February 22, 2021
Authored and Edited by Jonathan Uffelman; Margaret A. Esquenet
Considering allegations under the Anti-cybersquatting Consumer Protection Act and trademark infringement, the U.S. District Court for the District of Arizona allowed a case to proceed against a domain name proxy service. Though the merits of the case have yet to be decided, the case offers a ray of hope to brand owners addressing cybersquatted domain names registered by unknown domain registrants.
Defendant Namecheap is a domain name registrar that allows its customers to opt into defendant WhoisGuard’s proxy service. WhoisGuard keeps a domain registrant’s WHOIS contact information concealed from the public by registering Namecheap’s customers’ domain names in the name of WhoisGuard (i.e., displaying WhoisGuard’s name and contact information in WHOIS records). It then licenses the domains back to Namecheap’s customers.
Plaintiffs Facebook, Instagram, and WhatsApp (collectively “Facebook”) alleged that at least forty-five domains registered by WhoisGuard are confusingly similar to their trademarks. Over sixteen months, Facebook had contacted WhoisGuard about the infringing domain names, asking WhoisGuard to reveal the licensees’ identities. WhoisGuard refused. Facebook sued, and WhoisGuard moved to dismiss the complaint for failure to state a claim. The Court denied WhoisGuard’s motion.
Two agreements were especially relevant to the Court’s decision: Namecheap’s Registrar Agreement and ICANN’s Registrar Accreditation Agreement (“RAA”). Specifically, Section 3.7.7.3 of the RAA provides that a “registered name holder that intends to license use of a domain name to a third party” accepts liability for the harm caused by wrongful use of the domain “unless it discloses the current contact information provided by the licensee and the identity of the licensee within seven (7) days to a party [who has provided] reasonable evidence of actionable harm.” Because WhoisGuard had failed to provide their licensees’ identities and contact information, Facebook alleged Namecheap and WhoisGuard were liable for the cybersquatting and infringement.
First, the Court held Facebook had plausibly alleged that WhoisGuard was a party to Namecheap’s Registration Agreement. ICANN requires every registrant of a domain name to enter into a registration agreement, and Namecheap’s Registration Agreement defines “you” and “your” to specifically include “the registrant listed in the WHOIS contact information for the domain”—here, WhoisGuard. Second, the Court held Section 3.7.7.3’s language can plausibly be read to confer a benefit on third parties like Facebook.
Third, the Court found that Facebook had plausibly alleged that Section 3.7.7.3’s language is incorporated into Namecheap’s Registration Agreement. Namecheap’s Registration Agreement states that by agreeing to Namecheap’s services, “you have read and agree to be bound by . . . the rules, policies, or agreements published in association with specific of the Service(s) [sic] and/or which may be enforced by [ICANN].” Namecheap’s Registration Agreement then links to a page titled, “Registrant Rights, Benefits & Responsibilities,” which explains that “ICANN has set forth various rights and responsibilities of Registrants” and links to ICANN’s website. In turn, ICANN’s website states that, in accordance with the RAA, “the Registrar/Registered Name Holder Agreement must include - at minimum - the following items (as stated at Sections 3.7.7.1 - 12 of the RAA).”
WhoisGuard had argued that ICANN’s own website interprets Section 3.7.7.3 differently. According to WhoisGuard, ICANN states that if a registered domain name holder allows another person to use the domain who did not enter into the registration agreement “(referred to as a ‘third party’ in the RAA), the Registered Name Holder could be accountable for wrongful use of the domain name by the third party.” WhoisGuard argued that because its licensees had entered into the Registration Agreement, its licensees were not “third parties” under Section 3.7.7.3, and therefore WhoisGuard could not be liable. But whatever the merits of this argument, the Court held that the issue on a motion to dismiss was not which interpretation of Section 3.7.7.3 governed, but whether Plaintiffs had plausibly alleged WhoisGuard was liable.
Notably, Namecheap succeeded on its motion to dismiss because Facebook had argued that Namecheap had “used” the domain names by setting up revenue-generating parking pages. But because Facebook failed to make such an allegation in its complaint, the complaint against Namecheap was dismissed with leave to amend. Facebook amended the complaint and Namecheap again moved to dismiss, which motion is pending.
Whether a domain name privacy and proxy service will cooperate with a brand owner seeking domain name WHOIS contact information has depended for a long time on which service one is dealing with. Some are responsive and some are not. When the European General Data Protection Regulation (GDPR) became effective in 2018 and led to the redaction of most WHOIS contact information, the ability to investigate ownership of abusive domain name registrations became even harder. Though WhoisGuard’s ultimate liability here is still undecided, this case offers a potential new avenue for brand owners looking to challenge abusive domain registrations where the WHOIS contact information is privacy- or proxy-protected and the service is unwilling to revoke the privacy screen.
The case is Facebook Inc. v. Namecheap Inc., No. 2:20-cv-00470-GMS (D. Ariz. Nov. 10, 2020).
Copyright © 2021 Finnegan, Henderson, Farabow, Garrett & Dunner, LLP.
DISCLAIMER: Although we wish to hear from you, information exchanged in this blog cannot and does not create an attorney-client relationship. Please do not post any information that you consider to be personal or confidential. If you wish for Finnegan, Henderson, Farabow, Garrett & Dunner, LLP to consider representing you, in order to establish an attorney-client relationship you must first enter a written representation agreement with Finnegan. Contact us for additional information. One of our lawyers will be happy to discuss the possibility of representation with you. Additional disclaimer information.
Hybrid Conference
2024 California Intellectual Property Law Institute
October 21-22,2024
San Francisco
Conference
2024 Licensing Executives Society USA – Canada Annual Meeting
October 20-23, 2024
New Orleans
Conference
4th Annual Passport to Proficiency on the Essentials of Hatch-Waxman and BPCIA
October 8-24, 2024
Virtual
Conference
2024 Corporate Counsel Women of Color: Career Strategies Conference
October 2-5, 2024
Las Vegas
Hybrid Conference
2024 New York Intellectual Property Law Institute
September 30 - October 1, 2024
New York
Due to international data regulations, we’ve updated our privacy policy. Click here to read our privacy policy in full.
We use cookies on this website to provide you with the best user experience. By accepting cookies, you agree to our use of cookies. Please note that if you opt not to accept or if you disable cookies, the “Your Finnegan” feature on this website will be disabled as well. For more information on how we use cookies, please see our Privacy Policy.
Finnegan is thrilled to announce the launch of our new blog, Ad Law Buzz, devoted solely to breaking news, developments, trends, and analysis in advertising law.