Domain grabbing & cybersquatting: the difference and legal consequences

The perfect domain is worth its weight in gold since those looking for a suitable name for their web project often find that all the catchy ones are taken. But not every registered address is actually used; many domains are purchased for the purpose of being resold. The higher the demand, the higher the price. Sought-after domains often go for several thousands of dollars. The domain market is therefore full of users occupying promising addresses. This business practice is referred to in internet jargon as domain grabbing and differs slightly from illegal cybersquatting.

Domain grabbing

Domain grabbing refers to the practice of registering internet domains with the intention of selling the ownership rights rather than keeping them for their own personal use. The domain grabber hopes to make a good profit by selling popular top-level domains. Names of specific products or services are usually avoided when domain grabbing in order to prevent conflicts with rights holders. Because of this, domain grabbing does not usually violate trademark law.


While domain grabbers target unprotected terms, cybersquatters concentrate specifically on trademarks and proper names. The aim of registering legally-protected terms as part of the domain name is to sell them to the actual rights owner for a higher transfer fee. Cybersquatting is also referred to as brand jacking or name jacking, depending on the type of trademark protection. If the controversial domain contains the name or part of the name of musicians, sports personalities, TV stars, or other celebrities this results in an overlap of both practices.

To put pressure on rights holders, many of these domains are used for malicious purposes. For example, they include content which shows the business or the person concerned in a bad light. Another variant of cybersquatting is typosquatting, where typos are purposefully made in brand name domains in order to intercept visitors.

Domain name law in the US

The Anticybersquatting Consumer Protection Act (ACPA) was created in the US in order to solve domain name disputes. This is also known as 'Truth in Domain Names Act' and is an extension of the Lanham Act, which governs US trademark law on a federal level. It came into effect in 1999 and was intended to protect consumers from being misled.

A typical use for ACPA is cybersquatting. In order to appeal to the law, the plaintiff needs to be the trademark owner and show that the defendant is maliciously profiting from using their brand as a domain name. The domain and brand need to be identical or confusingly similar for the case to have any chance of success.

When does using a brand name actually become controversial? Previously, such maliciousness was determined by US jurisdiction as being when a domain is registered in order to abuse a brand’s traffic domain for their own purposes, or when a domain is bought so it can be sold to the trademark owner. Additionally, providing false information during the registration process is considered malicious. While some countries’ punishments include deleting or transferring a domain, ACPA is much stricter and damage claims of up to $100,000 have been recorded.

Social media and cybersquatting

Social media sites like Facebook and Twitter continue to grow in popularity and this has led to a new form of cybersquatting where trademark-protected brands or names are registered by others. They have now made the practice a violation of their terms and services. Tony La Russa, manager of the St. Louis Cardinals, found out the hard way just how damaging cybersquatting can be. Someone registered a Twitter account using his name and posted many derogatory status updates with the aim of damaging his reputation. He was the first celebrity to file a lawsuit against the site, before later dropping it.

Facebook is also strict when it comes to trademark infringement. Trademark owners must report any unlawful profiles as soon as they see them. A further step to prevent cybersquatting is 'mobile phone authentication', which involves a user verifying their account by phone in order to get a username.

We use cookies on our website to provide you with the best possible user experience. By continuing to use our website or services, you agree to their use. More Information.