Few Internet law issues generate more controversy than concerns surrounding Internet jurisdiction. In recent months, courts in both Australia and the United States have grappled with the issue in high-profile cases. The first involved an allegedly defamatory Wall Street Journal article about Joseph Gutnick, an Australian businessman who chose to sue in Australia rather than in the United States, where the newspaper is based. The second involved a copyright infringement suit launched in a California court against Kazaa, a leading online peer-to-peer file sharing service owned by an Australian company and incorporated in the Pacific nation of Vanuatu.
In both instances, the courts chose to assert jurisdiction over the disputes. While the Gutnick case spurred several ominous editorials in the U.S. about the negative implications for free speech that could ensue as a result of the decision, the truth is that both courts merely adopted an approach that is commonly used worldwide.
Simply put, courts in all countries are inclined to assert jurisdiction over online activity, wherever it originates, so long as harm is experienced locally and the sense is that the party responsible either knew or ought to have known that the harm was a likely consequence of their actions. This approach has been applied by French courts in cases involving the online availability of Nazi memorabilia, by U.S. courts in cases involving copyright and online gambling, and by British and Australian courts in cases involving online defamation.
While the debate over cases such as Gutnick and Kazaa are bound to continue, a much greater Internet jurisdiction threat has arisen but received scant attention. The larger threat comes not from courts asserting jurisdiction over online activity, but rather from national legislatures that create laws that are expressly designed to apply not just in their own country but worldwide.
The United States has begun to use this approach quite regularly with new privacy, copyright, and computer crime legislation that feature extra-territorial provisions ensuring that the law may be applied both in the U.S. and abroad.
The most blatant example of this extra-territorial approach comes from the U.S. Anticybersquatting Consumer Protection Act, a law enacted in 1999 to deal with cases of domain name cybersquatting. Over the past three years, U.S. courts have faced numerous cases involving the application of the ACPA and it has gradually become apparent that this law has no limits.
The drafters of the ACPA recognized that one of the challenges inherent in resolving domain name disputes is that the plaintiff, invariably the trademark holder, will frequently reside in a different jurisdiction from that of the domain name registrant.
While the trademark holder may be able to obtain a local court order to have the domain name transferred or cancelled, enforcing the order against an out-of-country defendant is an expensive undertaking.
The ACPA overcomes this problem by granting trademark holders the right to file a lawsuit against the domain name itself, rather than against the domain name registrant. That approach, known as in rem jurisdiction, treats the domain name as property that can be sued.
The statute, which applies to dot-com, dot-net, and dot-org domains, reaches that conclusion by referring to the fact that the domain name system's root server, the database that houses all domain names and their corresponding numeric addresses, is located in Virginia.
The use of the in rem jurisdictional provision is a classic example of legislating outside national borders. For example, the provision surfaced in 2000 in a dispute between two Canadian parties over the technodome.com domain name.
Although the trademark holder could have launched a trademark infringement action in Canada, where the courts have addressed cybersquatting issues on several occasions, it chose instead to launch an ACPA action in Virginia where it successfully invoked the in rem jurisdiction clause by suing the domain name, rather than its owner.
The controversy stemming from ACPA cases do not stop with the technodome.com decision. In a case that will be the subject of an appeal to be heard later this week, the City of Barcelona sued the long-time owner of the Barcelona.com domain name by invoking the ACPA. The U.S. court asserted jurisdiction over the dispute despite the fact that the city did not hold a U.S. trademark in the name Barcelona. Rather, the court concluded that the ACPA could be applied equally to foreign trademarks.
Earlier this month, two new decisions stretched the boundaries of the ACPA even further. In one case, a U.S. appellate court ruled that the statute governed domain names that were registered before the statute even came into effect, effectively ensuring that all dot-com domains are included regardless of when they were registered.
The same week, another U.S. court ruled that it could order the transfer of the domain name even where a foreign court had issued an order barring the transfer.
The U.S. court reasoned that its ACPA decision trumped a Korean court's order blocking the transfer since the U.S. court had been the first to address the validity of the domain name registration.
The collective result of these cases is that the ACPA now covers every dot-com domain, regardless of where it was registered, when it was registered, or what a foreign court has to say about it.
While U.S. free speech interests may fret about the effect of foreign decisions involving the Internet, they would do well to consider the impact of U.S. legislation on courts and legislatures worldwide.
With the extra-territorial applicability of laws such as the ACPA, judges and policy makers now find themselves unable to establish their own laws and policies since the U.S. has in effect done it for them.