How To Combat IP-Facilitated Digital Fraud During Pandemic

By Joshua Reisberg and Angelina Whitfield
Law360 is providing free access to its coronavirus coverage to make sure all members of the legal community have accurate information in this time of uncertainty and change. Use the form below to sign up for any of our weekly newsletters. Signing up for any of our section newsletters will opt you in to the weekly Coronavirus briefing.

Sign up for our Consumer Protection newsletter

You must correct or enter the following before you can sign up:

Select more newsletters to receive for free [+] Show less [-]

Thank You!



Law360 (April 20, 2020, 1:18 PM EDT )
Joshua Reisberg
Angelina Whitfield
Digital fraud occurs every day.[1] But in public crises, digital frauds are much more sinister because they often prey on the emotions of the vulnerable: using false information to sell false hope in the form of a fake, nonexistent product or service, or to solicit charitable donations that are intended to line the pockets of the scammers, rather than those in need. 

To legitimize their fake product, service or allegedly charitable undertaking, scammers, like counterfeiters, often misappropriate the goodwill developed by well-recognized brands and organizations through false affiliations and trademark infringement.

For example, after Hurricane Katrina, two brothers falsely purported to solicit donations for hurricane relief on behalf of the Salvation Army by registering and operating the website salvationarmyonline.org,[2] thereby misappropriating the Salvation Army trademark and the goodwill that that trademark has generated since first being registered, federally, on March 10, 1965.

During the same crisis, the American Red Cross asked the Federal Bureau of Investigation to investigate at least 15 fake websites designed to look like legitimate Red Cross relief efforts.[3] More recently, during the ongoing COVID-19 pandemic, some scammers are taking advantage of the fact that, as of April 13, there is no COVID-19 cure. The U.S. Food and Drug Administration has, to date, issued 27 warning letters to firms "selling fraudulent products with claims to prevent, treat, mitigate, diagnose or cure [COVID-19]."[4] 

The Federal Trade Commission also sent warning letters to seven companies that allegedly overstated the power of their products to combat coronavirus.[5] In addition, the FBI and the U.S. Department of Justice recently shut down the website coronavirusmedicalkit.com, which promised consumers access to vaccine kits developed by the World Health Organization in exchange for a $4.95 shipping fee.[6]

COVID-19 fraud has become so prevalent that the WHO[7] and the United Nations recently issued statements.[8] One independent study found that 3% of domains registered since January mentioning coronavirus have been found to be actively malicious, with an additional 5% categorized as suspicious.[9]

By the end of March, more than 42,000 websites with domains containing COVID and corona had been created, including domains linked to malware downloads using common trademarks, like netflixcovid19s.com, chasecovid19s.com and even coronavirusshaquilleoneal.com.[10]

Unfortunately, it is now easier than ever to create the foundation for a digital fraud. Relatively recent advancements in e-commerce technology coupled with ambiguous Internet Corporation for Assigned Names and Numbers policies resulting from the EU's passing of the General Data Protection Regulation have fueled an expanding conflagration of digital fraud by scammers who, in a matter of hours, are able to set up a clean, seemingly legitimate website that seamlessly integrates money transfer solutions.

Moreover, these scammers can utilize any number of widely available domain name registration services that fail to publish the website owner's contact information due to concerns over liability under GDPR.[11]

There is no single tool (like Ads.txt) that can shut down abuse before it starts. And COVID-19 fraud is only going to increase in frequency and value as companies begin coming to market with legitimate solutions for the disease,[12] including antibody tests that scientists and many elected officials agree must be made available before U.S. economies can be reopened.[13]

So, when your IP is being used to facilitate any number of digital frauds that arise every day — and that inevitably will arise during the COVID-19 crisis — what do you do? 

First, contact federal and state authorities. 

The U.S. government, through its law enforcement and consumer protection agencies, has numerous tools at its disposal to combat digital fraud and IP misuse, including the ability to seize websites and pursue civil actions against scammers and others who engage in unfair or deceptive acts affecting commerce.

Moreover, because all generic top-level domains (including the most popular .com, .net and .org) are registered in the U.S., they are considered subject to governmental seizure and forfeiture as well as court-ordered injunctions even if the operation of the site exists abroad.[14] 

For example, a digital fraud making unauthorized use of IP to facilitate transfer of money may very well constitute wire fraud under Title 18 of U.S. Code Section 1343. Pursuant to Title 18 of U.S. Code Section 981, which governs civil forfeiture, the U.S., upon obtaining a seizure warrant, is authorized to seize any property (including digital assets) that is traceable to such wire fraud.[15]

Civil seizures and forfeitures are also authorized under the Prioritizing Resources and Organization for Intellectual Property, or PRO-IP, Act of 2008 for specified IP crimes. If a digital fraud involves criminal copyright infringement under Title 17 of U.S. Code Section 506 or involves the intentional "traffic[king] in goods or services and knowingly us[ing] a counterfeit mark on or in connection with such goods or services," assets used to facilitate such frauds are subject to seizure and forfeiture pursuant to Title 18 of U.S. Code Section 2323.[16] 

Pursuant to the PRO-IP Act, in 2014, the administration of President Barack Obama established Operation In Our Sites, an intellectual property enforcement effort led by U.S. Immigration and Customs Enforcement that "specifically targets websites and their operators that distribute counterfeit and pirated items over the Internet ... as well as products that threaten public health and safety."[17] 

Although nothing in the text of the PRO-IP Act authorizes seizure and forfeiture of domain names, websites or other digital asserts, the DOJ cites Section 2323 as the basis of the seizure operations undertaken in coordination with other governmental agencies.[18]

Instead of seizing digital assets pursuant to a seizure warrant, the U.S. may accomplish the same result through civil actions seeking injunctive relief, including temporary restraining orders. Title 18 of U.S. Code Section 1345 authorizes injunctions against numerous frauds including wire fraud. The DOJ, in conjunction with the FBI, recently invoked the procedures of Section 1345 to shut down coronavirusmedicalkit.com.[19] 

The FTC is also authorized to obtain injunctions, civil penalties and other relief against any "unfair or deceptive acts or practices in or affecting commerce," which includes misrepresentations.[20] Many, if not all, digital fraud falls under this authority. 

Similar to federal authorities, state agencies have robust powers to shut down fraud that may affect the state's citizens. For example, New York's consumer protection statutes, Executive Law Section 63(12) and General Business Law Article 22-A, Sections 349 and 350, prohibit fraudulent and deceptive business practices and false advertising and authorize the New York Attorney General's Office to bring suit to, among other things, enjoin such deceptive acts and practices.[21]

Pursuant to this authority as well as the Computer Fraud and Abuse Act, Title 18 of U.S. Code Section 1030, the New York Attorney General's Office recently sent letters to a number of domain name registrars demanding that they de-list domain names used for Coronavirus-related scams and fake remedies.[22] Many states have similar statutes and authority.[23]

IP rights holders whose IP is being used to facilitate a digital fraud can engage outside counsel to liaise with the appropriate governmental agencies such as the FBI, DOJ, FTC, ICE or offices of state attorneys general.

IP rights holders can also file a report directly with either the National Intellectual Property Rights Coordination Center,[24] which investigates IP violations, or through the Internet Crime Complaint Center,[25] which more broadly investigates internet crimes, which can include IP violations. These centers are part of a holistic, multilayered approach that the U.S. has undertaken with since 2000 to combat IP crimes and related theft.

Contact the ISP directly and demand that they shut down the fraud.

To facilitate the prompt shutdown of a digital fraud relying on a misappropriation of IP, the IP rights holder may wish to undertake actions in parallel to contacting federal and state authorities, including by reaching out directly to the internet service provider that is allowing the digital fraud to exist online.

This could be a domain name system registrar like GoDaddy or Namecheap, ranked as Nos. 1 and 3 in the world, respectively, in terms of number of domains registered.[26] This could also be a social media platform like Facebook Inc. or an ecommerce marketplace like Amazon.com Inc. or eBay Inc. The major tech platforms are jointly combating COVID-19 fraud.[27]

And there is anecdotal evidence supporting that at least some ISPs have been extremely responsive in promptly shutting down scams and frauds operating via their service and have even acted preemptively.[28] A simple call or email may be all that is necessary. 

Beyond informal contact, the Digital Millennium Copyright Act provides a tool for IP rights holders to facilitate the swift takedown of digital fraud — provided that such fraud employs copyright infringement. Under the DMCA, when a copyright holder becomes aware of copyright infringement on the Internet by another, the copyright holder can forward a takedown notice to the ISP for the website or social media page.[29]

Upon receipt of takedown notice advising an ISP of copyright infringement, the ISP is entitled to a safe harbor from liability for direct and indirect copyright infringement provided that the ISP "responds expeditiously to remove, or disable access to, the material that is claimed to be infringing or to be the subject of infringing activity."[30] 

The DMCA's provisions authorizing takedowns are limited, however, to instances of copyright infringement. Indeed, courts have held not only that the plain language of the statute reflects its inapplicability to other forms of IP misuse (e.g., trademark infringement), but courts have also held that sending takedown notices for anything but copyright infringement can give rise to liability to the notice sender under Section 512(f).[31] 

Unless a digital fraud involves alleged copyright infringement, the provisions of the DMCA cannot be invoked to shut the fraud down. But a misappropriated trademark used to facilitate a digital fraud may separately qualify for copyright protection.[32] Therefore, where a scam makes unauthorized use of a trademark to establish false legitimacy, the copying of that logo on the scammer's website may constitute copyright infringement sufficient to permit an actionable takedown notice under the DMCA. 

For digital frauds based on trademark infringement without any corresponding copyright infringement, IP rights holder are not afforded any DMCA-like takedown protections. The IP rights holder, in this instance, should therefore consult remedies available under an ISP's internal compliance procedures. Many ISPs have policies specifically addressing trademark infringement, although not all compliance procedures are created equal.

For example, GoDaddy has extended the DMCA's copyright-related takedown provisions to instances of trademark infringement, albeit with the caveat that GoDaddy's decision to temporarily or permanently remove the infringing content or otherwise remove or redirect access to a website is "at its sole discretion and without any legal obligation to do so."[33]

In contrast, Namecheap, the registrar used to register coronavirusmedicalkit.com, states in its internal IP policies that "other than forwarding your trademark complaint to a customer, we cannot take any further action without a U.S. court order or a UDRP, or URS, ruling."[34] 

Pursue injunctive relief through civil actions or arbitration.

An IP rights holder has numerous private causes of action for misappropriation of IP that is used to facilitate a digital fraud, including causes of action grounded in copyright and trademark infringement, false designation of origin, violations of state law statutes governing unfair business practices and common law unjust enrichment to name a few. All of these causes of action allow the IP rights holder to seek injunctive relief.

Trademark owners should look very closely at causes of action based on trademark dilution to combat digital fraud as well as illegal activity, generally. Under both federal law and many state anti-dilution statutes, trademark owners can obtain an injunction for acts of tarnishment — that is, acts that harm the reputation of the mark.[35] In a complaint filed on April 10, 3M Co. filed a lawsuit against a company engaging in illegal price-gouging related to N95 face masks essential to combatting the COVID-19 pandemic.

3M's causes of action included federal trademark dilution under Title 15 of U.S. Code Section 1125(c) and state law dilution under Section 360-l of New York's General Business Law, among others. In a statement, the company wrote:

The mere association of 3M's valuable brand with such shameless price-gouging harms the brand, not to mention its ore serious threat to public health agencies that are under the strain in the midst of a worldwide pandemic.[36]

To the extent a digital fraud misappropriates a trademark in the domain name itself, targeted civil actions and arbitrations are available to trademark owners. The Anticybersquatting Consumer Protection Act, enacted in 1999, prohibits bad-faith registration of domain names that are identical or confusingly similar to trademarks by making such domain name registrations a form of trademark infringement.[37]

Rather than provide a DMCA-like mechanism for obtaining a swift takedown of infringing domain names, the ACPA provides only that a registrant "shall be liable in a civil action by the owner of a mark."[38] In such an action, a court is authorized to "order the forfeiture or cancellation of the domain name or the transfer of the domain name to the owner of the mark."[39]

Moreover, where an IP rights holder cannot identify the owner of a domain name, the IP rights holder may pursue an in rem action against the domain name.[40] Such in rem jurisdiction has become even more important since the EU's enactment of GDPR, which, as discussed above, has caused many DNS registrars to stop publishing website owner contact details.[41]

Rather than filing a complaint pursuant to the ACPA, a trademark owner may also file an arbitration complaint under the Uniform Domain Name Dispute Resolution Policy, which, like the ACPA, is designed to prohibit bad-faith registrations of allegedly infringing domain names.[42] The UDRP is applicable to all DNS registrars and all gTLDs,[43] and generally allows for timelier and more cost-effective resolution of domain name disputes in comparison to actions filed under ACPA.[44] 

But in times of a public crisis like the COVID-19 pandemic, both courts and arbitration panels may be more responsive to shutting down digital frauds pursuant to the ACPA, UDRP or other causes of action.

In the example of "coronavirusmedicalkit.com," the U.S. District Court for the Western District of Texas ordered a temporary restraining order one day after the DOJ brought its motion on March 22, pursuant to Title 18 of U.S. Code Section 1345.

Conclusion

IP rights holders have multiple robust tools at their disposal once they realize IP is being used to facilitate a digital fraud. Engaging in a multifaceted response involving law enforcement, contact with the ISP and pursuing injunctive remedies through courts or in arbitration is of paramount importance, not only to protect consumers and limit victimization, but also to mitigate any erosion of brand value and consumer confidence that may result if the fraud is allowed to remain unnecessarily operational.

This is especially true in times of public crisis, when governmental agencies are deluged with reports and complaints of fraud and resources are strained. 

Responding to a digital fraud (or any IP violation), however, begins with effective monitoring of IP use (and misuse). IP rights holders should use the present crisis as an opportunity to audit internal IP practices to ensure that they know when and how others are making unauthorized use of IP, including, for example, by (1) engaging an IP monitoring service, (2) establishing effective means of communication at all steps in the supply chain, and (3) creating a system allowing customers to report potential fraud. 

In the words of Rahm Emanuel, IP rights holders should not let this "serious crisis to go waste."[45]



Joshua S. Reisberg is a partner at Axinn Veltrop & Harkrider LLP

Angelina M. Whitfield is an at associate at the firm. She previously served as an assistant attorney general for Illinois.

The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice.


[1] In one prolific example, the market research company, eMarketer, reports that ad fraud has cost digital publishers $42 billion in lost digital ad revenue worldwide in 2019 alone, up 20% from 2018. Interactive Advertising Bureau (IAB), Annual Report 2019 at 5, https://www.iab.com/wp-content/uploads/2020/02/IAB_2019_Annual_Report.pdf. Such ad fraud manifests, in large part, due to unauthorized selling of publisher ad inventory and domain spoofing. IAB Tech Lab, Ads.txt Specification Version 1.0.2 at 4 (Mar. 2019), https://iabtechlab.com/wp-content/uploads/2019/03/IAB-OpenRTB-Ads.txt-Public-Spec-1.0.2.pdf. Unauthorized selling occurs when a website or app misrepresents itself as being an entity that can command a higher price in the real-time bidding process, such as the New York Times — effectively a trademark violation grounded in false designation of origin. These misrepresentations result in a flooding of the market with illegitimate ad inventory, which results in some inventory being purchased at orders of magnitude higher than what they are truly worth. A tool called ads.txt — developed by a consortium of experts — was launched in 2017 to help combat this persistent type of fraud by enabling content owners to explicitly declare those who are authorized to sell its inventory in the metadata of the content owner's website or mobile app. As a result, Ads.txt can help stop fraud before it starts.

[2] FBI Press Release, More Than 900 Defendants Charged with Disaster-Related Fraud by Hurricane Katrina Fraud Task Force During Three Years in Operation (Oct. 1, 2008), https://archives.fbi.gov/archives/news/pressrel/press-releases/more-than-900-defendants-charged-with-disaster-related-fraud-by-hurricane-katrina-fraud-task-force-during-three-years-in-operation.

[3] B. Ross & J. Rackill, Katrina Internet Charity Scams Try to Dupe Donors, ABC News (Sept. 7, 2005), https://abcnews.go.com/Blotter/HurricaneKatrina/story?id=1106006.

[4] FDA Update, Fraudulent Coronavirus Disease 2019 (COVID-19) Products, https://www.fda.gov/consumers/health-fraud-scams/fraudulent-coronavirus-disease-2019-covid-19-products (last visited Apr. 12, 2020).

[5] FTC Press Release, FTC, FDA Send Warning Letters to Seven Companies about Unsupported Claims that Products Can Treat or Prevent Coronavirus (Mar. 9, 2020), https://www.ftc.gov/news-events/press-releases/2020/03/ftc-fda-send-warning-letters-seven-companies-about-unsupported.

[6] DOJ Update, Justice Department Files Its First Enforcement Action Against COVID-19 Fraud (Mar. 22, 2020), https://www.justice.gov/opa/pr/justice-department-files-its-first-enforcement-action-against-covid-19-fraud.

[7] WHO, Beware of criminals pretending to be WHO, https://www.who.int/about/communications/cyber-security (last visited Apr. 13, 2020); UN News, UN health agency warns against coronavirus COVID-19 criminal scams (Feb. 29, 2020), https://news.un.org/en/story/2020/02/1058381.

[8] For examples of specific COVID-19-related trademark misuse/fraud, including misuse of FedEx trademark to induce recipients to open malware attachment, see V. Saengphaibul & F. Gutierrez, Attackers taking advantage of the coronavirus media frenzy (Mar. 4, 2020), https://www.fortinet.com/blog/threat-research/attackers-taking-advantage-of-the-coronavirus-covid-19-media-frenzy.html.

[9] Check Point Software Techs., Ltd., Update: Coronavirus-themed domains 50% more likely to be malicious than other domains (Mar. 5, 2020), https://blog.checkpoint.com/2020/03/05/update-coronavirus-themed-domains-50-more-likely-to-be-malicious-than-other-domains/.

[10] A. Holms, Thousands of shady websites with 'coronavirus' or 'covid' in their domain have popped up since January — and it reflects how eagerly scammers are trying to cash in on the epidemic (Apr. 3, 2020), https://www.businessinsider.com/scammers-are-creating-shady-new-websites-with-coronavirus-domains-2020-4, citing S. Gallagher and A. Brandt, Facing down the myriad threats tied to COVID-19, https://news.sophos.com/en-us/2020/03/24/covidmalware/ (last updated Mar. 24, 2020) (listing domains linked to malware downloads using common trademarks, likenetflixcovid19s.com; chasecovid19v.com; chasecovid19t.com; chasecovid19s.com).

[11] The Internet Corporation for Assigned Names and Numbers (ICANN) oversees all domain name registries and domain name service (DNS) registrars. According to one recent report, due in large part to complications caused by GDPR, many registrars have restricted access to domain name contact details via WHOIS despite contractual obligations owed to ICANN to publish such information. See G. Aaron, Domain Name Registration Data at the Crossroads: The State of Data Protection, Compliance, and Contactability at ICANN, 22-24 (March 31, 2020), http://www.interisle.net/sub/DomainRegistrationData.pdf.

[12] AP, Fears of "Wild West" as COVID-19 Blood Tests Hit the Market (Apr. 12, 2020), https://www.usnews.com/news/business/articles/2020-04-12/fears-of-wild-west-as-covid-19-blood-tests-hit-the-market.

[13] Office of the New York State Governor, Amid Ongoing COVID-19 Pandemic, Governor Cuomo Announces New York State is Ramping up Antibody Testing, Critical to Reopening Economy (Apr. 10, 2020), https://www.governor.ny.gov/news/amid-ongoing-covid-19-pandemic-governor-cuomo-announces-new-york-state-ramping-antibody-testing.

[14] See, e.g., Wired, Uncle Sam: If it Ends in .Com, It's .Seizable (Mar. 6, 2012), https://www.wired.com/2012/03/feds-seize-foreign-sites/. Verisign, based in the U.S., is the authoritative registry of all ".com" and ".net" domain names, among others. See Verisign, Verisign as a Domain Registry, https://www.verisign.com/en_US/domain-names/domain-registry/index.xhtml. Afilias is the second largest Internet domain name registry and the ICANN-designated registry operator for a wide range of gTLDs, including, most notably, ".org." See Afilias, About Us, https://afilias.info/about-us (last visited Apr. 12, 2020). Afilias is also based in the U.S.

[15] See 18 U.S.C. §§ 981(a)(1)(D)(vi), 981(a)(1)(E) and 981(b).

[16] 18 U.S.C. § 2323 (authorizing civil seizure and forfeiture for violations, including Section 2320); § 2320 (referring to trafficking in counterfeit goods or services). Section 2323 specifically invokes the seizure and forfeiture provisions of Chapter 46, which includes 18 U.S.C. § 981 discussed above. See 18 U.S.C. § 2323(a)(2). 

[17] ICE, Operation In Our Sites Fact Sheet (May 22, 2014), https://www.ice.gov/factsheets/ipr-in-our-sites

[18] See DOJ, Resp. to Senator Ron Wyden at 1 (May 2, 2011), https://www.wyden.senate.gov/imo/media/doc/DoJ%20Response%20to%20Wyden%20OIOS.pdf. Through coordination among various agencies including the FBI, CBP, DOJ, FDA, USPTO, and international agencies such as INTERPOL, Operation In Our Sites has seized millions of domain names, mostly those engaging in massive copyright infringement or trafficking in physical, counterfeit goods. See, e.g., ICE Press Release, ICE HSI-led IPR Center and Europol collaboration leads to massive illegal website seizures ahead of Cyber Monday (Dec. 2, 201), https://www.ice.gov/news/releases/ice-hsi-led-ipr-center-and-europol-collaboration-leads-massive-illegal-website. For a comprehensive overview of the enactment of the PRO-IP Act, implementation and practice regarding Operation In Our Sites, and Constitutional concerns to which the Act gives rise, see K. Kopel, Operation Seizing Our Sites: How the Federal Government is Taking Domain Names Without Prior Notice, 28 Berkeley Tech. L.J. 859 (2013), https://btlj.org/data/articles2015/vol28/28_AR/28-berkeley-tech-l-j-0859-0900.pdf.

[19] See DOJ, Justice Department Files Its First Enforcement Action Against COVID-19 Fraud (Mar. 22, 2020), https://www.justice.gov/opa/pr/justice-department-files-its-first-enforcement-action-against-covid-19-fraud; see also Order Granting Temporary Restraining Order, U.S. v. John Doe a/k/a "coronavirusmedicalkit.com", No. 20-cv-00306-RP, D.I. 3 (W.D. Tex. Mar. 22, 2020); Order Granting Preliminary Injunction, U.S. v. John Doe a/k/a "coronavirusmedicalkit.com", No. 20-cv-00306-RP, D.I. 11 (W.D. Tex. Mar. 31, 2020).

[20] See 15 U.S.C. § 45(a); § 45(l) and § 53(b) (providing for preliminary and permanent injunctive relief); § 45(m)(1)(A) (recovery of civil penalties); § 57(b) (damages and other relief).

[21] In addition to the NY AG's right to sue, a private right of action is also available to enforce §§ 349 and 350. While all states allow consumers to file suit to enforce consumer fraud laws (to varying degrees), restrictions on those rights and available remedies differ by state. See Carolyn Carter, Nat'l Consumer Law Ctr. Inc., Consumer Protection in the States: A 50-State Report on Unfair and Deceptive Acts and Practices Statutes (Mar. 2018), https://www.nclc.org/images/pdf/udap/udap-report.pdf

[22] NY Attorney General Press Release, Attorney General James Asks GoDaddy and Other Online Registrars to Halt and De-list Domain Names Used for Coronavirus-Related Scams and Fake Remedies (Mar. 20, 2020), https://ag.ny.gov/press-release/2020/attorney-general-james-asks-godaddy-and-other-online-registrars-halt-and-de-list. Using the same authority granted by New York law, the New York Attorney General has also sent a letter to Alex Jones in Austin, TX, demanding that he cease and desist selling and marketing products, through his website "infowarsstores.com," touted as a treatment or cure for COVID-19. See NYS Attorney General, Attorney General James Orders Alex Jones to Stop Selling Fake Coronavirus Treatments (Mar. 12, 2020), https://ag.ny.gov/press-release/2020/attorney-general-james-orders-alex-jones-stop-selling-fake-coronavirus-treatments.

[23] See, e.g., M.C.L. 445.901 et seq. (Michigan Consumer Protection Act authorizing the Attorney General to bring injunctive actions to protect the interests of consumers); A.R.S. § 44-1521 et seq. (Arizona Consumer Fraud Act; same); Cal. Bus. & Prof. Code § 17500 et seq. (California False Advertising Law; same); 815 I.L.C.S. 505 et seq. (Illinois Consumer Fraud and Deceptive Business Practices Act; same).

[24] ICE, IPR Center, https://www.iprcenter.gov/contact-us (last visited Apr. 12, 2020). The IPR Center engages in investigation, interdiction, and outreach and training to combat IP theft by bringing together 25 partners, including key agencies such as the FBI and INTERPOL. IPR Center, Global Trade Investigations Division, https://www.iprcenter.gov/about (last visited Apr. 12, 2020).

[25] FBI, Internet Crime Complaint Center (IC3), https://www.ic3.gov/about/default.aspx (last visited Apr. 14, 2020). IC3 operates as central point for reporting and investigation of Internet crime complaints, and communicating with state, local, and international investigative agencies as necessary.

[26] See G. Aaron, supra n. 13 at 11.

[27] See N. Statt, Major tech platforms say they're "jointly combatting fraud and misinformation" about COVID-19 (Mar. 16, 2020), https://www.theverge.com/2020/3/16/21182726/coronavirus-covid-19-facebook-google-twitter-youtube-joint-effort-misinformation-fraud.

[28] See, N. Statt, Namecheap blocks registration of domains with 'coronavirus' and 'vaccine' in the name (Mar. 25, 2020), https://www.theverge.com/2020/3/25/21194417/namecheap-coronavirus-covid-19-domain-name-ban-registrar-abuse

[29] 17 U.S.C. § 512(c)(1)(C). The elements of this notice are codified in Section 512(c)(3). Because all generic gTLDs, including .com, .net, and .org, are registered in the U.S., see supra n. 16, websites utilizing generic gTLDs are subject to U.S. law, including the takedown provisions of the DMCA. 

[30] 17 U.S.C. § 512(c)(1)(C). The "safe harbor" provisions, arguably, are the principal innovation of the DMCA. The EU Electronic Commerce Directive of 2000 was modeled on the DMCA and adopted the safe harbor provisions of the DMCA exempting ISPs from liability. Case law in Europe, however, has evolved to differentiate between passive ISPs that are entitled to the Directive's safe harbors, and "active brokers" like eBay, who are not entitled to safe-harbor. Cf. Tiffany (NJ) Inc. v. eBay, Inc. , 576 F. Supp. 2d 463 (S.D.N.Y. 2008), aff'd, 600 F.3d 93 (2d Cir. 2010) with SA Louis Vuitton Malletier v. eBay Inc., Cour de cassation [Cass.] [supreme court for judicial matters], May 3, 2012, aff'g Court d'appel [CA] [regional court of appeal] Paris, Pole 5, ch. 2, Sept. 3, 2010, and Tribunal de commerce [TC] [court of trade] Paris, June 30, 2008 (Fr.).

[31] CrossFit, Inc. v. Alvies , No. 13-3771-SC, 2014 WL 251760, at *2 (N.D. Cal. Jan. 22, 2014) (denying motion to dismiss counterclaims under 17 U.S.C. § 512(f) alleging improper takedown based on trademark infringement); Acad. of Motion Picture Arts & Scis. v. GoDaddy.com, Inc. , No. CV 10-03738 AB (CWX), 2015 WL 5311085, at *29 (C.D. Cal. Sept. 10, 2015) (Section 512 "provides for extrajudicial enforcement of copyrights on the Internet. . . . Although trademark infringement is just as common of a problem as copyright infringement in cyberspace, Congress has yet to dictate a procedure by which trademark holders can enforce their rights absent the commencement of a legal action."). That some courts have approved of ISPs using a "DMCA-styled 'notice-and-takedown' system, see Tiffany (NJ) Inc. v. eBay, Inc. , 600 F.3d 93, 99 (2d Cir. 2010), does not mean that the DMCA authorizes takedowns for trademark infringement. 

[32] See, e.g., Bouchat v. Baltimore Ravens, Inc. , 241 F.3d 350, 356 (finding that an artist's design of a logo for a professional football team was entitled to copyright protection); see also U.S. Copyright Office, FAQs: What Does Copyright Protect?, https://www.copyright.gov/help/faq/faq-protect.html#title (last visited Apr. 12, 2020) ("[C]opyright protection may be available for logo artwork that contains sufficient artwork. In some circumstances, an artistic logo may also be protected as a trademark.").

[33] GoDaddy, Trademark/Copyright Infringement, Section A(2), https://www.godaddy.com/legal/agreements/trademark-copyright-infringement (last visited Apr. 12, 2020).

[34] Namecheap, Copyright and Trademark Policies, https://www.namecheap.com/legal/general/copyright-trademark-policies/ (last visited Apr. 12, 2020). Where a domain hosted on Namecheap is alleged to be engaging in fraud, Namecheap advises filing a complaint through the IC3 or contacting "your lawyer(s) or your local authorities in order to get the issue resolved." https://www.namecheap.com/support/knowledgebase/article.aspx/9196/5/how-and-where-can-i-file-abuse-complaints.

[35] Under the Federal Trademark Dilution Act of 1995, owners of "famous" marks can obtain an injunction for acts that "harm[] the reputation of the famous mark." 15 U.S.C. §§ 1125(c) & 1125(c)(2)(C). Under some state anti-dilution statutes, marks need not be famous to sustain a claim for dilution, but rather must only have selling power or have a distinctive quality. See, e.g., N.Y. Gen. Bus. L. 360-l (authorizing injunctive relief for "dilution of the distinctive quality of a mark or trade name").

[36] Law360, 3M Files Trademark Suit Over COVID-19 Mask Price-Gouging (Apr. 10, 2020), https://www.law360.com/articles/1262508. The company also stated that "[t]his lawsuit is only one of the many legal tools 3M is using to protect the public," noting that 3M is sending cease-and-desist letters and "making referrals to law enforcement authorities" to protect the public from fraud, counterfeits, and other false and deceptive information. Id. (emphasis added).

[37] 15 U.S.C. § 1125(d). The ACPA does not address IP misuse, for example, in the body of a website, or in its metadata. Thus, if a digital fraud does not misappropriate a trademark in the domain name itself, the ACPA is inapplicable. 

[38] 15 U.S.C. § 1125(d)(1)(A).

[39] Id. at § 1125(d)(1)(C).

[40]15 U.S.C. § 1125(d)(2).

[41] See G. Aaron, supra n. 13 at 22-24.

[42] ICANN, Uniform Domain Name Dispute Resolution Policy, Section 4(a), https://www.icann.org/resources/pages/policy-2012-02-25-en (last visited Apr. 12, 2020). 

[43] ICANN, Uniform Domain-Name Dispute-Resolution Policy, https://www.icann.org/resources/pages/help/dndr/udrp-en (last visited Apr. 12, 2020).

[44] Other forms of arbitration may be available to trademark owners in different scenarios including, for example, through the Uniform Rapid Suspension (URS) policy and Trademark Post-Delegation Dispute Resolution Procedure (PDDRP). See ICANN, Uniform Rapid Suspension (URS), https://www.icann.org/resources/pages/urs-2014-01-09-en (last visited Apr. 13, 2020); See WIPO, Trademark Post-Delegation Dispute Resolution Procedure (Trademark PDDRP), https://www.wipo.int/amc/en/domains/tmpddrp/ (last visited Apr. 13, 2020).

[45] Wall Street Journal CEO Council, Interview with Rahm Emanuel (Nov. 19, 2008), https://youtu.be/_mzcbXi1Tkk (last visited Apr. 12, 2020). In November 2008 during the longest period of economic decline since the Great Depression, former Chicago mayor and advisor to President Obama, Rahm Emanuel, spoke these words as a rallying cry to lawmakers to do what was necessary to prevent future crises from happening and use the crisis an opportunity for bi-partisan reform. Mr. Emanuel reprised these words recently as part of statement to lawmakers that "[t]his has to be the last pandemic that creates an economic depression. ... Start planning for the future." ABC News, Transcript, This Week (Mar. 22, 2020), https://abcnews.go.com/Politics/week-transcript-22-20-fema-administrator-pete-gaynor/story?id=69733494 (last visited Apr. 12, 2020).


For a reprint of this article, please contact reprints@law360.com.

Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!