They Sold the Internet, and All I Got Was This Lousy Cease and Desist Letter - Protecting Yourself from the "Cyberpiracy Prevention Act"

November 29, 1999 marked a sad day for the Internet; not because a major transcontinental backbone was accidentally cut by construction workers, not because of Y2K, and not because Amazon.com failed to ship holiday gifts on time. The Internet and all who use it suffered because one of its foundational values, the right to free speech, was lost in a vital area - domain names.

Erosion of the right to free speech through domain names began with the first dispute policy enacted by Network Solutions, registry of all domain names in the .com, .org and .net generic top level domains (or gTLDs). This dispute policy was created at the behest of special interests who rushed to capitalize on the "new" medium of the Internet. Unfortunately, in their haste, the ideals that had made the Internet so vibrant and resilient an area were largely forgotten. As large corporations entered the online world, seeking to translate the names they had used in other spheres, some found a shock. These names had already been taken - "stolen," they believed, by others who had seen the promise of the Internet sooner. In some cases, these "first comers" were out for financial gain. In many others, however, they were simply interested in a catchy name to use for their electronic mail, file transfers, or even for primitive web pages.

These special interests prevailed up on Network Solutions (under the threat of lawsuits that would have crushed the company back in 1995) to formulate a dispute policy whereby trademarks would be king. If they held a trademark, regardless of what class of services or products the trademark was limited to, they could take control of a domain name away from the holder, without proving infringement. This new dispute policy was invoked now and again, but in rather small numbers compared with the number of newcomers flocking to the Internet in droves. New users set up small web sites, registered domain names, and explored the beginnings of how business could be done "in cyberspace." In 1995, there were far fewer companies and Internet entrepreneurs who were savvy enough to stake a claim than there are today. Each passing month brought thousands more. As the medium grew, more Internet service providers, more individuals, more schools, churches, non profit organizations, AND businesses found the Internet, and signed on.

As time went on, and millions of domain names were registered, and billions of dollars worth of "e-commerce" was being conducted over the Internet, the dispute policy of Network Solutions was not enough for the special interests groups. Enter the trademark lawyers. The job of a trademark lawyer is to defend his or her client's trademarks. In the United States, this means diligent monitoring of trademarked words or phrases to make sure that nobody else is using them in ways that are similar to the markholder's use. By and large, this is a job that trademark lawyers do very well. When they find someone whom they believe is "infringing" on their trademark, they generally send what is called a "cease and desist" letter, making various threats against the alleged infringer in hopes that they will give up use of the word or phrase. Please note that an important part of trademark infringement law is that the alleged infringer must generally be using the name in a similar way to the mark holder's use (as in using a similar word or phrase for similar products or services). Trademark law, at least in the United States (and many other jurisdictions) allows for many different individuals or companies to hold a trademark in the same word or phrase, just so long as they are using it for different things.

Trademarks are very important in our world. Sometimes they are essential to let the consumer know the true source of a product or a service. You rightly expect that an electronic device labeled "SONY" was manufactured by the Sony Corporation. But SONY is a fairly unique name, in that it was invented to describe what its founder envisioned as a new world of electronic devices. There are many other names (first or last names, nicknames, mythological names, geographical names, concepts) that were in common use long before they were trademarked. As a result, it's quite common for a name to be trademarked by several different entities, and for those trademark owners to coexist peacefully with each other and with hundreds or even hundreds of thousands of others who use the name in different ways - as a nickname, say, or as the name of a pet. Thus, trademarks provide two kinds of protection. On the one hand, they prevent confusion by placing limitations on the use of a word or phrase; on the other, they protect alternative uses of the mark by limiting the scope of the mark holder's claim - to a specific area, for example, or a specific line of business.

Here, of course, was the crux of the problem. The Internet is made up of thousands of private networks, each "speaking" to the others using two common networking protocols. The protocol responsible for telling everyone else your Internet "identity" (your address) is called "Internet Protocol" abbreviated as IP. IP doesn't care about your domain name. You can still get from machine to machine by using solely the IP number, or address. For example, 207.87.121.66 is the server machine in my network, netpolicy.com. Early Internet architects figured out a long time ago that "netpolicy.com" would be easier to remember than 207.87.121.66. Thus "domain names" were born.

Given that the Internet was operational in close to its current form since sometime around 1969, and given that most of these special interests hadn't heard anything about it until about 1995, that's quite a bit of time for people to have chosen domain names and develop their electronic identities. It is no wonder that after 1995 when these "newcomers" began choosing their own domain names, they found that many were already in use by others. Some were "legitimate" uses, such as using one's real name or initials, or a whimsical word like "panix" or "wizvax," or an animal name like "toad" or "cavebear.

In the beginning of this "land rush" to obtain just the right Internet domain name in one of these generic categories, or Top Level Domains (gTLDs) there is no doubt that many individuals figured that if they registered a name that someone else might want, maybe they could sell the name and make money. This, in effect, is similar to knowing that your neighbor covets the little lot between your two houses, but you move first when it is up for sale and snap it up, only to sell it to your neighbor for an extra profit. This is largely the American way, capitalizing on the law of supply and demand. You may have done something rude, but you are not stopping your neighbor from purchasing land elsewhere, nor are you forcing him to pay your "profit." This type of use of domain names did and does occur in small numbers on the Internet. Network Solutions, Inc., the largest registrar of domain names provided the following number: [fill them in here]. Thus, for the huge number of domain name registrations, less than [x]% are disputed.

There are other uses of trademarked words and phrases that are permitted in the United States. In most cases, so long as you are not trying to confuse the public as to the source of your product or service, you can use a word or phrase in a "noninfringing manner." You can also use a trademarked word or phrase to identify a competitor's product for comparisons, for reasons of parody, commentary, opinions, and for many other reasons. Not so on the Internet. On November 29, 1999 the President signed the "Trademark Cyberpiracy Prevention Act."

The Balancing Act

There has always been a balance between the First Amendment right to freedom of speech and the rights of commercial entities to have exclusive use of a word or phrase in connection with a product or service. The important distinction is that the word or phrase is ONLY protected in connection with products or services. It is NOT protected from use in book titles, license plates, newspaper headlines, street addresses, children's names, and in a myriad of other uses. The Cyberpiracy Prevention Act explodes that important distinction in its second section. Sec. 3002 (d)(1)(A) says "A person shall be liable in a civil action by the owner of a mark, including a personal name which is protected as a mark, under this section, if, without regard to the goods or services of the parties, that person [...] (emphasis added).

The little phrase "without regard to the goods or services of the parties" is what makes this law so dangerous. In no other medium are violations of trademark law addressed "without regard to the goods or services" that the trademarks are born from and defined by. Thus, in this medium alone, the balance between First Amendment and commerce is utterly shattered. Given that the Internet is the greatest source of communication ever invented, the misguided force of special interests could likely cut off the very "marketplace of ideas" and turn it into just another electronic shopping mall. Ironically, Sec. 3008 entitled "Savings Clause" states that "Nothing in this title shall affect any defense available to a defendant under the Trademark Act of 1946 (including any defense under section 43(c)(4) of such Act or relating to fair use) or a person's right of free speech or expression under the first amendment of the United States Constitution. Unfortunately, the law seems to pin the "bad faith" label on many who are using it in exactly that way - as free speech or expression.

It is interesting to note here that the Clinton Administration expressed its opposition to this bill and said it would be vetoed. Unfortunately, special interests attached the bill to a "must pass" appropriations bill. As there is no line item veto, this amendment was rammed through regardless.

Bad Faith Is Better Than No Faith At All

The entire Trademark Cyberpiracy Prevention Act turns on a rather tortured definition of "bad faith." In order to be found liable under this Act, the plaintiff must show first that the domain name registrant had a "bad faith intent to profit." While this might be seen as protective of first amendment rights, once we examine some of the factors that a court may use to determine "bad faith" we find that the "intent to profit" may not necessarily be monetary profit at all.

"(V) the person's intent to divert consumers from the mark owner's online location to a site accessible under the domain name that could harm the goodwill represented by the mark, either for commercial gain or with the intent to tarnish or disparage the mark, by creating a likelihood of confusion as to the source, sponsorship, affiliation or endorsement of the site." (emphasis added)

So what does this mean? Does this mean that if a consumer gets confused by "oreosarebadforyou.com" that this is enough to be "bad faith?" What kind of consumer must be confused? How about "howtojoinaclu.org" being used to tell you why you shouldn't join the organization? In both cases, you tarnish or disparage the mark, and "harm the goodwill" represented by it. Since this entire Act is talking about domain names, are we now saying that the mere act of typing in a domain name into your Netscape or Internet Explorer browser window might cause a consumer to be confused if it isn't the site they originally were looking for? If that site is a commercial site in which the owner is reasonably expecting to make money, is this bona fide "bad faith?" Or instead, does the consumer have to actually go to the site and read it, then assess whether they are confused as to the source, sponsorship, affiliation or endorsement of a product or service associated with the site (the definition of infringement in other contexts)? Unfortunately, the answer to that question may well depend on the skills of the lawyers arguing the first cases.

Of particular note here is that the idea of "intent to tarnish or disparage" goes well beyond the concepts stated in any other portions of Section 1125 of Title 15 that this Cyberpiracy Protection Act is supposed to amend. In fact, in section 1125(c)(4) there are three important exceptions listed, none of which have come up very often on the Internet. These exceptions are:

* Fair use of a famous mark by another person in comparative commercial advertising or promotion to identify the competing goods or services of the owner of the famous mark

* Noncommercial use of a mark

* All forms of news reporting and news commentary

Other Examples of Bad Faith

Beware if you have registered a domain name, haven't put up a web site yet, and then are contacted by someone who claims rights to the name. If you decide to avoid litigation by proposing a settlement in which you are paid something, even if it is just a refund of the fee you paid to register the name, that could be interpreted as "bad faith." The provision in the law is:

"(IV) the person's offer to transfer, sell or otherwise assign the domain name to the mark owner or any third party for financial gain without having used, or having an intent to use, the domain name in the bona fide offering of any goods or services, or the person's prior conduct indicating a pattern of such conduct;"

It is quite interesting that this provision was written in this manner. Large corporations routinely register every possible variant of names of some of their products, names of the classes their products belong in (such as deodorant, flatulence, etc.) with no intent ever to use the domain names. However, because they do not offer these domain names for sale, they are not operating in "bad faith."

Perhaps the most interesting showing of "bad faith" however found in the Trademark Cyberpiracy Prevention Act is (d)(1)(B)(I)(VII). This provision states:

"(VII) the person's provision of material and misleading false contact information when applying for the registration of the domain name, the person's intentional failure to maintain accurate contact information, or the person's prior conduct indicating a pattern of such conduct,"

Unlike any other piece of intellectual property, domain names can be registered in "bad faith" if you simply forget to update the phone number on the 20 or so domains you hold. An utterly amazing possibility, but one provided for nonetheless.

So Now What?

Until a case questioning the constitutionality of the "Cyberpiracy Prevention Act" finally trickles its way through the court system, this law in all its glory, will be the law of the land. The question is, what can you do to protect yourself? Frankly, it's getting more and more difficult to protect oneself against monied interests who covet your domain name. In the "old days" the domain name holder's rights were trumped by a trademark on an identical string. This was a rather high hurdle to jump for the trademark owner, but if they could pass this barrier, the name was taken with very little recourse. It is difficult to tell whether the new regime is better or worse.

First and most importantly, know that the Act can be applied retroactively. However, the statutory damage provision of up to $100,000 cannot be applied to domain names registered prior to November 29, 1999. This means that if you are sued over your domain name, and the covetous party wants damages, they have to use traditional infringement or unfair competition criteria. If your domain name was registered after November 29, 1999 the covetous party may seek actual damages, or up to $100,000 in statutory damages against you. This is definitely something to think about.

If the covetous party chooses to use ICANN's Uniform Dispute Resolution Policy instead of the "Cyberpiracy Protection Act", the trademark owner has to pay for an arbitration proceeding where the domain name holder can present her case. On the other hand, the trademark holder generally chooses the forum most friendly to "traditional" intellectual property interests, WIPO. The domain name holder may not choose the provider of the arbitration services. The domain name holder CAN, however, opt for a panel of three to hear the case, but the domain name holder must then split the cost of the tribunal with the covetous party. Whether more arbitrators will provide the domain name holder with an advantage remains to be seen. There have not been enough cases decided to make a judgement on whether or not the arbitration panels are being "fair." Pleadings and complaints are not made public, further muddying the waters. You can actually go through the arbitration process without the assistance of an attorney, although that is not advised unless you are very aware of the current practices of domain name dispute law.

As with the "Anti Cybersquatting Act," one must show "bad faith" in order to prevail in an action brought under the UDRP. The trademark owner must also show that the domain name holder has no "rights or legitimate interests in respect of the domain name." This essentially means that recent cases like The Network Network (www.tnn.com) vs. The Nashville Network could theoretically not be brought under the UDRP, making a trademark holder's choices either the "Anti Cybersquatting Act" or a traditional suit in trademark infringement or dilution. The Network Network, first users of tnn.com, won that case and kept their domain name.

If you find yourself the target of a "cease and desist letter" (or letter in which another party demands you turn over a domain name for whatever reasons they decide on at the time) you should check carefully to see what is being threatened. Given current case law, it is very important to consult with an attorney BEFORE responding to the letter. Your response could give rise to a showing of "bad faith" and trigger either the UDRP or the "Anti Cybersquatting Act." Offering to sell the domain name, even for the price of your original registration, COULD put you at serious risk.

If the "legitimate interest" you have in your domain name is that you are interested in selling it to another party, you definitely should consult a lawyer. Think of it as a "cost of doing business." A lawyer knowledgeable in the current state of domain name dispute law can help you assess whether or not your speculation is dangerous to your financial health.

Some rather brave people are currently willing to put their money where their principles are. They are fighting the idea that anyone who has the same domain name that someone else has trademarked is automatically a "cybersquatter." Hopefully, these cases will show how misguided the "Anti Cybersquatting Act" and the UDRP truly are. Until then, build on your legitimate rights and interests in your domain name, and always keep your lawyer's email address handy.

Mikki Barry has been a trademark and intellectual property attorney for technology and small business companies since 1991. For more information see www.mikkibarry.com. This article is not meant to be legal advice.