In a nutshell, the story centers around the hotel's longtime marketing consultant who was asked by the hotel to create a website. The consultant purchased and registered a domain name for the website, which was identical to the hotel's well-known trade name, and he got the site up and running for the hotel with an on-line reservation system. The site only promoted the hotel's business and the hotel paid the consultant for all expenses associated with the site.
Everything was rosy until the hotel decided to terminate the consultant. Within days of his termination, the rep purchased at least two dozen domain names each of which was a variation on the hotel's website domain name. In addition, the rep stated that he would no longer forward to the hotel any information concerning reservations booked on the hotel's website which he said belonged to him because it was registered in his name and not the hotel's. He did say, however, that he would be willing to sell the domain names to the hotel for the right price.
Thereafter, the consultant shut down the website completely for a period of two weeks and, even after he turned it back on, refused to forward the on-line reservations to the hotel. In the meantime, the hotel had gone out and created a new website with a new domain name which the marketer had forgotten to purchase and so by the time the hotel presented itself in my office, it was literally engaged in a "battle of the websites."
Fortunately for the hotel, in 1999, Congress passed the Anti-Cybersquatting Piracy Act which was just what the doctor ordered because it is designed to prevent a party from registering in bad faith a domain name which is identical or confusingly similar to an established trademark with a bad faith intent to profit from the trademark. Clearly, one of the purposes behind the statute was to prevent exactly what happened in my case where someone goes out and buys similar domain names for purposes of extorting money from the trademark owner by holding the domain names hostage. The statute also has a powerful arsenal of remedies, including injunctive relief, treble damages, lost profits and attorneys' fees, which proved helpful in getting my case settled.
Fortunately, not every instance of domain name piracy is quite as dramatic or poses as serious a threat as my case did. For most of you, the basic questions which you are going to face are: what can I do to protect my domain names and what should I do if they're "stolen"?
Let's take the first question first: how can I proactively protect my domain names? Well, the first thing you should do is register, register and re-register. Hotels should, of course, register all business and domain names which they use with the Patent and Trademark Office and they should also register their domain names across as many top level domains as possible - such as .com, .net and .info, etc. Those of you doing business abroad should also register your domain names in appropriate foreign countries. Slogans and variations of your hotel's name should also be registered as soon and as widely as possible and you should also consider registering natural misspellings and grammatical alternatives to deter typosquatters (which are cybersquatters who intentionally register domain names with common misspellings of well known trademarks in order to "hijack" unsuspecting internet users to their own sites). You might even want to consider registering domain names with unflattering variations on your name to keep it out of the hands of persons with less than honorable intentions. In one well known case, Verizon registered Verizonsucks.com as a defensive measure to keep it out of the hands of potential troublemakers. Unfortunately, it wasn't long before someone else registered Verizonreallysucks.com. You should also keep tabs on when your domain name expires and make sure to re-register it immediately because there is software out there which monitors when domain names have suddenly become available and then registers them immediately if they are well known.
The second thing you should do to protect your names is to have in place a track and monitor system to see if any of your names have been registered by anyone else. A number of traditional trademark "watching" companies offer this kind of service by which on some regular basis an update is provided as a result of their efforts to scour the Internet for potential trademark infringements. There are also numerous Internet specific watching services which offer technology driven solutions for searching and reporting on potentially problematic Internet activities. If you don't want to pay for a search service, you can do it yourself by checking the whois database at networksolutions.com which will also provide you with certain basic information about the registrant of the domain name. Whichever method you choose, you should make sure that the information you get is going to be useful. Obviously, if the information you get is too voluminous to easily review and analyse such as a listing of every similar domain name which doesn't tell you what type of goods or services are being offered or the scope of the domain name's usage, it will not be terribly useful. On the other hand, a service which is limited to reporting on domain names which meet the criteria that you set such as similar services offered by your hotel will be far more valuable.
The next question becomes: what should you do if you discover that someone has registered your name or a similar variation of your name? The answer, unfortunately, is going to depend upon the circumstances because there is no one solution fits all. Clearly, not all threats are created equal and you will need to evaluate the impact of the infringing domain name on your business. My case obviously presented a very serious threat to my client's business. Other situations which may pose a serious threat include uses of your trade names by competitors, websites which offer pornography or disparage your business and sites which are brought to your attention by customers. On the other end of the spectrum are those cases where a domain name is inactive, or where the volume of traffic to the site is minimal, or where the site is being used to promote goods or services which don't pose a threat to your business. Obviously, under these circumstances, it may not be worth it to spend a lot of time and effort pursuing a remedy.
Under any of these scenarios, however, it usually makes sense at least in the first instance to see if you can strike a deal with the domain name owner. Rather than incurring the expense and uncertainty of hiring a lawyer and pursuing a legal solution, it may be worthwhile to see if you can negotiate an amicable solution in which the owner either voluntarily gives up the domain name or agrees to stop using it in an offending manner or agrees to a license agreement in which you maintain control over the trademark and the other party uses it only in a way that you want him to use it. You might also want to consider paying some money to the owner to get rid of him but this has the obvious disadvantage of putting you in a position of "rewarding" a cybersquatter which may set a bad precedent if word gets out to other potential cybersquatters that you're willing to pay rather than fight to recover your domain names.
If you can't achieve an amicable solution, the next, least onerous, alternative is to send a cease-and-desist letter which is basically a demand letter informing the domain name owner that he or she is infringing on your trademark and causing you damage and instructing the infringer to immediately cease and desist using the mark and transfer the domain name over to you or you will turn the matter over to an attorney for appropriate legal action. Again, there are advantages and disadvantages to this approach. The obvious advantage is that the letter may work because the infringer may not have a lot of money and decide that it makes more sense to simply give up the name rather than get embroiled in a legal proceeding. A cease and desist letter also puts a potential infringer who is not actively using the site on notice of the potential infringement, deters potential future infringement and preserves your right to pursue further legal action if the circumstances warrant it. It also shows that you are serious about vigorously enforcing your trademark rights which is important because the trademark laws require you to monitor and enforce your trademark at the risk of losing it if you allow someone else to use the mark in a way that dilutes or tarnishes the trademark or confuses consumers.
The disadvantage to sending a cease and desist letter is that, if the website is not getting a lot of traffic, your action may actually generate publicity and traffic for the site if the owner decides to post your letter on his website or in chat rooms or at other places on the Internet. In one infamous case, Archie Comics sent a cease and desist letter to enforce its Veronica trademark to an individual who had registered the domain name Veronica.org. Unfortunately for the company, the domain name owner had merely set up the website for his two year old daughter named Veronica and had posted pictures of his daughter on the site which looked nothing like the comic book character. After Veronica's dad posted the company's cease and desist letter on his website along with his polite response, the news spread quickly through Internet mailing lists and was widely reported in the on-line and print press. In another similar case, the Toho Company of Japan which has the rights to the Godzilla name and character ordered a website owner to shut down his site called Davezilla.com. Instead, the site owner put the text of the letter online and the story ended up in the New York Times. So, obviously, you'll want to be careful and do your homework before you send out any letters. You may also want to consider sending a "soft" notice which is a kinder and gentler version of the standard "tough" form cease and desist letter which is more neutral in content and basically says we're watching you and if you start to infringe we will pursue you.
The next question becomes: what should you do if the cease and desist letter is ignored? In that case, you'll need to carefully weigh the costs and benefits of a legal challenge. Here, again, you'll want to consider the content of the infringing site, whether the site has received any publicity, whether there have been any customer complaints, etc. If the site is inactive or not in use, it may make sense to do nothing and simply monitor the site to make sure that it remains inactive.
If you decide to mount a legal challenge, you have two options. The first is that you can do what I did and bring a lawsuit alleging violations of the Anti-Cybersquatting Piracy Act and the other trademark infringement statutes. This can be a very powerful and effective strategy especially if you're looking to not only recover your domain name but also obtain money damages against the cybersquatter. However, it can also be a very expensive strategy and obviously carries with it the risks and uncertainties associated with any litigation.
The other option you have is to pursue a streamlined procedure for reclaiming your domain name quickly and inexpensively in a specialized type of arbitration proceeding which was specifically designed to deal with domain name piracy disputes. I recommend this option as a remedy of choice for "run of the mill" cybersquatters who are more of a nuisance than a serious threat to your business. This proceeding went into effect in 1999 when the Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit corporation responsible for managing the Internet's domain name system, adopted the Uniform Domain Name Dispute Resolution Policy (UDRP) which provides for arbitration of domain name piracy disputes in forums such as the World Intellectual Property Organization.
The way it works is you file a complaint which cannot exceed 10 pages in length and pay a filing fee of approximately $1500 per domain name. The other side then has 20 days to file an answer and you have the option of filing a reply within 5 days thereafter. The arbitrator issues his ruling two weeks later and if you win the domain name is transferred to you within 10 days of the decision. The entire process from start to finish usually takes only 45-60 days. What you need to show is that: 1) the domain name registered by the third party is identical or confusingly similar to a trademark in which you have rights; 2) the domain name holder has no rights or legitimate interest in the domain name; and 3) the domain name has been registered in bad faith. Because there is no discovery, briefs, trial or appearance before the arbitrator, the legal fees are substantially less than what they would be for a lawsuit. The odds of winning are also very much in your favor -- approximately 70% of the decisions in the last three years have been in favor of trademark owners. In addition, it is not unusual for a domain name owner to simply default and not respond to the complaint which was the case initially in a large number of filings.
Needless to say, this can be an extremely useful tool. For example, Holiday Inn has achieved some success with this procedure in at least two cases which it brought against cybersquatters. In the first case, a hotel room reseller registered a domain name which was similar to a Holiday Inn domain name ("www.holiday-inn-hotels.net") and, when internet users mistakenly proceeded to the site thinking it belonged to Holiday Inn, they were offered rooms in hotels not affiliated with Holiday Inn. In the other case, a company offering restaurant and reception services again registered a confusingly similar domain name which led users to a website which, at various times, either promoted the company's competing services or offered sexually explicit material promoting a topless dance club. In both cases, the arbitrator ordered that the domain names be transferred to Holiday Inn.
While this type of arbitration can be very effective, it is clearly not appropriate for every case. For one thing, the relief is limited to the transfer of the domain name -- money damages are not available. In addition, there is no provision for discovery so you will not have the opportunity to uncover additional information. Finally, courts have held that this type of proceeding doesn't qualify as a "true" arbitration and, as a result, the arbitrator's decision is not entitled to any special deference so you're basically starting from scratch all over again. Under these circumstances, you're probably better off simply bringing your federal lawsuit under the Anti-Cybersquatting Piracy Act.
As you can see, there are a lot different strategies which you can use to deal with domain name piracy but there are also a number of pitfalls so you'll want to weigh the pros and cons carefully before embarking upon a particular solution. As a trademark owner, though, you can take comfort in the fact that while you need to pick and choose your battles carefully, if you do choose to stand and fight there is a lot of ammunition out there for you to preserve or reclaim your good names.
About the Author
Peter M. Ripin is a partner with the law firm of Davidoff Malito & Hutcher LLP in New York City where he practices in the areas of business litigation and dispute resolution. Mr. Ripin has represented numerous institutions and individuals in the hotel and hospitality industries including hotels in connection with disputes concerning website domain name piracy and the Anti-Cybersquatting Piracy Act, timeshare developers and managers in disputes arising out of joint ventures, restaurant franchisees in connection with actions seeking to terminate their franchise agreements and large catering halls involving significant business disputes. In addition, Mr. Ripin has written, lectured and been interviewed on legal issues affecting the hotel and hospitality industries including franchising and domain name piracy.
Mr. Ripin was formerly associated with the New York law firms of Kelley Drye & Warren and Shea & Gould and is a cum laude graduate of Columbia University and Georgetown University Law Center.
He may be reached at (212) 557-7200 and email@example.com.
Logos, product and company names mentioned are the property of their respective owners.