Download Zipped Amended WordPerfect SB0026.ZIP
[Introduced][Status][Bill Documents][Fiscal Note][Bills Directory]

S.B. 26


Text Box

- 1 -
Senate 3rd Reading Amendments 2-12-2010 rd/crp
This document includes Senate Committee Amendments incorporated into the bill on Thu, Feb 4, 2010 at 12:24 PM by rday. --> This document includes Senate 3rd Reading Floor Amendments incorporated into the bill on Fri, Feb 12, 2010 at 12:47 PM by rday. -->              1
    
UTAH E-COMMERCE INTEGRITY ACT

             2     
2010 GENERAL SESSION

             3     
STATE OF UTAH

             4     
Chief Sponsor: Stephen H. Urquhart

             5     
House Sponsor: Bradley G. Last

             6     

             7      LONG TITLE
             8      Committee Note:
             9          The Public Utilities and Technology Interim Committee recommended this bill.
             10      General Description:
             11          This bill contains prohibitions and other provisions concerning Internet-related conduct,
             12      including phishing, pharming, spyware, and cybersquatting.
             13      Highlighted Provisions:
             14          This bill:
             15          .    defines terms;
             16          .    prohibits a person from facilitating certain types of fraud and injury through use of
             17      electronic communications;
             18          .    allows for the removal of domain names and online content by an Internet registrar
             19      or Internet service provider under certain circumstances;
             20          .    prohibits contrary laws enacted by a political subdivision of the state;
             21          .    forbids the use of various types of software, commonly called spyware, if used for
             22      certain purposes;
             23          .    provides exceptions from spyware provisions for various types of communications
             24      and interactions, including authorized diagnostics;
             25      S. [     .    provides penalties, both criminal and civil, for violations of the bill's provisions; ] .S
             26          .    prohibits the registration of domain names under certain circumstances, commonly
             27      referred to as cybersquatting;



Text Box

- 2 -
             28
         .    provides civil penalties for a violation of cybersquatting provisions; and
             29          .    makes technical changes.
             30      Monies Appropriated in this Bill:
             31          None
             32      Other Special Clauses:
             33          This bill provides an effective date.
             34      Utah Code Sections Affected:
             35      AMENDS:
             36          70-3a-402, as last amended by Laws of Utah 2008, Chapter 258
             37      ENACTS:
             38          13-40-103, Utah Code Annotated 1953
             39          13-40-203, Utah Code Annotated 1953
             40          13-40-204, Utah Code Annotated 1953
             41          13-40-303, Utah Code Annotated 1953
             42          13-40-402, Utah Code Annotated 1953
             43          70-3a-309, Utah Code Annotated 1953
             44      REPEALS AND REENACTS:
             45          13-40-101, as enacted by Laws of Utah 2004, Chapter 363
             46          13-40-102, as last amended by Laws of Utah 2005, Chapter 168
             47          13-40-201, as last amended by Laws of Utah 2005, Chapter 168
             48          13-40-202, as enacted by Laws of Utah 2005, Chapter 168
             49          13-40-301, as last amended by Laws of Utah 2005, Chapter 168
             50          13-40-302, as last amended by Laws of Utah 2005, Chapter 168
             51          13-40-401, as enacted by Laws of Utah 2004, Chapter 363
             52     

             53      Be it enacted by the Legislature of the state of Utah:
             54          Section 1. Section 13-40-101 is repealed and reenacted to read:
             55     
CHAPTER 40. UTAH E-COMMERCE INTEGRITY ACT

             56     
Part 1. General Provisions

             57          13-40-101. Title.
             58          This chapter is known as the "Utah E-Commerce Integrity Act."



Text Box

- 3 -
             59
         Section 2. Section 13-40-102 is repealed and reenacted to read:
             60          13-40-102. Definitions.
             61          As used in this chapter:
             62          (1) (a) "Cause to be copied" means to distribute or transfer computer software, or any
             63      component of computer software.
             64          (b) "Cause to be copied" does not include providing:
             65          (i) transmission, routing, intermediate temporary storage, or caching of software;
             66          (ii) a storage or hosting medium, such as a compact disk, website, or computer server
             67      through which the software was distributed by a third party; or
             68          (iii) an information location tool, such as a directory, index, reference, pointer, or
             69      hypertext link, through which the user of the computer located the software.
             70          (2) (a) "Computer software" means a sequence of instructions written in any
             71      programming language that is executed on a computer.
             72          (b) "Computer software" does not include a data component of a webpage that is not
             73      executable independently of the webpage.
             74          (3) "Computer virus" means a computer program or other set of instructions that is
             75      designed to degrade the performance of or disable a computer or computer network and is
             76      designed to have the ability to replicate itself on another computer or computer network
             77      without the authorization of the owner of the other computer or computer network.
             78          (4) "Damage" means any significant impairment to the:
             79          (a) performance of a computer; or
             80          (b) integrity or availability of data, software, a system, or information.
             81          (5) "Execute," when used with respect to computer software, means the performance of
             82      the functions or the carrying out of the instructions of the computer software.
             83          (6) "False pretenses" means the representation of a fact or circumstance that is not true
             84      and is calculated to mislead.
             85          (7) (a) "Identifying information" means any information that can be used to access a
             86      person's financial accounts or to obtain goods and services, including the person's:
             87          (i) address;
             88          (ii) birth date;
             89          (iii) Social Security number;



Text Box

- 4 -
             90
         (iv) driver license number;
             91          (v) non-driver governmental identification number;
             92          (vi) telephone number;
             93          (vii) bank account number;
             94          (viii) student identification number;
             95          (ix) credit or debit card number;
             96          (x) personal identification number;
             97          (xi) unique biometric data;
             98          (xii) employee or payroll number;
             99          (xiii) automated or electronic signature;
             100          (xiv) computer image file;
             101          (xv) photograph; or
             102          (xvi) computer screen name or password.
             103          (b) "Identifying information" does not include information that is lawfully obtained
             104      from publicly available information, or from federal, state, or local government records
             105      lawfully made available to the general public.
             106          (8) "Intentionally deceptive" means any of the following:
             107          (a) an intentionally and materially false or fraudulent statement;
             108          (b) a statement or description that intentionally omits or misrepresents material
             109      information in order to deceive an owner or operator of a computer; or
             110          (c) an intentional and material failure to provide a notice to an owner or operator
             111      concerning the installation or execution of computer software, for the purpose of deceiving the
             112      owner or operator.
             113          (9) "Internet" means the global information system that is logically linked together by a
             114      globally unique address space based on the Internet protocol (IP), or its subsequent extensions,
             115      and that is able to support communications using the transmission control protocol/Internet
             116      protocol (TCP/IP) suite, or its subsequent extensions, or other IP-compatible protocols, and
             117      that provides, uses, or makes accessible, either publicly or privately, high-level services layered
             118      on communications and related infrastructure.
             119          (10) "Internet service provider" means:
             120          (a) an Internet service provider, as defined in Section 76-10-1230 ; or



Text Box

- 5 -
             121
         (b) a hosting company, as defined in Section 76-10-1230 .
             122          (11) "Message" means a graphical or text communication presented to an authorized
             123      user of a computer.
             124          (12) (a) "Owner or operator" means the owner or lessee of a computer, or a person
             125      using a computer with the owner's or lessee's authorization.
             126          (b) "Owner or operator" does not include a person who owned a computer before the
             127      first retail sale of the computer.
             128          (13) "Person" means any individual, partnership, corporation, limited liability
             129      company, or other organization, or any combination thereof.
             130          (14) "Personally identifiable information" means any of the following information if it
             131      allows the entity holding the information to identify the owner or operator of a computer:
             132          (a) the first name or first initial in combination with the last name and a home or other
             133      physical address including street name;
             134          (b) a personal identification code in conjunction with a password required to access an
             135      identified account, other than a password, personal identification number, or other
             136      identification number transmitted by an authorized user to the issuer of the account or its agent;
             137          (c) a Social Security number, tax identification number, driver license number,
             138      passport number, or any other government-issued identification number; or
             139          (d) an account balance, overdraft history, or payment history that personally identifies
             140      an owner or operator of a computer.
             141          (15) "Webpage" means a location that has a single uniform resource locator (URL)
             142      with respect to the World Wide Web or another location that can be accessed on the Internet.
             143          Section 3. Section 13-40-103 is enacted to read:
             144          13-40-103. Application of chapter.
             145          This chapter applies to conduct involving a computer, software, or an advertisement
             146      located in, sent to, or displayed in this state.
             147          Section 4. Section 13-40-201 is repealed and reenacted to read:
             148     
Part 2. Phishing and Pharming

             149          13-40-201. Phishing and pharming.
             150          (1) A person is guilty of phishing if, with intent to defraud or injure an individual, or
             151      with knowledge that the person is facilitating a fraud or injury to be perpetrated by another:



Text Box

- 6 -
             152
         (a) the person makes a communication under false pretenses purporting to be by or on
             153      behalf of a legitimate business, without the authority or approval of the legitimate business; and
             154          (b) the person uses the communication to induce, request, or solicit another person to
             155      provide identifying information or property.
             156          (2) A person is guilty of pharming if, with intent to defraud or injure another, or with
             157      knowledge that the person is facilitating a fraud or injury to be perpetrated by another, the
             158      person:
             159          (a) creates or operates a webpage that represents itself as belonging to or being
             160      associated with a legitimate business, without the authority or approval of the legitimate
             161      business, if that webpage may induce any user of the Internet to provide identifying
             162      information or property; or
             163          (b) alters a setting on a user's computer or similar device or software program through
             164      which the user may search the Internet, causing any user of the Internet to view a
             165      communication that represents itself as belonging to or being associated with a legitimate
             166      business, if the message has been created or is operated without the authority or approval of the
             167      legitimate business and induces, requests, or solicits any user of the Internet to provide
             168      identifying information or property.
             169          Section 5. Section 13-40-202 is repealed and reenacted to read:
             170          13-40-202. Removal of domain name or content -- Liability.
             171          If an Internet registrar or Internet service provider believes in good faith that an Internet
             172      domain name controlled or operated by the Internet registrar or Internet service provider, or
             173      content residing on an Internet website or other online location controlled or operated by the
             174      Internet registrar or Internet service provider, is used to engage in a violation of this part, the
             175      Internet registrar or Internet service provider is not liable under any provision of the laws of
             176      this state or of any political subdivision of the state for removing or disabling access to the
             177      Internet domain name or other content.
             178          Section 6. Section 13-40-203 is enacted to read:
             179          13-40-203. Application of part.
             180          (1) This part applies to the discovery of a phishing or pharming incident that occurs on
             181      or after July 1, 2010.
             182          (2) This part does not apply to a telecommunications provider's or Internet service



Text Box

- 7 -
             183
     provider's good faith transmission or routing of, or intermediate temporary storing or caching
             184      of, identifying information.
             185          Section 7. Section 13-40-204 is enacted to read:
             186          13-40-204. Relation to other law.
             187          The conduct prohibited by this part is of statewide concern, and this part's provisions
             188      supersede and preempt any provision of law of a political subdivision of the state.
             189          Section 8. Section 13-40-301 is repealed and reenacted to read:
             190     
Part 3. Spyware Protection

             191          13-40-301. Prohibition on the use of software.
             192          A person who is not an owner or operator of a computer may not cause computer
             193      software to be copied on the computer knowingly, with conscious avoidance of actual
             194      knowledge, or willfully, if the software is used to:
             195          (1) modify, through intentionally deceptive means, settings of a computer controlling:
             196          (a) the webpage that appears when an owner or operator launches an Internet browser
             197      or similar computer software used to access and navigate the Internet;
             198          (b) the default provider or web proxy that an owner or operator uses to access or search
             199      the Internet; or
             200          (c) an owner's or an operator's list of bookmarks used to access webpages;
             201          (2) collect, through intentionally deceptive means, personally identifiable information:
             202          (a) through the use of a keystroke-logging function that records all or substantially all
             203      keystrokes made by an owner or operator of a computer and transfers that information from the
             204      computer to another person;
             205          (b) in a manner that correlates personally identifiable information with data concerning
             206      all or substantially all of the webpages visited by an owner or operator, other than webpages
             207      operated by the person providing the software, if the computer software was installed in a
             208      manner designed to conceal from all authorized users of the computer the fact that the software
             209      is being installed; or
             210          (c) by extracting from the hard drive of an owner's or an operator's computer, an
             211      owner's or an operator's Social Security number, tax identification number, driver license
             212      number, passport number, any other government-issued identification number, an account
             213      balance, or overdraft history for a purpose unrelated to any of the purposes of the software or



Text Box

- 8 -
             214
     service described to an authorized user;
             215          (3) prevent, through intentionally deceptive means, an owner's or an operator's
             216      reasonable efforts to block or disable the installation or execution of computer software by
             217      causing computer software that the owner or operator has properly removed or disabled to
             218      automatically reinstall or reactivate on the computer without the authorization of an authorized
             219      user;
             220          (4) intentionally misrepresent that computer software will be uninstalled or disabled by
             221      an owner's or an operator's action;
             222          (5) through intentionally deceptive means, remove, disable, or render inoperative
             223      security, antispyware, or antivirus computer software installed on an owner's or an operator's
             224      computer;
             225          (6) enable use of an owner's or an operator's computer to:
             226          (a) access or use a modem or Internet service for the purpose of causing damage to an
             227      owner's or an operator's computer or causing an owner or operator, or a third party affected by
             228      that conduct, to incur financial charges for a service that the owner or operator did not
             229      authorize;
             230          (b) open multiple, sequential, stand-alone messages in an owner's or an operator's
             231      computer without the authorization of an owner or operator and with knowledge that a
             232      reasonable computer user could not close the messages without turning off the computer or
             233      closing the software application in which the messages appear, unless the communication
             234      originated from the computer's operating system, a software application the user activated, or a
             235      service provider that the user chose to use, or was presented for any of the purposes described
             236      in Section 13-40-303 ; or
             237          (c) transmit or relay commercial electronic mail or a computer virus from the
             238      computer, if the transmission or relay is initiated by a person other than the authorized user
             239      without the authorization of an authorized user;
             240          (7) modify, without the authorization of an owner or operator, any of the following
             241      settings related the computer's access to, or use of, the Internet:
             242          (a) settings that protect information about an owner or operator for the purpose of
             243      taking personally identifiable information of the owner or operator;
             244          (b) security settings, for the purpose of causing damage to a computer; or



Text Box

- 9 -
             245
         (c) settings that protect the computer from the uses identified in Subsection (6); or
             246          (8) prevent, without the authorization of an owner or operator, an owner's or an
             247      operator's reasonable efforts to block the installation of, or to disable, computer software by:
             248          (a) presenting the owner or operator with an option to decline installation of computer
             249      software with knowledge that, when the option is selected by the authorized user, the
             250      installation nevertheless proceeds;
             251          (b) falsely representing that computer software has been disabled;
             252          (c) requiring in an intentionally deceptive manner the user to access the Internet to
             253      remove the software with knowledge or reckless disregard of the fact that the software
             254      frequently operates in a manner that prevents the user from accessing the Internet;
             255          (d) changing the name, location, or other designation information of the software for
             256      the purpose of preventing an authorized user from locating the software to remove it;
             257          (e) using randomized or intentionally deceptive filenames, directory folders, formats,
             258      or registry entries for the purpose of avoiding detection and removal of the software by an
             259      authorized user;
             260          (f) causing the installation of software in a particular computer directory or in computer
             261      memory for the purpose of evading an authorized user's attempt to remove the software from
             262      the computer; or
             263          (g) requiring, without the authority of the owner of the computer, that an authorized
             264      user obtain a special code or download software from a third party to uninstall the software.
             265          Section 9. Section 13-40-302 is repealed and reenacted to read:
             266          13-40-302. Other prohibited conduct.
             267          A person who is not an owner or operator of a computer may not, with regard to the
             268      computer:
             269          (1) induce an owner or operator to install a computer software component onto the
             270      owner's or the operator's computer by intentionally misrepresenting that installing the computer
             271      software is necessary for security or privacy reasons or in order to open, view, or play a
             272      particular type of content; or
             273          (2) use intentionally deceptive means to cause the execution of a computer software
             274      component with the intent of causing the computer to use the computer software component in
             275      a manner that violates any other provision of this chapter.



Text Box

- 10 -
Senate 3rd Reading Amendments 2-12-2010 rd/crp
             276
         Section 10. Section 13-40-303 is enacted to read:
             277          13-40-303. Exceptions.
             278          Sections 13-40-301 and 13-40-302 do not apply to the monitoring of, or interaction
             279      with, an owner's or an operator's Internet or other network connection, service, or computer, by
             280      a telecommunications carrier, cable operator, computer hardware or software provider, or
             281      provider of information service or interactive computer service for network or computer
             282      security purposes, diagnostics, technical support, maintenance, repair, network management,
             283      authorized updates of computer software or system firmware, authorized remote system
             284      management, or detection or prevention of the unauthorized use of or fraudulent or other illegal
             285      activities in connection with a network, service, or computer software, including scanning for
             286      and removing computer software prescribed under this chapter.
             287          Section 11. Section 13-40-401 is repealed and reenacted to read:
             288     
Part 4. Enforcement

             289          13-40-401. Phishing and pharming violations.
             290          (1) S. [ A person who violates Part 2, Phishing and Pharming, is guilty of a third degree
             291      felony.
             292          (2)
] .S
A civil action against a person who violates any provision of Part 2, Phishing and
             293      Pharming, may be filed by:
             294          (a) an Internet service provider that is adversely affected by the violation;
             295          (b) an owner of a webpage, computer server, or a trademark that is used without
             296      authorization in the violation; or
             297          (c) the attorney general.
             298           S. [ (3) ] (2) .S A person permitted to bring a civil action under Subsection (2) may obtain
             298a      either
             299      actual damages for a violation of this chapter or a civil penalty not to exceed $150,000 per
             300      violation of Part 2, Phishing and Pharming.
             301           S. [ (4) ] (3) .S A violation of Part 2, Phishing and Pharming, by a state-chartered or
             301a      licensed
             302      financial institution is enforceable exclusively by the financial institution's primary state
             303      regulator.
             304          Section 12. Section 13-40-402 is enacted to read:
             305          13-40-402. Spyware protection violations.
             306          (1) The attorney general, an Internet service provider, or a software company that



Text Box

- 11 -
             307
     expends resources in good faith assisting authorized users harmed by a violation of Part 3,
             308      Spyware Protection, or a trademark owner whose mark is used to deceive authorized users in
             309      violation of Part 3, Spyware Protection, may bring a civil action against a person who violates
             310      Part 3, Spyware Protection, to recover:
             311          (a) actual damages and liquidated damages of at least $1,000 per violation of Part 3,
             312      Spyware Protection, not to exceed $1,000,000 for a pattern or practice of violations; and
             313          (b) attorney fees and costs.
             314          (2) The court may increase a damage award to an amount equal to not more than three
             315      times the amount otherwise recoverable under Subsection (1) if the court determines that the
             316      defendant committed the violation willfully and knowingly.
             317          (3) The court may reduce liquidated damages recoverable under Subsection (1) to a
             318      minimum of $100, not to exceed $100,000 for each violation, if the court finds that the
             319      defendant established and implemented practices and procedures reasonably designed to
             320      prevent a violation of Part 3, Spyware Protection.
             321          (4) In the case of a violation of Subsection 13-40-301 (6)(a) that causes a
             322      telecommunications carrier or provider of voice over Internet protocol service to incur costs for
             323      the origination, transport, or termination of a call triggered using the modem or
             324      Internet-capable device of a customer of the telecommunications carrier or provider of voice
             325      over Internet protocol as a result of the violation, the telecommunications carrier or provider of
             326      voice over Internet protocol may bring a civil action against the violator:
             327          (a) to recover the charges the telecommunications carrier or provider of voice over
             328      Internet protocol is required to pay to another carrier or to an information service provider as a
             329      result of the violation, including charges for the origination, transport, or termination of the
             330      call;
             331          (b) to recover the costs of handling customer inquiries or complaints with respect to
             332      amounts billed for the calls;
             333          (c) to recover reasonable attorney fees and costs; and
             334          (d) for injunctive relief.
             335          (5) For purposes of a civil action under Subsections (1), (2), and (3), a single action or
             336      conduct that violates more than one provision of Part 3, Spyware Protection, shall be
             337      considered as multiple violations based on the number of provisions violated.



Text Box

- 12 -
             338
         Section 13. Section 70-3a-309 is enacted to read:
             339          70-3a-309. Cybersquatting.
             340          (1) (a) A person is liable in a civil action by the owner of a mark, including a personal
             341      name, which is a mark for purposes of this section, if, without regard to the goods or services
             342      of the person or the mark's owner, the person:
             343          (i) has a bad faith intent to profit from the mark, including a personal name; and
             344          (ii) for any length of time registers, acquires, traffics in, or uses a domain name in, or
             345      belonging to, any person in this state that:
             346          (A) in the case of a mark that is distinctive at the time of registration of the domain
             347      name, is identical or confusingly similar to the mark;
             348          (B) in the case of a famous mark that is famous at the time of registration of the
             349      domain name, is identical or confusingly similar to or dilutive of the mark; or
             350          (C) is a trademark, word, or name protected by reason of 18 U.S.C. 706 or 36 U.S.C.
             351      220506.
             352          (b) (i) In determining whether a person has a bad faith intent described in Subsection
             353      (1)(a), a court may consider all relevant factors, including:
             354          (A) the trademark or other intellectual property rights of the person, if any, in the
             355      domain name;
             356          (B) the extent to which the domain name consists of the legal name of the person or a
             357      name that is otherwise commonly used to identify that person;
             358          (C) the person's prior use, if any, of the domain name in connection with the bona fide
             359      offering of any goods or services;
             360          (D) the person's bona fide noncommercial or fair use of the mark in a site accessible
             361      under the domain name;
             362          (E) the person's intent to divert consumers from the mark owner's online location to a
             363      site accessible under the domain name that could harm the goodwill represented by the mark,
             364      either for commercial gain or with the intent to tarnish or disparage the mark, by creating a
             365      likelihood of confusion as to the source, sponsorship, affiliation, or endorsement of the site;
             366          (F) the person's offer to transfer, sell, or otherwise assign, or solicitation of the
             367      purchase, transfer, or assignment of the domain name to the mark owner or any third party for
             368      financial gain without having used, or having an intent to use, the domain name in the bona



Text Box

- 13 -
Senate Committee Amendments 2-4-2010 rd/crp
             369
     fide offering of any goods or services, or the person's prior conduct indicating a pattern of such
             370      conduct;
             371          (G) the person's provision of material and misleading false contact information when
             372      applying for the registration of the domain name, the person's intentional failure to maintain
             373      accurate contact information, or the person's prior conduct indicating a pattern of such conduct;
             374          (H) the person's registration or acquisition of multiple domain names that the person
             375      knows are identical or confusingly similar to another's mark that is distinctive at the time of
             376      registration of the domain names, or is dilutive of another's famous mark that is famous at the
             377      time of registration of the domain names, without regard to the goods or services of the person
             378      or the mark owner; and
             379          (I) the extent to which the mark incorporated in the person's domain name registration
             380      is or is not distinctive and famous.
             381          (ii) Bad faith intent described in Subsection (1)(a) may not be found in any case in
             382      which the court determines that the person believed and had reasonable grounds to believe that
             383      the use of the domain name was a fair use or otherwise lawful.
             384          (c) In a civil action involving the registration, trafficking, or use of a domain name
             385      under this section, a court may order the forfeiture or cancellation of the domain name or the
             386      transfer of the domain name to the owner of the mark.
             387          (d) (i) A person is liable for using a domain name under Subsection (1)(a) only if that
             388      person is the domain name registrant or that registrant's authorized licensee, S. [ agent, ] .S affiliate,
             389      S. [ representative, ] .S domain name registrar, domain name registry, or other domain name
             390      registration authority that knowingly S. [ and actively ] .S assists a violation of this chapter by the
             391      registrant.
             392          (ii) A person may not be held liable under this section absent a showing of bad faith
             393      intent to profit from the registration or maintenance of the domain name.
             394          (iii) For purposes of this section, a "showing of bad faith intent to profit" shall be
             395      interpreted in the same manner as under 15 U.S.C. Sec. 1114(2)(D)(iii).
             396          (e) As used in this section, the term "traffics in" refers to transactions that include
             397      sales, purchases, loans, pledges, licenses, exchanges of currency, and any other transfer for
             398      consideration or receipt in exchange for consideration.
             399          (2) (a) The owner of a mark registered with the U.S. Patent and Trademark Office or



Text Box

- 14 -
             400
     under this chapter may file an in rem civil action against a domain name in the district court if
             401      the owner is located in the state and if:
             402          (i) the domain name violates any right of the owner of a mark registered in the Patent
             403      and Trademark Office or registered under this chapter; and
             404          (ii) the court finds that the owner:
             405          (A) is not able to obtain personal jurisdiction over a person who would be a defendant
             406      in a civil action under Subsection (1); or
             407          (B) through due diligence was not able to find a person who would be a defendant in a
             408      civil action under Subsection (1) by:
             409          (I) sending a notice of the alleged violation and intent to proceed under this Subsection
             410      (2)(a) to the registrant of the domain name at the postal and e-mail address provided by the
             411      registrant to the registrar; and
             412          (II) publishing notice of the action as the court may direct promptly after filing the
             413      action.
             414          (b) Completion of the actions required by Subsection (2)(a)(ii) constitute service of
             415      process.
             416          (c) In an in rem action under this Subsection (2), a domain name is considered to be
             417      located in the judicial district in which:
             418          (i) the domain name registrar, registry, or other domain name authority that registered
             419      or assigned the domain name is located; or
             420          (ii) documents sufficient to establish control and authority regarding the disposition of
             421      the registration and use of the domain name are deposited with the court.
             422          (d) (i) The remedies in an in rem action under this Subsection (2) are limited to a court
             423      order for the forfeiture or cancellation of the domain name or the transfer of the domain name
             424      to the owner of the mark.
             425          (ii) Upon receipt of written notification of a filed, stamped copy of a complaint filed by
             426      the owner of a mark in the district court under this Subsection (2), the domain name registrar,
             427      domain name registry, or other domain name authority shall:
             428          (A) expeditiously deposit with the court documents sufficient to establish the court's
             429      control and authority regarding the disposition of the registration and use of the domain name
             430      to the court; and



Text Box

- 15 -
             431
         (B) not transfer, suspend, or otherwise modify the domain name during the pendency
             432      of the action, except upon order of the court.
             433          (iii) The domain name registrar or registry or other domain name authority is not liable
             434      for injunctive or monetary relief under this section, except in the case of bad faith or reckless
             435      disregard, which includes a willful failure to comply with a court order.
             436          (3) The civil actions and remedies established by Subsection (1) and the in rem action
             437      established in Subsection (2) do not preclude any other applicable civil action or remedy.
             438          (4) The in rem jurisdiction established under Subsection (2) does not preclude any
             439      other jurisdiction, whether in rem or personal.
             440          Section 14. Section 70-3a-402 is amended to read:
             441           70-3a-402. Infringement.
             442          (1) Subject to Section 70-3a-104 and Subsection (2), any person is liable in a civil
             443      action brought by the registrant for any and all of the remedies provided in Section 70-3a-404 ,
             444      if that person:
             445          (a) uses a reproduction, counterfeit, copy, or colorable imitation of a mark registered
             446      under this chapter:
             447          (i) without the consent of the registrant; and
             448          (ii) in connection with the sale, distribution, offering for sale, or advertising of any
             449      goods or services on or in connection with which that use is likely to cause confusion, mistake,
             450      or to deceive as to the source of origin, nature, or quality of those goods or services; or
             451          (b) reproduces, counterfeits, copies, or colorably imitates any mark and applies the
             452      reproduction, counterfeit, copy, or colorable imitation to labels, signs, prints, packages,
             453      wrappers, receptacles, or advertisements intended to be used upon or in connection with the
             454      sale or other distribution in this state of goods or services.
             455          (2) Under Subsection (1)(b), the registrant is not entitled to recover profits or damages
             456      unless the act described in Subsection (1)(b) has been committed with the intent:
             457          (a) to cause confusion or mistake; or
             458          (b) to deceive.
             459          (3) In a civil action for a violation of Section 70-3a-309 :
             460          (a) the plaintiff may recover court costs and reasonable attorney fees; and
             461          (b) the plaintiff may elect, at any time before final judgment is entered by the district



Text Box

- 16 -
             462
     court, to recover, instead of actual damages and profits, an award of statutory damages in the
             463      amount of not less than $1,000 and not more than $100,000 per domain name, as the court
             464      considers just.
             465          (4) Statutory damages awarded under Subsection (3)(b) are presumed to be $100,000
             466      per domain name if there is a pattern and practice of infringements committed willfully for
             467      commercial gain.
             468          Section 15. Effective date.
             469          This bill takes effect on July 1, 2010, except that Sections 70-3a-309 and 70-3a-402
             470      take effect on May 11, 2010.





Legislative Review Note
    as of 11-18-09 5:19 PM


Office of Legislative Research and General Counsel


[Bill Documents][Bills Directory]