The term is derived from "squatting," which is the act of occupying an abandoned or unoccupied space or building that the squatter does not own, rent or otherwise have permission to use. Cybersquatting however, is a bit different in that the domain names that are being "squatted" are (sometimes but not always) being paid for through the registration process by the Cybersquatters. Cybersquatters usually ask for prices far greater than that at which they purchased it. Some cybersquatters put up derogatory remarks about the person or company the domain is meant to represent in an effort to encourage the subject to buy the domain from them. Others post paid links via Google, Yahoo, Ask.com and other paid advertising networks to the actual site that the user likely wanted, thus monetizing their squatting. As with many controversial issues, some argue that the dividing line of cybersquatting is difficult to draw, or that the practice is consistent with a capitalistic and free market ethos.
Cybersquatting is one of the most loosely used terms related to domain name intellectual property law and is often incorrectly used to refer to the sale or purchase of generic domain names such as example.com.
Another strategy is as follows: Internet domain name registrations are for a fixed period of time. If the owner of a domain name doesn't re-register the name with an internet registrar prior to expiry, then the domain name can be purchased by anybody else after it expires. At this point the registration is considered lapsed. A cybersquatter may use automated software tools to register the lapsed name the instant it is lapsed. This strategy is one of a family of identity theft schemes including renewal snatching, extension exaggeration and alert angling.
Yet another approach is "name jacking" (also "name-jacking" or "namejacking") which is accomplished by purchasing an individual's name as a top level domain name. Setting up a website allows the purchaser to capitalize on any searches done for that name. For example, if John Jones has a thriving professional practice (perhaps he is a doctor, a lawyer, a financial professional, or real estate agent - or any other profession which interacts with the public on a regular basis), there is a high likelihood that potential clients will do some research on the internet before doing business with Mr. Jones. If Mr. Jones has been "name jacked ," then someone else owns johnjones.com and that website will appear at or near the top of any searches for the name "John Jones." These "name jacked" sites are typically set up to sell high-profit items like ebooks and/or various business opportunities and require few purchases to be profitable. As the name-jacked domains are set up using non-trademarked names and they have a purpose other than selling the domain name back to an individual, they circumvent the "Anti-cybersquatting Consumer Protection Act" (ACPA) laws U.S.C. § 1125 and U.S.C. § 1129. Since people frequently "google" to find out information, name jacking provides low-cost web traffic to the name-jacked website.
Court systems can also be used to sort out claims of cybersquatting, but jurisdiction is often a problem, as different courts have ruled that the proper location for a trial is that of the plaintiff, the defendant, or the location of the server through which the name is registered. Countries such as China and Russia do not view cybersquatting in the same way or degree that US law does. People often choose the UDRP (Uniform Dispute Resolution Process) created by ICANN because it is usually quicker and cheaper ($2,000 to $3,000 in costs and fees vs. $10,000 or more) than going to court, but courts can and often do overrule UDRP decisions. In Virtual Works, Inc. v. Volkswagen of America, Inc. (a dispute over the domain vw.net), the Fourth Circuit Court of Appeals created a common law requirement that the cybersquatter exhibit a bad faith intent in order to confer liability. This means that domain names bearing close resemblance to trademarked names are not per se impermissible. Rather, the domain name must have been registered with the bad faith intent to later sell it to the trademark holder. This "bad faith" concept is reiterated in 15 U.S.C. § 1125 and U.S.C. § 1129.
Some countries have specific laws against cybersquatting beyond the normal rules of trademark law. The United States, for example, has the U.S. Anticybersquatting Consumer Protection Act (ACPA) of 1999. While this expansion of the Lanham (Trademark) Act (15 U.S.C.) purports to provide protection against cybersquatting for individuals as well as owners of distinctive Trademarked names, the failure of notable personalities, including rock star Bruce Springsteen and actor Kevin Spacey, to obtain control of their names on the internet indicates the lack of protection afforded to the average businessman or individual.
Jurisdiction is an issue, as shown in the case involving actor Kevin Spacey, in which Judge Gary A. Feess, of the United States District Court of the Central District of California, ruled that Spacey would have to file a complaint in a Canadian court, where the current owner of kevinspacey.com resided. Spacey later won the domain through the National Arbitration Forum.
Under UDRP policy, successful complainants can have the names deleted or transferred to their ownership (which means paying regular renewal fees on all the names or risk their being registered by someone else). Under the ACPA (Anticybersquatting Consumer Protection Act) a cybersquatter can be held liable for actual damages or statutory damages in the amount of a maximum of $100,000 for each name found to be in violation, although application of this act in the form of actual fines assessed are few in number. In one of the first applications of the ACPA, the Plaintiff, Brian Salle, sought relief under 15 U.S.C. § 1125 and U.S.C. § 1129 from Defendant Meadows. The court rejected Plaintiff's argument that "all personal names" are protected under the act and established that personal names must be "protected as a mark" for 15 U.S.C. § 1125(d) to apply. The court did award summary judgement under 15 U.S.C. § 1129(1)(A), with the sole award being the transfer of the domain briansalle.com to his control with no monetary award or attorney's fees. Based on this award, it would have been less expensive for Salle to merely have paid Meadows the $9,500 to purchase the domain name. Monetary awards under the ACPA are infrequent at best, and the cost of filing a case is prohibitive for the average individual.
There have been several instances of companies, individuals or governments trying to take generic domain names away from their owners by making false claims of trademark violation. Sometimes they are successful. This practice is called "reverse domain hijacking". For example, little known Heathrow Land Development in Florida attempted to use their narrow one-class trademark and the UDRP process to acquire heathrow.com.
Australia is another example - auDA requires anyone registering a .com.au Second-level domain to have a valid entitlement for that domain - ie. a registered business name with an Australian Business Number (ABN) issued by the Australian Taxation Office. However, this has failed to protect Australia from such cybersquatting acts. Any Australian citizen over the age of 16 can obtain an ABN (which is free) and use it to register as few or as many domain names as they like.
Internationally, the United Nations copyright agency called WIPO (World Intellectual Property Organization) has, since 1999, provided an arbitration system wherein a trademark holder can attempt to claim a squatted site. In 2006, there were 1823 complaints filed with WIPO, which was a 25% increase over 2005's rate. On average, 84% of claims are decided in the complaining party's favor.