Never underestimate the ability of those who over-rely on intellectual property to not just push for greater protections, but to try to pin greater and greater liability on others who they want to rope into their own fights. Phil Corwin has an article about how the Council of Better Business Bureaus, along with the Coalition Against Domain Name Abuse (a motley crew of mostly banks and insurance companies, but with random others like Dell, DirecTV and Eli Lilly thrown in there), are looking to change the Anti-Cybersquatting Protection Act (ACPA) to make it more SOPA-like when it comes to cybersquatting.
Their goal is to enact amendments to the U.S. Anti-Cybersquatting Consumer Protection Act (ACPA) that would expand the law’s coverage beyond domain registrants by creating secondary liability for domain system intermediaries like registries and registrars, increase statutory damages penalties for all targets, and establish a ‘loser pays’ regime that favors deep-pocket corporate litigants.
As with SOPA, they’re using pure FUD to make this argument, inflating the “threats.” With SOPA, copyright maximialists sought to conflate actual dangerous situations like counterfeit drugs (which were minimal in number) with non-dangerous activities that were more widespread (sharing movies and music). Here, the BBB and CADNA ramp up FUD about how phishing attacks use cybersquatted domains to trick people into handing over their info. Except, as Corwin notes, the actual evidence on phishing shows that it’s rarely cybersquatted domains that are used in phishing (in part because companies are already quick to spot those and deal with them). In fact, he points out that the very research the BBB and CADNA are relying on to hype up cybersquatting notes that only 2.3% of phishing domains actually contain a brand or variation of a brand.
And, as with SOPA, the real goal here is to pin liability on a ton of third parties (beyond just registries and registrars) making them responsible if they happen to do business with a cybersquatted domain:
Of course, under CADNA’s proposal this potential financial jeopardy would be faced by parties far beyond the domain registrant, as they also want to “Establish liability against an affiliate, representative, or any other person or entity that is in active concert or participation with the registrant, including but not limited to a domain name registrar or domain name registry.” Potential liability would also accrue to “Internet parking pages, pay-per-click advertising, and other monetization schemes”. In other words, not just domain industry participants but everyone else involved in the Internet business ecosystem, including ad providers and payments processors, would be brought under ACPA jurisdiction if CADNA had its way. As we saw with the rightfully failed SOPA legislation, secondary liability would either vastly expand the potential windfall to litigants or cause these service providers to cut off domains at even the hint of a lawsuit, depriving registrants of the very domain-generated income required to fund litigation defense when they believe the allegations against them are bogus.
While this wouldn’t impact the public as directly, it’s basically a trademark version of SOPA, more specifically focused on cybersquatting. But even just setting the precedent of greater secondary liability would be a huge problem. Trademark already suffers from a lack of secondary liability safe harbors. Pinning direct liability on third parties for the actions of others is a step in the wrong direction.