Recent Case Notes & Commentary

Cybersquatting on Law Firms - the UDRP in Action

Budage Pty Ltd v. WhoisGuard, Inc / Regina Parrish

WIPO Case No. DCO2019-0016

6 June , 2019

and

Linklaters LLP v. WhoisGuard Protected / Cindy Smith

WIPO Case No. D2019-0941

7 June, 2019


Law firms, like drug companies and celebrities, are sitting ducks for having their good names besmirched by cybersquatters. The two latest victims are the prestigious Australian firm of solicitors, Clayton Utz and the international firm Linklaters.


These two cases were brought under the Uniform Domain Name Dispute Resolution Policy, (UDRP) which is designed to rectify clear instances cybersquatting. It is good to see that the arbitration process provided under the Policy is usually carried out swiftly and effectively. At its core, the UDRP was created to protect the rights of trademark holders from bad faith and malicious use of internet domain names and, generally speaking, it does a good job.


Both cases were relatively straightforward, and undefended by the respondents (the parties who registered the domain name) and both were examples of how domain names can be used for fraudulent and deceptive behaviour, if safeguards are not established. As such, the arbitration panels who decided the cases had no hesitation in finding for the complainants and transferring the disputed domain names to them. But what a nuisance for Clayton Utz and Linklaters to have to go through the whole process when they might have avoided it by registering a few more domain names as well as the ‘.com” to cover themselves.


The Clayton Utz Case

Clayton Utz has held a trademark since 2010 for its trading name, Clayton Utz. Its primary website is at <claytonutz.com>.


The Respondent registered the disputed domain name in one of the new extensions- <claytonutz.co> in March 2019 and used it primarily for a fraudulent email scheme. Specifically, it sent emails from the disputed domain name under the name of the Chief Executive Partner of Clayton Utz, with the aim of soliciting payments and information. Having been made aware of this, the Complainant brought a claim to the UDRP.


Even through the Respondent did not submit a defence, it was still necessary for the Complainant to prove all three elements of the policy to ensure the domain name was transferred.


The Findings

Based on the evidence submitted by the Complainant, the panel had no difficulty in finding in favour of Clayton Utz under all three elements.


First, the disputed domain name, except for the TLD or umbrella extension of “.co” was identical to the complainant’s mark.


Secondly, the fact that the domain name, which in itself is a distinctive trademark was used in a fraudulent email scheme, and for pay-per-click links, led the panel to conclude that the goodwill of the trademark was being taken advantage of. As such, the respondents’ use of the disputed domain was not for a bona fide offering of goods and services, nor any legitimate or fair non-commercial use.


In finding the last element of the policy, bad faith use and registration, the panel emphasised that the respondent’s use of the domain name was “deceptive and fraudulent” and that, of course, must be bad faith. The email scheme, a clear example of what is called “phishing”, must have occurred with the knowledge of and intent to take advantage of the complainant’s trademarks, given that names of members of the complainant’s business were attempted to be used in the email scheme. Based on the substantive evidence, the panel found this to be a clear example of bad faith registration and use.


Given the three elements of the policy were successfully proved by the complainant, the panel ordered the domain name be transferred, highlighting the straightforward and streamlined process the UDRP provides to victims of obvious cybersquatting.


The Linklaters’ Case

Linklaters’ case was also straightforward and was based on another attempted fraud. This time, the miscreant had not used the new “.co” extension, as in Clayton Utz’s case, but had just taken Linklaters’ name and added a generic word, to create the domain name < linklaters-lawfirm.com>.The domain name had been used to create an email address in the name of an employee of the firm and an email had then been sent to a certain person to try to mislead him into paying out US$ 945,000.00. Wishful thinking ! Two other companies had also notified Linklaters of similar attempts to extract money fraudulently, using the same email address connected to the Domain Name.


The Panel did the same analysis and reached the same conclusion as the panel in Clayton Utz’s case. Both firms received the transfer of the domain names so all is well that ends well.


However, with an ever-increasing number of TLDs ( like “.law” and “.club” etc) now available, these instances also serve as a reminder for organisations that are often the subject of phishing and cybersquatting to ensure their domain registrations are in order. Preventing phishing by purchasing extra domain names in a range of TLDs when they first become available is almost always the easier and cheaper option than making a claim under the UDRP or suing in the courts. The modest registration fees have to be paid, but what a relief to know that you do not have to keep worrying about whether you will ha to face another domain name attack on your firm.