A recent California case, DSPT Int'l v. Nahum, Case No. 08-5506 (9th Cir., Oct. 27, 2010), set a precedent allowing for damages when a company's website or social media sites are used by a former employee or independent contractor for something other than the company's benefit. In the case, DSPT was a company that designed, manufactured, and sold clothes since 1988 under the brand name "Equilibrio." In 1999, DSPT created the "EQ" brand name to appeal to a younger market and hired Lucky Nahum to set up the company's website and registered a trademark. The EQ brand, and associated "www.eq-Italy.com" domain, flourished and the importance of online orders for DSPT continued through 2005 when Nahum informed DSPT by e-mail that he would not be renewing his contract with the company. Following Nahum's resignation, he removed the eq-Italy.com website and uploaded a page stating merely: "All fashion related questions to be referred to Lucky Nahum at: lnahum@yahoo.com."
DSPT was unable to remove the site or make any changes because the domain had originally been registered by Nahum in 1999. While an individual employee registering a company domain in their name may not be standard practice, it is all too common for a third party developer or marketing company to register websites and social networking accounts on behalf of their clients but in their own name. Some of these registrations take place in this manner because developer contracts require the developer to have control of the site in order to ensure payment and some are registered in this manner because logistically it is just easier for the third party to register the site and transfer access at a later date. For DSPT, however, Nahum having full control of the company website lead to significantly decreased sales and substantial damages.
Nahum admitted that the placeholder page was intended to induce DSPT to pay him money he was owed and DSPT eventually brought an action against him for cybersquatting and trademark infringement. Cybersquatting occurs when a party purchases or registers, but does not use, the domain or social media sites of a company's registered trademark. The Anti-Cybersquatting Consumer Protection Act ("Act") creates civil liability for cyberpiracy where a plaintiff proves that:
(1) the defendant registered, trafficked in, or used a domain name;
(2) the domain name is identical of confusingly similar to a protected mark owned by the plaintiff; and,
(3) the defendant acted in bad faith with intent to profit from the mark.
The case was tried to a jury, which returned a special verdict finding that "EQ" and "Equilibrio" were valid trademarks owned by DSPT and that "Lucky Nahum registered, trafficked in, or used the www.eq-Italy.com domain name"; that the name was identical or confusingly similar to DSPT's distinctive trademark; and that "Lucky Nahum commit[ed] the acts with a bad faith intent to profit from DSPT's mark." The court indicated that a situation where a domain name is held ransom in an attempt to get money from the trademark owner rather than to sell goods is prohibited by the Act. Even though Nahum's "intent to profit" was aimed at receiving money he felt he was already entitled, his use of the domain was for reasons other than bona fide sales. Additionally, the court concluded that "[e]ven if a domain name was put up innocently and used properly for years, a person is liable under 15 U.S.C. § 1125(d) if he subsequently uses the domain name with a bad faith intent to profit from the protected mark by holding the domain name for ransom." (15 U.S.C. § 1125(d) addresses cyberpiracy prevention.)
In practice, this means that your marketing talent should not withhold your access to your website or social media sites just because they have created them for you or are the only ones currently with access. If they do, you might be entitled to substantial damages. Ultimately, what may seem like a good bargaining tool for website developers and marketing firms, can result in substantial damages awards if a company can establish that its trademarks used in connection with the site/domain are protectable and there were any calculable damages as a result of the hijacking.
