NordVPN Promotion

Home / Blogs

ACPA Dilemma: Federal Court Denies Injunction in Landmark Case - Cybersquatting Loophole or Legal Oversight?

Protect your privacy:  Get NordVPN  [ Deal: 73% off 2-year plans + 3 extra months ]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

This case had a bit of a weird result—even though the brand owner had a mark that was 20 years old, and the alleged cybersquatter, in the meantime, acquired a domain name on the open market identical to that mark, because the domain name was first registered (by an unrelated party) before the brand owner’s trademark rights arose, there was no relief under federal trademark law. One may question whether such a result creates a loophole for bad-faith actors.

History of registration and rights

Someone—no one seems to know who—first registered the disputed domain name <trx.com> back in 1999. In 2003, plaintiff’s successor in interest (via bankruptcy) began using the trademark TRX, thereby acquiring rights in the mark. Defendant bought the domain name in 2022.

Plaintiff sued defendant under the Anticybersquatting Consumer Protection Act (ACPA)1, a part of U.S. trademark law that deals with bad faith domain name registration. Plaintiff sought a preliminary injunction ordering the transfer of the disputed domain name pending resolution of the lawsuit. The court denied the motion because it found that plaintiff had not established that plaintiff would likely succeed on the merits of the cybersquatting claim.

Outcome up for critique

The legal holding is potentially problematic, however, and represents a point on which different federal courts sitting in different parts of the country handle cybersquatting claims differently under the ACPA.

In this case, the court held that plaintiff’s cybersquatting claim depended on when the disputed domain name was first registered. Citing to a 2023 case from the same district, Blair v. Automobili Lamborghini SpA, which in turn relied on the Ninth Circuit’s opinion in GoPets Ltd. v. Hise, 657 F.3d 1024 (9th Cir. 2011), the court explained that liability for cybersquatting is possible “only when a person other than the trademark owner registers a domain name that is confusingly similar to a trademark that is distinctive at the time of the domain name’s registration.” It went on to note that “[i]n other words, if a domain name is registered before a particular trademark exists, the trademark owner cannot assert a viable cybersquatting claim against the domain name owner.”

So, under this logic, because the domain name was registered prior to 2003 (when the rights in the TRX mark came into existence), there is no way the plaintiff’s TRX mark could have been distinctive at the time of the domain name’s registration. The court came to this conclusion even though the record demonstrated that some unknown person, other than defendant, first registered the disputed domain name and that defendant first acquired the domain name on the market many years after the TRX mark had become distinctive.

It is interesting to note that this outcome conflicts with decisions in other circuits that hold “re-registration” by a new owner counts as the time for evaluating whether a mark with which a domain name may be confusingly similar, is distinctive. See, e.g., Instructure, Inc. v. Canvas Technologies, Inc., 2022 WL 43829 (D. Utah, January 5, 2022). One could argue it is bad policy for the ACPA system to essentially absolve a bad faith actor who acquires a domain name that contains a protectible mark but was first registered by someone else not acting in bad faith prior to the time the mark became strong.

  1. JFXD TRX ACQ LLC, v. trx.com, 2024 WL 98424 (D. Ariz., January 9, 2023) 

By Evan D. Brown, Attorney

Evan focuses on technology and intellectual property law at the law firm of Neal & McDevitt. He maintains a law and technology focused blog at evan.law and is a Domain Name Panelist with the World Intellectual Property Organization deciding cases under the UDRP.

Visit Page

Filed Under

Comments

Probably the least weird thing yet John Berryhill  –  Jan 11, 2024 12:33 PM

There’s been a lot of weird up to this point.

First, the domain name was the subject of a UDRP back in 2022:
https://www.adrforum.com/DomainDecisions/2016615.htm

The registrant of the domain name filed suit in the District of Arizona to stop the UDRP transfer.  Among the things you will notice in that UDRP decision is that the Complainant was not the owner of the alleged trademark registration.  The Complainant in the UDRP proceeding was the original applicant of the trademark registration, but who has been in bankruptcy proceedings in California for a while now.

The UDRP Complainant had the District Arizona suspend the post-UDRP lawsuit, claiming the bankruptcy barred the suit.  The interesting question there is why the bankruptcy did not bar the UDRP in the first place, or why they fraudulently claimed to be the owner of the trademark.

Be that as it may, upon pausing the first suit in Arizona, an apparent alter ego of the Complainant and Plaintiff in the subject suit of this article filed a suit in Virginia seeking transfer of the domain name.  The Virginia court, taking note of the prior proceeding in Arizona, threw that suit out.

So, to continue to defer the questions about why the bankrupt UDRP Complainant filed a fraudulent UDRP proceeding, this alter ego of that Complainant filed this new suit in Arizona, in which the TRO has been denied.

Not having looked at this in detail, it is not clear whether the court’s decision was influenced by the long line of shenanigans that have been going on up to this point.

What's the registration history of the domain? Todd Knarr  –  Jan 13, 2024 10:54 PM

My thinking on it goes that it should depend on the history of the domain registration. If the domain’s never gone out of registration, if it’s been renewed before reaching the registration’s expiration date, then transfers of the domain shouldn’t matter as far as the right of the registrant to use the domain are concerned. The original registrant had the right to use it because there wasn’t a trademark in existence when they registered the domain, and they have the right to sell/transfer the domain to someone else which ought to mean all the rights the seller had transfer to the buyer right along with the domain. That a trademark had come into existence after the original registration but before the transfer shouldn’t matter any more than it should matter if I were transferring a business to someone else.

If the registration ever dropped, though, that changes things. Even if the registrar or registry held the name after it reached it’s expiration date and if someone bought the name from them, the right the original registrant (or subsequent holder) had to use the name cease at the moment of expiration. They don’t automatically transfer to the registrar or registry because the entity that held those rights didn’t take action to transfer them and nobody ought to be able to just grab their rights out of their hands without their involvement even if those rights are about to go into the trash bin.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

NordVPN Promotion