Domain Name Disputes and Cybersquatting in India: How to Fight Back

Imagine spending years building a brand, investing in marketing and customer trust — only to discover that someone has registered your brand name as a domain and is using it to divert your customers, tarnish your reputation, or simply hold the domain hostage until you pay a ransom. This scenario, known as cybersquatting, is one of the most common and damaging forms of online brand abuse. In India, there are established legal mechanisms to fight back — and in most straightforward cases, they work faster and cheaper than going to court.

What Is Cybersquatting?

Cybersquatting is the practice of registering, trafficking in, or using a domain name that is identical or confusingly similar to a trademark, brand name, or personal name belonging to someone else — with the bad faith intent to profit from the brand's goodwill. The term comes from the squatter's intention to sit on the domain until the rightful brand owner pays an inflated price to get it back.

Cybersquatting is particularly damaging because domain names operate on a global first-come, first-served basis — the domain registrar does not check whether a name conflicts with an existing trademark before registering it. This means a bad actor can register "yourcompanyname.com" moments after you launch a press release about your new brand — and there is nothing the registrar will do about it without a formal complaint.

Types of Domain Name Abuse

Domain abuse takes several forms beyond classic cybersquatting:

• Classic cybersquatting: Registering a brand name as a domain to sell it to the brand at a profit, or to extract payment for transfer.
• Typosquatting: Registering domains with minor misspellings of famous brands (e.g., "amaz0n.com") to capture traffic from users who mistype the URL, often for phishing or malware.
• Gripe sites / criticism sites: Using a brand name in a domain to host criticism of the brand — these present complex legal issues as they may have some legitimate expression basis, but bad faith is often established where the registrant has a pattern of such registrations.
• Reverse domain hijacking: A less common but real problem — where a large brand or registrant uses the UDRP/INDRP process abusively against a legitimate domain holder.
• Domain parking: Registering a brand domain and parking it with pay-per-click advertisements, generating revenue from the brand's traffic without authorisation.

The UDRP: Recovering .com, .net, and .org Domains

The Uniform Domain-Name Dispute-Resolution Policy (UDRP), established by ICANN, is the primary mechanism for recovering generic top-level domains (.com, .net, .org, .biz, and many others). UDRP proceedings are conducted by accredited dispute resolution providers — primarily WIPO's Arbitration and Mediation Center and the Forum (formerly NAF) — and are far faster and cheaper than court litigation.

To succeed in a UDRP complaint, the complainant must establish all three of the following elements:

• Element 1 — Identity or confusion: The domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights. A registered trademark in any country satisfies this element; common law rights through use can also suffice.
• Element 2 — No legitimate interest: The respondent (the domain holder) has no rights or legitimate interests in the domain name. A legitimate interest would exist, for example, if the respondent was commonly known by that name, or was making a bona fide non-commercial or fair use of the name before notice of the dispute.
• Element 3 — Bad faith registration and use: The domain was registered and is being used in bad faith. Classic indicators include: the domain was acquired primarily to sell it to the trademark owner at a profit; the domain was registered to prevent the trademark owner from using it (pattern of such conduct); registration to disrupt a competitor's business; or use to attract Internet users for commercial gain by creating confusion with the complainant's mark.

UDRP proceedings typically take 45 to 60 days from filing to decision. The remedies available are transfer of the domain to the complainant, or cancellation of the domain — monetary damages are not available under the UDRP. Decisions are implemented by registrars automatically unless the respondent files court proceedings within 10 business days of the decision.

The INDRP: Recovering .in Domains

For domain names under the .in country code top-level domain (India's ccTLD), the IN Domain Name Dispute Resolution Policy (INDRP) applies. It is administered by the National Internet Exchange of India (NIXI) through empanelled arbitrators, and follows a three-element test similar to the UDRP:

• The domain name is identical or confusingly similar to the complainant's name, trademark, or service mark
• The registrant has no rights or legitimate interests in the domain
• The domain has been registered or is being used in bad faith

The INDRP is governed by the Arbitration and Conciliation Act, 1996, which means INDRP awards have the force of an arbitral award under Indian law and can be enforced through courts. The process is typically faster than litigation and considerably less expensive. Common grounds for bad faith in INDRP cases include offering the domain for sale at a premium, using it to host competing services, or parking it with misleading content.

Indian Courts: Trademark Infringement and Passing Off

Where UDRP or INDRP does not apply — for example, for country code domains of other nations, or where the complainant wants monetary damages in addition to domain transfer — Indian courts provide a parallel remedy through trademark infringement and passing off actions. Indian courts, particularly the Delhi High Court, have developed a robust body of jurisprudence on cybersquatting and domain name disputes.

In trademark infringement proceedings, the use of a registered trademark in a domain name — particularly where the domain is used commercially — can constitute infringement of the trademark under Section 29 of the Trade Marks Act, 1999. Courts can grant emergency interim injunctions restraining the use of the domain within days of filing, and can ultimately order domain transfer, delivery up of profits, and damages.

The Delhi High Court has explicitly recognised that domain names can function as trademarks — identifying the source of goods or services online — and has granted injunctions and damages in numerous cybersquatting cases involving Indian brands and international marks with presence in India.

How to File a UDRP or INDRP Complaint

Filing a UDRP complaint through WIPO involves the following steps:

• Identify the registrant: Conduct a WHOIS lookup to identify the domain registrar and, where not masked by privacy protection, the registrant's contact information.
• Draft the complaint: Prepare a formal complaint addressing all three UDRP elements with supporting evidence — trademark certificates, evidence of use, evidence of the registrant's bad faith (e.g., screenshots of offers to sell the domain, or of the domain's use to host competing services).
• File with a UDRP provider: Submit the complaint and pay the filing fee to WIPO's ADMC or an equivalent accredited provider. WIPO fees are based on the number of domains disputed and the number of panelists.
• Respondent's reply: The registrant has 20 days to file a response. If no response is filed, the panelist generally proceeds on the complainant's evidence alone.
• Decision: A single panelist (or three-member panel in complex cases) issues a written decision, typically within 45-60 days of filing.

For INDRP, the complaint is filed with NIXI along with the prescribed filing fee. NIXI appoints an arbitrator from its empanelled list, and proceedings are conducted under the Arbitration Act.

Prevention: Protect Your Domain Before It Is Taken

The most effective strategy against cybersquatting is prevention. Practical steps include:

• Register your brand name as a domain in all relevant extensions — .com, .in, .co.in, and any other extensions used in your target markets — before making any public announcement of a new brand
• Register your brand as a trademark in India as early as possible — a registered trademark makes UDRP/INDRP complaints straightforward and strengthens infringement claims in court
• Set domain renewals on auto-renew to prevent accidental expiration — domain drop-catching services can register an expired domain within seconds of expiry
• Monitor new domain registrations for your brand name using domain monitoring services that alert you when similar domains are registered by third parties
• Consider ICANN's Trademark Clearinghouse (TMCH) — for registered trademark holders, the TMCH provides advance notification when a new generic TLD domain matching your mark is registered, and priority access to defensively register it

Conclusion

Cybersquatting is a genuine threat to any business operating online in India — and with the explosion of new top-level domains and the ease of domain registration, the risk is growing. The good news is that established, effective mechanisms — UDRP for generic TLDs, INDRP for .in domains, and Indian court action for monetary remedies — provide real recourse for brand owners. The best defence, however, remains a proactive one: register your domains and your trademark before you need them.

If your brand name has been registered as a domain by someone else, contact Nikhil Soni & Co. immediately → Time matters — the longer a cybersquatter occupies your domain, the more difficult recovery becomes.