June 25, 2009, 5:14 PM — Cybersquatters are siphoning away increasing numbers of users from the Web sites of businesses large and small. Using variations on trademarked names, cybersquatters may lure prospective customers to pornographic Web sites, malware sites, sites hawking counterfeit goods, or pay-per-click advertising sites, some of which lead viewers to competitors' products and services.
They're doing so right under the noses of trademark holders, but many businesses remain blissfully ignorant of what's going on -- or how it can affect their business. In addition to lost revenue from customers who never reach a company's true Web site, businesses may find that cybersquatters have irrevocably damaged their brand's reputation.
While cybersquatters have been around almost as long as the Web itself, the problem is getting worse. See " Domain-name wars: Rise of the cybersquatters" for a full report on the scope of the situation.
What should you do to protect your business? We asked for tips from legal professionals, as well as from experts at brand-abuse monitoring vendors and companies such as Lego Juris AS and InterContinental Hotels Group (IHG) that have successfully fought cybersquatters. Here's what they had to say.
Establish a policy to deal with the problem
Take the time to create a detailed policy, then follow up with surveillance and policing, says Peter Kjaer, an attorney at Billund, Denmark-based Lego.
Monitor new domain registrations
IHG, based in Denham, England, uses a monitoring service that alerts the company when potentially infringing domain names are registered. Those services aren't cheap -- basic monitoring services from Cyveillance Inc., for example, run $5,000 to $10,000 per year. "But at least you can identify unauthorized registrations and know what's registered and who's registering it," says Lynn Goodendorf, global head of data privacy at IHG.
Incomplete or fictitious registration information is a tip-off that the entity is not aboveboard, she says.
Organizations that do their own monitoring often use Google to see if common misspellings and other variations on a trademarked domain name have been registered, says Doug Isenberg, an attorney at Atlanta-based GigaLaw Firm. The Domain Tools Web site allows "whois" lookups of trademarked name variations to see they've been registered as domain names. It also offers other monitoring and lookup services.
When checking for misspellings of your brand, remember that not all keyboards are in QWERTY format, says James Carnall, manager of the cyberintelligence division at Arlington, Va.-based Cyveillance. "Stay on top of what devices are selling well and what logical thumb mistakes are being made on those devices," he suggests.
Build a portfolio of defensive domain-name registrations
This includes common misspellings or other typographic errors users might enter when typing your brand names. Registering a domain name can cost as little as $6 per year. Recovering one from a cybersquatter costs much more.
Check your trademarks
Make sure your trademark portfolio is up to date in all parts of the world, Isenberg advises. "A trademark application can go a long way in a domain-name dispute."
Choose your battles
"You can't go after every cybersquatter out there. But you can go after those causing the most damage or creating the most problems for you," Isenberg says. That means prioritizing domain-name abuse cases. Lego, for example, looks at how much traffic the offending site receives, as well as the domain name and content on the site, before making a decision, Kjaer says.
Pursue violators
Depending on the circumstances, victims may be able to sue under the federal Anticybersquatting Consumer Protection Act or the Lanham (Trademark) Act. If content infringes on copyright, it may be possible to have the site taken down immediately -- sometimes the same day -- under the Digital Millennium Copyright Act.
Lawsuits are expensive but can work, Isenberg says. Picking a few high-profile cases can act as a deterrent. "You create a reputation that you aggressively pursue [cybersquatter] domain-name registrants," he says.
But the least expensive approach is to file a complaint with a Uniform Domain Name Dispute Resolution Policy (UDRP) dispute-resolution provider such as the World Intellectual Property Organization or the National Arbitration Forum. The complainant must successfully argue that the domain name is identical or confusingly similar to the brand name, and that the owner has no rights to or legitimate interests in that name and is using it in bad faith.
The process takes about two months from complaint to decision. If the complainant wins and the owner does not file an appeal, the site must be taken down within 10 days of the decision.
Get involved
Join the Intellectual Property Constituency (IPC), which represents the interests of trademark and copyright owners to the Internet Corporation for Assigned Names and Numbers (ICANN), the organization that coordinates the Domain Name System on the Internet.
"Many decisions made by ICANN have a critical impact on the interests of intellectual property owners who seek to protect their rights online. The Intellectual Property Constituency is a key channel for input into those decisions," says IPC President Steve Metalitz.
