Jul 5, 2018

Cybersquatting –How To Protect Your Domain Name/Website From Cybersquatters In Nigeria | Davidson Oturu LL.M



Domain Name

A domain name is a unique name that an individual or organization chooses in order to identify his/its website. Every website has its own domain name which comprises of a registered Internet Protocol (IP) address. Example of domain names for some popular websites include “facebook.com” and “mondaq.com”.


A domain name is required to have a word (Second-Level Name) and a suffix (Top Level Domain Name). For example, with the domain name mondaq.com, "mondaq" is the Second-Level Name and the suffix, ".com", is the Top Level Domain (TLD).



The Internet Corporation for Assigned Names and Numbers (ICANN) recognizes the following Top Level Domains:

·        infrastructure top-level domain (ARPA)

·        generic top-level domains (gTLD)

·        restricted generic top-level domains (grTLD)

·        sponsored top-level domains (sTLD)

·        country code top-level domains (ccTLD)

·        test top-level domains (tTLD)


However, TLDs are generally categorised as generic Top Level Domains (gTLDs) and Country-Code Top Level Domain (ccTLDs). Thus a person may choose to register his domain name in any number of existing TLDs.


What is cybersquatting?

There are a number of definitions of the term, cybersquatting. The term is derived from “squatting” which is the act of occupying an abandoned or unoccupied space or building that the squatter does not own, rent, or otherwise have permission to use.


One author defines cybersquatting as “when a person other than the owner of a well-known trademark registers that trademark as an Internet domain name and then attempts to profit from it either by ransoming the domain name back to the trademark owner or by using the domain name to divert business from the trademark owner to the owner of the domain name”[1].


ICANN defines it as “generally bad faith registration of another's trademark in a domain name[2],”The Nigerian Cybercrimes (Prohibition, Prevention, Etc) Act 2015 (Cybercrimes Act) also defines it as a crime committed where a person intentionally makes use of a name, business name, trademark, domain name or other word or phrase registered, owned or in use by any person on the internet or any other computer network, without authority or right, and for the purpose of interfering with their use by the owner, registrant or legitimate prior user”.[3]


In summary, cybersquatting can be said to refer to illegal domain name use or registration. It can have different variations and can arise where in bad faith, a person steals a domain name in order to profit from the goodwill of someone else’s trademark or company name which could lead to an increase in patronage and website visits by unsuspecting consumers. It can also arise where a person registers the domain name that he has no affiliation with so that he can eventually sell it to the rightful owner of the trademark.


Another variation of cybersquatting is “typosquatting” which is also called Uniform Resource Locator (URL) hijacking. This is a form of brandjacking which relies on typographical errors made by Internet users when inputting a website address into a web browser. Thus in a situation where a user accidentally enters an incorrect URL or website address, they may be led to the cyber squatters website. The registered domain will have advertisements of services similar to the original one so that the user who made a typing mistake will click on these links, generating revenue for the bogus domain name.


Examples of some cases involving typosquatting include the following:

1)     Google v Goggle

In 2011, Google filed a complaint with National Arbitration forum and successfully got “Goggle.com”, “Goggle.net”, and “Goggle.org”, which were considered phishing/fraud sites, taken down. [4]


2)     YouTube v. YouTube.Ph and Youube

Google also filed complaints with the World Intellectual Property (WIPO) over the use of the domain names “YouTube.ph” and “youube .com”. While the former was a domain name that led to another website, VideoRewardCentral.com[5], the latter was a proxy site loaded with advertisement link[6] 


3)     Air France and British Airways

International airlines such as Air France and British Airways have also been victims of cybersquatting. www.airfrance.com has been typosquatted by www.arifrance.com, which diverted users to a website peddling discount travel. Similarly, www.britishairways.com has been typosquatted by www.british-air-ways.com[7]



Remedies

A victim of cybersquatting in Nigeria has three options which are as follows:

Institute an action under the provisions of the Cybercrimes Act 2015;

use an international arbitration system created by ICANN; or

institute proceedings at the Nigeria Internet Registration Association 

These remedies are considered below.



INSTITUTE AN ACTION UNDER THE PROVISIONS OF THE CYBERCRIMES ACT 2015

It is interesting to note that the Cybercrimes Act criminalises cybersquatting which means that it is an offence punishable under the law. Section 25 of the Cybercrimes Act provides that a person who commits the crime of cybersquatting is liable to be punished with imprisonment of a maximum term of two years or a fine of not more than N5,000,000 (five million Naira) or to both the fine and imprisonment.


It is also noteworthy that the owner of the domain name that is being subjected to cybersquatting does not need to prove that he owns a trademark that is related to the domain name. What he would be required to do would be to show that he has a registered name, domain name or business name. Where the complainant is successful in court, an order can be made directing the cybersquatter to relinquish such registered name, mark, trademark, domain name, or other word or phrase to the complainant who would be deemed to be the rightful owner of the domain name.


USE AN INTERNATIONAL ARBITRATION SYSTEM CREATED BY ICANN

In order to address all disputes which may arise regarding the ownership of a domain name, ICANN in conjunction with WIPO developed the Uniform Dispute Resolution Policy ("UDRP") and the UDRP Rules.


Through the UDRP, ICANN and WIPO have provided a mechanism for rapid, cheap and reasonable resolution of domain name conflicts by avoiding the traditional court system for disputes and allowing cases to be brought to a set of bodies that determine domain name disputes.The UDRP (https://www.icann.org/udrp/udrp-policy24oct99.htm) sets out the framework for the resolution of disputes between a domain name registrant and a third party (i.e., a party other than the registrar) over the abusive registration and use of an Internet domain name. The essence of the UDRP is to enable anyone in the world file a domain name complaint concerning a gTLD or ccTLD using the UDRP Administrative Procedure. Thus any owner of a domain name that believes that someone is cybersquatting can file a complaint before any ICANN accredited dispute resolution service provider.

This is made possible due to the fact that ICANN accredited registrars that are authorised to register names in the gTLDs and the ccTLDs that have adopted the Policy and agreed to abide by and implement the UDRP Rules for those domains. Furthermore, any person or entity wishing to register a domain name in the gTLDs in question is required to consent to the terms and conditions of the UDRP. According to the ICANN policy, a domain registrant must agree to be bound by the UDRP — they cannot get a domain name without agreeing to this. To effect this, a Dispute Resolution Policy clause is usually inserted in the domain name registration agreement stating that if the registration of the domain name is challenged by a third party, the registrant shall be subject to the provisions specified in the UDRP.


Paragraph 4(a) of the UDRP Rules provides that a complainant must be able to establish the following:

  • the domain name registered by the domain name registrant is identical or confusingly similar to a trademark or service mark in which the complainant has rights; 
  • the domain name registrant has no rights or legitimate interests in respect of the domain name in question; and
  • the domain name has been registered and is being used in bad faith.

The effect of the foregoing is that only the owner of an already existing trademark or service mark can bring an action under the UDRP. Consequently, where a domain name offends the provisions of the UDRP Policy, there will be no financial remedy/award but the offending domain name would be cancelled and/or transferred in favour of the person who possesses the registered trademark. 


Where the cybersquatter refuses to attend the UDRP proceedings, the ICANN arbitration forum will hear the complaint in his absence and examine the proof presented by the complainant. If it is deemed satisfactory, a decision can be entered in favour of the complainant.



PROCEEDINGS AT NiRA

The Nigeria Internet Registration Association (NiRA) is the Nigerian registry for .ng Internet Domain Names and it maintains the database of names registered in the .ng ccTLD. If a domain name owner’s website is a ccTLD and ends with ‘.ng’, he may choose to institute his action at the NiRA which has its own set of rules and policies known as the NIRA Dispute Resolution Policy (NDRP).

The NDRP (https://www.nira.org.ng/images/Policies/NIRA DISPUTE RESOLUTION POLICY.pdf) is similar to the UDRP and sets out the framework for the resolution of ccTLD domain name disputes. Paragraph 4a of the NDRP Rules is identical to paragraph 4b of the UDRP Rules and it sets out the conditions that the complainant must satisfy before he can have a decision in his favour. Where the complainant is successful, he can have the cybersquatter’s domain name transferred to him and/or cancelled by the NDRP.



Conclusion

Cybersquatting remains a threat to legitimate business owners in the evolving digital age. Statistics show that WIPO handled a record-high of 3,074 cybersquatting disputes in 2017 under the UDRP with three industries (banking and finance, fashion, and internet and IT) accounting for nearly one-third of all disputes. [8]



With cybersquatting now regarded as a crime in Nigeria, it is possible that would-be cybersquatters may be discouraged from participating in this nefarious activity. However, with there being no record of any arrest and prosecution, only time will tell if the law will be effective or if it may be better for a complainant to rely on the UDRP procedure which has proven to be effective in several jurisdictions.



For extensive information on cybersquatting, domain names, and intellectual property rights, you may contact the author of this article at doturu@aelex.com.



[1] Cornell Law School “Legal Information Institute” Cybersquatting


[3] Section 25(1) of the Cybercrimes Act

[4] Domain Name Wire “Google wants to take down Goggle”

[5]Domain Name Wire “Scammy Surveys Will Bring Renewed Attention to Cybersquatting”

[6]The Economic Times, “Your spelling errors can help typosquatters make big bucks” <//economictimes.indiatimes.com/articleshow/5884936.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst>

[7] Findlaw, “Protecting Your Intellectual Property from Domain Name Typosquatters”

[8]World Intellectual Property Organization WIPO Cybersquatting Cases Reach New Record in 2017 http://www.wipo.int/pressroom/en/articles/2018/article_0001.html







Partner at Aelex/IP, Franchising & Brand Protection | Corporate & Commercial | Dispute Resolution
Share:

0 comments:

Post a Comment

The Nigerian blawg

Disclaimer:- Posts and comments by the publishers of this blog do not constitute legal advice or create an attorney-client relationship.

Be the 1st to read our blawgs

Archive

Advertise

Twitter

CONTACT US

Name

Email *

Message *

Powered by Blogger.