The Panel in Lawrence Gurreri v. To Thai Ninh, FA1006001328554 (Nat. Arb. Forum July 12, 2010) states that “the alleged theft of a domain name falls outside the narrow scope of the UDRP policy” and cites two cases that address scope but not theft. While the conclusion is inconsistent with a number of other decisions that hold the complainant entitled to recapture the domain name, the principal reason for denying the complaint in Lawrence Gurreri follows well settled law, namely that a victim does not have standing to maintain the administrative proceeding unless he has a trademark. The Complainant in Lawrence Gurreri did not have a registered trademark in “international circuit” and offered insufficient evidence of secondary meaning to qualify for a common law trademark. Had it been otherwise, precedent holds that theft or fraudulent transfer or hijacking are within the scope of the UDRP Policy. Narrow though the scope may be it is not that narrow.
The question whether within or outside the Policy arose in Worldcom Exchange, Inc v. Wei.com, Inc., D2004-0955 (WIPO January 5, 2005). The Panel noted
Given the human capacity for mischief in all its forms, the Policy sensibly takes an open-ended approach to bad faith, listing some examples without attempting to exhaustively enumerate all its varieties. The Complainant seeks to expand the territory of bad faith, presenting a new type of abusive conduct on the part of the Respondent, one that on its face cries out for relief: the hijacking of a domain name through the manipulation of password access. Equitable considerations aside, the Panel must determine whether the unusual facts of this matter bring the Complaint within the framework of the Policy.
What the Panel determined was that the “Complaint [was] within the framework of the Policy” and ordered the disputed domain name transferred to the Complainant.
It was within this time frame, in fact, that ICANN issued warnings about hijackings of the kind described in Worldcom Exchange and Lawrence Gurreri in a report dated July 12, 2005, entitled “Domain Name Hijacking: Incidents, Threats, Risks and Remedial Actions.”
Not unexpectedly, respondents accused of hijacking rarely make an appearance. In CC Computer Consultants GmbH and WAFA Kunststofftechnik GmbH v. APG Solutions & Technologies, D2005-0609 (WIPO August 1, 2005) the Panel found that the Respondent was in default of its registration obligation to maintain current information. It “provided a false name as administrative contact for the domain name and a non-existent fax number.” While it was “not clear … exactly how the Respondent technically registered the domain name … it does seem clear that the registration was irregular, and that it was done without the permission of Complainant.”
In Edward G. Linskey Jr. v. Brian Valentine, D2006-0706 (WIPO September 18, 2006) a three-member Panel denied the complaint for the same reason as in Lawrence Gurreri, but they were uncomfortable with the Respondent. In response to the Respondent’s contention that “this case is unsuitable for determination by the Panel … because of the parties’ competing views of the circumstances of the case” one member in a concurring opinion joined by the other two stated
I fear that Respondent’s success in this proceeding may encourage other cybersquatters or their counsel to attempt to ‘complicate’ Policy proceedings with far-fetched or apparently outright fraudulent contentions or evidence, then claim that these ‘complications’ raise issues that cannot and were not intended to be resolved in Policy proceedings.
In cases that raise these issues and show that the domain name was unlawfully transferred the complainant is entitled to relief, the dictum in Lawrence Gurreri notwithstanding. “However it happened” ( stated the Panel in 8x Entertainment, Inc., Gener8Xion Television, Inc., Gener8Xion Entertainment, Inc. v. EXC International AG, D2005-1126 (WIPO December 28, 2005)), “the fact is that someone unlawfully took control of Complainants’ e-mail account and used it to fraudulently represent to Network Solutions and OnlineNic, Inc. that Complainants had authorized a transfer of the domain name in dispute, when in fact Complainants had not.” The range of abusive conduct is not circumscribed by the four examples set forth in paragraph 4(b) of the Policy.