Fourth Circuit Finds “Re-registration” of a Domain Can be Cybersquatting—A Prudential Clarification to the ACPA

January 25, 2023

The Fourth Circuit’s decision yesterday in The Prudential Insurance Company of America v. Shenzhen Stone Network Information Ltd., No. 21-1823,      F.4th      (4th Cir. Jan. 24, 2023), provides important clarification on the application of the Anti-Cybersquatting Consumer Protection Act, 15 U.S.C. § 1125(d) (ACPA)—with the Fourth Circuit joining the majority of federal circuits in ruling that “re-registrations” of domain names are subject to the ACPA.

The decision provides guidance on many elements of a cybersquatting claim, but two elements stand out as particularly consequential: (1) whether the relevant “registration” of a domain, for the purpose of establishing registration in bad faith, is only the initial domain registration or can also include subsequent re-registrations; and (2) the timing of assessing the propriety of in rem jurisdiction against a domain (as opposed to in personam jurisdiction against the domain’s registrant). With the Fourth Circuit’s recent decision, those questions are answered as follows:

  • A domain “registration” actionable under the ACPA includes not only the initial registration of the domain, but also subsequent re-registrations; and
  • The existence of in rem jurisdiction over a domain name is assessed at the time the cybersquatting claim is filed.

On the whole, the Prudential decision is a clear win for trademark holders. The Fourth Circuit has joined the Third Circuit, the Eleventh Circuit, and many district courts from other circuits in finding broad application of the ACPA to all manner of domain “registrations,” and has made it easier to proceed under the plaintiff’s election of in rem versus in personam jurisdiction. Beyond this general conclusion, the details of the Prudential decision—including its discussion of the ACPA safe harbor provisions—are valuable to assessment of cybersquatting claims, and are discussed in greater detail below.

Relevant Statutory Provisions

The Anti-Cybersquatting Consumer Protection Act, 15 U.S.C. § 1125(d), provides recourse against the ever-rising tide of cybersquatting. In its most common application, the ACPA provides protection against bad-faith registration of a domain, made with an intent to profit off of a distinctive mark:

A person shall be liable in a civil action by the owner of a mark, . . . if, without regard to the goods or services of the parties, that person . . . has a bad faith intent to profit from that mark . . . ; and . . . registers, traffics in, or uses a domain name that . . . in the case of a mark that is distinctive at the time of registration of the domain name, is identical or confusingly similar to that mark . . . .

15 U.S.C. § 1125(d)(1)(A).

The ACPA provides not only a cause of action against the cybersquatter, but also a means to pursue recourse even if the cybersquatter is unknown or not subject to personal jurisdiction in the United States. A mark holder can bring an in rem action against the domain name as property, provided certain conditions are met and, if a mark holder prevails in an in rem action, the ACPA empowers the court to transfer the subject domain name to the mark holder. Id. § 1125(d)(2)(D)(i).

Factual Background

The Prudential decision centered on the domain name PRU.COM. The domain was acquired by defendant Frank Zhang in 2017, at the behest of defendant/appellant Shenzhen Stone Network Information Ltd. (SSN). Prior to this acquisition, the domain was registered to a Texas-based third-party company. Following Zhang/SSN’s acquisition of the domain, it was never used to display substantive content, and instead directed to a parking page.

The plaintiff/appellee, Prudential Insurance Company of America (Prudential), is the owner of numerous PRU-formative marks, including U.S. trademark registrations dating back to 2002. In 2020, Prudential attempted to acquire the PRU.COM domain through GoDaddy domain brokerage services, but SSN rejected the purchase offer. Prudential then initiated an action with the World Intellectual Property Organization under the Uniform Domain Name Dispute Resolution Policy (UDRP), and during the pendency thereof, offered to purchase the domain for $50,000. Again, SSN refused. Prudential then dismissed the UDRP action, and brought cybersquatting and infringement claims in the Eastern District of Virginia against both Zhang as an individual and PRU.COM as a res defendant.

Zhang moved to dismiss for lack of personal jurisdiction in Virginia, as well as lack of in rem jurisdiction. As to the latter issue, Zhang argued that the ACPA’s in rem jurisdiction only applies if the plaintiff is unable to identify a defendant who would be subject to personal jurisdiction, and Zhang was a potential defendant subject to jurisdiction in the District of Arizona (based on his registration agreement with GoDaddy and UDRP jurisdictional requirements). Judge T. S. Ellis III, Senior District Judge of the Eastern District of Virginia, granted the motion in part, dismissing the claims against Zhang for lack of personal jurisdiction. However, Judge Ellis denied the motion as to the in rem claims against PRU.COM, concluding that in rem jurisdiction was appropriate at the time the complaint was filed, and moreover, Zhang was not a suitable defendant because SSN was the true registrant of the domain name, with Zhang merely acting as SSN’s agent.

Prudential filed a motion for summary judgment on its claims. SSN countered with a cross-motion for summary judgment seeking dismissal of all claims. Judge Ellis granted Prudential’s motion for summary judgment as to the cybersquatting claim, dismissed the infringement claim without prejudice as moot, and ordered the transfer of PRU.COM to Prudential. SSN timely appealed.

“Re-registration” is Covered by the ACPA

The Fourth Circuit clarified that for the purpose of assessing whether the domain name owner “registered” the domain name with the requisite bad faith intent to profit, courts must consider not only the initial registration of the domain name but subsequent acts that constitute “re-registration.”

Section 1125(d)(1)(A) of the ACPA provides trademark owners with a claim against parties that “register” a domain name that is identical or confusingly similar to a distinctive or famous mark with a “bad faith intent to profit” from the mark. The ACPA does not define the term “register,” leaving the issue open to judicial interpretation of whether intent must only be viewed when the domain name is first registered or whether the intent must be reevaluated at different points in time.

A domain name is first registered when it is available to the general public and someone enters into an agreement with a registrar to register the domain name. This may be called the initial registration. Domain name registrations are typically for a discrete period of time, and the registration database will reflect the expiration date of each domain name registration. Changes will be made to the registration record when, among other things, the domain name is transferred to a different registrar (e.g. from GoDaddy to Network Solutions), the domain name is sold or assigned, the contact information for the domain name registrant is changed, or the domain name is renewed. Each such act may be considered a “re-registration.”

The Third Circuit, the Eleventh Circuit, and numerous district courts in other circuits have found that the term “registration” in the ACPA is not limited to the initial registration but also encompasses subsequent acts of re-registration. This has allowed trademark owners to pursue claims related to domain names that were registered before the adoption of the ACPA and to domain names that may have initially been registered in good faith but were renewed or otherwise re-registered in bad faith.

The Ninth Circuit, articulating what is now a minority viewpoint, reached the opposite conclusion. In GoPets Ltd. v. Hise, the Ninth Circuit relied on a narrow interpretation of the term “registered” to find that a domain name registrant did not violate the ACPA when it transferred the registration of the domain name from himself to a corporation he co-owned after negotiations to sell the domain name to the plaintiff had failed. The Ninth Circuit’s decision focused on two issues: (1) the fact that the original owner can still maintain an interest in the domain name after an act of re-registration (such as the transfer from an individual to a corporation they own) and (2) concerns that a broad definition of registration “would make domain names ‘effectively inalienable.’”

In siding with the Third and Eleventh Circuits, the Fourth Circuit found that an interpretation that accounted for re-registration was more in line with Congress’s intent to curtail abusive bad faith registrations. The Fourth Circuit identified a number of scenarios where a party may have originally registered a domain name without bad faith but where bad faith intent arose prior to the re-registration of the domain name, such as a falling out between business partners. The Fourth Circuit also found that the Ninth Circuit’s concerns about the alienability of domain names were overstated because “where there is no bad faith, there is no liability for cybersquatting.”

Importantly, the Fourth Circuit’s opinion is not limited to re-registration by the same owner or the transfer to a subsequent owner but, instead, appears to include any successive re-registration of a domain name including acts such as domain renewals.

Defendants Cannot “Manipulate” In Rem Jurisdiction

The ACPA provides not only a cause of action against a domain registrant, but also the domain name itself, as a res defendant. In rem jurisdiction is appropriate in the location of the relevant domain registry or registrar when the plaintiff cannot obtain personal jurisdiction over the domain registrant or cannot identify the registrant. 15 U.S.C.A. § 1125(d)(2)(ii). But the question has lingered: what if an action is properly initiated in rem, but facts are later revealed that identify a potential defendant over whom personal jurisdiction exists? Is the in rem jurisdiction destroyed, and must the case proceed in personam against that person or entity?

The Fourth Circuit concluded that in rem jurisdiction is properly assessed at the time the complaint is filed, and cannot be destroyed by the later revealing of a defendant. This portion of the ruling is significant in that Court recognized that assessment of in rem jurisdiction at any time following the filing of the complaint would allow defendants to “manipulate ACPA proceedings by simply consenting to personal jurisdiction in a forum of their choice after the action is initiated.”

The Fourth Circuit’s prior ruling in Porsche Cars N. Am., Inc. v., 302 F.3d 248, 256 (4th Cir. 2002), held that the requirements for in rem jurisdiction need not be maintained throughout a litigation, and district court rulings from the Eastern District of Virginia generally have focused on the appropriateness of in rem jurisdiction at the time the complaint is filed. The Prudential Court’s holding that in rem jurisdiction must be assessed at the time the complaint is filed provides an important clarification in light of increased attempts in recent years to “manipulate” ACPA proceedings in the manner contemplated by the Court as well as increased use by bad actors of private domain name registration services, aliases, and shell companies to attempt to conceal the true identity of domain registrants from ACPA plaintiffs.

The ACPA Safe Harbor Requires Objective Corroboration

The Fourth Circuit also addressed the applicability of the ACPA’s safe harbor, which provides that “bad faith intent ... shall not be found in any case in which the court determines that the person believed and had reasonable grounds to believe that the use of the domain name was a fair use or otherwise lawful.” 15 U.S.C. § 1125(d)(1)(B)(ii) (emphasis added). The Court was not persuaded by the registrant’s “self-serving denials” of knowledge of the plaintiff’s trademark, and stressed that the registrant did not have reasonable grounds to believe that its registration of the domain name was lawful. The defendant’s denials were apparently contradicted by other record evidence and, when coupled with a lack of any objective corroboration and evidence of the registrant’s pattern of registering the names of popular American companies, the Court easily disposed of the defendant’s attempt to claim protection under the ACPA safe harbor.


The Court’s ruling confirms that in rem ACPA claims will continue to be a vital tool for protecting brands and consumers from online infringements and scams. Wiley has represented clients in dozens of ACPA actions in recent years with thousands of domain names at issue. For more information on our Cybersquatting and Internet IP practice, please click here, or contact the authors listed on this Alert.

Read Time: 11 min
Jump to top of page

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.