How Internet Sites Can Protect Their Legal Identity

Internet site legal identity theft is becoming increasingly more sophisticated and common. This articles explores different means for websites to protect their legal identities. It begins with the settled proposition that domain names are a form of personal property.

New Jersey Law Journal December 03, 2021 at 12:00 PM

By Jonathan Bick      Bick is counsel at Brach Eichler in Roseland. He is also an adjunct professor at Pace and Rutgers law schools, and the author of “101 Things You Need to Know About Internet Law” (Random House 2000).

Internet site legal identity theft is becoming increasingly more sophisticated and common. If successful, a third party can use the theft of a legal identity to secure confidential information, harm marketing brand value, diminish good will and steal customers. Internet sites may employ legal, business, and technological means to protect their legal identities.

Most commonly, identity theft arises when one party uses another party’s personal identifying information. The most common pieces of information include: full name, home address, email address, social security number, passport number, driver’s license number, credit card numbers, and date of birth. Such information is deliberately used by one party to deceive another party so as to gain financial advantages or obtain credit and other benefits, and to cause other person’s disadvantages or loss.

Both people and businesses are subject to identity theft. Business identifiable information, as defined in the Freedom of Information Act, includes trade secrets and commercial or financial information that is confidential (5 U.S.C. §552(b)(4)). The use of either personal or business identifying information, without permission, is usually for the purpose of committing fraud or other crimes.

Domain names are used to facilitate internet communications, by associating an easy-to-remember name with a physical internet computer. The domain name system (DNS) provides World Wide Web users a protocol that allows internet users to find desired internet locations.

Domain names are the unique words that appear after the “@” sign in email addresses, and after “www” in an internet address. All internet communications rely upon Internet Protocol (IP) addresses, which assign a unique 12-digit (32-bit) identifier to each computer connected to the internet. For example, 209.236.224.202 is bicklaw.com. Instead of internet users searching for unique 32-bit IP numbers, unique domain names, such as www.bicklaw.com, serve as internet addresses that allow individuals to consistently identify and locate material on the internet.

Domain name system intermediaries, such as registrars and registry operators, actively attempt to protect an internet site’s legal identity by requiring proof of a domain name owner’s right to use a specific domain name. More specifically, intermediaries require registration agreements that ask for a registration fee, accurate contact information, and agreement to submit to the registrar’s dispute resolution requirements. This approach often falls short, however, because it is designed to combat online piracy of domain names, but does not address other categories of illegal conduct, such as content infringement and “rogue” representatives.

It should be noted that the United States government is authorized to exercise oversight over internet site legal identity due to its control of the Internet Corporation for Assigned Names and Numbers (ICANN), because ICANN can set policy for the DNS. However, while ICANN has wide latitude to impose content-based restrictions on domain name registrants, it has not done so. Federal and state statutes have been enacted to prohibit malicious internet activity, including spamming (15 U.S.C. §7701(a)(11)), phishing (740 ILCS 7/ — Anti-Phishing Act) and distributing malware (18 U.S.C. §1030), and other illegal activity including child pornography (18 U.S.C. §2252A), online gambling (18 U.S.C. §1955), and money laundering (18 U.S.C. §1955).

However, these statutes do not protect an internet site’s legal identity. Thus, it is incumbent upon internet sites to protect their identity through legal means such as governmental registration and litigation, via business means such as association agreements and insurance,  and technological means such as site monitoring and restrictive programing.

Protecting an internet site’s legal identity begins with the settled proposition that domain names are a form of personal property, see Kremen v. Cohen, 337 F.3d 1024 (9th Cir. 2003), wherein Kremen, the owner of SEX.COM sued Network Solutions after the registrar was defrauded into transferring the domain name to another party, and the Ninth Circuit determined that  a property right existed. Moreover, federal laws also support classifying domain names as property. Specifically, courts in cybersquatting cases, provide for in rem jurisdiction over domain names where the defendant domain name owner cannot be served with process in the United States. See 15 U.S.C. §1125(d)(2)(C) (2012). Most significantly, for domain name asset classification, in rem jurisdiction is only permitted for exercising jurisdiction over an item of real or personal property.

The classification of a domain name as property allows the owner to register the domain name with the United States Trademark Office. Additionally, a domain name owner may state a claim for conversion against an entity that unlawfully interferes with the domain name property.

More specifically, a domain name (such as bicklaw.com) may be registered as a trademark or service mark in the United States Patent and Trademark Office. However, just like any other mark, the domain name is registrable only if it functions to identify the specific source of goods or services offered. Registering a domain name will notify the public of your claim, establish legal presumption of the ownership of the domain name, and allow legal action with regard to the domain name in federal courts.

Some bad actors will attempt to steal an internet site’s identity by copying the content of a site. While the Copyright Office will not register a domain name, it will register the content of an internet site. To register a copyright for an internet site, go to the U.S. Copyright Office’s online Registration Portal to complete an application under the category of “Other Digital Content.” As in the case of trademark registration benefits, copyright registration benefits include making your ownership of the internet content public record, establishing legal presumption of the ownership of the internet site content, and allowing  legal action with regard to the content in federal courts. Additionally, copyright registration results in eligibility for statutory damages. Both copyright and trademark registration increase the likelihood of attorney fees and court cost awards in the event of intentional infringement.

Conversion and trespass to chattels are the tort claims most often brought where one registrant manages to appropriate another registrant’s valuable domain name to commercialize the name for its own purposes. It should be noted that considering the domain name (hence internet site’s legal identity) to be property allows for legal self-help remedies (such as repossession) in addition to instituting a cause of action.

Internet sites can protect their legal identity by working with governmental authorities. Internet identity theft is a crime. Section 1028 of U.S.C. 18 provides penalties for any person who knowingly produces an identification, false document, or possesses documents with intent to defraud. When a party commits identity theft using the internet that crossed state lines, it constitutes a federal crime.

Additionally, internet sites may protect their legal identity through business means such as internet monitoring services and insurance. Specifically, robust monitoring is capable of identifying the owners of fraudulent sites. Insurance policies will pay for any remediation that is necessitated by fraud

Finally, the legal identity of an internet site may be protected through technological means. The use of  a virtual private network (VPN) and restrictive internet site software can ameliorate or eliminate unauthorized internet site access or internet site copying.