Cybersquatting (also known as domain squatting), according to the United States federal law known as the Anticybersquatting Consumer Protection Act, is registering, trafficking in, or using an Internet domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else. The cybersquatter then offers to sell the domain to the person or company who owns a trademark contained within the name at an inflated price.

The term is derived from “squatting“, which is the act of occupying an abandoned or unoccupied space or building that the squatter does not own, rent, or otherwise have permission to use.

Uniform Domain-Name Dispute-Resolution Policy

This page is available in:

General Information

All registrars must follow the Uniform Domain-Name Dispute-Resolution Policy (often referred to as the “UDRP“). Under the policy, most types of trademark-based domain-name disputes must be resolved by agreement, court action, or arbitration before a registrar will cancel, suspend, or transfer a domain name. Disputes alleged to arise from abusive registrations of domain names (for example, cybersquatting) may be addressed by expedited administrative proceedings that the holder of trademark rights initiates by filing a complaint with an approved dispute-resolution service provider.

To invoke the policy, a trademark owner should either (a) file a complaint in a court of proper jurisdiction against the domain-name holder (or where appropriate an in-rem action concerning the domain name) or (b) in cases of abusive registration submit a complaint to an approved dispute-resolution service provider

Brandjacking is an activity whereby someone acquires or otherwise assumes the online identity of another entity for the purposes of acquiring that person’s or business’s brand equity. The term combines the notions of ‘branding’ and ‘hijacking‘, and has been used since at least 2007 when it appeared in Business Week referencing the term used in a publication by the firm MarkMonitor (MarkMonitor and its PR firm, the Zeno Group, coined the phrase; MarkMonitor registered the trademark, BrandJacking Index®, but left brandjacking as a term for use in the public domain).^[1] The tactic is often associated with use of individual and corporate identities on social media or Web 2.0 sites, as described in Quentin Langley’s 2014 book Brandjack,^[2] and may be used alongside more conventional (offline) campaign activities.

While similar to cybersquatting, identity theft or phishing in nature and in possible tactics, brandjacking is usually particular to a politician, celebrity or business and more indirect in its nature. A brandjacker may attempt to use the reputation of its target for selfish reasons or seek to damage the reputation of its target for hostile,^[3] malicious or for political or campaigning reasons. These reasons may not be directly financial, but the effects on the original brand-holder may often include financial loss – for example, negative publicity may result in the termination of a celebrity’s sponsorship deal, or, for a corporation, potentially lead to lost sales or a reduced share price.

Domain Name

A domain name is a unique name that an individual or organization chooses in order to identify his/its website. Every website has its own domain name which comprises of a registered Internet Protocol (IP) address. Example of domain names for some popular websites include “facebook.com” and “A domain name is a unique name that an individual or organization chooses in order to identify his/its website. Every website has its own domain name which comprises of a registered Internet Protocol (IP) address. Example of domain names for some popular websites include “facebook.com” and “mondaq.com”.

A domain name is required to have a word (Second-Level Name) and a suffix (Top Level Domain Name). For example, with the domain name mondaq.com, “mondaq” is the Second-Level Name and the suffix, “.com”, is the Top Level Domain (TLD).

The Internet Corporation for Assigned Names and Numbers (ICANN) recognizes the following Top Level Domains:

infrastructure top-level domain (ARPA)
generic top-level domains (gTLD)
restricted generic top-level domains (grTLD)
sponsored top-level domains (sTLD)
country code top-level domains (ccTLD)
test top-level domains (tTLD)
However, TLDs are generally categorised as generic Top Level Domains (gTLDs) and Country-Code Top Level Domain (ccTLDs). Thus a person may choose to register his domain name in any number of existing TLDs.

What is cybersquatting?
There are a number of definitions of the term, cybersquatting. The term is derived from “squatting” which is the act of occupying an abandoned or unoccupied space or building that the squatter does not own, rent, or otherwise have permission to use.

One author defines cybersquatting as “when a person other than the owner of a well-known trademark registers that trademark as an Internet domain name and then attempts to profit from it either by ransoming the domain name back to the trademark owner or by using the domain name to divert business from the trademark owner to the owner of the domain name”1.

ICANN defines it as “generally bad faith registration of another’s trademark in a domain name2,”The Nigerian Cybercrimes (Prohibition, Prevention, Etc) Act 2015 (Cybercrimes Act) also defines it as a crime committed where a person intentionally makes use of a name, business name, trademark, domain name or other word or phrase registered, owned or in use by any person on the internet or any other computer network, without authority or right, and for the purpose of interfering with their use by the owner, registrant or legitimate prior user”.3

In summary, cybersquatting can be said to refer to illegal domain name use or registration. It can have different variations and can arise where in bad faith, a person steals a domain name in order to profit from the goodwill of someone else’s trademark or company name which could lead to an increase in patronage and website visits by unsuspecting consumers. It can also arise where a person registers the domain name that he has no affiliation with so that he can eventually sell it to the rightful owner of the trademark.

Another variation of cybersquatting is “typosquatting” which is also called Uniform Resource Locator (URL) hijacking. This is a form of brandjacking which relies on typographical errors made by Internet users when inputting a website address into a web browser. Thus in a situation where a user accidentally enters an incorrect URL or website address, they may be led to the cyber squatters website. The registered domain will have advertisers.com.ng By ADNG.NG CHEAPEST SOCIAL MEDIA ADS TO TOP FB IG USERSs of services similar to the original one so that the user who made a typing mistake will click on these links, generating revenue for the bogus domain name.

Examples of some cases involving typosquatting include the following:

Google v Goggle
In 2011, Google filed a complaint with National Arbitration forum and successfully got “Goggle.com”, “Goggle.net”, and “Goggle.org”, which were considered phishing/fraud sites, taken down. 4

YouTube v YouTube.Ph and Youube
Google also filed complaints with the World Intellectual Property (WIPO) over the use of the domain names “YouTube.ph” and “youube .com”. While the former was a domain name that led to another website, Google also filed complaints with the World Intellectual Property (WIPO) over the use of the domain names “YouTube.ph” and “youube .com”. While the former was a domain name that led to another website, VideoRewardCentral.com5, the latter was a proxy site loaded with advertisers.com.ng By ADNG.NG CHEAPEST SOCIAL MEDIA ADS TO TOP FB IG USERS link6

Air France and British Airways
International airlines such as Air France and British Airways have also been victims of cybersquatting. www.airfrance.com has been typosquatted by www.arifrance.com, which diverted users to a website peddling discount travel. Similarly, www.britishairways.com has been typosquatted by www.british-air-ways.com7.

Remedies FOR CYBERSQUATTING
A victim of cybersquatting in Nigeria has three options which are as follows:

Institute an action under the provisions of the Cybercrimes Act 2015;
use an international arbitration system created by ICANN; or
institute proceedings at the Nigeria Internet Registration Association
INSTITUTE AN ACTION UNDER THE PROVISIONS OF THE CYBERCRIMES ACT 2015
It is interesting to note that the Cybercrimes Act criminalises cybersquatting which means that it is an offence punishable under the law. Section 25 of the Cybercrimes Act provides that a person who commits the crime of cybersquatting is liable to be punished with imprisonment of a maximum term of two years or a fine of not more than N5,000,000 (five million Naira) or to both the fine and imprisonment.

It is also noteworthy that the owner of the domain name that is being subjected to cybersquatting does not need to prove that he owns a trademark that is related to the domain name. What he would be required to do would be to show that he has a registered name, domain name or business name. Where the complainant is successful in court, an order can be made directing the cybersquatter to relinquish such registered name, mark, trademark, domain name, or other word or phrase to the complainant who would be deemed to be the rightful owner of the domain name.

USE AN INTERNATIONAL ARBITRATION SYSTEM CREATED BY ICANN
In order to address all disputes which may arise regarding the ownership of a domain name, ICANN in conjunction with WIPO developed the Uniform Dispute Resolution Policy (“UDRP”) and the UDRP Rules.

Through the UDRP, ICANN and WIPO have provided a mechanism for rapid, cheap and reasonable resolution of domain name conflicts by avoiding the traditional court system for disputes and allowing cases to be brought to a set of bodies that determine domain name disputes.The UDRP (https://www.icann.org/udrp/udrp-policy24oct99.htm) sets out the framework for the resolution of disputes between a domain name registrant and a third party (i.e., a party other than the registrar) over the abusive registration and use of an Internet domain name. The essence of the UDRP is to enable anyone in the world file a domain name complaint concerning a gTLD or ccTLD using the UDRP Administrative Procedure. Thus any owner of a domain name that believes that someone is cybersquatting can file a complaint before any ICANN accredited dispute resolution service provider.

This is made possible due to the fact that ICANN accredited registrars that are authorised to register names in the gTLDs and the ccTLDs that have adopted the Policy and agreed to abide by and implement the UDRP Rules for those domains. Furthermore, any person or entity wishing to register a domain name in the gTLDs in question is required to consent to the terms and conditions of the UDRP. According to the ICANN policy, a domain registrant must agree to be bound by the UDRP — they cannot get a domain name without agreeing to this. To effect this, a Dispute Resolution Policy clause is usually inserted in the domain name registration agreement stating that if the registration of the domain name is challenged by a third party, the registrant shall be subject to the provisions specified in the UDRP.

Paragraph 4(a) of the UDRP Rules provides that a complainant must be able to establish the following:

the domain name registered by the domain name registrant is identical or confusingly similar to a trademark or service mark in which the complainant has rights;
the domain name registrant has no rights or legitimate interests in respect of the domain name in question; and
the domain name has been registered and is being used in bad faith.
The effect of the foregoing is that only the owner of an already existing trademark or service mark can bring an action under the UDRP. Consequently, where a domain name offends the provisions of the UDRP Policy, there will be no financial remedy/award but the offending domain name would be cancelled and/or transferred in favour of the person who possesses the registered trademark.

Where the cybersquatter refuses to attend the UDRP proceedings, the ICANN arbitration forum will hear the complaint in his absence and examine the proof presented by the complainant. If it is deemed satisfactory, a decision can be entered in favour of the complainant.

Proceedings at NiRA
The Nigeria Internet Registration Association (NiRA) is the Nigerian registry for .ng Internet Domain Names and it maintains the database of names registered in the .ng ccTLD. If a domain name owner’s website is a ccTLD and ends with ‘.ng’, he may choose to institute his action at the NiRA which has its own set of rules and policies known as the NIRA Dispute Resolution Policy (NDRP).

The NDRP (https://www.nira.org.ng/images/Policies/NIRA DISPUTE RESOLUTION POLICY.pdf) is similar to the UDRP and sets out the framework for the resolution of ccTLD domain name disputes. Paragraph 4a of the NDRP Rules is identical to paragraph 4b of the UDRP Rules and it sets out the conditions that the complainant must satisfy before he can have a decision in his favour. Where the complainant is successful, he can have the cybersquatter’s domain name transferred to him and/or cancelled by the NDRP.

Conclusion
Cybersquatting remains a threat to legitimate business owners in the evolving digital age. Statistics show that WIPO handled a record-high of 3,074 cybersquatting disputes in 2017 under the UDRP with three industries (banking and finance, fashion, and internet and IT) accounting for nearly one-third of all disputes. 8

With cybersquatting now regarded as a crime in Nigeria, it is possible that would-be cybersquatters may be discouraged from participating in this nefarious activity. However, with there being no record of any arrest and prosecution, only time will tell if the law will be effective or if it may be better for a complainant to rely on the UDRP procedure which has proven to be effective in several jurisdictions.

Footnotes

1 Cornell Law School “Legal Information Institute” Cybersquatting https://www.law.cornell.edu/wex/cybersquatting

2 ICANN, “About Cybersquatting” https://www.icann.org/resources/pages/cybersquatting-2013-05-03-en

3 Section 25(1) of the Cybercrimes Act

4 Domain Name Wire “Google wants to take down Goggle” https://domainnamewire.com/2011/08/23/google-wants-to-take-down-goggle-com-web-site/

5 Domain Name Wire “Scammy Surveys Will Bring Renewed Attention to Cybersquatting” https://domainnamewire.com/2011/08/18/scammy-surveys-cybersquatting/

6 The Economic Times, “Your spelling errors can help typosquatters make big bucks” //economictimes.indiatimes.com/articleshow/5884936.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst

7 Findlaw, “Protecting Your Intellectual Property from Domain Name Typosquatters” https://corporate.findlaw.com/intellectual-property/protecting-your-intellectual-property-from-domain-name.html#ftn2

8 World Intellectual Property Organization WIPO Cybersquatting Cases Reach New Record in 2017 https://www.wipo.int/pressroom/en/articles/2018/article_0001.html

Technical strategies for cybersquatters[edit]

Cybersquatters sometimes register variants of popular trademarked names, a practice known as typosquatting.

Legal resolution[edit]

Some countries have specific laws against cybersquatting beyond the normal rules of trademark law. The United States, for example, has the U.S. Anticybersquatting Consumer Protection Act (ACPA) of 1999. This expansion of the Lanham (Trademark) Act (15 U.S.C.) is intended to provide protection against cybersquatting for individuals as well as owners of distinctive trademarked names. However, even notable personalities, including rock star Bruce Springsteen and actor Kevin Spacey, failed to obtain control of their names on the internet.^[1]

Jurisdiction is an issue, as shown in the case involving Kevin Spacey, in which Judge Gary A. Feess, of the United States District Court of the Central District of California, ruled that the actor would have to file a complaint in a Canadian court, where the current owner of kevinspacey.com resided. Spacey later won the domain through the Forum (alternative dispute resolution) f.k.a National Arbitration Forum.

International[edit]

Since 1999, the World Intellectual Property Organization (WIPO) has provided an arbitration system wherein a trademark holder can attempt to claim a squatted site. In 2006, there were 1823 complaints filed with WIPO, which was a 25% increase over the 2005 rate.^[2] In 2007 it was stated that 84% of claims made since 1999 were decided in the complaining party’s favor.^[2]

Notable cases[edit]

With litigation[edit]

Jethro Tull vs. Denny Hammerton,^[3] 2000 (WIPO Case)
Madonna vs. Parisi,^[4] 2000 (WIPO Case)
Primedia Magazine Finance Inc. (Tiger Beat) vs Next Level Productions (Benny Doro).^[5]
People for the Ethical Treatment of Animals v. Doughney, 2001
Lamparello v. Falwell, 2005
Lufthansa v. Future Media Architects, 2008^[6]
Microsoft vs. MikeRoweSoft
Dennis Toeppen v. Panavision^[7]
Nissan Motors vs. Nissan Computer
Van Cleef & Arpels, S.A. v. Nexperian Holding Limited^[8]
Aviva Brands Limited v. Nexperian Holding Limited^[9]
Swiss Arabian Perfumes Ind. Ltd. v. Nexperian Holding Limited^[10]
Mou Limited v. Nexperian Holding Limited^[11]

Without litigation[edit]

The White House against Whitehouse.com and Whitehouse.org

Social media[edit]

With the rising of social media websites such as Facebook and Twitter, a new form of cybersquatting involves registering trademark-protected brands or names of public figure on popular social media websites.

On June 5, 2009, Tony La Russa, the manager of the St. Louis Cardinals, filed a complaint against Twitter, accusing Twitter of cybersquatting.^[12] The dispute centered on a Twitter profile that used La Russa’s name, had a picture of La Russa, and had a headline that said “Hey there! Tony La Russa is now using Twitter.” The profile encouraged users to “join today to start receiving Tony La Russa’s updates.” According to La Russa, the status updates were vulgar and derogatory. La Russa argued that the author of the profile intended, in bad faith, to divert Internet traffic away from La Russa’s website and make a profit from the injury to La Russa’s mark.^[12] On June 26, 2009, La Russa filed a notice of voluntary dismissal after the parties settled the case.^[13]

Efforts to curtail cybersquatting in social media[edit]

Social networking websites have attempted to curb cybersquatting, making cybersquatting a violation of their terms of service.

Twitter[edit]

Twitter’s name squatting policy forbids the cybersquatting as seen in many domain name disputes, like “username for sale” accounts: “Attempts to sell or extort other forms of payment in exchange for usernames will result in account suspension.”^[14] Additionally, Twitter has an “Impersonation Policy” that forbids non-parody impersonation. An account may be guilty of impersonation if it confuses or misleads others; “accounts with the clear intent to confuse or mislead may be permanently suspended.” Twitter’s standard for defining parody is whether a reasonable person would be aware that the fake profile is a joke.^[15] Lastly, soon after the La Russa suit was filed, Twitter took another step to prevent “identity confusion” caused by squatting by unveiling “Verified Accounts”.^[16] Usernames stamped with the “verified account” insignia indicate that the accounts are real and authentic.

Facebook[edit]

Facebook reserves the right to reclaim usernames on the website if they infringe on a trademark.^[17] Trademark owners are responsible for reporting any trademark infringement on a username infringement form Facebook provides. Furthermore, Facebook usernames require “mobile phone authentication”.^[17] In order to obtain a username, the individual needs to verify the account by phone.