IP Infringement on the home front
Published on June 9, 2015 by Patricia Monemvasitis and Kim Leontiev
IP Infringement on the home front – COD’s fight against IP fraud and identity theft and valuable lessons to take on board
As recently reported on the COD website and Lawyers Weekly, Carroll & O’Dea lawyers has been one of several law firms targeted by an unscrupulous web operator running a ‘claims harvesting’ website.
The claims harvesting website advertised personal injury legal services and made representations of being connected to or associated with the targeted law firms, including Carroll & O’Dea, by displaying the names, logos, and web and email addresses, telephone numbers and other contact details of the law firms without having authority or prior consent. Apart from being a deliberate and potentially fraudulent attempt to mislead consumers, the unauthorised use of the said names, logos and contact details also constituted an infringement of a number of intellectual property rights including registered and common law trade marks, copyright rights, and passing off on reputation and goodwill.
Upon discovering the website and infringing conduct, Carroll & O’Dea took immediate steps to seek enforcement of all of its infringed intellectual property rights and obtained a swift and successful resolution. Whilst the focus has subsequently turned on the underlying issues of regulation in the area of legal services and claims harvesting, the enforcement process of infringed intellectual property rights has left us with some valuable considerations worth refreshing when it comes to dealing with online IP infringement. In this post, we highlight a few whilst looking back on what occurred.
It often goes without mention, but discovering the infringing conduct upon which enforcement is taken is one of the most important factors in itself and certainly worth noting. In the present case, our discovery was made possible by a reliable and supportive network of prospective clients through which the infringing conduct was brought to our attention. In the absence of active monitoring for infringement, which can be a very resource-draining exercise, maintaining a broad network that can be trusted to report potential infringement is an invaluable asset for IP security. After all, it is often the service user that is more likely to come across the infringing use in their searches or be contacted by the infringer than a service provider. Maintaining communication and infringement awareness within the network may be one of the most sure and efficient ways of ensuring early discovery of IP infringement.
Once the discovery has been made and the resolve to take action kicks in, the central question becomes identification: who is behind the infringing conduct? Against whom should the enforcement action be taken?
In the case of online infringement of IP conducted on a website a useful starting point is determining who controls the website. The contact details provided on the infringing website may not always be relevant in determining the identity of the infringer. Names used may be fictitious and the contact details may not lead directly to the infringer.
Websites or website addresses to be precise (also known as domain names) are not owned as such but assigned through a system of registration which in Australia is administered by au Domain Administration Ltd (or auDA). Domain names are registered by Registrars who need to be accredited by auDA. Once registered, the domain name becomes active and when typed into the address bar of an Internet browser, will take the user to the webpage linked to the domain name. Finding out who applied and registered a domain name (the Registrant), can be done via a search of the auDA registry (WHOIS ausregistry) available online (http://ausregistry.com.au/whois) by searching for the domain name.
Once the Registrant is known, further searches such as ASIC company searches or electoral roll searches can be conducted to obtain the contact details of the Registrant of the domain name via which the infringement occurs.
Whilst the above identification process is an essential first step, things are not always as simple and straightforward as they may first appear. As in the present case, sometimes the Registrant identified from the searches is not in fact the infringer or even the entity in control of the website. Although Registrars do seek warranties from applicants for registration of a domain name as to identity, there are still possibilities that the warranties are falsely given and use of details obtained by identity theft are used to register a domain name under a false name without the victim entity’s knowledge or consent. Although it may not always be possible to completely verify prior to acting, verifying whether the Registrant is in fact linked to the domain name is a critical preliminary step.
Verification of the Registrant is therefore another important consideration prior to sending out letters of demand and other enforcement measures being taken against a wrongly identified, innocent party. Furthermore, securing the cooperation of the innocent party is extremely helpful in generating swift enforcement outcomes as described below.
4. Enforcement action
Once the identity is discovered, and to a reasonable extent verified, the enforcement measures can be implemented. An effectively drafted letter of demand is not only an essential first step, but is also often the catalyst to the expedient and cost-effective resolution of the matter. It is critical to obtain sound and experienced legal advice and assistance with the letter of demand to ensure that the letter effectively sets out the basis of your IP rights and case against infringement without making any statements that may be prejudicial to your case. Some important considerations in the letter are therefore:
– thorough and accurate identification of all IP rights that are being infringed
– accurate description of the facts and the details of the IP rights
– accurate description of all relevant legal remedies in relation to the infringement and full reservation of rights to pursue such remedies
– a valid and clear set of actions demanded to be taken to resolve the matter and avoid further enforcement action.
It is also worth remembering that when dealing with online infringement via a website an expedient mechanism of stopping the infringement may be to shut down the website itself. Whilst typically auDA domain name registration policies are geared towards complaints and enforcement action in the case of IP infringement in the domain name itself, rather than the hosted online content, it may nonetheless be effective to notify auDa and the Registrar of the infringement and inform the infringer of this. Where the domain name in fact does infringe IP rights (e.g. a trade mark or business name) then the owner of that right can pursue deregistration and removal of the domain name.
If, however, as in the present case, the domain name was registered via a false Registrant, the innocent party named as the false Registrant can through auDA seek to have the Registrar deregister the domain name and either transfer it to the innocent party or remove it entirely, meaning that the webpage associated with the domain will no longer be found by the known address (domain name). Where a measure like this is available due to the results of verification, the cooperation of the innocent party will be invaluable in attaining some expedient relief from the infringement quite apart from the letter of demand and further enforcement measures.
Where fraudulent conduct may be present, it may also be worthwhile to consider reporting the website to the Australian Cyber Crime Online Reporting Network (ACORN.gov.au) which can review the complaint and if warranted pass the complaint on to police and law enforcement agencies in Australia and/or New Zealand.
Finally, given the potential ease with which identities can be misappropriated in online activities and domain name registrations, it is prudent particularly for businesses to not only maintain vigilance in respect of their intellectual property rights, but also vigilance in relation to their identity and possible misuse in registering domains or making unauthorised online representations.