Cybersquatting

views updated

CYBERSQUATTING

The bane of companies, organizations, brand names, and celebrities, cybersquatting is the practice of registering the name of a company, trademark, brand, or person as a domain name for a Web site in hopes of misleading users to one's own site by using a well-known name. The top-level domain (TLD), the highest level of the Uniform Resource Locator (URL) such as sitename.com or sitename.org , is the portion of the Web address that companies covet most. Companies generally prefer the URL that will be easiest to remember and thus more recognizable to the visitor. Cybersquatters attempt to beat the company, individual, or organization to the punch in registering that domain. Failing that, squatters may try closely related alternatives, such as adding a hyphen or a single letter to the domain name to lure inattentive users. At times cybersquatters have registered these names in hopes of selling them back to their namesakes at a handsome profit, but U.S. court rulings and new laws have curtailed these activities.

Businesses fear that cybersquatting exploits and erodes their brand identities. The domain-name registration system doesn't prevent users from selecting a registered trademark as a domain name. In essence, if a particular name or variation of a name hasn't been registered already, almost anyone can register it for a small fee. Given the ease of acquiring names, the strategy of cybersquatters is to route traffic to their sites from unsuspecting followers of another brand or identity, thereby generating an audience for themselves. The most malicious form of cybersquatting happens when squatters take a certain brand or identity and associate it with negative or offensive materials, for example, routing a children-related domain name to a pornographic Web site.

Cybersquatters may have a variety of intentions. The most common goal is to hold the domain hostage, so to speak, and name a ransom price at which the squatter hopes to sell it to the company, trademark holder, organization, or individual. Cybersquatters also simply try to garner visitors to their Web sites by exploiting a popular name, either to expand the audience for their own message or product or to boost their advertising revenue.

Relief from cybersquatting came with the Anti-Cybersquatting Consumer Protection Act (ACPA), passed in 1999, which was designed specifically to curtail the registration of domain names that use others' trademarks or trade names. The law covers unregistered trademarks and individual names as well. ACPA applies to all TLDs, covering the three most common suffixes, known as generic top-level domain names (gTLDs), sttename.com ,sttename.net , and sttename.org , as well as all country-code top-level domain names (ccTLDs), such as .ca for Canada and .fr for France. Prior to ACPA, victims of cybersquatting had little recourse, and many ended up paying the exorbitant fees demanded by squatters to purchase their own names. Because cybersquatters can be prosecuted under ACPA, it has generally made cybersquatting less profitable, though it has hardly stamped out the practice.

The Internet Corporation for Assigned Names and Numbers (ICANN) is the official body charged with monitoring the allocation of domain names. In December 1999 ICANN unveiled a standard procedure for settling name disputes, the Uniform Domain Name Dispute Resolution Policy (UDRP). ICANN's procedure determines the plausibility of the cyber-squatting claims using three tests. First, it verifies that the domain name is identical or confusingly similar to the trademark. Then, it determines whether the domain name owner maintains a legitimate interest in the name. Finally, ICANN judges whether or not the domain owner acted in bad faith.

In addition to litigation, individuals, firms, and organizations have a number of strategies at their disposal to combat cybersquatting. The most common is to simply register, as quickly as possible, other similar domain names, such as those with and without hyphens or with commonly used initials. Many companies and individuals have even gone so far as to register or purchase the domain names of possible "gripe sites," also known as cyberbashers. Famously, during the 2000 U.S. presidential campaign the Web site www.GeorgeBushsucks.com routed curious visitors to the official George W. Bush campaign site. Chase Manhattan and other large companies engaged in similar preemptive strikes against cyberbashers and squatters.

However, since there can be dozens of possible domain-name variations that could fall victim to cybersquatting, the defense against cybersquatters may come down to a cost-benefit analysis. That is, the concerned entity must decide how many different names it should register in order to protect its identity, and determine at what point it begins to find diminishing returns. Most importantly, though, such strategies must be implemented quickly. Speed is the name of the game in cybersquatting, as cybersquatters are practiced in getting to domain names first.