Website-law.co.uk

A complainant in domain name arbitration proceedings must establish rights in the trade mark or name used to ground the complaint.

For example, the Uniform Domain Name Dispute Resolution Policy (UDRP) only applies where:

“[the registrant’s] domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights” (Paragraph 4(a)).

Similarly, the Nominet Dispute Resolution Services (DRS) Policy only applies where the domain name in question was registered or otherwise acquired in a manner which trespassed upon the “Complainant’s Rights”:

“Rights includes, but is not limited to, rights enforceable under English law. However, a Complainant will be unable to rely on rights in a name or term which is wholly descriptive of the Complainant’s business ” (Paragraph 1).

Under the .eu Alternative Dispute Resolution Rules (ADR Rules), a complainant must show that the domain name is

“…identical or confusingly similar to a name in respect of which a right is recognized or established by the national law of a Member State and/or Community law” (Paragraph B11(d)(1)(i)).

Generally speaking, this is one of the easiest things to show in a domain name arbitration.

A relevant registered trade mark will almost always be sufficient to establish rights. For example, the WIPO “consensus view” is that, if a complainant owns a registered trade mark that will automatically satisfy the threshold “rights” requirement.

For decisions made under the UDRP, the jurisdiction in which the trademark is registered will be irrelevant. However, Nominet DRS proceedings will usually only take account of UK or Community trade mark rights in connection with this requirement; and .eu ADR proceedings will usually only take account of Community trade mark or EU national trade mark rights in connection with this requirement.

Where complainants do not have relevant registered trade mark rights, they will have to rely upon unregistered trade mark rights. This usually means providing evidence of rights enforceable under the law of a particular jurisdiction. For example, a UK-based complainant without registered rights would seek to argue that it had rights under the law of passing off. Evidence might include details of the complainant’s business, history, sales and marketing.

“Please do whatever necessary to make sure I don’t get sued or fined!”

Clients sometimes assume that the instruction of a legal adviser amounts to an insurance policy against legal risk. But whilst proper legal advise should reduce a business’s legal risks, it will not eliminate them.

There are, I think, five main reasons why web-based businesses must live with legal risks.

First, the law changes all the time. This is especially true of “internet law”. Sometimes these changes can be easily anticipated, but sometimes not.

Second, good websites are regularly updated; and few web publishers take legal advice on everything they publish.

Third, user-generated content can give rise to liabilities which may be beyond the control of the web publisher.

Fourth, the law is often much more uncertain than we would like. For example, the special defences under the E-commerce Regulations, which from a risk management perspective may be considered crucial to the operation of many websites, are of uncertain scope.

Fifth, legal advisers sometimes get things wrong. Whilst you may well be able to sue a negligent legal adviser, that is not the same things as an insurance policy!

Many websites incorporate data obtained from other websites. It is sometimes thought that, where the data obtained is not protected by copyright (e.g. data consisting of postal addresses arranged alphabetically) there are no legal problems. This is however a mistake: the collection and re-use of such data can present significant legal risks.

As a matter of English law, the key risks arise under:

• the database right legislation;
• the law of contract; and
• the Computer Misuse Act.

Database right

A database is defined in the Copyright Designs and Patents Act 1988 as “a collection of independent works, data or other materials which - (a) are arranged in a systematic or methodical way, and (b) are individually accessible by electronic or other means.”

In general terms, databases falling with this definition will be protected by database right if there has been “a substantial investment in obtaining, verifying or presenting the contents of the database.”

Database right will be infringed where a person extracts or reutilises all or a substantial part of a protected database without the consent of the database owner.

The law on database right is in a state of flux, and unfortunately the scope of the right is not entirely clear. Nonetheless, it is clear that the harvesting of data from other sites can in some circumstances constitute an infringement of this right.

Law of contract

Website terms of use sometimes expressly prohibit the collection and republication of data from websites.

If you are considering extracting data from another website for use on your own website, you should check their terms of use of that other site. If they expressly prohibit what you intend to do – and if the website owner can establish that the terms are enforceable against you – then you may be found liable for breach of contract (or licence) if you go ahead.

Computer Misuse Act

The Computer Misuse Act provides for a specific offence in the case of unauthorised access to a computer:

“(1) A person is guilty of an offence if— (a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer; (b) the access he intends to secure is unauthorised; and (c) he knows at the time when he causes the computer to perform the function that that is the case.

(2) The intent a person has to have to commit an offence under this section need not be directed at— (a) any particular program or data; (b) a program or data of any particular kind; or (c) a program or data held in any particular computer.

(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.”

It may be argued that, where a website’s terms of use prohibit data data mining, then such activities could fall within the Computer Misuse Act. This could lead to civil liability (under the tort of breach of statutory duty) as well as criminal liability.

To the best of my knowledge, this kind of argument has not yet been tested in the UK courts.