Recent Case Notes & Commentary

Recovering Domain Names Lost to Fraudulent Transfer

By Gerald M. Levine

First Published on circleid.com on 29th August 2019. Reproduced with author's permission. Click here to view the original article.


Domain Names composed of generic terms and combinations — dictionary words, random letters, and short strings — have achieved ascending values in the secondary market. DNJournal.com (Ron Jackson) reports on his year to date chart, for example (just a random sampling from the charts) in August 2019 <joyride.com> was sold for $300,000, in June <voice.com> sold for $30 million, in July <rx.com> sold for $1 million, and in January <california.com> sold for $3 million; on his weekly chart for August 19-25 he reports that <skew.com> was sold for $93,000 and <homee.com> for $20,000. Resellers of every size have inventories of domain names in some instances so large and varied they have become veritable department stores for every conceivable taste and possible brand. The magnitude of the reported sales suggests that businesses have come to depend on resellers than go to the trouble of inventing brand names from scratch.


Needless to say, such values for domain names offer enticing opportunities for mischief, and at the same time put registrants of valuable domain names at risk of having them stolen from their accounts. (For a useful discussion on domain name theft see Domain Name Theft: How to Avoid Buying Stolen Domain Names & Protect Your Own Domain Names). The sheer value and sometimes easy picking incites thieves to mine registration accounts for saleable domain names. Recent fraudulent transfers, as reported in DomainNameWire (Andrew Allemann) include <eqn.com>, <1001.com>, <864.com>, and in an August 26 blog he reports on another lawsuit involving <tabelaFipeBrasil.com>. (See Mr. Allemann's advice on protecting domain names). I'll discuss the "EQN" case further in context with other cases decided in federal court under the Anticybersquatting Consumer Protection Act (ACPA). Fraudulent transfers often happen without holders' immediate knowledge of the thefts, and it may take many months before they even learn the domain names have disappeared from their accounts.


The question is, what legal steps must victims take, and what are their chances of recovering fraudulently transferred domain names? The Uniform Domain Name Dispute Resolution Policy (UDRP) has been successfully applied, although some panelists have got it wrong, Lawrence Gurreri v. To Thai Ninh, FA100600 1328554 (Forum July 12, 2010) (<internationalcircuit.com>) where the Panel found that "alleged theft of a domain name falls outside the narrow scope of the UDRP." The correct view is expressed in Anglotopia, LLC v. Artem Bezshapochny, D2013-0168 (WIPO March 13, 2013) (<anglotopia.net>) in which Respondent argued that "the Policy is not designed to deal with allegations of fraud or theft," to which the Panel responded that that is only true "where a complainant does not have trademark rights and is seeking to recapture a hijacked domain name," but where complainant has trademark rights the claim falls within the Policy.


In fact, panelists have not hesitated to condemn fraudulent transfers and return domain names to complainants on a theory that hacking and transferring are abusive registrations. To take one example of several, the Panel in Stepp Manufacturing Company Incorporated v. Protection of Private Person, FA1608001686520 (Forum September 9, 2016) (<steppmfg.com>) pointed out that


Prior panels have held that a respondent's apparent hijacking of another's domain has registered and used the domain in bad faith ... [citing] ITX sarl v. Steiner, FA 1222737 (Forum October 24, 2008) (finding that, where "Complainant has shown that it has a long-term ownership of the domain name at issue before the domain name came under the control of Respondent," and where there was also evidence that the domain name had been transferred to Respondent without the permission of Complainant at a time when Complainant was the registered owner of the domain name, Respondent had registered and was using the disputed domain name in bad faith pursuant to Policy ¶ 4(a)(iii).")


Compared to cases brought to federal court under the ACPA, the UDRP database contains a relatively small number of transfers of hijacked domain names, and none recently. This may be because the UDRP is designed to deal with domain names serviced by registrars, rather than domain names in the root directory administered by registries. With this as background it is interesting that the UDRP database contains no investor-reseller complaints even though they certainly have viable marketing or monetizing businesses for their domain names sufficient (one would think) to prove common law rights. The reason for this (I think) is the difficulty for this class of victim to prove it does have those rights.


Rather than test their claims under the UDRP, investor-resellers have turned to the Eastern District of Virginia, Alexandria Division (the location of Verisign, Inc., the dot com registry) to recover possession of the domain names under the ACPA. That court has proved particularly friendly to the argument that marketing and monetizing domain names supports common law rights.


The lead case, Weitzman v. Lead Networks Domains, l:09-cv-01141 (ED Virginia, Alexandria Div, 9/24/2010) involved nineteen domain names including <daffy.com>, <oncologics.com>, and <sunlet.com>. On the issue of common law rights and standing, the court (Magistrate's Recommendation) found:


Plaintiff is in the business of domain monetizing and establishes and registers domain names for the purpose of turning Internet traffic into monetary gain through the use of "click through traffic." (Compl. 9.) Domain monetizing is a process in which advertisements are placed on "parked" domain names in order to generate revenue for both the party that owns the domain and the party that places the advertisement.... Plaintiff's pervasive use of the Domain Names transposed the trademarks into valuable assets to Plaintiff, representing Plaintiff's substantialgoodwill and solid reputation with consumers. (Compl. ¶ 12.) Therefore, through Plaintiff's longstanding, continuous, and exclusive use of the Domain Names, Plaintiff owns valid and enforceable rights to each of the registered Domain Names. (Emphasis added).


The Magistrate Judge concluded that "legal precedent dictates that Plaintiffs Domain Names should be afforded the protection of the ACPA."


This view of investor-monetizing/reseller rights is recognized in later cases. In Traffic Names, Ltd. V. Zhenghui Yiming In Re: 224.com, 604.com; and 452.com, 1:14cv1607 (E.D. Va, Alexandria Division April, 14 and May 12, 2015) the Magistrate Judge held: "Plaintiff's registration of the Subject Domain Names and use of them in business since that registration esta