Cybersquatting and Some Legal Concerns Surrounding Corporate Websites

By Sonny Zulhuda


The corporate world today has grabbed the efficiencies of information and communications technology (ICT) in its maximum use. Regardless the size and area of industries, workplaces have been equipped with cutting-edge tools of the computers technology and connected to the Internet. With the adoption of electronic tools such as computers, Internet or Intranet, businesses have been operated more or less electronic way. Meeting notices are no longer served by printed paper, and personal data of employees and customers are no longer kept on bulk of papers previously stored in wooden or metal cabinets. In large extent, the electronic mail (email) and electronic storage have been used to replace traditional way of doing business.

Websites have now become a virtual address of companies. They are used to publish companies’ profile, products, promotions, activities, as well as interactive portals. In Malaysia, for public listed companies alone, there are already 225 public listed companies that have website for their business operations, ranging from merely informational sites to commercially designed and transactional websites (Source: Bursa Malaysia). Besides, more and more government agencies are also posting their websites in the World Wide Web.

The adiption of the Internet and computer technology by corporate organizations can be illustrated as follows:

ICT Tools

Internal Use

External Use

Computer network

Intranet – use of electronic data interchange (EDI) within organizations

Internet – external networking of computer networks

Email facilities

Internal announcement, notices, communications, instruction or assignment of works.

Communications with customers, public and other business partners of news, releases and advertisements


Guidelines and information resources for employees on organization’s policies, best practices, etc.

Publication of institutional circulations, releases, profiles, reports and products/services through website

Computer storage

Electronic filing of organizations’ assets, properties, documentation, personnel data, trade information, account data and CRM

Electronic filing of business partners’ information and documentation

Online transactional platforms

Internal lodgment of leaves, loan applications, claims, payroll system, share transfer, etc.

Online recruitment process through openings on websites and other online job agents; Commercial transaction processes either wholly or in part through online transactions processes

With this vast adoption of the Internet and computer technology, physical workplaces are now prepared to be second in significance compared to the virtual workplaces. Nevertheless, this exposure will certainly bring about new legal risks. This paper seeks to discuss those legal risks in the order of two broad issues; firstly, those risks resulting from the use of electronic mail (e-mail). Secondly, those risks that result from the establishment and operation of corporate websites.

Concerns Related to Companies’ Website

Website has been an essential component for organizations and companies in running their business today. It is used as a portal from which all necessary information about the company can be retrieved by potential customers and business partners.

A website can be either informational or transactional or both. For an informational website, companies usually post their company profile, corporate information, products as well as services. On the other hand, a transactional website usually provides a platform for customers or pre-registered subscribers to forward feedback, or conduct transaction. This is exemplified by the airlines and hotels websites where public users can order and book for tickets or services.

There are certain legal risks exposed with the operation of websites as follows:

a. Liability due to misrepresentation

Since the websites are posted to public through the Internet, the operators of those websites shall bear in mind that the public can rely on whatever they represent in order to take any action or any transaction. For this purpose, website operators shall make sure all the information and statements posted in their websites are accurate, true, legal, and not violating the rights of other people.

Incorrect information is not only detrimental to the customers who may like to rely on the website’s content, but also damaging the reputations of the company or organization that posts such website. Furthermore, if the information or statement contains defamatory material, the operator may be sued for defamation as it is explained previously in the earlier part.

In Malaysia, the case of website misrepresentation arose when Multimedia Development Corporation (MDC), a highly reputable local company lodged a police report against another local company that claims it had a hand in the initial planning for the Multimedia Super Corridor (MSC). This claim was made and posted on that company’s website (The Star, 23 September 2002).

For that matter, MDC had also issued a disclaimer published in Malaysian daily stating that the said company was “not authorised to speak, act, and/ or transact on behalf of MDC or its subsidiaries on any matter relating to the implementation of the Multimedia Super Corridor or matters relating to the national ICT development programmes.” This disclaimer was in connection to the company website’s claim that its executive chairman “created the nation’s first integrated computer network named the chained matrix system” that “emphasizing on the control, supervise, and development of the nation human resources,” including “bringing in of foreign labors into the country.”

In the above case, it is obvious that a statement posted in website may be subject to public scrutiny. And thus, any misleading or wrong information may well lead to others’ disclaimer and even a lawsuit.

To anticipate risks like this, there are certain measures need to be highlighted by the website operators. The operator shall conduct regular checking and rechecking of the content of their websites so as to enable him to identify the parts that require modifications, updates, or changes.

Other than this, some website operators take initiative to put a disclaimer on their website to the effect that the website operators shall not be liable to any damage or loss due to the reliance of information as provided in the website. This disclaimer is not always welcome, since it is usually to the detriment of consumers. However, the disclaimer should be made in such a way easily readable to the viewers.

b. Terms of use of the website

‘Terms of use’ refers to those terms and conditions predetermined by the website owner that serve as the yardstick for consumers in accessing concerned websites. It also provides for the dos and don’ts that may be imposed by the website owner in retrieving information from such website. This term of use is becoming increasingly important in the wake of demand for better consumer protection. Website owner needs to be careful in outlining the terms of use especially in relations with the following:

ØPrivacy, confidentiality and personal data protection

Website owner should mention the principles of personal data protection embraced and practiced in dealing with collection, storage, use, processing and transfer of personal data of customers, employees, and others. In Malaysia, the law on personal data protection has not yet been passed by the parliament. The PDP Bill was introduced in year 2000 and since then underwent series of modifications, review and readjustments. When the time has come where this Bill is passed into law, there will be a lot to do for companies and organizations to adjust their data handling policies in order to be compliant with the law.

ØUse of ‘cookies’ for direct marketing

Cookies are files stored in a website that records the track of website visitors. They are designed to create the profile of website visitors so as to identify their online activities and tendencies. The website operator should mention if they use cookies in their website so as to warrant the visitors. In Malaysia, some aspects of cookies management will also be governed by Malaysian law on personal data protection.

ØProtection of copyrighted material

Website operator should ensure that all materials posted in the website do not infringe anyone’s copyrights and other intellectual property rights. This is because for any materials that infringe copyright, website operators are exposed to legal liability. In Malaysia, those provisions of law on this aspect are clearly provided in the Copyright Act 1987 (amended in 1997 for accommodating certain ICT issues).


Disclaimer in a website is a statement that excludes certain potential liabilities that may implicate the website operator. It is normal to find a website with disclaimer saying that the materials posted does not constitute professional advise thus should not bear any legal liability upon reliance. This is important especially when reliance of the information posted at the website can bring about detrimental effect to consumers.

c. Issues of cybersquatting

As we all know that every website can be remembered through its Unique Resource Locator (URL). This unique locator is also called domain names. Among other important issues to take care for every organizations that are willing to establish and develop their websites is that they should choose the name that would not directly or indirectly create dispute or infringe other people’s rights. In this area arises the issue of cybersquatting.

Cybersquatting is those practices including deliberate bad faith registration as domain name of well-known trademarks in the hope of being able to sell the domain to the owners of those marks (or rivals owners) or simply to take unfair advantage of the reputation attached to those names or marks. Thus it involves the use of domain name by a person with neither trademark registration nor any inherent rights to the name.

Cybersquatters exploit the first-come, first-served nature of the domain name registration system to register names of trademarks, famous people, or businesses which they have no connection. Since registration of domain names is simple and inexpensive, cybersquatters often register hundreds of such famous names as their domain names such as and Certainly, this kind of actions will incite those with legal rights on that names to bring a claim of trade mark infringement.

Globally, this cybersquatting issue is addressed by an international arbitration processes administered by international agency such as ICANN and WIPO Arbitration and Mediation Center.

In Sime Darby Berhad Malaysia v. Mr. Sim e-Darby (2002) over a domain name ‘’ by respondent in Canada, the matter went to WIPO Arbitration and Mediation Center, which heard in accordance with the Policy and Rules ofthe Uniform Domain Name Dispute Resolution Policy (UDRP). The decision of Panel was to transfer the impugned domain name to the complainant, because, among other things, the domain name registered by the Respondent is identical or confusingly similar to the “Sime Darby” trade mark in which the Complainant has rights.

This problem is equally supposed to have been settled in Malaysia. In a local case of Petroliam Nasional Bhd & Ors v Khoo Nee Kiong (2003) Malaysian court decided, among other things, that cyber squatting may be regarded as ‘passing off’. The first plaintiff in that case was a well-known national petroleum corporation. The second plaintiff was one of the marketing arms of the first plaintiff and the third plaintiff was in the business of processing and transmitting natural gas and it conducted its gas business under the trade name ‘Petronas Gas’. The defendant was an individual carrying out trading operations as a registered sole proprietor under the trade/business name ‘Araneum Consulting Services’ and was in no way associated with the plaintiffs.

It was held that by registering the said domain names which contained the word ‘Petronas’, there was a serious issue to be tried in that the defendant was making a false representation to persons who may have consulted the register that the registrant, ‘Araneum Consulting Services’ was connected or associated with the name registered and thus the owner of the goodwill in the name ‘Petronas’.

The court maintained that by registering the said domain names, the defendant had eroded the exclusive goodwill in the name ‘Petronas’ which had cause damage to the plaintiffs. The said domain names were instruments of fraud and any realistic use of them as domain names would result in passing off. This would cause irreparable injury and damage to the plaintiffs and by virtue of this, the balance of convenience tilted in favour of the plaintiffs.

In the circumstances, the plaintiffs had shown that there was a threat of passing off and trademark infringement on the defendant’s part which was likely to cause confusion in the minds of consumers of the plaintiffs’ products, thereby resulting in irreparable injury and damage to the plaintiffs’ trade, business and goodwill. Therefore, as the plaintiffs had provided an undertaking as to damages, the interim injunction sought for ought to be granted.

Summary: Let the Managers Take Notes

From the preceding elaboration, it is obvious that the use of information and communications technology at the workplace brings about various legal risks that should not be overlooked by both employers and employees. Website facilities should not be taken for granted. This knowledge is essential for those whoever engaged in professional activities in today’s corporate world of a cross sector and region. As the time goes on, professionals and workers in Malaysia will need to have certain level of awareness and understanding of these crucial issues.

For that important matter, this paper would leave some notes for those responsible in managing the operation of a workplace and administration of personnel to work within its boundaries. First, as so much that a workplace could expose so many issues and problems, managers would need to increase the level of employees’ awareness of the benefits and threats ICT facilities may offer to them. This is because the risks are real and the harm that may follow from the potential damage could be very detrimental to organizations. And this could be done through series of awareness programs and intensive socialization through newsletters, banners, and regular training or seminar for the employees.

Secondly, organization should make a concerted effort in addressing and managing the risks of using ICT tools at workplace. This means there is a need to gather a mix of expertise in all processes of risk management on this issue. That mix of expertise would need to come from managerial levels of human resource manager, information manager, IT manager as well as legal manager. Without this synergy, efforts to address ICT risks at workplace will become impaired and not comprehensive.

Last but not least, after a team of concerted mix of expertise could be gathered, the next big thing is to plan, draft and communicate a comprehensive set of ICT policies that determine the management of using email, Internet, software as well as information asset security. This policy plays important role as the rule of game in a new invented ‘jungle’ called electronic workplace.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s