The Internet has become a significant part of our everyday lives. While having constant Internet access at our fingertips has helped us in many ways, it has also created a lot of legal issues as people continue to push the boundaries as to what is acceptable behavior online. One such boundary that has recently become more of a concern is cyber-extortion.

Extortion occurs when one person obtains property from another person through wrongful force, violence, or fear. Acts of blackmail are considered to be extortion, even if the blackmail is being used to enforce a legal right. For example, if someone believes you owe him or her money, that person may attempt to extort the money from you by using blackmail tactics to embarrass you into paying the money. Generally, the extortionist cannot claim truth in the underlying reason for the extortion as a defense. With the proliferation of the Internet into our daily lives, there as has been an increase in cyber-extortion, which is essentially extortion via a website.

When someone posts negative comments about you online, this is often referred to as “cybergriping”. Cyber-extortion is essentially an extreme form of cybergriping that occurs when someone else uses your personal name in a negative website in order to get what that person wants from you. When the cybergriping act includes the use of your personal name in a domain (such as [yourname]sucks.com), the cybergripe is considered to be a form of “cybersquatting”. The Anticybersquatting Consumer Protection Act (“ACPA”) was created to provide some protection of your personal name from domain use by other people.

Cases surrounding the issue of cybersquatting and cyber-extortion commonly focus on the level of commercial activity associated with the personal name. Generally, a person who is claiming to be a victim of cybersquatting will not be successful against the cybersquatter without showing that the victim has direct or indirect competition or other type of commercial activity connected with the victim’s personal name. Furthermore, the victim must show that (1) the cybersquatter owns a registered domain name; (2) the domain name includes the victim’s personal name or is confusingly similar to the victim’s personal name; (3) the cybersquatter does not have the victim’s permission to use the victim’s personal name; and (4) the cybersquatter has specific intent to profit from the use of the domain name that includes the victim’s personal name. This fourth element is the most difficult to prove. One case in particular held that if the cybersquatter is attempting to get paid for money the cybersquatter believes is legitimately his, the cybersquatter does not have intent to “profit” but is only demanding payment of a debt. In contrast, however, the court in another case held that cyber-extortion in this manner is not allowed, even to recover money owed on a debt.

In deciding a cyber-extortion case, the courts often engage in a balancing of harms between the victim and the cybersquatter. Courts recognize that cybergripers have rights under the First Amendment to criticize others online, but there are limits if the cybergriper crosses the line into extortion. This could be shown by vulgar, sexually explicit, or racist commentary that is posted in the attempted cyber-extortion, as well as the cybergriper’s past behavior or previous attempts to cyber-extort. As part of the balancing of harms, the court may also consider disclaimers posted on the website, but the disclaimer generally has to be clear that it is an unofficial website and often include a link to the proper website for that person.

A successful cybersquatting claim in a Uniform Domain Name Dispute Resolution Policy (“UDRP”) administrative proceeding will result in injunctive relief. A successful lawsuit for ACPA violations, however, allows for additional relief, including damages and attorney fees.