ALM Properties, Inc.
Page printed from: Corporate Counsel
Select 'Print' in your browser menu to print this document.
Law Firm's Arguments 'Not Enough' to Show Cybersquatting
New York Law Journal
In a decision finding premature a law firm's attempt to prove a computer programmer violated a cybersquatting law, a Southern District judge laid out the standards of proof under the Anticybersquatting Consumer Protection Act.
The Gioconda Law Group, a Manhattan boutique that represents luxury designers in counterfeiting suits and cybersquatting cases, brought suit against Arthur Wesley Kenzie, a Canadian programmer, alleging Kenzie had registered a domain nameGIOCONDOLAW.com, which is a slight misspelling of the firm's domainand registered similar email addresses "to intentionally intercept" the firm's messages.
Gioconda alleged cybersquatting, trademark infringement, unlawful interception and disclosure of electronic communications, and other causes of action.
In December, the firm filed a partial motion for judgment, asking Judge J. Paul Oetken (See Profile) for an early ruling on its claim that Kenzie violated the anticybersquatting law.
But Oetken, in a ruling last week denying the motion, said the Anticybersquatting Consumer Protection Act is "not an all-purpose tool" designed to allow trademark holders the chance to acquire any domain name similar to their own.
Based on the record, he said, Gioconda's case against Kenzie was not within the "core" anti-cybersquatting scenarios.
The act is principally designed for cases where a defendant either forces a trademark holder to buy a domain name at an extortionate price or diverts customers from the owner's website to the defendant's site, Oetken said in Gioconda Law Group v. Kenzie, 12-CV-4919.
"If anything, given that (Kenzie) aims both to influence Plaintiff's behavior and shape public understanding of what he perceives to be an important vulnerability in cyber security systems, this case arguably falls closer to cases involving parody and consumer complaint sites" to draw public attention to social or economic issues, Oetken said.
Gioconda Law, which handles cybersquatting cases for its clients, discovered its own domain name was being imitated last year, firm founder Joseph Gioconda said in an interview.
Users who went to the site were redirected to the firm's legitimate domain.
Gioconda, a former partner of DLA Piper and Kirkland & Ellis who started his own firm in 2009, said the case against Kenzie will proceed to discovery, after which he will move for summary judgment.
"We had hoped the court would find that on its face the defendant's conduct amounted to cybersquatting," Gioconda said. After discovery, he said, "we believe it will become clear that Mr. Kenzie's conduct was in bad faith."
Kenzie, who is representing himself, said in an email to the Law Journal that Oetken's decision "is certainly welcome news." He said he registered the domain name "to provide only benefits to my research subject organizations."
In court documents, Kenzie said he registered the name "within the broader context of his responsible, good-faith information security research" into "email vulnerability that is currently not well understood." The law firm, he said, has not suffered any damages.
Kenzie claims he explained in a blog how email vulnerability worked, that he arranged for vulnerable domain names to be transferred to their organizations, and that he ensures the contents of emails were never read or disclosed to third parties.
In an email to the law firm before the Southern District suit was filed, Kenzie said he would "have no objections to facilitating a transfer of the domain" to Gioconda Law.
Kenzie, who has identified himself online as a "cyber security and mobile app developer," claims in court papers that he now "is essentially unemployable in his trade as a direct result of this case considering how it began and has unfolded."
In his ruling last week, Oetken said the only issue at this stage in the litigation is whether, on the pleadings and court record, the Gioconda firm can prove enough facts to show that Kenzie acted with "bad faith intent to profit."
While the law allows for consideration of facts not enumerated in the act in determining bad faith, the law points out nine relevant factors. Oetken found only two factors that support a finding of bad faith intent to profit, including Kenzie's registration of multiple domain names that he knows to be similar to others.
"That is not enough," the judge said.
He said there is no evidence Kenzie had offered to sell the disputed domain name to a third party or to the law firm.
"The Court's analysis of this factor might look different on a summary judgment record, depending on the evidence presented, but at this stage in the litigation it cuts in Defendant's favor," the judge wrote.
Kenzie's "alleged ideological, scholarly, and personal motives for squatting on the [infringing domain name], while perhaps idiosyncratic, do not fall within the sphere of conduct targeted by the ACPA's bad faith requirement," Oetken said.
Gioconda said that while Kenzie did not demand payments from the firm in exchange for the domain name, Kenzie had "offered his security services to us in the guise" of a settlement term, which the firm did not accept.
Gioconda said his research shows Kenzie has registered more than 1,000 domain names, many of which have been similar to those of large businesses and law firms, including Sullivan & Cromwell, Bingham McCutchen and several Canadian law firms.
"This type of activity of cybersquatting is unfortunately becoming more and more common," Gioconda said.
In his email to the Law Journal, Kenzie said Gioconda "has made some wild claims" and that he never offered security services to his firm.
"Out of the blue, he sued me, assuming my intentions were malicious," Kenzie wrote. He said he has only observed one misaddressed email that was meant for the firm and it was "basically spam."
"I did not read the contents of this misaddressed email or any other misaddressed email I observed in my research," Kenzie said. "I have provided confidential disclosure of this email vulnerability to some other subject organizations, and none of them have felt compelled to sue me for that."
@|Christine Simmons can be contacted at email@example.com.