Subscribe to RSS Feed

05|28|2009 10:02 pm EDT

Registrar Sued Because of Cybersquatter Using Whois Privacy Service

by Adam Strong in Categories: Featured

Court documents denying a motion to dismiss(pdf), reveal that hosting company Solid Host, NL is suing domain name registration company NameCheap.com over cybersquatting claims for a domain name registered under the NameCheap whois privacy services WhoisGuard.

Solid Host’s domain name had reportedly been stolen by a “hacker” who used NameCheap’s privacy service.  Namecheap would not initially reveal the owner of the domain name to Solid Host because it believed it was merely in the middle of a two-party dispute.  The court’s ruling clarifies this and rules NameCheap was responsible and liable for contributory cybersquatting.

Central to this case is the fact that a registrar  is being sued for cybersquatting over a domain name that they do not own in a literal sense but is simply using a domain privacy service.  The court documents make some points in this case that seem to lay many responsibilities on registrars that are providing these domain privacy services.

NameCheap offers an anonymity service known as “WhoisGuard,” whereby NameCheap becomes the registered owner of a domain name desired by a customer, and licenses the domain name to the customer. As a result, NameCheap’s contact information rather than the customer’s appears in the Whois
database. . . .

NameCheap is, by virtue of the anonymity service it provides, the registrant of a domain name that allegedly infringes Sold [sic] Host’s trademark.

The troubling thing about the last statement is not only that the court has ruled that the whois privacy service is the registrant, but in this particular case as Eric Goldman points out on his blog the court later also says that NameCheap is not in fact the registrant but John Doe is the registrant.  Ok so who is the registrant then? Goldman put it well : “Wait a minute—how can NameCheap simultaneously be both the registrant (no safe harbor) but not the registrant (thus, subjected to a secondary claim)?  The court does not acknowledge or explain this apparent inconsistency.”

The court points out that NameCheap is not immune or protected from cybersquatting claims with safe harbor that registrars enjoy, as it was not acting as a registrar in this particular case and it had not provided the information to Solid Host. In this case NameCheap’s whois privacy services are in fact not “work[ing] with trademark owners to prevent cybersquatting”

NameCheap is, by virtue of the anonymity service it provides, the registrant of a domain name that allegedly infringes Sold Host’s trademark. NameCheap is not “work[ing] with trademark owners to prevent cybersquatting” by providing an anonymity service; although the service has legitimate uses, as this action
demonstrates, preventing cybersquatting is not one of them.

An interesting point of this suit is that it appears to have originated because NameCheap would not reveal the identity of the “John Doe” who reportedly had stolen the domain name.  Isn’t that what a privacy service is paid to do ?

Solid Host’s counsel requested that NameCheap reveal the identity of the customer who had used NameCheap’s “WhoisGuard” service to register <solidhost.com> and asked that the company “immediately take whatever steps were in its power to cause the return of the [domain name] . . . to [Solid Host’s] control.” NameCheap’s counsel requested evidence of the purported theft. Solid Host alleges that it provided “evidence, including (but not limited to) a sworn declaration of Andre Van Vliet attesting to the relevant facts.” NameCheap contacted Doe, who claimed that he had legitimately purchased the domain name. NameCheap communicated this information to Solid Host’s counsel, who denied that the domain named had been sold, and expressed the opinion that Doe’s story was not credible.  NameCheap indicated that it would “remain neutral” in what it perceived to be a dispute between Solid Host and Doe, and refused to reveal Doe’s identity.

.. . Solid Host seeks to hold NameCheap liable for cybersquatting because it refused to reveal Doe’s
identity.

The court also later suggest that registrars are responsible for “screening” registrants and preventing the use of privacy services for hiding cybersquatted domain names.  Registrars now apparently can be held accountable for their customers actions if they have not made a good faith attempt . . .This ruling seems to lay the responsibility of determining who has rights to any given domain name dispute in the hands of the registrar.

The only bad faith alleged is NameCheap’s provision of an indisputably legal anonymous registration service without attempting to screen out customers who wish to use it to cybersquat; and its decision to maintain its customer’s anonymity when presented with evidence that its services had been used for this illegitimate purpose.

The court allowed that NameCheap was responsible for contributory cybersquatting and the motion by NameCheap to dismiss was rejected.   The most troubling part of this case was mentioned on Eric Goldman’s blog :

Read literally, every proxy service is exposed to potential contributory ACPA liability for every domain name it services. I can’t imagine proxy service providers will be excited about that liability exposure, and some may choose to exit the business.

Goldman also points to another trend that seems to be occuring with IP constituents going after registrars in legal claims

The real litigation growth industry appears to be trademark owner vs. registrar lawsuits over new registrar service offerings that trademark owners don’t like.

This trend that Goldman may be referring to may be less of a result of aggressive IP attorneys and more a result of registrars becoming more and more like their customers, ie. registrants.  As registrars begin monetizing domains that expire, tasting and warehousing domain names like a domainer this trend will surely continue.

The ruling in favor of Solid Host in this case will make many waves in future rulings regarding domain names, privacy services and cybersquatting claims and because it erodes some of the protections registrars and registrants enjoy it may end up costing domain registrants in the long run.

Tags: , , , ,

  • RichardK

    You need to be reminded that this was simply a motion to dismiss which
    requires pretty much no evidence to be presented and by nature leans towards
    the plaintiff’s right to argue their case in a court of law. I’m quite
    confident that once we get this into a regular trial and evidence is
    presented that we will have a successful outcome. There were many
    contradictory arguments in this ruling and many possible open doors left to
    attack this by. In other words, nothing has been decided yet.

  • Adam Strong

    Thanks Richard. I expect you to fight the case vehemently and win. There seems to be too many problems with this case. The most ridiculous being why the company is suing you but not the person who stole the domain. I hope that we shed some light on some of these issues in the article.

  • Pingback: My own "WHOIS Guard" - NamePros.com

  • Ed

    whois privacy safe harbours cybersquatters and should be banned immediately.

  • Ricardo

    whois privacy protect criminals and the registrars that enable it deserve to be sued as well.

    • ImFM

      @Ricardo: That’s a very simplified view – I personally that any registry should be allowed to protect their privacy.
      Subject: [dnnews] Re: Registrar Sued Because of Cybersquatter Using Whois Privacy Service

  • http://www.registerprivatedomain.com/articles/WHOIS-Privacy.html Whois Privacy

    I really like this post thanks for share…….

  • http://www.registerprivatedomain.com/articles/WHOIS-Privacy.html Whois Privacy Service

    Quite informational post thanks for share …….keep it up……

  • http://www.registerprivatedomain.com/articles/Domain-Privacy.html Domain Privacy Service

    Quite nice and interesting post thanks………………