Future Tense

Is “Typosquatting” Ever OK?

Facebook CEO Mark Zuckerberg

Photo by Justin Sullivan/Getty Images

You’re heading over to Facebook.com when your index finger slips, forcing you to type in something like “gacebook.com.” Before your mind registers the flub, you hit “enter,” and off you go. Now, instead of seeing what your eighth-grade boyfriend had for dinner, you’re faced with pop-ups and maybe even Facebook look-alike sites that are out to do evil.

That’s cybersquatting (or, more specifically, typosquatting), and Facebook doesn’t have to take it. In a case involving almost a dozen offending companies, a California judge has ruled that 105 domains like gacebook.com, gfacebook.com, and faacebok.com be turned over to Facebook. Furthermore, Facebook will get close to $2.8 million in damages.

Lots of companies have prevailed against typosquattors. As Mike Isaac points out on AllThingsD, though, “This case could be more significant … in that it’s among the first to result in the awarding of liability damages to the victor, potentially establishing a precedent for future similar cases.”

But it may be that not all typosquattors are out to profit from a slip of the finger. The New York Law Journal reports that the Gioconda Law Group—which itself specializes in cybersquatting and counterfeiting cases—sued Arthur Wesley Kenzie, a Canadian man who had registered the domain Giocondolaw.com (changing the final “a” in the law group’s name to an “o”). In addition to the website, he also set up email addresses. This, says Gioconda, is a clear violation of the Anticybersquatting Consumer Protection Act.

But Kenzie, who is a developer, says that he uses such misspelled domains as part of his research into cybersecurity. His lawyers claimed in court filings that he registered the site and created email accounts as part “information security research into a significant e-mail vulnerability that is not currently well understood.” On CircleID, Venkat Balasubramani writes, “Kenzie did not offer the domain names for sale, did not read the emails intended for the subject organization, and generally kept his whole scheme out of the public eye. Upon demand, he also offered to transfer the domain names to the organizations in question.”

In December, Gioconda, which is based in New York, filed a motion for partial judgment asking that the court rule Kenzie had violated ACPA. But the judge declined to do so now, writing:

“Defendants’s alleged ideological, scholarly, and personal motives for squatting on the [domain name], while perhaps idiosyncratic, do not fall within the sphere of conduct targeted by the ACPA’s bad faith requirement, If anything, given that defendant aims to both influence plaintiff’s behavior and shape public understanding of what he perceives to be an important vulnerability in cyber security systems, this case arguably falls closer to cases involving parody and consumer complaint sites designated to draw public attention to various social, political, or economic issue.”

Because it’s early in the case yet, Gioconda could eventually win against Kenzie.