Bloomberg News recently reported that Verizon won $33.2 million in a lawsuit against OnlineNIC, an Internet services company, that it claimed had registered hundreds of domain names with Verizon trademarks. Evidently, Verizon’s brands weren’t the only ones targeted. Nearly a million cybersquatted domains were identified, and they included many of the best-known brand names.
It’s great that OnlineNIC took a hit for their cybersquatting practices, but there really are so few of these large-scale cybersquatters out there. The majority of infringements are held by “small time” cybersquatters, hobbyists who only own a few names. The ACPA’s current statutory damage range per domain name is rather low—this requires brand owners to identify cybersquatters with large numbers of infringements in order for the award to offset the cost of filing the complaint. As a result, the vast majority of cybersquatters seldom fall into an ACPA complaint and the sort of large damage award seen in the Verizon case is a rarity.
As I told SC Magazine, cybersquatting is really about death by a thousand cuts. Take for example the 239 typo variations that are just one character off of “facebook” in the dot-COM, dot-NET, dot-ORG, dot-BIZ and dot-INFO extensions. These domain names are registered under 163 different registrants. That is just 1.46 domains per registrant. We treated each privacy-protected registration as a unique registrant to make this calculation.
I find that large-scale cybersquatters tend to have some of the least attractive infringements. They hold vast quantities of marginally attractive infringements that receive meaningful traffic only when you add up the traffic from each. Interestingly, I often find that hobbyists own the best infringements—the ones that get the most traffic—because they were first to the feast and gobbled up a potent set of the most intuitive combinations and common typos ahead of the large-scale operators.
There needs to be an adequate deterrent to prevent cybersquatting in all its forms—cybersquatting even one domain name should be a risk that no one would want to take.
Latest posts by Josh Bourne (see all)
- Cyber Monday 2018: Analyzing the DNS to Uncover Threats to Businesses and Consumers - November 25, 2018
- Beyond the Dot: Featured Speaker Scott Bradner discusses GDPR - March 28, 2018
- Cyber Threats on the Rise:Protect Your Brand - February 20, 2018