! The Capitol Complex is closed to the public due to COVID-19. All meetings will be held virtually online. View procedures and guidelines for remote public comment

Download Zipped Enrolled WordPerfect SB0026.ZIP
[Introduced][Amended][Status][Bill Documents][Fiscal Note][Bills Directory]

S.B. 26 Enrolled

             1     

UTAH E-COMMERCE INTEGRITY ACT

             2     
2010 GENERAL SESSION

             3     
STATE OF UTAH

             4     
Chief Sponsor: Stephen H. Urquhart

             5     
House Sponsor: Bradley G. Last

             6     
             7      LONG TITLE
             8      General Description:
             9          This bill contains prohibitions and other provisions concerning Internet-related
             10      conduct, including phishing, pharming, spyware, and cybersquatting.
             11      Highlighted Provisions:
             12          This bill:
             13          .    defines terms;
             14          .    prohibits a person from facilitating certain types of fraud and injury through use of
             15      electronic communications;
             16          .    allows for the removal of domain names and online content by an Internet registrar
             17      or Internet service provider under certain circumstances;
             18          .    prohibits contrary laws enacted by a political subdivision of the state;
             19          .    forbids the use of various types of software, commonly called spyware, if used for
             20      certain purposes;
             21          .    provides exceptions from spyware provisions for various types of communications
             22      and interactions, including authorized diagnostics;
             23          .    prohibits the registration of domain names under certain circumstances, commonly
             24      referred to as cybersquatting;
             25          .    provides civil penalties for a violation of cybersquatting provisions; and
             26          .    makes technical changes.
             27      Monies Appropriated in this Bill:
             28          None
             29      Other Special Clauses:


             30          This bill provides an effective date.
             31      Utah Code Sections Affected:
             32      AMENDS:
             33          70-3a-402, as last amended by Laws of Utah 2008, Chapter 258
             34      ENACTS:
             35          13-40-103, Utah Code Annotated 1953
             36          13-40-203, Utah Code Annotated 1953
             37          13-40-204, Utah Code Annotated 1953
             38          13-40-303, Utah Code Annotated 1953
             39          13-40-402, Utah Code Annotated 1953
             40          70-3a-309, Utah Code Annotated 1953
             41      REPEALS AND REENACTS:
             42          13-40-101, as enacted by Laws of Utah 2004, Chapter 363
             43          13-40-102, as last amended by Laws of Utah 2005, Chapter 168
             44          13-40-201, as last amended by Laws of Utah 2005, Chapter 168
             45          13-40-202, as enacted by Laws of Utah 2005, Chapter 168
             46          13-40-301, as last amended by Laws of Utah 2005, Chapter 168
             47          13-40-302, as last amended by Laws of Utah 2005, Chapter 168
             48          13-40-401, as enacted by Laws of Utah 2004, Chapter 363
             49     
             50      Be it enacted by the Legislature of the state of Utah:
             51          Section 1. Section 13-40-101 is repealed and reenacted to read:
             52     
CHAPTER 40. UTAH E-COMMERCE INTEGRITY ACT

             53     
Part 1. General Provisions

             54          13-40-101. Title.
             55          This chapter is known as the "Utah E-Commerce Integrity Act."
             56          Section 2. Section 13-40-102 is repealed and reenacted to read:
             57          13-40-102. Definitions.


             58          As used in this chapter:
             59          (1) (a) "Cause to be copied" means to distribute or transfer computer software, or any
             60      component of computer software.
             61          (b) "Cause to be copied" does not include providing:
             62          (i) transmission, routing, intermediate temporary storage, or caching of software;
             63          (ii) a storage or hosting medium, such as a compact disk, website, or computer server
             64      through which the software was distributed by a third party; or
             65          (iii) an information location tool, such as a directory, index, reference, pointer, or
             66      hypertext link, through which the user of the computer located the software.
             67          (2) (a) "Computer software" means a sequence of instructions written in any
             68      programming language that is executed on a computer.
             69          (b) "Computer software" does not include a data component of a webpage that is not
             70      executable independently of the webpage.
             71          (3) "Computer virus" means a computer program or other set of instructions that is
             72      designed to degrade the performance of or disable a computer or computer network and is
             73      designed to have the ability to replicate itself on another computer or computer network
             74      without the authorization of the owner of the other computer or computer network.
             75          (4) "Damage" means any significant impairment to the:
             76          (a) performance of a computer; or
             77          (b) integrity or availability of data, software, a system, or information.
             78          (5) "Execute," when used with respect to computer software, means the performance
             79      of the functions or the carrying out of the instructions of the computer software.
             80          (6) "False pretenses" means the representation of a fact or circumstance that is not true
             81      and is calculated to mislead.
             82          (7) (a) "Identifying information" means any information that can be used to access a
             83      person's financial accounts or to obtain goods and services, including the person's:
             84          (i) address;
             85          (ii) birth date;


             86          (iii) Social Security number;
             87          (iv) driver license number;
             88          (v) non-driver governmental identification number;
             89          (vi) telephone number;
             90          (vii) bank account number;
             91          (viii) student identification number;
             92          (ix) credit or debit card number;
             93          (x) personal identification number;
             94          (xi) unique biometric data;
             95          (xii) employee or payroll number;
             96          (xiii) automated or electronic signature;
             97          (xiv) computer image file;
             98          (xv) photograph; or
             99          (xvi) computer screen name or password.
             100          (b) "Identifying information" does not include information that is lawfully obtained
             101      from publicly available information, or from federal, state, or local government records
             102      lawfully made available to the general public.
             103          (8) "Intentionally deceptive" means any of the following:
             104          (a) an intentionally and materially false or fraudulent statement;
             105          (b) a statement or description that intentionally omits or misrepresents material
             106      information in order to deceive an owner or operator of a computer; or
             107          (c) an intentional and material failure to provide a notice to an owner or operator
             108      concerning the installation or execution of computer software, for the purpose of deceiving the
             109      owner or operator.
             110          (9) "Internet" means the global information system that is logically linked together by
             111      a globally unique address space based on the Internet protocol (IP), or its subsequent
             112      extensions, and that is able to support communications using the transmission control
             113      protocol/Internet protocol (TCP/IP) suite, or its subsequent extensions, or other IP-compatible


             114      protocols, and that provides, uses, or makes accessible, either publicly or privately, high-level
             115      services layered on communications and related infrastructure.
             116          (10) "Internet service provider" means:
             117          (a) an Internet service provider, as defined in Section 76-10-1230 ; or
             118          (b) a hosting company, as defined in Section 76-10-1230 .
             119          (11) "Message" means a graphical or text communication presented to an authorized
             120      user of a computer.
             121          (12) (a) "Owner or operator" means the owner or lessee of a computer, or a person
             122      using a computer with the owner's or lessee's authorization.
             123          (b) "Owner or operator" does not include a person who owned a computer before the
             124      first retail sale of the computer.
             125          (13) "Person" means any individual, partnership, corporation, limited liability
             126      company, or other organization, or any combination thereof.
             127          (14) "Personally identifiable information" means any of the following information if it
             128      allows the entity holding the information to identify the owner or operator of a computer:
             129          (a) the first name or first initial in combination with the last name and a home or other
             130      physical address including street name;
             131          (b) a personal identification code in conjunction with a password required to access an
             132      identified account, other than a password, personal identification number, or other
             133      identification number transmitted by an authorized user to the issuer of the account or its
             134      agent;
             135          (c) a Social Security number, tax identification number, driver license number,
             136      passport number, or any other government-issued identification number; or
             137          (d) an account balance, overdraft history, or payment history that personally identifies
             138      an owner or operator of a computer.
             139          (15) "Webpage" means a location that has a single uniform resource locator (URL)
             140      with respect to the World Wide Web or another location that can be accessed on the Internet.
             141          Section 3. Section 13-40-103 is enacted to read:


             142          13-40-103. Application of chapter.
             143          This chapter applies to conduct involving a computer, software, or an advertisement
             144      located in, sent to, or displayed in this state.
             145          Section 4. Section 13-40-201 is repealed and reenacted to read:
             146     
Part 2. Phishing and Pharming

             147          13-40-201. Phishing and pharming.
             148          (1) A person is guilty of phishing if, with intent to defraud or injure an individual, or
             149      with knowledge that the person is facilitating a fraud or injury to be perpetrated by another:
             150          (a) the person makes a communication under false pretenses purporting to be by or on
             151      behalf of a legitimate business, without the authority or approval of the legitimate business;
             152      and
             153          (b) the person uses the communication to induce, request, or solicit another person to
             154      provide identifying information or property.
             155          (2) A person is guilty of pharming if, with intent to defraud or injure another, or with
             156      knowledge that the person is facilitating a fraud or injury to be perpetrated by another, the
             157      person:
             158          (a) creates or operates a webpage that represents itself as belonging to or being
             159      associated with a legitimate business, without the authority or approval of the legitimate
             160      business, if that webpage may induce any user of the Internet to provide identifying
             161      information or property; or
             162          (b) alters a setting on a user's computer or similar device or software program through
             163      which the user may search the Internet, causing any user of the Internet to view a
             164      communication that represents itself as belonging to or being associated with a legitimate
             165      business, if the message has been created or is operated without the authority or approval of
             166      the legitimate business and induces, requests, or solicits any user of the Internet to provide
             167      identifying information or property.
             168          Section 5. Section 13-40-202 is repealed and reenacted to read:
             169          13-40-202. Removal of domain name or content -- Liability.


             170          If an Internet registrar or Internet service provider believes in good faith that an Internet
             171      domain name controlled or operated by the Internet registrar or Internet service provider, or
             172      content residing on an Internet website or other online location controlled or operated by the
             173      Internet registrar or Internet service provider, is used to engage in a violation of this part, the
             174      Internet registrar or Internet service provider is not liable under any provision of the laws of
             175      this state or of any political subdivision of the state for removing or disabling access to the
             176      Internet domain name or other content.
             177          Section 6. Section 13-40-203 is enacted to read:
             178          13-40-203. Application of part.
             179          (1) This part applies to the discovery of a phishing or pharming incident that occurs
             180      on or after July 1, 2010.
             181          (2) This part does not apply to a telecommunications provider's or Internet service
             182      provider's good faith transmission or routing of, or intermediate temporary storing or caching
             183      of, identifying information.
             184          Section 7. Section 13-40-204 is enacted to read:
             185          13-40-204. Relation to other law.
             186          The conduct prohibited by this part is of statewide concern, and this part's provisions
             187      supersede and preempt any provision of law of a political subdivision of the state.
             188          Section 8. Section 13-40-301 is repealed and reenacted to read:
             189     
Part 3. Spyware Protection

             190          13-40-301. Prohibition on the use of software.
             191          A person who is not an owner or operator of a computer may not cause computer
             192      software to be copied on the computer knowingly, with conscious avoidance of actual
             193      knowledge, or willfully, if the software is used to:
             194          (1) modify, through intentionally deceptive means, settings of a computer controlling:
             195          (a) the webpage that appears when an owner or operator launches an Internet browser
             196      or similar computer software used to access and navigate the Internet;
             197          (b) the default provider or web proxy that an owner or operator uses to access or


             198      search the Internet; or
             199          (c) an owner's or an operator's list of bookmarks used to access webpages;
             200          (2) collect, through intentionally deceptive means, personally identifiable information:
             201          (a) through the use of a keystroke-logging function that records all or substantially all
             202      keystrokes made by an owner or operator of a computer and transfers that information from
             203      the computer to another person;
             204          (b) in a manner that correlates personally identifiable information with data
             205      concerning all or substantially all of the webpages visited by an owner or operator, other than
             206      webpages operated by the person providing the software, if the computer software was
             207      installed in a manner designed to conceal from all authorized users of the computer the fact
             208      that the software is being installed; or
             209          (c) by extracting from the hard drive of an owner's or an operator's computer, an
             210      owner's or an operator's Social Security number, tax identification number, driver license
             211      number, passport number, any other government-issued identification number, an account
             212      balance, or overdraft history for a purpose unrelated to any of the purposes of the software or
             213      service described to an authorized user;
             214          (3) prevent, through intentionally deceptive means, an owner's or an operator's
             215      reasonable efforts to block or disable the installation or execution of computer software by
             216      causing computer software that the owner or operator has properly removed or disabled to
             217      automatically reinstall or reactivate on the computer without the authorization of an authorized
             218      user;
             219          (4) intentionally misrepresent that computer software will be uninstalled or disabled
             220      by an owner's or an operator's action;
             221          (5) through intentionally deceptive means, remove, disable, or render inoperative
             222      security, antispyware, or antivirus computer software installed on an owner's or an operator's
             223      computer;
             224          (6) enable use of an owner's or an operator's computer to:
             225          (a) access or use a modem or Internet service for the purpose of causing damage to an


             226      owner's or an operator's computer or causing an owner or operator, or a third party affected by
             227      that conduct, to incur financial charges for a service that the owner or operator did not
             228      authorize;
             229          (b) open multiple, sequential, stand-alone messages in an owner's or an operator's
             230      computer without the authorization of an owner or operator and with knowledge that a
             231      reasonable computer user could not close the messages without turning off the computer or
             232      closing the software application in which the messages appear, unless the communication
             233      originated from the computer's operating system, a software application the user activated, or a
             234      service provider that the user chose to use, or was presented for any of the purposes described
             235      in Section 13-40-303 ; or
             236          (c) transmit or relay commercial electronic mail or a computer virus from the
             237      computer, if the transmission or relay is initiated by a person other than the authorized user
             238      without the authorization of an authorized user;
             239          (7) modify, without the authorization of an owner or operator, any of the following
             240      settings related the computer's access to, or use of, the Internet:
             241          (a) settings that protect information about an owner or operator for the purpose of
             242      taking personally identifiable information of the owner or operator;
             243          (b) security settings, for the purpose of causing damage to a computer; or
             244          (c) settings that protect the computer from the uses identified in Subsection (6); or
             245          (8) prevent, without the authorization of an owner or operator, an owner's or an
             246      operator's reasonable efforts to block the installation of, or to disable, computer software by:
             247          (a) presenting the owner or operator with an option to decline installation of computer
             248      software with knowledge that, when the option is selected by the authorized user, the
             249      installation nevertheless proceeds;
             250          (b) falsely representing that computer software has been disabled;
             251          (c) requiring in an intentionally deceptive manner the user to access the Internet to
             252      remove the software with knowledge or reckless disregard of the fact that the software
             253      frequently operates in a manner that prevents the user from accessing the Internet;


             254          (d) changing the name, location, or other designation information of the software for
             255      the purpose of preventing an authorized user from locating the software to remove it;
             256          (e) using randomized or intentionally deceptive filenames, directory folders, formats,
             257      or registry entries for the purpose of avoiding detection and removal of the software by an
             258      authorized user;
             259          (f) causing the installation of software in a particular computer directory or in
             260      computer memory for the purpose of evading an authorized user's attempt to remove the
             261      software from the computer; or
             262          (g) requiring, without the authority of the owner of the computer, that an authorized
             263      user obtain a special code or download software from a third party to uninstall the software.
             264          Section 9. Section 13-40-302 is repealed and reenacted to read:
             265          13-40-302. Other prohibited conduct.
             266          A person who is not an owner or operator of a computer may not, with regard to the
             267      computer:
             268          (1) induce an owner or operator to install a computer software component onto the
             269      owner's or the operator's computer by intentionally misrepresenting that installing the
             270      computer software is necessary for security or privacy reasons or in order to open, view, or
             271      play a particular type of content; or
             272          (2) use intentionally deceptive means to cause the execution of a computer software
             273      component with the intent of causing the computer to use the computer software component in
             274      a manner that violates any other provision of this chapter.
             275          Section 10. Section 13-40-303 is enacted to read:
             276          13-40-303. Exceptions.
             277          Sections 13-40-301 and 13-40-302 do not apply to the monitoring of, or interaction
             278      with, an owner's or an operator's Internet or other network connection, service, or computer, by
             279      a telecommunications carrier, cable operator, computer hardware or software provider, or
             280      provider of information service or interactive computer service for network or computer
             281      security purposes, diagnostics, technical support, maintenance, repair, network management,


             282      authorized updates of computer software or system firmware, authorized remote system
             283      management, or detection or prevention of the unauthorized use of or fraudulent or other
             284      illegal activities in connection with a network, service, or computer software, including
             285      scanning for and removing computer software prescribed under this chapter.
             286          Section 11. Section 13-40-401 is repealed and reenacted to read:
             287     
Part 4. Enforcement

             288          13-40-401. Phishing and pharming violations.
             289          (1) A civil action against a person who violates any provision of Part 2, Phishing and
             290      Pharming, may be filed by:
             291          (a) an Internet service provider that is adversely affected by the violation;
             292          (b) an owner of a webpage, computer server, or a trademark that is used without
             293      authorization in the violation; or
             294          (c) the attorney general.
             295          (2) A person permitted to bring a civil action under Subsection (1) may obtain either
             296      actual damages for a violation of this chapter or a civil penalty not to exceed $150,000 per
             297      violation of Part 2, Phishing and Pharming.
             298          (3) A violation of Part 2, Phishing and Pharming, by a state-chartered or licensed
             299      financial institution is enforceable exclusively by the financial institution's primary state
             300      regulator.
             301          Section 12. Section 13-40-402 is enacted to read:
             302          13-40-402. Spyware protection violations.
             303          (1) The attorney general, an Internet service provider, or a software company that
             304      expends resources in good faith assisting authorized users harmed by a violation of Part 3,
             305      Spyware Protection, or a trademark owner whose mark is used to deceive authorized users in
             306      violation of Part 3, Spyware Protection, may bring a civil action against a person who violates
             307      Part 3, Spyware Protection, to recover:
             308          (a) actual damages and liquidated damages of at least $1,000 per violation of Part 3,
             309      Spyware Protection, not to exceed $1,000,000 for a pattern or practice of violations; and


             310          (b) attorney fees and costs.
             311          (2) The court may increase a damage award to an amount equal to not more than three
             312      times the amount otherwise recoverable under Subsection (1) if the court determines that the
             313      defendant committed the violation willfully and knowingly.
             314          (3) The court may reduce liquidated damages recoverable under Subsection (1) to a
             315      minimum of $100, not to exceed $100,000 for each violation, if the court finds that the
             316      defendant established and implemented practices and procedures reasonably designed to
             317      prevent a violation of Part 3, Spyware Protection.
             318          (4) In the case of a violation of Subsection 13-40-301 (6)(a) that causes a
             319      telecommunications carrier or provider of voice over Internet protocol service to incur costs
             320      for the origination, transport, or termination of a call triggered using the modem or
             321      Internet-capable device of a customer of the telecommunications carrier or provider of voice
             322      over Internet protocol as a result of the violation, the telecommunications carrier or provider of
             323      voice over Internet protocol may bring a civil action against the violator:
             324          (a) to recover the charges the telecommunications carrier or provider of voice over
             325      Internet protocol is required to pay to another carrier or to an information service provider as a
             326      result of the violation, including charges for the origination, transport, or termination of the
             327      call;
             328          (b) to recover the costs of handling customer inquiries or complaints with respect to
             329      amounts billed for the calls;
             330          (c) to recover reasonable attorney fees and costs; and
             331          (d) for injunctive relief.
             332          (5) For purposes of a civil action under Subsections (1), (2), and (3), a single action or
             333      conduct that violates more than one provision of Part 3, Spyware Protection, shall be
             334      considered as multiple violations based on the number of provisions violated.
             335          Section 13. Section 70-3a-309 is enacted to read:
             336          70-3a-309. Cybersquatting.
             337          (1) (a) A person is liable in a civil action by the owner of a mark, including a personal


             338      name, which is a mark for purposes of this section, if, without regard to the goods or services
             339      of the person or the mark's owner, the person:
             340          (i) has a bad faith intent to profit from the mark, including a personal name; and
             341          (ii) for any length of time registers, acquires, traffics in, or uses a domain name in, or
             342      belonging to any person in, this state that:
             343          (A) in the case of a mark that is distinctive at the time of registration of the domain
             344      name, is identical or confusingly similar to the mark;
             345          (B) in the case of a famous mark that is famous at the time of registration of the
             346      domain name, is identical or confusingly similar to or dilutive of the mark; or
             347          (C) is a trademark, word, or name protected by reason of 18 U.S.C. Sec. 706 or 36
             348      U.S.C. Sec. 220506.
             349          (b) (i) In determining whether a person has a bad faith intent described in Subsection
             350      (1)(a), a court may consider all relevant factors, including:
             351          (A) the trademark or other intellectual property rights of the person, if any, in the
             352      domain name;
             353          (B) the extent to which the domain name consists of the legal name of the person or a
             354      name that is otherwise commonly used to identify that person;
             355          (C) the person's prior use, if any, of the domain name in connection with the bona fide
             356      offering of any goods or services;
             357          (D) the person's bona fide noncommercial or fair use of the mark in a site accessible
             358      under the domain name;
             359          (E) the person's intent to divert consumers from the mark owner's online location to a
             360      site accessible under the domain name that could harm the goodwill represented by the mark,
             361      either for commercial gain or with the intent to tarnish or disparage the mark, by creating a
             362      likelihood of confusion as to the source, sponsorship, affiliation, or endorsement of the site;
             363          (F) the person's offer to transfer, sell, or otherwise assign, or solicitation of the
             364      purchase, transfer, or assignment of the domain name to the mark owner or any third party for
             365      financial gain without having used, or having an intent to use, the domain name in the bona


             366      fide offering of any goods or services, or the person's prior conduct indicating a pattern of
             367      such conduct;
             368          (G) the person's provision of material and misleading false contact information when
             369      applying for the registration of the domain name, the person's intentional failure to maintain
             370      accurate contact information, or the person's prior conduct indicating a pattern of such
             371      conduct;
             372          (H) the person's registration or acquisition of multiple domain names that the person
             373      knows are identical or confusingly similar to another's mark that is distinctive at the time of
             374      registration of the domain names, or is dilutive of another's famous mark that is famous at the
             375      time of registration of the domain names, without regard to the goods or services of the person
             376      or the mark owner; and
             377          (I) the extent to which the mark incorporated in the person's domain name registration
             378      is or is not distinctive and famous.
             379          (ii) Bad faith intent described in Subsection (1)(a) may not be found in any case in
             380      which the court determines that the person believed and had reasonable grounds to believe that
             381      the use of the domain name was a fair use or otherwise lawful.
             382          (c) In a civil action involving the registration, trafficking, or use of a domain name
             383      under this section, a court may order the forfeiture or cancellation of the domain name or the
             384      transfer of the domain name to the owner of the mark.
             385          (d) (i) A person is liable for using a domain name under Subsection (1)(a) only if that
             386      person is the domain name registrant or that registrant's authorized licensee, affiliate, domain
             387      name registrar, domain name registry, or other domain name registration authority that
             388      knowingly assists a violation of this chapter by the registrant.
             389          (ii) A person may not be held liable under this section absent a showing of bad faith
             390      intent to profit from the registration or maintenance of the domain name.
             391          (iii) For purposes of this section, a "showing of bad faith intent to profit" shall be
             392      interpreted in the same manner as under 15 U.S.C. Sec. 1114(2)(D)(iii).
             393          (e) As used in this section, the term "traffics in" refers to transactions that include


             394      sales, purchases, loans, pledges, licenses, exchanges of currency, and any other transfer for
             395      consideration or receipt in exchange for consideration.
             396          (2) (a) The owner of a mark registered with the U.S. Patent and Trademark Office or
             397      under this chapter may file an in rem civil action against a domain name in the district court if
             398      the owner is located in the state and if:
             399          (i) the domain name violates any right of the owner of a mark registered in the Patent
             400      and Trademark Office or registered under this chapter; and
             401          (ii) the court finds that the owner:
             402          (A) is not able to obtain personal jurisdiction over a person who would be a defendant
             403      in a civil action under Subsection (1); or
             404          (B) through due diligence was not able to find a person who would be a defendant in a
             405      civil action under Subsection (1) by:
             406          (I) sending a notice of the alleged violation and intent to proceed under this
             407      Subsection (2)(a) to the registrant of the domain name at the postal and e-mail address
             408      provided by the registrant to the registrar; and
             409          (II) publishing notice of the action as the court may direct promptly after filing the
             410      action.
             411          (b) Completion of the actions required by Subsection (2)(a)(ii) constitutes service of
             412      process.
             413          (c) In an in rem action under this Subsection (2), a domain name is considered to be
             414      located in the judicial district in which:
             415          (i) the domain name registrar, registry, or other domain name authority that registered
             416      or assigned the domain name is located; or
             417          (ii) documents sufficient to establish control and authority regarding the disposition of
             418      the registration and use of the domain name are deposited with the court.
             419          (d) (i) The remedies in an in rem action under this Subsection (2) are limited to a court
             420      order for the forfeiture or cancellation of the domain name or the transfer of the domain name
             421      to the owner of the mark.


             422          (ii) Upon receipt of written notification of a filed, stamped copy of a complaint filed
             423      by the owner of a mark in the district court under this Subsection (2), the domain name
             424      registrar, domain name registry, or other domain name authority shall:
             425          (A) expeditiously deposit with the court documents sufficient to establish the court's
             426      control and authority regarding the disposition of the registration and use of the domain name
             427      to the court; and
             428          (B) not transfer, suspend, or otherwise modify the domain name during the pendency
             429      of the action, except upon order of the court.
             430          (iii) The domain name registrar or registry or other domain name authority is not liable
             431      for injunctive or monetary relief under this section, except in the case of bad faith or reckless
             432      disregard, which includes a willful failure to comply with a court order.
             433          (3) The civil actions and remedies established by Subsection (1) and the in rem action
             434      established in Subsection (2) do not preclude any other applicable civil action or remedy.
             435          (4) The in rem jurisdiction established under Subsection (2) does not preclude any
             436      other jurisdiction, whether in rem or personal.
             437          Section 14. Section 70-3a-402 is amended to read:
             438           70-3a-402. Infringement.
             439          (1) Subject to Section 70-3a-104 and Subsection (2), any person is liable in a civil
             440      action brought by the registrant for any and all of the remedies provided in Section 70-3a-404 ,
             441      if that person:
             442          (a) uses a reproduction, counterfeit, copy, or colorable imitation of a mark registered
             443      under this chapter:
             444          (i) without the consent of the registrant; and
             445          (ii) in connection with the sale, distribution, offering for sale, or advertising of any
             446      goods or services on or in connection with which that use is likely to cause confusion, mistake,
             447      or to deceive as to the source of origin, nature, or quality of those goods or services; or
             448          (b) reproduces, counterfeits, copies, or colorably imitates any mark and applies the
             449      reproduction, counterfeit, copy, or colorable imitation to labels, signs, prints, packages,


             450      wrappers, receptacles, or advertisements intended to be used upon or in connection with the
             451      sale or other distribution in this state of goods or services.
             452          (2) Under Subsection (1)(b), the registrant is not entitled to recover profits or damages
             453      unless the act described in Subsection (1)(b) has been committed with the intent:
             454          (a) to cause confusion or mistake; or
             455          (b) to deceive.
             456          (3) In a civil action for a violation of Section 70-3a-309 :
             457          (a) the plaintiff may recover court costs and reasonable attorney fees; and
             458          (b) the plaintiff may elect, at any time before final judgment is entered by the district
             459      court, to recover, instead of actual damages and profits, an award of statutory damages in the
             460      amount of not less than $1,000 and not more than $100,000 per domain name, as the court
             461      considers just.
             462          (4) Statutory damages awarded under Subsection (3)(b) are presumed to be $100,000
             463      per domain name if there is a pattern and practice of infringements committed willfully for
             464      commercial gain.
             465          Section 15. Effective date.
             466          This bill takes effect on July 1, 2010, except that Sections 70-3a-309 and 70-3a-402
             467      take effect on May 11, 2010.


[Bill Documents][Bills Directory]