Case Against Cybersquatters
On April 30, a California federal court decided a case against 10 different domain holders and one company: $2.8 million was awarded to Facebook under the Anticybersquatting Consumer Protection Act (ACPA). The issue: 105 domain names violated the ACPA. Where were the web hosting companies in all of this? Shouldn't they have provided guidance to stop this behavior?
These cybersquatters created 105 domain names, all variations of Facebook – dacebook.com, fececbook.com, and even variations incorporating the correctly spelled “facebook.” Most of the shared hosting domains redirect users to landing sites run by Cleanser Products, the single company named in the lawsuit.
Court documents state, “While some of the landing websites to which users were redirected looked similar to Facebook, they are noticeably different. On the contrary, in eAdGear the infringing domain and website appeared to be the site it was infringing upon, and even purported to sell the same products…So while the Court should not look beyond the domain name to consider the content of a website in determining whether there is an ACPA violation, the content is relevant in determining a “just” damages award.”
The shared hosting domains containing misspelled variations of Facebook are examples of typosquatting, which is when someone registers a domain banking on the fact people are going to mistype the web address they wish to visit. When they mistype the address, they are redirected to the bogus website. Oftentimes the site appears to be legitimate, complete with logos and copycat content and layout.
In the case, the court actually went through each domain and assessed damages based on whether or not they were instances of typosquatting or blatant cybersquatting. They looked at things such as how many registered domains infringed upon Facebook's trademark, and if they were making money off of the errors.
In the court documents: “While all Default Defendants acted in bad faith by intentionally diverting consumers from Facebook, their conduct differs in terms of degree of maliciousness and wrongdoing.”
How Damages Were Calculated
The Court used a formula in order to determine what each defendant would pay based on the degree to which they violated the ACPA, along with other factors which include: did the domain name contain the proper spelling of Facebook; did the person registering the domain attempt to conceal their identity; how many domain names did they register; is the registrant a serial cybersquatter?
Basically, the more domain names a person registered maliciously, the steeper the penalty. If someone registered from one to nine domains, they were fined $5,000 per domain; 10 to 19 domains were fined $10,000 per domain; 20 to 29 domains $15,000 per domain; 30 to 39 domains $20,000 per domain; and 40-49 domains $25,000 per domain.
Regarding those domains that redirected traffic to Cleaner Products' website, the Court decided that this was worse behavior due to the fact users were being deceived into believing that they were actually on the official Facebook site. Furthermore, the monetization of these sites — where users would click ads or buy products — led to steeper penalties.
“In recognition of the egregiousness of this conduct, Defendants that engaged in this conduct will be subject to twice the amount of base damages (or “double-multiplier”) for each domain that redirected users to Cleanser Products' websites,” reads court documents.
Typosquatting or serial cybersquatting also led to this double-multiplier. Those sites using the real “facebook” spelling were fined an additional $5,000 per domain.
Case Against Cybersquatters: Protect Yourself
You probably aren't planning some elaborate scheme to create a copycat website, or even a site that intentionally misspells a trademarked website's domain in order to lure users to your site to make money. However, you do need to be careful.
Generally, creating a site like gacebook.com won't land you into trouble if you aren't a) selling the name to Facebook or b) making money off of it while tricking users into thinking they are actually on Facebook's website.
The best thing you can do: don't create a name similar to any branded site or company. Any good web hosting company will guide you in the right direction, and watch out for the domain name you end up choosing.
Have you ever come across a site that is actually a typosquatter? Did it fool you into thinking you were in the right place?
Facebook filed a lawsuit on Monday, October 28, 2019, in the US District Court of the Northern District of California accusing web hosts OnlineNIC and ID Shield hosting websites with trademark infringement and cybersquatting. The company listed at least 20 sites using the Facebook name and images allegedly for illicit activities like offering tools for phishing and hacking on Facebook and Instagram accounts.
The hosted websites m-facebook-login.com do contain URLs designed to look like official Facebook login page and Instagram URLs. The phishing websites reportedly intended to trick visitors into accidentally giving up their passwords.
The company requests a $100,000 payment for damages for each domain name, totaling to at least $2 million. The company wanted to stop phishing pages and hacking operations. For that, they sent multiple takedown requests to the two defendants, arguing the company's trademark infringement by these websites. Facebook says that they sent five notices to host ID Shield to disclose the owners behind sites like “facebook-login. com, HackSomeonesFacebook. com, BuyInstagramFans. com,” The hosts OnlineNIC and ID Shield didn't respond to requests for comment.