We reported earlier this month that Glenn Beck filed a UDRP action against glennbeckrapedandmurdereda younggirlin1990.com seeking transfer of the domain name. Beck alleges that the website, which instantiates an Internet meme born on Fark.com that pokes fun at Beck's rhetorical style, is improperly using his trademarked name. This week, First Amendment bad ass Marc Randazza filed a response brief on behalf of Isaac Eiland-Hall, the previously anonymous individual behind the site.
As you might imagine, Mr. Eiland-Hall is not taking this whole thing lying down (from the brief):
None of the factors in ¶4(b) of the UDRP apply. There is no evidence that Respondent [Eiland-Hall] has registered and used the domain name for the purpose of selling it for profit. Respondent is not engaged in a pattern of cybersquatting. Respondent did not register the domain name to disrupt the business of a competitor, he registered it to pay homage to an existing internet meme that poked fun at Glenn Beck, to poke fun at Glenn Beck directly, and to express his political opinions.
There is no indication that the Respondent has intentionally attempted to confuse anyone searching for Mr. Beck's own website, nor that anyone was unintentionally confused — even initially. Only an abject imbecile could believe that the domain name would have any connection with the Complainant.
We are not here because the domain name could cause confusion. We do not have a declaration from the president of the international association of imbeciles that his members are blankly staring at the Responsdent's website wondering "where did all the race baiting content go?" We are here because Mr. Beck wants Respondent's website shut down. He wants it shut down because Respondent's website makes a poignant and accurate satirical critique of Mr. Beck by parodying Beck's very rhetorical style. Beck's skin is too thin to take the criticism, so he wants the site down. Beck is represented by a learned and respected legal team. Accordingly, it is beyond doubt that his counsel advised him that under the First Amendment to the United States' Constitution, no action in a U.S. Court would be successful. . . . Accordingly, Beck is attempting to use this transnational body to circumvent and subvert Respondent's constitutional rights.
Randazza's brief is a fun read — I don't think I've every seen formal legal argument drawing on Mr. Spock Ate My Balls, Downfall, and ALL YOUR BASE ARE BELONG TO US before, but the brief pulls it off with style and still manages to make very serious arguments about Eiland-Hall's right to use Beck's name as part of a non-commercial criticism site. [Full disclosure: Marc Randazza blogs for CMLP and is a good friend. Hell, I even went to his family's annual wine-making party in Gloucester this past weekend, so sue me if I'm not totally objective.]
One aspect of the case that especially interests me is the unmasking of Eiland-Hall, who created the website and registered the domain name anonymously using the WhoisGuard domain privacy service. Beck initially filed the UDRP complaint against WhoisGuard because he didn't know who was behind the site. The details of what happened next aren't entirely clear to me, but either WhoisGuard divulged Eiland-Hall's identity to Beck, or Eiland-Hall came forward voluntarily to fight for his domain.
I hadn't thought of it before, but UDRP actions might constitute a significant loophole in First Amendment protection for anonymous speech. That is, filing a UDRP action just might be a convenient way for an (allegedly) aggrieved party to identify an anonymous online critic without jumping through the hoops imposed by many U.S. courts. Indeed (and this is pure speculation), Beck might have brought this UDRP action precisely to get Eiland-Hall's identity in order to file a defamation lawsuit against him in another forum.
Let's look at the legal framework. Section 18.104.22.168 of ICANN's Registrar Accreditation Agreement obligates accredited domain registrars to promptly disclose the identity of licensees when confronted with "reasonable evidence of actionable harm." It's worth reading the whole clause to understand what I'm talking about:
22.214.171.124 Any Registered Name Holder that intends to license use of a domain name to a third party is nonetheless the Registered Name Holder of record and is responsible for providing its own full contact information and for providing and updating accurate technical and administrative contact information adequate to facilitate timely resolution of any problems that arise in connection with the Registered Name. A Registered Name Holder licensing use of a Registered Name according to this provision shall accept liability for harm caused by wrongful use of the Registered Name, unless it promptly discloses the identity of the licensee to a party providing the Registered Name Holder reasonable evidence of actionable harm.
Now, it's not entirely clear that anyone other than ICANN can hold a registrar to its agreement on this point (Section 5.10 says that the agreement "shall not be construed to create any obligation by either ICANN or Registrar to any non-party to this Agreement"), but this doesn't mean that registrars who run privacy services can't choose to honor their obligations by disclosing identifying information about their customers in situations like this.
In fact, clause 8 of the WhoisGuard Service Agreement says that NameCheap, Inc., the company that runs Eiland-Hall's service, can do precisely that:
Notwithstanding your purchase of the WhoisGuard™ Privacy Protection Services, we reserve the right in our sole judgment and discretion to disclose your personal protected information in the event any of the following occur:
- If the Protected Domain(s) is (are) alleged to violate or infringe a third party’s trademark, trade name, copyright interests or other legal rights of third parties . . .
You understand and agree that DBP has the absolute right and power, in its sole discretion and without any liability to You whatsoever, to either:
. . .
2. Reveal Your name and personal information that You provided to DBP when:
A. Required by law, in the good faith belief that such action is necessary in order to conform to the edicts of the law;
B. To comply with a legal process served upon DBP; orC. In order to comply with ICANN rules, policies or procedures
So, it looks like domain privacy services can (and probably do) turn over registrants' personal information without a subpoena, court order, or other formal legal process when someone makes a cybersquatting/UDRP-type claim. No doubt this is not surprising to many trademark lawyers out there, but many consumers might be surprised to know that the "privacy" supplied by these services goes away so easily when trouble comes along.
This doesn't mean that these companies don't provide valuable services — they save customers from having to publish their email addresses and other personal information in Whois registries, with the attendant flood of spam, harassment, and the like. It does mean that domain privacy services aren't really meant to make it difficult for someone to sue you if they think your domain name violates their rights, even if that someone is Glenn Beck and his trademark claim is "preposterous."