Is Google Liable For Typosquatting Domains That Use AdSense?

from the seems-like-a-stretch dept

While I have tremendous respect for the ongoing work that Ben Edelman has done over the years exposing many of the dirty tricks used by spyware and adware vendors, I tend to disagree with his view on trademark law. In the past, Edelman sided with websites that sued early spyware vendors for putting up competing pop up ads, but that was missing the point. The real problem there was the fact that spyware was surreptitiously installed. If people wanted to see competitive ads, that should be their choice, and not a trademark issue. There's nothing wrong with competitors trying to get your attention if they know you're looking for a competitor's product. That's not a trademark law, so long as there's no attempt to confuse users into thinking that one product was made by someone else.

Edelman, however, disagrees. And, now, he's actually suing Google for allowing AdSense ads to be placed on "typosquatter" domains. This lawsuit seems like a longshot. As has been seen in numerous lawsuits over AdSense and trademarks, suing Google is trying to put liability on the wrong party. You could potentially sue the owner of the domain, but even that seems like a stretch. It's unlikely that anyone arriving at the typosquatted domain will be "confused" into believing they're at the correct site. They'll either quickly retype the URL properly, or they'll click on a link on the site that takes them to the proper site. There's no actual "confusion" here and it's difficult to see how there's any consumer harm. The fact that Google makes money off the practice shouldn't be seen as illegal at all.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ben edelman, lawsuits, trademark, typosquatting


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Jake, 27 Oct 2008 @ 2:34am

    But...

    If it's just one of those annoying pages full of useless ads, I agree, no big deal. If however someone is using one of these sites to hit people with trojans or other malware, which is entirely probable, that puts a different complexion on things.
    I do agree that suing isn't the answer, at least not as a first resort; if I got hit twice by the same bit of malware on different ads, after making a complaint about the first one, it would be another matter. Still, much as I'd like to see service providers be a bit more proactive about this kind of thing, it would help if more people followed the company's own complaints procedure before hiring a lawyer.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 27 Oct 2008 @ 4:42am

    As usual, looking at the world through your own myopic vision - it's not a problem for you, therefor it's not a problem for anyone else.
    For for education, the biggest problem with typosquatting is that it (a) spread malware/scammer sites and (b) pollutes the domain space, making it harder for the typical user to find stuff. Remember, not everyone is as perfect and as wonderful as you are.
    I agree that trademark law should have nothing to do with it, and the correct course is suing for fraud and intent to deceive.

    link to this | view in thread ]

  3. icon
    Mike (profile), 27 Oct 2008 @ 4:45am

    Re: But...

    If however someone is using one of these sites to hit people with trojans or other malware, which is entirely probable, that puts a different complexion on things.

    Again, there's simply no way that's Google's fault. That's the fault of the sites that include that malware.

    link to this | view in thread ]

  4. icon
    Mike (profile), 27 Oct 2008 @ 4:48am

    Re:

    As usual, looking at the world through your own myopic vision - it's not a problem for you, therefor it's not a problem for anyone else.

    Um. That's not what I said.

    For for education, the biggest problem with typosquatting is that it (a) spread malware/scammer sites and (b) pollutes the domain space, making it harder for the typical user to find stuff.

    Can you explain how either of those would make Google liable? The whole point of the post is whether or not Google is liable, so I'm not sure why you're discussing a totally different issue (and trying to insult me at the same time for supposedly implying something I did not imply).

    If there's spyware or malware, that's not Google's fault. Nor is any so-called "pollution of the domain space" for which you offer no proof.

    link to this | view in thread ]

  5. icon
    Allen (profile), 27 Oct 2008 @ 5:10am

    Not legally wrong, but could be evil

    I don't think that there is anything legally wrong with what Google are doing - at least, as far as the letter goes. As long as they are unaware of what a particular adsense agent is doing, they cant be liable.

    But they do profit from the actions of parasites, many of which are far from benign. They can not possibly be unaware of this. They could be doing more, but they are not and collecting a tithe from their inaction, could be evil...

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 27 Oct 2008 @ 5:39am

    Re: Not legally wrong, but could be evil

    How would they know? They don't actually "audit" any of the sites that run their Google Ads as far as I know. They have no reason to.

    That's like a mugger getting paid to have a billboard over his house saying "free cookies" or something and then mugging you as you come in. You can't go sue Oreo for what that guy did.

    link to this | view in thread ]

  7. identicon
    Ben Edelman, 27 Oct 2008 @ 6:29am

    Google's role & liability -- the court's view, and the relevant statutory language

    Thanks for the thoughtful message.

    Let's put aside the early spyware/adware litigation. That's a topic for another day.

    But on the question of whether Google is liable for the domain registrations of its typosquatting partners: It's instructive to review what the judge had to say. Remember, the case at issue was filed some 16+ months ago, and Google promptly filed a motion to dismiss, which was denied in relevant part. In the course of the denial of Google's motion to dismiss, the court explained:

    "Google contends that the ACPA cannot apply to it because it does not own or operate any of the allegedly infringing domain names. As noted above and by the parties, the ACPA imposes liability on one who 'registers, traffics in, or uses' certain types of domain names. ... The FAC [first amended complaint] alleges that Google pays registrants for its use of the purportedly deceptive domain names, provides domain performance reporting, participates in the tasting of domain names, uses semantics technology to analyze the meaning of domain names and select revenue maximizing advertisements and controls and maintains that advertising. Given these allegations, Google's motion to dismiss the ACPA count is denied."

    See http://docs.justia.com/cases/federal/district-courts/illinois/ilndce/1:2007cv03371/210005/145/ (page 12).

    In short: An ACPA claim can properly lie not only against a domain registrant, but also against a domain registrant's business partners, when such partners participate in the typosquatting project in certain ways (like those described above). This strikes me as entirely appropriate. After all, the ACPA statute prohibits not just "register[ing]" domain names, but also "traffic[ing and] us[ing]" domain names. And for good reason: Congress exactly intended to hold responsible not just domain registrants, but also those who coordinate, fund, and orchestrate typosquatting.

    Does this change your thinking?


    Separately, as to the #6 "anonymous coward" reply: Somehow Google figured out that when a user requested "bankofdamerica.com" (s.i.c.), the best (most prominent) ad to show was an ad promoting Bank of America. How did Google figure this out? Google's own statements indicate use of "semantic analysis" -- software to read a domain name, parse it, and figure out what a user was trying to do. You say Google doesn't "actually 'audit' any of the sites that run" Google ads. I'm not sure I agree with that claim. But in any event Google certainly has to know where ads are appearing, in order to select the ads that will make as much money as possible. Of course, once Google notices that "bankofdamerica" is very similar to "bankofamerica," it's not much to ask that Google then realize that "bankofdamerica" is not an appropriate (or lawful) place on which to show ads.

    link to this | view in thread ]

  8. icon
    Allen (profile), 27 Oct 2008 @ 6:51am

    Re: Re: Not legally wrong, but could be evil

    So they cant be expected to know when an individual decides to use their service? So what? Google does it's best to employ some really smart people. Unless you are an idiot, you've got to believe that they understand that there are persons that are *using* Google for some shady stuff.

    Cookie billboard? It's closer to a landlord taking the rent, suspecting that a tenant is dealing drugs, but not calling in the cops to bust his arse.

    Nothing illegal in that. Not liable in a legal sense. But they are raking in the doe and that could be evil.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 27 Oct 2008 @ 7:09am

    Re: Google's role & liability -- the court's view, and the relevant statutory language

    "How did Google figure this out? Google's own statements indicate use of "semantic analysis" -- software to read a domain name, parse it, and figure out what a user was trying to do."

    From a programmer's standpoint, let me tell you how that would probably work.

    1. Parse the text in the domain name, remove the www and the .com (or .net, etc), and determine the possible combinations of words. In this example, it would find bank, of, and America or bank, of, dame, and rica, or bank, of, and damerica.

    2. Parse the remaining text in the web page and make note of each word and how many times is appears. Since the page is inaccessible at this time, I cannot directly show how that would work, but let's assume that this is a typosquatter and not a site for the Bank of Dame Rica the whois lookup says it is for. If it were for a typosquatter targeting Bank of America, it probably has checking, debit, savings, "Bank of America", ect on it several time in various places a machine would see it but not humans, ie. metadata, ect.

    3. Google now looks at the list of words and how they are ordered ("semantic analysis" being recognizing that "Of all the banks in America, I like this the best." is different than "I like Bank of America best of all the banks in America." Computers have a very difficult time understanding word order in text of varying content and quality as the entire internet.) Since some personal site contain AdSence ads, it also checks for misspellings and uses the corrected spelling if no results can be found for the spelling in the page. If you google "bank america", the two most common words on this hypothetical page once articles, etc are discarded, you will find the number one sponsored link, ie the person that purchased those words, is Bank of America, which is why they are on the page.

    The problem Google has here is, the whois lookup says this site is registered to the Bank of Dame Rica. How could Google write a program to determine if a site is legit or not? Assuming such a program is found, how can you be sure it does not have even a single false positive or negative? Also, how can you be sure not one person can create a site that can bypass that filter? Computers cannot currently make that kind of distinction.

    link to this | view in thread ]

  10. identicon
    Mark Murphy, 27 Oct 2008 @ 7:54am

    An Ill-Fitting Suit

    Like Mr. Masnick, heretofore I've had the utmost respect for Prof. Edelman's work. This suit, and his defense of same, pushes him into the "I dunno..." category in my book.

    Prof. Edelman uses, in his comment above, bankofdamerica.com an an example:

    Of course, once Google notices that "bankofdamerica" is very similar to "bankofamerica," it's not much to ask that Google then realize that "bankofdamerica" is not an appropriate (or lawful) place on which to show ads.

    Prof. Edelman buries in this innocuous sentence two key assumptions:

    • That it is possible, algorithmically, to determine when "very similar" constitute "confusingly similar" or "dilutive".
    • That it is possible, algorithmically, to determine when the comparison name (in this case, bankofamerica.com) constitutes a protected mark under ACPA.

    Neither of those assumptions are remotely true. For example, I guarantee you I can find an attorney who will attest that benedelman.org is dilutive of edelman.com and, by virtue of using benedelman.org to obtain a professorship and speaking honoraria and the like, Prof. Edelman is a typosquatter and should be prosecuted under ACPA. It's not completely out of the question I could find a jurisdiction with a judge who will agree with this claim. Yet, somehow, a computer is supposed to figure out, on its own, that this claim is ludicrous?

    link to this | view in thread ]

  11. icon
    Danny (profile), 27 Oct 2008 @ 8:29am

    squatting site sometimes not all that obvious

    Mike, I disagree with this assertion: It's unlikely that anyone arriving at the typosquatted domain will be "confused" into believing they're at the correct site. I've stepped into a harvested squatting site on several occasions before noticing it was not the real site. This happens to me more when I am going to a site unknown to me - so I have no expectations of what it will look like. I figure it out one or two keystrokes in on most occassions. Sometimes I go far enough to click on an external (advertising?) link. And I am an academic who teaches this stuff. When I think about my mother surfing the web (or almost anyone's mother surfing the web), I am confident it is possible for the naive surfer to not realize she has reached a rogue site. She would not pick up on the cues that you and I do - she would just trust she is in the right place and keep on clicking.

    link to this | view in thread ]

  12. identicon
    Luci, 27 Oct 2008 @ 8:49am

    Re: Re: Re: Not legally wrong, but could be evil

    Unfortunately, law is rarely about good and evil. Law is about responsibility, liability, and avoiding liability.

    Suspicion of illegal activity does not make you liable for the illegal activity. Assuming that putting ads up on a site you own is illegal, which it still hasn't been proven to be.

    link to this | view in thread ]

  13. icon
    Mike (profile), 27 Oct 2008 @ 10:06am

    Re: Google's role & liability -- the court's view, and the relevant statutory language

    In short: An ACPA claim can properly lie not only against a domain registrant, but also against a domain registrant's business partners, when such partners participate in the typosquatting project in certain ways (like those described above). This strikes me as entirely appropriate. After all, the ACPA statute prohibits not just "register[ing]" domain names, but also "traffic[ing and] us[ing]" domain names. And for good reason: Congress exactly intended to hold responsible not just domain registrants, but also those who coordinate, fund, and orchestrate typosquatting.

    Does this change your thinking?


    No, it doesn't change my thinking. I think the statute is wrong. It's trying to place the liability on a party that isn't actually responsible. Focus on those responsible, and you'll get no argument from me. Dragging in business partners because they're big and an easy target is a cop out.

    Somehow Google figured out that when a user requested "bankofdamerica.com" (s.i.c.), the best (most prominent) ad to show was an ad promoting Bank of America. How did Google figure this out? Google's own statements indicate use of "semantic analysis" -- software to read a domain name, parse it, and figure out what a user was trying to do. You say Google doesn't "actually 'audit' any of the sites that run" Google ads. I'm not sure I agree with that claim. But in any event Google certainly has to know where ads are appearing, in order to select the ads that will make as much money as possible.

    Knowing what ad to display is TREMENDOUSLY different from knowing that a site is bogus.

    link to this | view in thread ]

  14. identicon
    Petréa Mitchell, 27 Oct 2008 @ 11:54am

    Re: squatting site sometimes not all that obvious

    "I am confident it is possible for the naive surfer to not realize she has reached a rogue site. She would not pick up on the cues that you and I do - she would just trust she is in the right place and keep on clicking."

    Everything I know about usability leads me to second this.

    If you think I'm just condescending to my fellow Web users by thinking that they're morons, here is my current favorite Web reality check: In a recent study with participants who were selected to be more computer-savvy than the population in general, 24% were unable to figure out how to get to Google when they wanted to run a search as part of the task they were assigned.

    No, that's not a typo. 24%. Of smart people. Could not find their way to Google.

    link to this | view in thread ]

  15. identicon
    Alli Q. Ladin, 27 Oct 2008 @ 12:03pm

    Re: Re: Re: Not legally wrong, but could be evil

    As a landlord, it was much easier to evict the drugs tenants. If the cops came, they would bust the doors down, tear up all the walls, etc and leave the place a wreck and possibly charge you, as landlord, with having a drug house, and possibly seizing the house. Simplest, quickest thing was to evict and get rid of the drug tenants without the expense of rebuilding a house.

    link to this | view in thread ]

  16. identicon
    Anonymous Coward, 12 Aug 2009 @ 10:59pm

    test

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 12 Aug 2009 @ 11:44pm

    I think (Professor) Edeleman has picked the wrong issue.
    Assuming he is truly interested in this topic academically, and not commercially.
    The issue here is how can a user reach a website representing Trademark Owner (TO) with "zero" chance of reaching a website not representing TO.
    Consider the case of 1-800-HOLIDAY where a challenge to 1-800-H0LIDAY was unsuccessful.
    How could this dispute easily be avoided?
    One way is if you remember the phone number for Holiday Inn, instead of remembering a vanity number. That is, 1-800-465-4329. You might store this in your address book, set up a speed dial entry for it, consult directory assistance to obtain it or even consult a copy of a printed phone directory, looking up "Holiday Inn".
    Ultimately you must dial that number to reach Holiday Inn.
    Are computers different?
    Let's see.
    If Edelman is serious about operating in the computer law field then I trust he is familiar with UNIX like systems.
    I will walk through an example. I am not a UNIX guru. Any user who can type could handle this. In each case, the response times for these queries are a matter of microseconds. With local caching, to the senses it would seem "instantaneous". All this can be scripted into a one-liner. I'm being verbose for expository reasons.

    I am given a name.
    "Holiday Inn"
    I need a number.
    As with looking in a telephone directory, I have to decide how to approach this. For example, should I look up www.holidayinn.com or just holidayinn.com? Let's try those two.

    /bin/whois www.holidayinn.com
    No match for "WWW.HOLIDAYINN.COM"

    /bin/whois holidayinn.com
    Registrant:
    Domain Administrator
    Six Continents Hotels, Inc.
    3 Ravinia Drive Suite 100
    Atlanta GA 30346
    US

    Which would you pick? I think number two looks like the better choice.

    Now let's check the number.

    /bin/host holidayinn.com
    96.17.109.50
    96.17.109.67

    I now have two numbers now. Really no different than the concept of phone numbers for our purposes. I could type these in my browser, like pressing keys on the telephone. But first, the issue: Are they legitimately owned by Holiday Inn? Will these sites represent Holiday Inn or an alleged trademark diluter?

    /bin/whois 96.17.109.50
    /bin/whois 96.17.109.67

    Registrant:
    Domain Administrator
    Six Continents Hotels, Inc.
    3 Ravinia Drive Suite 100
    Atlanta GA 30346
    US

    Type either of these numbers into your browser and you will reach Holiday Inn. When you do that you do not use DNS. As such, you avoid all the scams and security flaws you enjoy researching and writing about.

    In short: 1. As an end user, use a local DNS cache with names and numbers you have verified (the pre-DNS the /etc/hosts concept) and 2. Use whois servers.

    Most user only visit a small fraction of the sites on the internet. But just for discussion consdider:

    How much storage space would a simple local DNS cache (only names + numbers) listing every Internet site available (i.e. billions) consume? I can fit the whole thing on my average, inexpensive laptop. It's called Moore's Law. 30+ years of innovation on CPU power since /etc/hosts was abandoned. And gigabytes cost less than .50 cents.

    Question: How do you think Google can cache every site on the web?
    Answer: More cheaply than you might imagine.

    Things are often much more simple than people are led to believe. Using UNIX and understanding Internet hostory will teach you this.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 12 Aug 2009 @ 11:52pm

    apologies for the typos. luckily this is just a blog. i wonder if i would be as likely to make typos when typing numbers? i.e. where one mistyped digit could have significant consequences. something to think about.

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 13 Aug 2009 @ 10:16pm

    /usr/bin/whois
    /usr/bin/host

    Here's a quote from a news website last June:
    Meanwhile, Tim Berners-Lee, one of the major forces behind creating the
    World Wide Web, said on Friday that the names system had become "mired in
    politics and commercial games."

    "It would have been interesting to look at systems that didn't involve
    domains," Mr. Berners-Lee said.

    The point is that few seem to remember the system does not require domain names. They are like vanity phone numbers. They are not essential for the system to work. What is essential is the phone (or, in this case, IP) *number*.

    It is perplexing to see the enormous amounts of time, effort and financial capital devoted to research, argue and "remedy" a problem with vanity phone (IP) numbers. It's called "vanity" for a reason. Meanwhile, as with license plates or myriad other systems, the *number* is the only thing required for the system to work. Why are people presuming consumers will never understand how to look up a phone (IP) number? The simple and easy to use software to do this is included by default on every PC, whether Microsoft, Apple, Linux, BSD, etc.

    And now we are wasting the courts' time with this.

    I think we need education not litigation. The first step is learning to use the command line. It is not rocket science.

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 19 Aug 2009 @ 1:06am

    you could probably fit the whole .com namespace on an average laptop, perhaps with .net or .org, but certainly not all TLD's

    but, for the average user speaking 1-2 languages, addresses for every internet domain, worldwide, would not be necessary.
    if you run your own caching DNS server (and/or maintain a hosts file) i think you'll find the number of unique sites you visit in a lifetime is not that many. you don't need terabytes or petrabytes to handle your name resolution needs.

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 18 Oct 2010 @ 3:07am

    i noticed edelman commented on another site that typosquatting is "illegal". this is coming from a harvard grad?

    the acpa is not criminal law.

    it is trademark law.

    frequently in online forums people incorrectly state that violating a license agreement is "illegal". now we are extending this hyperbole to trademark law?

    if you find domain names confusing, then use IP numbers.
    if you don't like ads, turn off javascript, use a text-only browser, keep your own DNS cache or use your hosts file. if someone is infringing your trademarks, then sue them. if you want to preempt typo names, register them (they only cost $7 each, much less than trademark fees). all easy to do.

    but if they're not your marks, then it's not your business. the world does not need one more class action lawsuit.

    the acpa gives _trademark holders_ a cause of action for infringement of their IP. it creates potential liability for an infringer. (absent zuccharini type outrageous behavior), it makes nothing "illegal".

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.