Ninth Circuit Kills Contributory ACPA Cybersquatting Doctrine–Petronas v. GoDaddy
A domain name registrant transferred the petronastower.net and petronastowers.net domain names into GoDaddy and used GoDaddy’s name forwarding service to direct them to (NSFW) canfunchat.com. Petronas asked GoDaddy to turn over the domain names to Petronas. GoDaddy declined. Petronas sued, and after conducting limited discovery, the district court dismissed the case.
On appeal, the Ninth Circuit considered whether the Anti-Cybersquatting Consumer Protection Act (ACPA) provides for a cause of action for contributory cybersquatting. A few district court cases had said such a cause of action is available, albeit in “exceptional circumstances” (see the Shah and Namecheap rulings). The Ninth Circuit flatly says the ACPA does not provide for contributory liability. The court gives two reasons for its conclusion.
First, the text of the ACPA does not expressly provide for secondary liability. The Ninth Circuit says Congress knows how to specify that a statute provides for secondary liability and it declined to do so here. Petronas argued that a section limiting the liability of registrars for registration or maintenance of a domain name absent a showing of bad faith hints at secondary liability. The court says that this section limits registrar liability for Lanham Act actions overall and thus can’t be used to infer that there is secondary liability under the ACPA.
Second, the court says that, unlike the Lanham Act which incorporated the common law of trademarks, the ACPA created a new cause of action. The ACPA was enacted precisely because there was no common law cause of action for cybersquatting. Thus, it’s fair to conclude that the common law doctrines of contributory liability were not a part of the ACPA. Additionally, unlike trademark law which is aimed at preventing consumer confusion, the ACPA is intended to prevent use or registration of a domain name with the bad faith intent to profit.
Finally, the court says that a secondary cause of action would cause registrars to interject themselves into disputes between brand owners and domain name registrants and divine the intent of their customers:
[f]ocusing on direct liability also spares neutral third party service providers from having to divine the intent of their customers. In order for a service provider like GoDaddy, with clients holding over 50 million domain names, to avoid contributory liability, it would presumably have to analyze its customer’s subjective intent with respect to each domain name . . . . [d]espite that nearly impossible task, service providers would then be forced to inject themselves into trademark and domain name disputes.
That sounds like it was authored by Professor Goldman!
The obvious consequence of this decision is what the Ninth Circuit highlighted as its third rationale. Registrars will not have to resolve disputes between registrants and brand owners, and they don’t have to cough up domain names when they get a scathing demand letter from a trademark owner.
I don’t know the extent to which they viewed contributory liability as a significant risk anyway, but as the court noted there were a slew of decisions that raised the specter of liability to registrars. From the registrar standpoint, at least in the Ninth Circuit, this closes the door on that problem, with the following caveat. Some mark owners have asserted that providing privacy protection services, and not revealing the identity of the registrant, puts the registrar on the hook because the registrar puts the registration in its name. As Eric points out below, this ruling does not definitively refute that theory, so that may still be a viable option for brand owners. For what it’s worth, I’ve never thought it was a very strong argument, given that the registration of the domain name in the registrar’s (or its affiliate’s) own name is done purely as a nominee. No one thinks that the registrar actually controls any domain name subject to privacy protection. It is well acknowledged to be a legal fiction. That said, a few cases have allowed lawsuits against providers in these scenarios. We will see the extent to which this ruling closes the door on these private registration attack on registrars.
This is a sensible opinion from the Ninth Circuit. For the most part the dual system of UDRPs and ACPA lawsuits works. It’s not as if trademark owners are wholly without remedies. Creating a system where intermediaries are forced to police would not add much in this context, and they would end up overpolicing anyway.
Case citation: Petroliam Nasional Berhad (Petronas) v. GoDaddy.com, Inc., 12-15584 (9th Cir. Dec. 4, 2013)
Eric’s Comments: Domain name lawsuits are so passe nowadays that it’s hard to get excited about any ruling on domain names, but I did like this ruling a lot. First, unlike so many other Ninth Circuit Internet Law opinions, this one is clean and decisive. It leaves no doubt about the current state of the law. Try to misinterpret this conclusion: “We hold that there is no cause of action for contributory cybersquatting under the ACPA.” I hope anyone who pleads contributory ACPA claims in the Ninth Circuit going forward gets Rule 11 sanctioned. Second, the court understood the underlying policy issue that intermediaries instantly toss their customers overboard when exposed to legal liability. I wish the Ninth Circuit similarly internalized this philosophy with its Section 512 safe harbor jurisprudence, but let’s celebrate this good news.
I’d have to go back and check, but I don’t recall another Ninth Circuit ruling that domain name registrars get a categorical safe harbored from all forms of secondary trademark liability (infringement, dilution and ACPA) in 15 USC 1114(2)(D)(iii). Unquestionably good news for domain name registrars.
Still, the good news isn’t a blank check to domain name registrars. We’ve increasingly seen domain name registrars act as the functional equivalent of domain name registrants, and this ruling won’t protect them in that circumstance (see my post about the OnlineNIC rulings). Furthermore, even under Sec. 1114(2)(D)(iii), any domain name registrar with a “bad faith intent to profit from such registration or maintenance of the domain name” isn’t protected from direct ACPA liability if they meet the statutory standards.