Cybersquatting & Domain Name Protection Under Trademark Law

Crimes in the modern society when analyzed shows one factor as the root cause- Money. Answering the question as to why domain names ought to be protected, obtaining and registering a domain name does not cost much, while this being said, once a domain name has been registered and a website has been developed and made available to the public, one major source of income for such websites is advertisements. When an original registrant of a domain name generates revenue from such websites, false/ fake websites carrying similar domain names created with the intention to cause deception and confusion among its users would pose as a threat to the functioning and revenue generation by the original website. This is one example as to why domain names ought to be protected.

What Is A Domain Name?

In simple terms, domain names can be defined as a human readable version of the website's IP address. The case of Satyam Infoway Ltd. v. Sifynet Solutions Pvt. Ltd.[i] states that "A domain name is easy to remember and use, and is chosen as an instrument of commercial enterprise not only because it facilitates the ability of consumers to navigate the Internet to find websites they are looking for, but also at the same time, serves to identify and distinguish the business itself, or its goods or services, and to specify its corresponding online Internet location.". It is basically an internet address that consists of a string of characters, comprising of letters, numbers, and characters, which can be used to access web pages. A closer look into the concept can be arrived by dissecting the same. The name can be split into two levels. One- the top-level domain (TLD) and the other- a second-level domain (SLD). For example, in the case of www.google.com (the domain name), the last part of this domain name would be the TLD, i.e., the expression .com. Again, there are classifications to these TLDs which include Generic top-level domain (gTLD), Country-code top-level domain (ccTLD), Sponsored top-level domain (sTLD), Unsponsored top-level domain (uTLD), etc. The part in the domain name which precedes the TLD is the SLD. In our example, the expression google forms the SLD. From this it can be easily inferred as to which part of the domain name is the most important one. While TLD is also important, the SLD acts as the tool through which the basic purpose of domain name is fulfilled, that is the identification.

Is A Website The Same As A Domain Name?

Domain name and website, these two names go hand in hand, while many people do inadvertently confuse these two terms, understanding the distinction is important. A domain name can be simply called as a path that leads a user to the website and a website is a platform which is developed and is the result that is displayed when one enters the particular domain name. For instance, the domain name shall be stated as the path to reach a particular location, whereas the website is the location itself. Now these websites once developed carry a unique IP address, which is complex and difficult to be remembered, for which domain names are used as an alternative.

The purpose of protection of an internet domain name can be viewed equal to the purpose of a trademark registration. The basic purposes behind protection of domain name includes:

• Protection and Promotion of brand name
• Better brand outreach, global outreach
• Supports expansion of business
• Exclusive right to use the particular name
• Helps in distinguishing a particular brand's/ business' goods and services

The above mentioned purposes clearly shows that the intention behind protection of a domain name and the registration of a trademark are similar, thus there is strong interconnection and relevance between these two aspects. In that case, can internet domain names be registered and protected as trademarks? The answer to this is affirmative, which can be understood from the case Satyam Infoway Ltd. v. Sifynet Solutions. The major issue in this case was whether a domain name can be considered as a word which is capable of differentiating the trade/service which is supplied to the users on the internet and does the same confer any Intellectual Property Rights?

The Court was of the opinion that the basic role of a domain name was to provide address for the computers on the internet and that the internet has changed since times, from being as a communication means, it has become a more of carrying a commercial activity and domain name is now used as an identity of a business. It was also mentioned that a domain name may be considered as services under Section 2(z)[ii] of the Trademarks Act and the domain name has become an exclusive identity and as time passes by, more and more activities (commercial) advertise or trade on the web, making the domain name more valuable. A domain name is not only used to facilitate the consumers but it also helps in the identification of the two different business activities. With regards to the question as to whether the principle of trademark law and in particular those relating to passing off apply in case a domain name has been infringed it was stated that the use of similar domain names has all similar ingredients which passing off has, thus domain name has the same characteristics as that of trademark and can be also filed for the action of Passing off.

What Is Cybersquatting And How Is It Related To Domain Names?

As the name suggests, Cybersquatting is a form of cybercrime which has been in the rise since the evolution and development of the internet, especially the last decade. In the case of Pen Books Pvt. Ltd. v. Padmaraj[iii], the High Court defined the act of Cybersquatting as "Obtaining fraudulent registrations with an intent to sell the domain name to the lawful owner of the name at premium". In simple terms registering similar domain names deliberately with the malafide intention to cause confusion among public and at a point sell the same back to the lawful owner of the original domain name at a hefty price is called Cybersquatting.

Cybersquatting can also be classified into different types based on the grounds of fraud. For instance, registering and making a domain name available on the public forum which is deceptively similar or nearly identical to an already existing domain name is one of the basic form of cybersquatting which can also be termed as domain name squatting. Another prominent type of squatting is the Typo Squatting. In this particular case, common typo mistakes are the loopholes to trick users. Misspellings are the key to such squatting. Another common form of cybersquatting is identity theft. Domain names registrations and subject to periodical renewals. Cyber squatters keep a watch on such domain names which are due for renewal and purchase the same, pose to be the previous user of the domain name. One major question to ponder upon here is that, what is the object behind just squatting activities? What do the squatters do once a website/ domain name has been duplicated/ squatted? As stated earlier the major motive behind crimes in this modern world is money. Once such squatting of domain names takes place, arrangements such as pay-per-click and pay-per-visit generates squatters revenue. Further, the innocent user believing the squatted website to be the original and genuine one may be redirected to unlawful and illegal websites or phishing sites, which also generates revenue or allows the squatters to commit related cybercrimes such as hacking. One example for this scenario is the case of Fox News[iv], where domain names such as xofnews, foxnews-entertainment were created and the site contained the logo and look of the original domain holder. When users entered the site articles in relation to a weight loss supplement promoting the same was displayed, which further redirected them to a page where payments could be made to purchase the supplement. n certain cases duplicate products or goods similar to that of the original domain name holder is put up for sale, which the innocent consumers believe to be legitimate ones and purchase from the same, affecting both the consumers and the brand/ original domain name holder in all aspects, monetarily, affecting his reputation and goodwill.

Another aspect to be considered is the difference between the term Domain Investment and Domain Squatting. The basic activity of Domain Investment is to purchase domains that contain random dictionary terms or popular names with the intention of reselling them at a greater price in the future. The activity involves making predictions about the different kinds of domain names that would be in trend in the future and those people will require in the future, analyze and keep a watch on the latest trends. For instance, in the present scenario it can be speculated that Bitcoins, NFTs and crypto currency are the next big thing in the future as they are gaining more popularity and are being used in a trial and error method by a lot of people, thus registering names in relation to the same with related phrases can be termed as Domain Investment. The basic points of differentiation between Domain Investment and Cybersquatting are as follows:

• In the case of squatting domain names are brought that resembles an already well-established business/brand, but domain investors analyze and understand future trends and register the same.

• Cyber squatters buy domain names which already have a trademark on their name.

• The basic aim of a squatter is defrauding people.

• Squatters have an intention of generating income in the future by coercing the original business to buy it at a higher price.

Cybersquatting And Law:

ICANN is one body that almost everyone around the world are aware of and connect to once the thought of registering a domain name strikes. ICANN- Internet Corporation for Assigned Names and Numbers, is a non-profit public-benefit corporation with participants from all over the world which is dedicated to keep the Internet secure, stable and interoperable. The body basically promotes competition and develops policy on the Internet's unique identifiers. One fact to be accepted is that the body plays a coordination role in the Internet's naming system and does have an important impact on the expansion and evolution of the Internet[v].these said, it can be simply inferred that ICANN is one body which is responsible for the management and functioning in relation to internet domain name system. WIPO is another body that can be approached in case of any disputes in relation to Intellectual Property Rights. Thus, ICANN with recommendations from the WIPO had framed the Uniform Domain Name Dispute Resolution Policy (UDRP)[vi].

According to the policy, all registrars must follow the Dispute Resolution Policy, which lays down dispute resolution as one mandatory procedure to solve domain name disputes and should involve an agreement, court action, or arbitration. Further, the policy also states that disputes alleged to arise from abusive registrations of domain names, specifically referring to the act of cybersquatting, would be addressed by expedited administrative proceedings. The pre-requisites to invoke the policy are as follows:

• File a complaint in a court of proper jurisdiction against the false domain-name holder

        or

• In cases of abusive registration submit a complaint to an approved dispute-resolution service provider and the list of the same has been mentioned in the official website of ICANN.

Once such action is undertaken, the administrative panel would take a decision on the matter, which would either cancel the domain name of the false domain holder or the squatter or transfer the same to the original holder or the complainant. The policy also mentions that the complainant has the responsibility to prove that the registrant has bad faith or malafide intention behind registration of the particular domain name, simultaneously the registrant is also called upon to prove and demonstrate that he has a legitimate interest in the domain name and behind the creation or registration of the same. This policy also faces a lot of criticisms due to the following reasons:

Firstly, the decision of the administrative panel is not final as the parties are still given the option to place their claims in any competent court. Secondly the policy is not adopted as law in many countries and because of the same it can be concluded that the body's dispute resolution system only has advisory value which is limited. One major reason behind the policy being criticized is that it does not contain any deterrent provisions such as awarding exemplary damages to the victim whose trademark/ domain name has been violated by the cyber squatter. The only two options that are being made available to the aggrieved party are to get the squatter's domain name registration cancelled or to have the domain name transferred to the complainant or the victim.

Taking a look into the legal stand in other countries, it is pertinent to mention that certain countries have strict laws to protect their Intellectual Properties and domain names, whereas certain countries have lax and casual laws which does not strictly prevent IP and domain name related crimes. As far as the United States is concerned, it can be called as the first country to implement a legislation in order to prevent Cybersquatting- The Anti-Cybersquatting Consumer Protection Act (ACPA)[vii]. According to this law, the trademark holders are allowed to initiate a civil suit against squatters who register domain names which contains the registered trademarks with the malafide intention to profit from such infringing domain names. Again the legislation jots down certain pre-requisites to initiate a suit under the act, which includes the plaintiff to prove that:

• The particular mark of the aggrieved person is distinctive in nature.
• The domain name in question belonging to the squatter is identical or deceptively similar to the registered mark of the plaintiff.
• The domain name was used by the squatter with bad intention to loot unlawful gains from the plaintiff's registered mark.

The good faith defense is also being provided with the intention to prevent any harassment of innocent registrants. One major difference between the UDRP and this legislation is that the Court has the authority to impose injunctions, revocation and transfer, or damages.

What if the squatter cannot be located?

Unlike physical crimes, the acts committed on the internet are difficult to be located and owing to technological developments, there is every possibility that the location of the committer of a crime remains unknown. In such a scenario, the ACPA has provided an in rem provision with the intention to bring to justice to victims where there exists squatters who are unable to be located or who are outside of the Court's personal jurisdiction. But in this case, the authority of the court is limited to order the particular domain name to be forfeited, cancelled, or transferred to the mark owner and there is no scope for damages. Further, the plaintiff has the burden of proof to establish that the plaintiff's trademark is registered with the USPTO or is protected under the Lanham Act and that the plaintiff was unable to establish personal jurisdiction over the squatter and was unable to locate the same. The absence of the mechanism for awarding damages in this particular case or provision is considered as a major issue with the legislation.

Apart from the US, Australia though it does not have a specific legislation in relation to cybersquatting, apart from the civil laws, the victims are granted with the provision to arbitrate the matter under the AU Domain Administration Ltd's Dispute Resolution Policy (auDRP)[viii], which was formed by the Australian Domain Authority which is a policy making body in relation to developing and enforcing laws governing the registration of domain names in the country and taking care of the functioning of the Australian domain industry. Just like the UDRP and the ACPA flaws can be spotted in the AU mechanism too.

Indian Judiciary's Stand On Cybersquatting And Domain Name Protection:

The country does not have a specific legislation in relation to Cybersquatting but the Indian judiciary has dealt with a number of cases in relation to domain name disputes and it can be understood that the Courts have been trying to bring the action for a cybercrime into the ambit of a common law action for passing off. The case of Yahoo Inc. v Aakash Arora &Anr.[ix] can be traced to be one of the earliest cases in India in relation to cybersquatting and brought the same to the notice of the Indian judiciary. A website was created by the defendant with the domain name YahooIndia.com, where identical services as that of the Plaintiff were offered. The court was of the opinion that the act of the defendant was an attempt to profit from the fame of the Plaintiff's registered trademark and the case was decided in favour of the Plaintiff. Similarly, in the case of Dr. Reddy's Laboratories Ltd. v Manu Kosuri[x], the defendants were using the domain name drreddyslab, which was identical to the plaintiff's trade name. the same was barred from usage as the domain name gave the users and consumers the impression that the defendant's products were in some way linked to the plaintiff's products or services, which impliedly allowed the defendant to profit by passing off its products as the plaintiff's, thus the plaintiff was awarded permanent injunction, and the defendant was prohibited from using the domain name or any other domain name infringing the trademark/ dress of the Plaintiff.

There are various other instances of domain name squatting where the Indian Courts have implemented provisions in relation to passing off including cases such as Acqua Minerals Ltd. v. Pramod Borse & Anr. where the plaintiff was the registered proprietor of the mark Bisleri and the defendant had registered domain names carrying the term Bisleri in it. The court was of the opinion that the usage of the domain name by the defendant clearly resulted in the dilution of the Plaintiff's trademark. Cases such as Eicher Limited & Anr. v. Web Link India & Anr.[xi] and Tata Sons Ltd. & Anr. v. Fashion ID Ltd.[xii] also elaborately discussed scenarios where domain names contained trademarks and what was the effect of the same.

One of the most recent case in this concern is the case of Dabur[xiii], where a John Doe order was passed in favour of the company. A suit was initiated by Dabur claiming that various websites were functioning where the domain names contained the term Dabur which infringed the Plaintiff's trademarks. It also claimed that it was forced to seek John Doe orders since the names and other identifying information of those who operated such websites were hidden owing to privacy concerns. The Court was of the opinion that if an ex-parte injunction wasn't granted, the Plaintiff would suffer huge loss, thus ruled in favour of the company where it issued a John Doe order asking the Central government to issue orders to Internet Service Providers ordering them to prohibit and take down all websites bearing the trademark 'Dabur,' except the plaintiff's.

From the above mentioned cases and scenarios, it is clearly visible that there is an immediate need to regularize and govern cybersquatting and related crimes and protect domain names. One recommendation in relation to the protection of the same is that domain names and the act of cybersquatting ought to be explicitly brought into the ambit and scope of any particular legislation, be it Cyber and digital laws or Intellectual Property laws, or the adoption of a particular legislation as that in the US in relation to the same would also prove efficient. Owing to the growing technological trends, it is safe to say that being prepared for bigger cybercrimes, equipped with proper mechanism and methods of protection is the best way to avoid taking the role of a victim. Thus developments in laws and legislations in accordance with the growing trends is the need of the hour.

Author is an Advocate and Associate, Surana & Surana International Attorneys.