Newsletter
Arbitrary changes to another person's domain registrant name and webpage content may incur criminal liability
I. Introduction
With the growing complexity of issues relating to domain dispute resolution, a common alternative dispute resolution (ADR) method is to file complaints with the Internet Corporation for Assigned Names and Numbers (ICANN). While existing ADR approaches may be helpful, there are times when litigation is the only way forward.
As prescribed by law, one may file civil actions to address certain domain disputes. For instance, Article 70 Subparagraph 2 of the Trademark Act provides that any of the following acts, without consent of the proprietor of a registered trademark, shall be deemed infringement of the right of such trademark: Knowingly using words contained in another person’s well-known registered trademark as the name of a company, business, group or domain or any other name that identifies a business entity, and hence there exists a likelihood of confusion on relevant consumers or a likelihood of dilution of the distinctiveness or reputation of the said well-known trademark. Strategizing for domain-related actions, however, should also take into account each individual case's circumstances, and a criminal action on any possible criminal charges could serve an important role. The following is a pertinent analysis of Taiwan New Taipei District Court's Criminal Case Judgment 112-Su-Zi-1260 ruled in February 2025 in which the domain name dispute triggers criminal liabilities:
II. Case analysis in brief
(i) There is a mandate relationship between the two parties, and the mandatory must not violate the principal's interests.
The case involves two domains, hereinafter referred to as "I" and "M."
As shown in the relevant evidence and confessions, Complainant requested that Defendant handle the business operation of Complainant's company and be in charge of managing the domains "I" and "M" that Complainant filed for use. For managing and maintaining these domains, Defendant separately billed and collected payments from Complainant and issued receipts. Doing this work for Complainant, however, did not make Defendant the director or stakeholder of Complainant's company, nor did it give Defendant the complete decision-making authority to run the business. In other words, Defendant participated in running the company's business on Complainant's request and carried out the business operation assigned by Complainant—the business was not jointly run by Defendant and Complainant.
Given that Defendant was mandated by Complainant to participate in running the latter's business and was separately mandated to manage and maintain the domains "I" and "M" and to carry out the aforesaid business operation assigned by Complainant, and that in so doing Defendant indeed engaged in operational tasks, Defendant has fiduciary duty to the tasks it performed before the end of the mandate. Therefore, in the execution of the aforesaid business operation, Defendant shall act in the best interest of Complainant and shall not act in any way contrary to such best interest to the benefit of itself or a third party.
(ii) Arbitrary changes by Defendant to the registrant information of the domain entrusted to its care during the term of mandate constitute criminal offenses against computer security and breach of trust.
During the term of mandate, Defendant acted contrary to objective facts and in the interest of itself and a third party. With the criminal intent to breach trust and to make changes without cause to electromagnetic records on another person's computer-related devices, Defendant filed to change without cause the registrant of the domain "I" entrusted by Complainant to the English name of a company under Defendant's name, thus changing the aforesaid electromagnetic records and harming Complainant's interest in and to the aforesaid registration. This change in registration benefits the company founded by Defendant and harms Complainant. In so doing, Defendant not only changed without cause the electromagnetic records on another person's computer-related devices but violated its fiduciary duty, which constitutes a breach of trust.
(iii) Defendant arbitrarily changed the webpage content on the website under the domain entrusted to its care, violating criminal offences against computer security.
After the end of the mandate, Defendant acted with the criminal intent to change without cause the electromagnetic records on another person's computer-related devices, i.e. changing the webpage content in the following manner:
1. Defendant deleted each page in the website of the host computer of domain "I" and changed the contact information on the "Contact" page by replacing Complainant's contact information with that of Defendant's.
2. Defendant deleted each page in the website of the host computer of domain "M," leaving only one single webpage.
Though Defendant was no longer mandated and no longer had any fiduciary duty, its actions constituted making changes without cause to the electromagnetic records on the webpages under Complainant's domain, harming the interests of Complainant in its use of the webpages under the domains "I" and "M" and causing harm to Complainant by preventing it from using such webpages normally.
(iv) Defendant's claims were found to lack merit.
Defendant claimed that it believed itself to be the successor and was jointly running the business with Complainant, and that accordingly it considered itself to be the proprietor of the domains "I" and "M." The court, however, held that Defendant provided Complainant with invoice details for salary payment for both itself and employees, for Complainant's review and fund disbursement and as particulars for the company's financial records, and that accordingly Complainant did pay Defendant, the mandatory, the corresponding remuneration. Even if there were instances of gratuitous appointments, they would constitute gratuitous mandates and could not be used to claim that the parties did not have a mandate relationship. Furthermore, without any transfer of major company shares or assets or the handover of management authority, the so-called "succession" was merely Defendant's subjective expectation and had not been realized. Additionally, Defendant's frequent self-reference as the "successor" further demonstrated that it had not yet become the actual leader or proprietor of the business.
Defendant further argued that the act of changing webpage content under the domains was to "protect business management rights." However, the court held that the maintenance of the domains "I" and "M" was originally entrusted by Complainant to Defendant for management and maintenance purposes—just because Complainant entrusted such management and maintenance tasks to Defendant did not mean Defendant could consider itself the proprietor or rightful holder of the domains. Moreover, after the termination of the mandate between the parties, Defendant no longer has the right to maintain these webpages under the domains, so its deletion and change of the electromagnetic records of the webpages under these domains constituted unauthorized alterations done without cause.
III. Conclusion
With the advancement of the internet in today's society, most business activities rely on domains for marketing and expansion and it is common for business operators to entrust others to manage their domains. In the event of a dispute, one may consider filing claims of criminal liability after conducting an overall assessment with professional analysis. This case offers a detailed and noteworthy analysis of the criminal liability arising from arbitrary changes to the registrant information of an entrusted domain and to the webpage content on a domain's website.