Cybersquatting and Law


‘Cyberspace’ can be described as the virtual space between computer nodes. It is a platform for communication through virtual ‘avatars’ information uploaded or transmitted on the platform. The regulation of cyberspace is challenging due to the anonymity of persons in cyberspace and the conflicting jurisdictions in the real-world. Traditional laws have to evolve to match their effectiveness in today’s digital world.

In recent times, the jurisprudence of trademarks has expanded to include ‘domain names’ for trademark protection. Cybersquatting is a concept which may result in infringement of such ‘domain-name’ trademarks. The traditional Trademark Law and system of protection requires modification to meet the changes brought about by the internet. The paper is an attempt to analyse the scope of trademarks in terms of domain names and its protection in India.

Cybersquatting is an act where a domain name, which is usually associated with a business entity, is used by another person to reap the advantages of that domain name or to trade it with the original user for a very high price. Cybersquatting takes place in two forms –

1. Purchase a popular domain name at the time of renewal and sell it at a high price to the actual user.

2. Having domain names which are deceptively similar to that of a popular one.

With regards to first form of cybersquatting, one should know that domain names need to be renewed regularly by its users in order to continue using it and it is at this time of renewal that third parties purchase domain names of popular enterprises even before the actual user of that domain name could do so. Since domain names play a crucial role in business, enterprises are forced to purchase these domain names from the third parties at a huge price leading to unfair practices on part of the third parties. At least from the outlook this doesn’t appear to be an illegal act per se. However, it is not the same impression that we get from the second form of Cybersquatting.

In the second form of cybersquatting, third parties use domain names which are deceptively similar to that of popular ones in order to divert online user traffic to the third party’s website. For example, is a popular domain name and a third party who wishes to divert traffic to his website might come up with a domain name which is similar to the one above, which can be something like Here, the two domain names are deceptively similar and the only difference is an extra ‘o’ in the latter one. This can deceive the online users and can harm the business of the former honest user. It is clear that the third party wants to ride on the reputation of the actual owner of the domain name. This form of cybersquatting comes within the territory of passing off.

Legal Status of Cybersquatting in India

There is no legislation in India which explicitly states that cybersquatting is illegal. Cybersquatting is a vague concept, as it is definable in terms of infringement of trademarks but not in terms of subject matter of trademark. The extent of ‘domain-name’ as a subject of trademark protection is not specified in the current legislation and there are many questions yet to be answered-

· Is registration of trademarks (wordmark) mandatory in order for a domain name to qualify for protection under trademark law when such a wordmark forms a part of the domain name?

· Can a non-profit organisation’s domain name be protected in the absence of a commercial element in its use?

Indian Courts have nonetheless protected domain names as trademarks due to the close relation between domain names and the business of the enterprises using such domain names.

Cybersquatting, as said earlier, can be of different forms. The major form of cybersquatting is in buying a domain name which is substantially similar to that of another popular domain name or trademark. This practice is to either divert common customers or to advertise by exploiting typos or spelling mistakes of customers. In traditional terms, it is like erecting billboards of a company name which is substantially similar in name to a branded and well-established company. Cybersquatting is in the form of blatant trademark infringement, wherein, domain names of third parties are deceptively similar to the trademarks or service marks of another entity in order to divert the customers of such entities.[1] Several domain name holders, known as cyber pirates or cyber squatters, have incorporated trade and service marks owned by others into their domain names with the hopes of extorting a fee for assigning or licensing the domain name to the mark owner.[2]

As per a report in 2016[3], the Domain name regulator in India transferred more than 700 websites ending with .in and .com to the original users in a span of ten years. The victims of cybersquatting include well-known companies like Pespsi, Flipkart, Amazon, Morgan Stanley, Walmart, McDonalds among others. The growing cases of cybersquatting can be attributed to the growing trend in e-commerce industry.

Indian Regulations

Following the success of India in the global field of information technology, regulations for usage of the internet has become essential. India has few major regulatory bodies dealing with IP addresses and domain names. These regulatory bodies control cyberspace by usage of ‘architecture’- structures which seek to regulate human behaviour. For example, fences to protect property of an individual. In cyberlaw, ‘property’ can be equated to a ‘domain’ and fences can be equated to codes and hardware which regulate data or information. Most countries have a jurisdictional domain in cyberspace known as ccTLD (Country code Top-level domain). These domains are regulated and used by the Government and governmental departments. For India, the ccTLD is ‘.in’. The internet domain of India is governed by NIXI (National Internet Exchange of India).

NIXI is a not for profit Organization under section 25 of the Companies Act 1956 and was registered on 19th June 2003. NIXI was set up for peering of ISPs among themselves for the purpose of routing the domestic traffic within the country, instead of taking it all the way to US/Abroad, thereby resulting in better quality of service (reduced latency) and reduced bandwidth charges for ISPs by saving on International Bandwidth. NIXI is managed and operated on a Neutral basis, in line with the best practices for such initiatives globally.[4]

Under NIXI, there are two organizations:

  1. The Indian Registry for Internet Names and Numbers (IRINN) in India provides allocation and registration services of IP addresses and AS numbers and contributes to the society by providing Internet-related information as a non-profit, affiliation-based organization, and performing research, education and enlightenment activities. Thus, the IRINN’s role is to regulate Internet exchange in order to improve usage of international bandwidth and improve the quality of service.

  2. The IN Registry deals with the regulation of India's ‘In.’ ccTLD. The IN Registry is an autonomous body created by NIXI. It regulates the ccTLD of India and implements policies of the government in that regard. Thus, the IN Registry helps in managing of the domain space of India.

The IN registry regulates the ccTLD of India, by acting as an accreditor to various domain registrars. This means that domains are not directly regulated. The IN Registry provides for registering of entities which sell or provide for domains to various businesses and other entities which seek to establish an internet presence. The providers of these domains are registered as “accredited registrars”. These accredited registrars function as intermediaries and register domain names with entities purchasing or obtaining such domains. An example would be These accredited registrars are responsible for recording the division of the ccTLD of ‘.in’ among its various users or domain-holders. This system is beneficial as it splits the responsibility to maintain the security of the data. It is also cost-efficient, as the hardware to maintain the internet domains is divided. On the other hand, this system creates a lucrative balance of accountability. The jurisdiction of these regulatory bodies is not well-defined.

In terms of a traditional outlook, the IN registry acts as a security and detective organization. Accredited agencies are the security forces and personnel which are deployed to maintain and protect the clients’ property. They stand guard by providing for a fence (by recording your domain as yours in digital space) around your property (domain). Unfortunately, your ‘property’ is not concrete and certain, as in the case of real life. In the digital space, your domain can change depending upon your choice - it is merely computer programming and data storage. Thus, the shifting of domain names is easier and less secure. Domain names can be registered for a minimum period of one year or maximum period of 10 years. Every domain name user has to renew the domain name before the expiry of its term in order to continue using it. During such renewal period, the domain name can be bought by another person or persons. These persons may officially buy it through accredited registrars or through other means. This problem arises despite the registration being renewal-based in most accredited registrars. Thus, this problem forms one aspect of cybersquatting.

The IN registry provides for a dispute settlement mechanism in cases of domain disputes. This system seeks to solve the problem of trademark infringement through cybersquatting. The dispute resolution process is regulated by the .IN Domain Name Dispute Resolution Policy (INDRP) and procedures is subject to the provisions of INDRP Rules of Procedure, 2005. The INDRP is influenced by the UDRP (Uniform Domain Name Resolution Process) issued by ICANN (Internet Corporation for Assigned Names and Numbers). ICANN is an International Non-Profit Organization which deals with administration of responsibilities in relation to Domain Name System (DNS)- the gTLD (generic) and ccTLD (country-level); apart from other functions.

The INDRP provides for an arbitration-based procedure to solve conflicts in relation to domain names.

The disputes which are subject to the INDRP are as follows -

i. the Registrant's domain name is identical or confusingly similar to a name, trademark or service mark in which the Complainant has rights;

ii. the Registrant has no rights or legitimate interests in respect of the domain name; and

iii. the Registrant's domain name has been registered or is being used in bad faith.

The Registrant is required to submit to a mandatory Arbitration proceeding in the event that a Complainant files a complaint to the IN Registry, in compliance with the Policy and Rules thereunder.[5] The policy seeks to protect the interests of registrants and specifically to domain names in India, i.e. with the tag “.in”. In case it is not registered as such, the other remedy is through the Trademarks Act, 1999. The policy is a faster and more efficient process for protecting the domain in comparison to the legal mechanism under the Trademarks Act, 1999. Thus, it incentivizes people to register their domains.

The policy seeks to resolve the conflicts regarding domain names through mandatory arbitration with arbitrators appointed by the IN Registry. In cases wherein there is proof that the domain names were purchased or used in a manner which is considered as ‘passing off’, then the remedy is to the extent of cancellation of the registration or transfer of registered domain name. “Passing off” is a concept in Trademark Law, wherein the mark of the good or service is substantially similar to a registered or well- established mark. Thus, the policy for dispute resolution merely resolves disputes of domain names but does not punish or penalize cyber squatters or domain hackers.

The Trademark Act has been utilized by the courts with regards to Cybersquatting as detailed below:

  1. In the case of Satyam Infoway Ltd. v Siffynet Solutions (P)[6], the Supreme Court held that internet domain names can be regulated through the intellectual property laws under the Indian Trademarks Act, 1999. The Court reasoned that a similar or same domain name may divert the users from the actual domain to a deceptively similar domain. In such situations, the user may arrive at a conclusion that the actual domain name owner has misrepresented his goods and services. This will lead to loss of potential customers to the actual domain name owner. The Court observed that there was no regulation to regulate disputes regarding domain names and that the Trademarks Act, 1999 is not extra-territorial which makes it insufficient for protection of domain names within India.

  2. In the case of Yahoo! Inc. v Akash Arora[7],The Delhi High Court awarded relief to the petitioner against the defendants who were using the domain name “”. The Petitioners contented that by using the particular domain name in a deceptive manner, the defendants had copied the format, content, layout, color scheme and source code of petitioner’s website. The Court relied on the doctrine of ‘passing off’ and granted an injunction restraining the defendants from using the word ‘yahoo’ as part of the domain name.

  3. In the case of Rediff Communications Ltd. v Cyberbooth[8], The single bench judgement emphasized that a domain name is not merely an internet address and is entitled to equal protection as a trademark. The services rendered online have gained recognition and acceptance of the consumers, with the advent of rapid internet access and development. The Court was convinced that there was a clear “intention to deceive” on the part of the defendants as they deliberately used the term ‘Rediff’ to trade on the goodwill and reputation of the plaintiff. Since their field of operation was also common, the possibilities of confusion were also strong.


Today, there is no legislation in India that addresses the issue of cybersquatting. It is indirectly dealt under Trademarks law. There is a need to have new laws on cybersquatting due to the rising number of cases of misuse of domain names to commercially exploit them and causing damage to the rightful user. The new law needs to address the scope of domain names as a subject matter of Trademark Law. The term cybersquatting has to be clearly defined and punishments must be laid down for such acts. The Trademark Act needs amendment in order to include this concept.

It is not just enough to return the domain names to the rightful owner but there should be imposition of penalty on cybersquatters due to the damage that is caused to the rightful user and their business. There must be protection of economic interests of domain name users and the same should be granted under the Trademark Act which can happen after incorporating the necessary changes to the Act. Further, misuse of domain names by cyber squatters must be penalized in proportion to the misuse. For example, if the cyber squatter damages reputation of the domain name owner by publishing obscene material on the website or advertises counterfeit products, there must be adequate recourse for the aggrieved person or entity. It is highly recommended that necessary changes be made to the Act in order to deal with cybersquatting. It helps in creating awareness which is the need of the hour due to the phenomenal growth in internet users and e-commerce.

[1] J. Ryan Gilfoil, A Judicial Safe Harbor Under the Anti-Cybersquatting Consumer Protection Act, 20 Berkeley Tech. L.J. 185, 190 (2005). [2]Carroll, Lisa, Intellectual Property Law: A Better way to skin the cat: Resolving Domain Name Disputes, JSTOR, (GPSolo, vol. 17, no. 6, 2000, July 7th, 2019, 16:04 PM), [3] Rasul Bailay, As e-commerce grows, so does cybersquatting, THE ECONOMIC TIMES (July 7th 2019, 16:04 PM) [4] NIXI, About us, (7th July, 2019, 16:04 PM) [5] In. Registry, INDRP posted 28th June 2005, (6th July 2019, 15:03) [6] Satyam Infoway Ltd. v Siffynet Solutions (2004) 6 SCC 145 [7] Yahoo! Inc. v Akash Arora (1999) 19 PTC 201 (Del) [8] Rediff Communications Ltd. v Cyberbooth (1999) SCC online Bom. 275

23 views0 comments