WHAT IS BRANDJACKING?
As the "Age of Social Media" grows exponentially, so does the variety and complexity of threats facing corporations. One of the newest and most damaging threats is that of "Brandjacking," essentially the hijacking of brand's online presence, typically on a social network. Coined by combination of two words "brand" & "jacking" – "Brandjacking" usually refers to an activity whereby someone acquires or otherwise assumes the online identity of another entity for the purposes of acquiring that person's or business's brand equity. The people involved in carrying out these kinds of activities are known as "brand assassins", who blatantly infiltrate upon the hard-earned and well established intellectual property of the brand / product over a prolonged period of time. Though the involved intermediaries have limited roles to play, serving just as a platform of utilization & hosting of the process for facilitation; there exists a huge legal divide which hinders their capacities.
Intellectual property (IP) rights are the legally recognized exclusive rights to creations of the mind. The owners are granted certain exclusive rights to a variety of intangible assets, such as musical, literary, and artistic works; discoveries and inventions; and words, phrases, symbols, and designs. Common types of intellectual property rights include copyright, trademarks, patents, industrial design rights, trade dress, and in some jurisdictions trade secrets. Misuse of social media related IP rights are on the rise; Brandjacking and its occurrences are growing more sophisticated and better funded. Social media marketing has made the company the target though in different forms but the recoil of the instances has been wide spread.
TYPES OF BRANDJACKING:
1. TAKEOVER: A complete and neat takeover of a social account is generally accomplished via hacking, phishing or other method. This results in an enormous & immediate damage since the message is coming from the actual social account of the brand and is being broadcast out to its followers.
2. MALICIOUS IMPERSONATION: A complete set up of a new account, impersonating the brand is carried out, typically slower to develop given the need to generate followers, but the damage can spread quickly as the impersonating messages are rebroadcast across the open social universe.
Firstly, the common average consumer always tries to identify the product based upon the distinct & unique features of identification which makes the product stand alone, distinct and be different from all other rivals in the market. To sustain the competition, the product always has to be consistent & has to safeguard the standards of quality, which make it distinct and well-known. Trying to bank upon the good will of a highly reputed and established by a well known product, not only helps to the gain quicker and faster access to the public viewpoint but also serves a head start on a platter which is completely against the said law.
Secondly, cybersquatting is the practice of registering an Internet domain name that is likely to be wanted by another person, business, or organization in the hope that it can be sold to them for a profit. It involves the registration of trademarks and trade names as domain names by third parties, who do not possess rights in such names. Cybersquatters (or bad-faith imposters) register trade-marks, trade names, business names and so on, belonging to third parties with the common motive of trading on the reputation and goodwill of such third parties by either confusing customers or potential customers, and at times, to even sell the domain name to the rightful owner at a profit.
Thirdly, "Phishing," as it is commonly known, typically involves a person (the "phisher") who sends bulk e-mails seeking to persuade the recipients to visit a fraudulent website that solicits personal, confidential, and financial information.
Because the aforesaid attacks rely on deception, an educated consumer is less likely to fall victim. It therefore is prudent for companies to routinely send their customers warnings about the perils of phishing and other online scams and also remind their customers that most of the legitimate businesses do not solicit confidential and personal information via unsolicited e-mails. Customers should be invited to report suspicious e-mails, websites, and similar activities as they're harmful because, on a personal level, a defrauded consumer may lose trust in the company whose brand was used in the phishing scam. On a larger scale, phishing tarnishes all online communications and diminishes the overall confidence consumers have in e-commerce transactions.
SOCIAL MEDIA & BRANDJACKING
Brandjacking on Facebook usually happens through a fake profile commenting on the real brand's page answering customer questions tricking users into believing that it is the actual page responding. Anyone on Facebook can set up a page with almost any type of name and if a page or a profile is created by using a brand's trademark protected material in the profile picture and/or having a similar page name it may be hard to identify that it is not the real brand. On Twitter, a fake account may tweet on behalf of a brand and use hashtags related to the brand. Further, viral hashtags can be initiated by brand assassins that are then misinterpreted by the general public as being generated by the organization under fire. As social media feeds move fast and people rarely have time to look into things in more detail, consumers may have a hard time differentiating between real and fake accounts and may perceive messages from a fake account to be official.
One of the most intriguing recent right-of-publicity cases, Fraley v. Facebook, Inc.,1 is a class action lawsuit against Facebook over its "Sponsored Stories" advertising services (now settled). This lawsuit arose after certain Facebook users found out that their names and user profile photographs were arranged by Facebook in the perimeter of newsfeeds viewed by their friends based on their "likes" of various branded products. Facebook's own admissions that such advertising has approximately doubled the value of an advertisement without an accompanying "testimonial" allowed the case to survive a motion to dismiss. Given that the plaintiffs were able to show a "direct, linear relationship between the value of their endorsements of third-party products, companies, and brands to their Facebook friends, and the alleged commercial profit gained by Facebook," the plaintiffs were allowed to continue their right-of-publicity case.
Identifying when the brand is being impersonated on social networks includes the activities outlined above in the context of phishing. Furthermore, a company can use search engines that can mine social networking sites to report upon all references to the company's name, products, executive names or other elements of the brand. Free social media search tools in this category include: SocialMention, Google Alerts, Twitter Search, Twazzup, CrowdEye, etc. Commercial tools include the various marketing campaign tracking tools, such as PostRank, and specialized products such as Social Sentry can help identify the problem at hand and help tracking down its source.
Once the company identifies the occurrence of brand impersonation, it can contact the corresponding social networking company, requesting that the account be shut down and, perhaps, transferred to the legitimate brand. The brand needs to clearly state why it believes the user of the social network who is impersonating the brand is violating that site's terms of services or, perhaps, breaking the law. The request needs to include sufficient evidence to establish that the request comes from the legitimate brand and showing proof (e.g., screen shots) that the specified account impersonated the brand.
The trademark registration of any aspect of a celebrity's personality is indicative of the fact that the celebrity is open to the authorized assignment or licensing of his or her personality for merchandising purposes in the class of goods and services for which registration has been sought. Secondly, the celebrity obtains a means of defending those aspects of their personality against unauthorized use. Unlike action under the tort of passing off or the Trade Practices Act, 1974, trademark registration is unique in providing a prospective form of protection for celebrity personality Social media has made Brandjacking easier than ever. Massive social campaigns have overridden the determined and strategic individuals or groups to convey the complete opposite message that was intended by the organization launching the campaign.
In India, celebrities and commercial partners can obtain some protection from trademark law but such protection may be limited in scope. Section 2(1) of the Indian Trade Marks Act, 2000, allows registration of any "sign capable of distinguishing goods and services of one person from another, any word (including personal names), design, numeral and shape of goods or their packaging as trademark. Courts in India have accorded protection to film titles, characters and names under the trademark law. The first case that was dealt with character merchandizing in India was Star India Private Limited v Leo Burnet India (Pvt.) Ltd2, but jurisprudence is still emerging and character merchandising is an area yet to develop in India.
Globally, the concept of publicity rights has been evolving gradually in different jurisdictions. There are a number of international conventions or treaties relevant to the protection of performer's right. The International Convention for the Protection of Performer, Producers of Phonograms and Broadcasting Organization, 1961 (Rome Convention), TRIPS and the WIPO Performances and Phonograms Treaty, 1996 (WPPT), are some of the landmark conventions in this regard.
Though the guiding principles3 for intermediary liability policy in India are derived from the European Union E-Commerce Directive (2000/31/EC) 4 , such principles have been incompletely5 , yet along with their loopholes6, incorporated into the Rules without adapting them to the requirements of India in the current context. Under the Rules, limitation of intermediary liability has been made contingent to a privately administered takedown mechanism7 presumably in order to provide a faster alternative to the redressal mechanisms offered by the judiciary and the executive.
Once the knowledge requirement8 is satisfied, the takedown mechanism requires intermediaries to deliberate on the legality of the allegedly unlawful expressions and accordingly disable/remove such expressions in order to claim exemption from liability. As a result, intermediaries have donned the hat of a censor and other stakeholders such as the consumers and creators of information are expected to actively police the Internet and takedown notices to the intermediaries to ensure that free expression on the Internet does not encroach on its opposing rights and duties.
The first case that came up before the Indian Courts was
Yahoo! Inc. v. Akash Arora and
Anothers9, in which an attempt was made to
use the domain name < yahooindia.com> for Internet related
services as against domain name i.e.
The Yahoo! Case10 (supra) was India's first domain name case where the defendant argued that there was a need of a legislative amendment to protect domain names or trademarks on the internet. The Indian courts disagreed and granted this protection despite the absence of specific legislation on the principles of infringing marks and passing off on the internet.
Thereafter, the courts recognized the torts of Meta tagging, hyper linking, framing, spamming and phishing in a large number of cases forming a mosaic of decisions to protect trademarks on the internet. Intermediaries are widely recognized as essential components in the process of exercising the right to freedom of expression on the Internet11 Most major jurisdictions around the world have introduced legislations for limiting intermediary liability in order to ensure that this wheel does not stop spinning. With the 2008 amendment of the Information Technology Act 2000, India joined the bandwagon and established a 'notice and takedown' regime for limiting intermediary liability. Most major jurisdictions around the world have introduced legislations for limiting intermediary liability in order to ensure that this wheel does not stop spinning.
If the liability of an intermediary is not limited then an intermediary would be required to pre-screen all content which would render its services impractical or technically infeasiblity. United States offers a vertical framework to limit intermediary liability. Separate liability regimes exist for:
i. copyright claims under Section 512 of the Digital Millennium Copyright Act;
ii. trademark claims under Section 32(2) of the Lanham Act; and
iii. non-intellectual property rights claims under Section 230 of the Communications Decency Act. The European Union E-Commerce Directive (2000/31/EC), in its minimum requirements, mandates a horizontal framework i.e. a single intermediary liability regime dealing with all types of claims.
Trademark, its use and protection are also given consideration and importance before taking into account the other relative angles which are deemed to have been used. Intermediary is usually a mere platform and all the necessary actions have to be taken once they're intimated of any illegal or potentially unlawful activity to ensure safety and protection of the said mark in question.
While eliminating brandjacking completely, either via takeover or impersonation, it is nearly impossible, given the sheer volume of social media, having the ability to immediately detect and respond to the threat can save brands major damage and embarrassment. Goodwill of a product is the soul by which the people judge the good and establish their faith and relation along with the product. It always has been of paramount interest of any company not only to protect its interest but also to grow exponentially and this is possible only with a sound and accurate legal and protected mindset which cares for the interest of the parties involved.
This sort of detection requires sophisticated streaming big data processing and complex concept modeling to identify the brandjacking attempts within the billions of daily discussions across the open social universe. This is a major reason why an increasing number of leading brands are engaging "social intelligence services" for advanced social intelligence, threat detection and risk tracking. These command centers serve as the social eyes and ears for the brand identifying threats in real time and immediately escalating those threats to risk stewards of the enterprise, which can include Corporate Communications, Legal, Finance, Risk, Compliance or a variety or other areas.
The educated masses and specifically the younger generation which have been the main target and driving cause of companies to shift on to this digital format also need to be aware and cautious of the decisions and acts done and they could fall prey to acts which are not legal per se. Brand jacking, as one such hindrance has not only projected threats to many of the leading companies both off and on the market, but also has been a whistle blower to what could be seen as incremental rate of trademark awareness and protection. Stringent laws yet are needed to be developed to cope up with such problems at hand but awareness could serve a long way in shortening the period of risk.
1. 830 F. Supp. 2d 785 (N.D. Cal. 2011)
2. 2003 (2) B C R 655
3. "This section is revised in lines with the EU Directives on E-Commerce 2000/31/EC issued on June 8th 2000". Refer to Report of the Expert Committee (August 2005), Proposed Amendments to Information Technology Act 2000.
4. Article 12-15, Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market ('Directive on electronic commerce'), Official Journal L 178 , 17/07/2000 P. 0001 – 0016.
5. The Rules do not clearly distinguish between different classes of intermediaries; whereas the European Union E-Commerce Directive (2000/31/EC) prescribes class specific qualifications and due diligence requirements (for mere conduits, system caching and hosting).
6. Both, the Rules and the European Union E-Commerce Directive (2000/31/EC), are silent about a counter notice and put-back procedure.
7. Rule 3 (4). "The intermediary, on whose computer system the information is stored or hosted or published, upon obtaining knowledge by itself or been brought to actual knowledge by an affected person in writing or through email signed with electronic signature about any such information as mentioned in sub-rule (2) above, shall act within thirty six hours and where applicable, work with user or owner of such information to disable such information that is in contravention of sub-rule (2)."
8. Section 79(3)(b) creates a knowledge requirement standard of "receiving actual knowledge" for administering the takedowns. However, Rule 3(4) prescribes an alternate standard of "obtaining knowledge by itself"; or "brought to actual knowledge by an affected person".
9. 1999 II AD (Delhi)
10. 1999 II AD (Delhi)
11. Center for Democracy & Technology, Intermediary Liability: Protecting Internet Platforms for Expression and Innovation (2010).
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.