Keeper Security, Inc., a cybersecurity firm, has lost a cybersquatting dispute regarding the domain name keeper.com. The company claimed that the domain was being used to distribute malware and argued that it was no longer under the control of its original owner.
In its complaint, Keeper Security hired a private investigator, who suggested that the domain’s registrant, a company previously selling menstrual cups, was out of business. However, the challenge for Keeper Security was proving that the domain had been registered in bad faith, a key requirement under the Uniform Domain-Name Dispute-Resolution Policy (UDRP).
The case was reviewed by Lawrence K. Nodine, a panelist from the World Intellectual Property Organization (WIPO). Nodine examined the Complainant’s arguments about malware distribution, but concluded that the circumstances did not meet the requirements for UDRP action.
Keeper Security contended that a malicious third party had hijacked the domain in recent years and was using it to distribute malware. The company pointed to reports of users being infected after visiting keeper.com since 2021. However, Keeper Security was unable to provide evidence that the domain’s ownership had changed or that the malicious activity was sufficient to constitute a transfer of control. Instead, the Whois records indicated the domain had remained under the same ownership since its registration in 1995.
Nodine pointed out that Keeper Security’s argument lacked legal backing to demonstrate that a third party infecting a website with malware could be equated to bad faith registration. The panelist emphasized that even if the website had been compromised, this did not mean the domain itself had been transferred or registered in bad faith.
Moreover, Nodine highlighted that Keeper Security’s suggestion that the domain was renewed by an unknown party in 2024 was speculative. It was more plausible that the original registrant renewed it automatically, and under UDRP rules, a renewal does not constitute a new registration in bad faith.
The panel concluded that while Keeper Security had a valid concern about malware being spread through a domain identical to its trademark, the UDRP policy could not address these particular circumstances. As such, the complaint was dismissed.
On a positive note for Keeper Security, keeper.com has since stopped resolving and is no longer spreading malware.
You Might Be Interested In