At first glance, the title of this article may invoke images of robots engaged in unsavory practices, but cybersquatting is an aggressive business practice employed by many “entrepreneurs” against both small and large business owners. As we all know, doing business on the web has become an important, if not essential channel for many businesses around the world, and websites are identified with their owners in large part due to the “domain name” (fancy word for website address) used by the owner. As a result, obtaining a domain name that is closely associated with a business is very important for most ventures. Cybersquatters know this as well and count on it.

Cybersquatting encompasses several different unscrupulous tactics, but the most direct form comes when a person registers/reserves an internet domain name with the intent to later resell or license the domain name back to the individual or company that would normally be associated with that domain name. For example, suppose Joe Blow pays $70 to register the domain name before IBM has had a chance to register it. Joe Blow then offers to sell it back to IBM for $50,000. When IBM balks at paying that much for a site, Joe Blow then posts pornographic pictures and links on the site to embarrass IBM and coerce them to pay. While this may seem unbelievable to you, almost the same thing has happened in the past to UCLA, ExxonMobil, Intel and Gateway Computers. Gateway did, in fact, end up paying a cybersquatter $100,000 for in the late nineties.

Other cybersquatting tactics include registering a domain name containing another’s trademark and setting up a website. The cybersquatter displays advertisements on the website on behalf of advertisers willing to pay the cybersquatter anywhere from a few pennies to a few dollars each time somebody clicks on one of the ads. The cybersquatter then counts on the fact that Internet users will type in the cybersquatted domain name into their web browser and click on the ads. Multiply this by a hundred clicks per day, and multiply that by a thousand domain names, and you can imagine the profit potential.

Cybersquatters recognize a single domain name can bring in hundreds of dollars a day, and they capitalize on this by acquiring domain names that will yield substantial user traffic. Often, these are domain names that incorporate misspellings or variations of the best-known trademarks. As an example, cybersquatters register more than 2000 domain names every day containing the trademark Microsoft. As another example, over 10,000 domain names exist containing variations of the trademark Coke/Coca-Cola.

So, what can you do when a cybersquatter has beaten you to a domain name that should properly be yours? What are your options? Initially, the business owner may simply wish to send a cease-and-desist letter to the cybersquatter, demanding the cybersquatter return the domain name immediately. Such a cease-and-desist letter may state that if the cybersquatter does not comply with the letter, the business owner will file a lawsuit, which could result in serious consequences to the cybersquatter. The cease-and-desist letter is an inexpensive approach, which can often bring positive results.

Once a cybersquatting victim decides he or she needs to adopt a more aggressive approach, there are two primary domain name rules providing legal channels for recovering a domain name: the anti-cybersquatting Consumer Protection Act (“ACPA”) and ICANN’s Uniform Domain Name Dispute Resolution Policy (“UDRP”). The ACPA allows trademark holders to file lawsuits against cybersquatters in the United States federal courts and allows for the recovery of up to $100,000 per domain name in damages from the cybersquatter, plus costs and fees. The ACPA also addresses situations where the cybersquatter is in a foreign country, or where the cybersquatter cannot be identified at all. In such situations, the ACPA enables the cybersquatting victim to recover his or her domain name but does not allow for the recovery of damages. This process is referred to as an in-rem action. The ACPA is set forth in the United States Lanham Act (15 U.S.C. §1125(d)), which is the comprehensive federal law on the topic of trademark infringement.

ICANN, the nonprofit organization that oversees the domain name registration system, has also promulgated rules governing domain name disputes. When anyone registers a domain name, that person is required to submit to binding arbitration in the event of a dispute concerning that domain name, including an allegation of cybersquatting. This binding arbitration is conducted according to ICANN’s Uniform Domain-Name Dispute Resolution Policy (“UDRP”). UDRP proceedings are intended to offer an efficient process, where the issues are decided without a trial or oral hearing. Unlike a lawsuit brought under ACPA, however, UDRP does not allow for the recovery of damages, costs, or fees.

Obviously having to spend the time, effort, and expense to combat cybersquatters is a distraction to the business owner and diverts their attention from whatever is the focus of the company. So, what preventative measures can the typical business owner take to try and protect themselves from these internet extortionists in the first place? Here are a few tips:

  1. If you have a domain name already, you need to make sure that you renew it in a timely manner. When you register a domain name, it is not yours in perpetuity, you will need to re-register it every year or so. Most domain registering services will send you an e-mail to remind you to renew but you can add an extra layer of security by calendaring this date when you initially register the domain site, so you do not need to rely on this reminder e-mail. Also, make sure you do not wait until the last second to renew your domain. Some unscrupulous people have computer programs that scour registry services and will nab your domain name the second it expires. Just think what this would mean to the website you spent thousands of dollars designing and which generates tens or hundreds of thousands of dollars for you?
  2. In addition, you should register every possible "typo" and keyword leaching domain name. Start with your real domain name and register .com, .net, .org and then continue down the list with typos and keyword leaching. Set up these additional domains to redirect to your primary/real domain. Don't forget the losers who will register the "-" (hyphen) incarnation of your domain name like this: If you find one already registered and you don't hold a Trademark on it, watch the expiration date and try and register it as soon as it expires.
  3. Register your domain name as a Trademark via the United States Trademark Electronic Search System (Tess) site. Consult with your attorney if you are not comfortable doing this yourself.
  4. Honest mistakes can happen to a Webmaster. If you receive a legal notice that your domain name infringes on an existing mark which was registered before your domain name, surrender it at once.

While everyone recognizes the internet can be a great resource for businesses, both big and small, it unfortunately can also be a tool for those looking to get-rich quick at the cost of others. Cybersquatting is no exception and has been around almost as long as the internet. While federal laws and other consumer safeguards have now begun to be put in place to protect businesses, new predatory practices are devised on an almost daily basis to try and side-step these protections. A general understanding of this devious practice as well as the undertaking of several simple steps to protect a business’ good name is essential in this ever-evolving, technological world.

This article appeared in the August 18, 2008, issue of the San Diego Business Journal

For more information, please contact our office at 619.238.1712.