggressive with its trademark defense.

But, this was a very interesting case to look at from a trademark perspective. On the one hand, Microsoft probably knew it would get negative publicity for targeting a teenager, but if it didn’t take action then it would weaken its rights in future trademark infringement cases. It may have set a precedent, so it had to pursue in this case.

So as you can see, there are many different scenarios in which a brand or a celebrity may or may not have a legitimate claim to win the rights to own a domain name. It’s actually a very complex area, and it’s far from black-and-white, but it essentially comes down to two key points.

If a trademark is already in place when a third party registers a domain name, it’s a relatively straight-forward case of proving that the trademark has been infringed. This can be through the courts – the most expensive option – or through lodging a complaint under the relevant domain name dispute resolution policy (e.g. UDRP), which is typically much cheaper.

WIPO is the most well-known UDRP service provider, but it is one of four. These services cover most of the generic top-level domains (gTLD), for example, .com, .net, .org, .biz, .info, and .mobi. Many country code top-level domains (ccTLD) registries have appointed WIPO to administer UDRP services for their domains – .co (Colombia) is a relatively recent example. But many ccTLD disputes are managed by in-country organizations, such as Nominet in the UK.

If a trademark isn’t in place when a third-party registered a domain, it’s maybe not so straight-forward. I spoke with an IP practitioner, who has been involved in around fifty domain dispute cases, to explain the importance of a trademark:

“In court proceedings, one must have a trademark – registered or unregistered – to succeed in either a trademark infringement action or a passing-off action (pretending to represent a specific party when you don’t). In proceedings under the UDRP, one must also have a trademark – registered or unregistered, but to succeed under the UDRP avenue, registration of the domain name must normally have post-dated the issuing of the trademark. So, the offending registrant must have had the trademark in mind when registering the domain name.”

So, how come Wayne Rooney was able to succeed in his case when the domains were registered before the trademark was issued? The key, it seems, lies in the ‘unregistered’ element of trademarks. In WIPO’s findings, it stated that Wayne Rooney had already gained sufficient reputation and ‘goodwill’ by the time Marshall had registered the domain names, which meant that by default Rooney’s name qualified as an unregistered trademark. The panel noted that he may not have had national fame at the time the domains were registered, but he was well known and revered in the Liverpool area. On top of this, WIPO concluded that the domain names had been procured in bad faith.

The IP practitioner I spoke with also noted:

“There are numerous variants. Under the UK DRS policy for example, a trademark right is not a necessary pre-requisite – any legally enforceable right will do e.g. a contractual right. And under the South African policy a domain name can be cancelled if it is likely to cause offence to a section of the community.”

So, polices can vary from country to country. But trademarks aside, determining cybersquatting cases often comes down to establishing whether a domain has been bought in good or bad faith.

I put a hypothetical scenario to the IP expert, asking what if another man called Wayne Rooney had bought WayneRooney.com to use as a personal blog, and then the footballer Wayne Rooney trademarked his name. Would a cybersquatting case be thrown out?

“That would be the likely result. But it might not be under some of the policies (but not the UDRP) if he then used the domain name in a manner capitalizing on the trademark.”

So there are other rules and regulations in place to ensure that trademarked names – irrespective of when they were registered – are protected, and that unauthorized third parties can’t profit from pretending to be affiliated with a brand.

Simply using a trademarked name in a URL can lead to legal wranglings too, as we’re seeing with Facebook. It is currently attempting to secure the rights to 21 different domain names that have been registered, including joinusonfacebook.com, killfacebook.com, moneyfromfacebook.com and moneywithfacebook.com. And Facebook already owns domains such as IHateTheFacebookLikeButton.com, LikeButtonSucks.com, LikesSucks.com and many more.

Gripe sites

And what about gripe sites? Many pissed-off people have taken to cyberspace in an attempt to tell the world how bad a corporation is, and this is moving into slightly different territory to that of cybersquatting. Though it is in the same ball park.

There’s Mitsubishi Sucks and Microsoft Sucks for starters, but there have been hundreds of gripe sites over the years. The legal position of these sites received some clarity last year, when a disgruntled customer of Career Agents Network (CAN), set up his own website using the exact same name, but on a .biz domain instead of the .com. CAN attempted to have the site removed, but it lost in court, because the .biz site wasn’t of a commercial nature – it was merely warning other customers to avoid CAN. A major victory for the first amendment, and a clear sign that, in the US at least, it’s fine in some instances to take a trademarked term in its entirety and use it in a domain name.

I asked the IP practitioner about the issue of using trademarked terms in a domain name, he said:

“This is a highly complex area and difficult to deal with in short form. My personal view is that generally if the domain name telegraphs to the world that it is a gripe site, the trademark owner is likely to lose the case under a domain name dispute resolution policy. If however the content of the site is defamatory, the trademark owner might well succeed in a defamation case in court.”

Okay, so if someone is using a gripe site as a sort of aggregator for negative news stories, as is the case with sites such as Career Agents Network (.biz) and Mitsubishi Sucks, then you will ‘probably’ be fine. But if you use a site to post false claims about a service, company or product, then it’s possible that defamation or libel laws could be used to haul a website offline.

Typosquatting

Typosquatting has been a popular means for scammers and spammers to peddle off the good name of established brands. The act involves people registering domain names that are similar to real domain names, but are different by a letter or two. They are designed to capitalize on Internet users hitting the wrong key on their keyboard.  Back in 2005, Google won the rights to googkle.com, ghoogle.com and gooigle.com, sites that had been set up by a Russian man to spread malware on users’ machines.

Even to this day, goggle.com is owned by a third party, and will attempt to infect your computer if you visit the website. So please don’t visit it.

Some gripe sites employ typosquatting techniques to spread their good word, and this may not be entirely illegal. In 2005, Jerry Falwell, a US evangelical fundamentalist pastor, attempted to get fallwell.com taken offline, given that the owner – Christopher Lamperello – was using it to rebute controversial homophobic claims made by the pastor.

The court ruled in Lamperello’s favor, stating that there was no trademark infringement based on “initial interest confusion” for websites that were non-commercial and critical of the trademark holder. Given that Lamparello’s site was non-commercial, there was no ‘bad faith intent to profit’ and this did not amount to cybersquatting.

So in typosquatting cases, the complainant must demonstrate that the registered domain name is identical – or confusingly similar – to their trademark, that the registrant has no legitimate interest in the domain name, and that the domain name is being used in bad faith.

There are plenty of other examples of typosquatting. Nicrosoft.com isn’t owned by Microsoft, it’s a redirect for an affiliate marketing website. Why hasn’t Microsoft pursued this? Probably because it isn’t overly concerned and that it knows nobody will be confused between the two websites. The IP practitioner I spoke with says:

“If the typosquatter is clearly targeting the trademark owner, the typosquatter is likely to lose. However, many trademark owners don’t bother to pursue typosquatters unless there is a serious risk of damaging confusion.”

It seems that whilst many brands do vigorously protect their trademarks and intellectual property, it’s impractical for them to hunt down and pursue every single case. And unless a website does genuinely lead to confusion with a user – for example if Nicrosoft.com led to a website that mimicked Microsoft’s homepage, then you can be sure it would be dealt with pretty swiftly.

Most cybersquatting cases dealt with by WIPO are actually publicly available, and you can view the outcome of these cases all the way back to 1999.

Meanwhile, we can expect to see many more cybersquatting, typosquatting and gripe site cases coming to the fore in the future. It’s only free speech after all…isn’t it?

Get the TNW newsletter

Get the most important tech news in your inbox each week.