TOC Notes on
Ambush Marketing
Case Analysis:

-1- In previous chapters, identity theft was a clear cut notion: someone pretends he or she is you and attempts to benefit from it, usually harming your reputation, your credit and eventually your pocketbook. In the case at hand, nothing of the sort happened. No GEICO competitor ever claimed to be GEICO.
Yet, for GEICO the plaintiff, the effect can seem eerily similar.
A user asks Google where to find "GEICO", gets a page of answers from Google and clicks on a sponsored link to "US Insurance Online", an online insurance agent.
One can argue that:

  • - the user who really wants to find GEICO should have known better and try geico.com first - it works
  • - Google does provide the link to geico.com first of the list, which happens to be 810,000 deep
  • - sponsored links are clearly separated from genuine links on the resulting page, an ethical practice pioneered by Google itself
  • - in keeping with the court decision, the text of the sponsored links does not mention "GEICO"
Yet the user would have been highly unlikely to go to US Insurance Online if US Insurance Online had not made "use" of the trademark "GEICO" to lure the user in the first place.

-2- Because the names involved in the case are commercial, not personal names, it is easier to avoid moral indignation, examine the case on its merits and come with a reasoned opinion for GEICO or for Google.
The key point of the case is that in fact there is no compelling reason to find for one or the other.
Yes US Judge Brinkema in a Virginia court has issued an opinion which is mainly favorable to Google. But please note that

-3- Confused? That's the crux of the matter.
Ambush marketing is the use of imaginative ways of "redirecting" prospects of a popular identity away from it and to a specific substitute for a fraction of traditional marketing costs. Operating a mega-store across the road from a successful shopping mall, blanketing airwaves during the Olympics with ads competing with an official sponsor, attacking an asset of a worldwide brand name to promote an environmental concern are example of ambush marketing.
The case makes clear that in some instances, especially the newer ones involving digital information, one may not even know in advance if one's actions are going to be found legitimate or not.. Since trademark infringement, often at the root of digital ambushes, is an attempt to confuse the public concerning the identity of the trademark owner, its determination hangs on analysing a grey area, "confusion" of the concept of identity, in which indeed there cannot be a black and white border.

-4- There are two kinds of lessons to be drawn for business executives:

  • - for the marketing director, ambush marketing is a powerful tool which can reward the daring, especially when the practice is ruled admissible by the courts
  • - for the person responsible for protecting the digital integrity of a business, a constant watch is needed to spot and respond to ambush marketing by competitors
    • - whether the specific action has been found illegal in the relevant courts
    • - or not, since admissible practices cannot be left unchecked without endangeering the business

General Comments:

-1- The starting point for understanding digital ambush marketing is the Lanham Act, which codifies trademark laws in the United States since 1946.
A trademark is defined as "a device (as a word) pointing distinctly to the origin of ownership of merchandise to which is it applied and legally reserved to the exclusive use of the owner as maker or seller" (Webster New Collegiate Dictionary, Merriam Company). Taking this definition implicitly, the Lanham Act goes on to explicitly cover "services" as well as "goods" (15 USC section 1053).

It then proceeds to establish how exclusive usage can be legally secured and enjoyed. Its key statement is that "no other person has the right to use such mark in commerce either in the identical form thereof or in such near resemblance thereto as to be likely, when used on or in connection with the goods of such other person, to cause confusion, or to cause mistake, or to deceive". This statement is both a condition for registering a trademark and the protection offered once registration is granted.

In other words a registered trademark is the way a commercial entity use to convey its identity to other parties and infringement is what prevents identification of the owner by at least one other party.

-2- Words such as "near resemblance", "confusion", "mistake", "to deceive" explain why trademark law has been a thriving specialized field since the very beginning. The practical determination of such concepts in a specific case invites debate. Our topic focuses on the pratical meaning of the expression "exclusive use".

When trademarking requires a particular instrument to be applied, for example a branding iron for leather goods or a hand signature for paper, the relative difficulty for the infringer to procure the instrument goes a long way to prove the intent and existence of "forgery": what was he or she thinking when "forging" the special branding iron or training the hand ?!!
But remember that a trademark can be a simple "word". How can one police the exclusive use of a mere word ? Indeed one of the early outcome of trademark laws has been the inevitable dilution of trademarks so successfull they became ordinary words used by the whole population.
For an example look no farther that the current popular urge "to google" somebody, meaning to use a search engine such as Google to locate information on someone by entering that person's name as a keyword. What about my own previous sentence, which contains two instances of a trademark ? Not enough confusion and deception? What about urging the reader to google me on Yahoo! ?

While exclusive use of words as trademark has always been debatable, the digital revolution make "words" into instruments ever more powerful and easy to use, thereby amplifying the debate. Beside a text, a word (or a phrase) can be a search key (for direct retrieval) and a searchable tag (for inviting direct retrieval but without appearing in the text retrieved). Keyword-based advertising allows search keys (entered by consumers) to be turned (by the search engine) into searchable tags (sold to the advertisers).

-3- Within this context, a number of situations have already been recognized, clearly described and, when the need arose, decided. It is instructive to review a number of them.
The first case actually goes beyond the Lanham Act and involves the statutes referenced in ID theft.
Giving a very literal interpretation to the expression "redirecting prospects of a popular identity away from it and to a specific substitute", "Pharming" uses vulnerabilities in the so-called Internet Domain Name System (aka DNS) to allow a third party to hijack the way the Internet directs user requests to specific servers.

One can view communication over the Internet as the cooperation of multiple layers of meaning and processes. Actual communication is achieved by translating an action required at a certain layer into simpler actions taken by lower layers down to the very bottom of the stack on one end of the electronic channel and interpreting the actions from the lower layers back into an action meaningful to the corresponding layer at the other end of the electronic channel.
The power of this model is that one can afford to "forget" both "how it works" below the layer or layers which are of interest and "what it means" above them. Think for example of two people talking to each other. One can choose to concentrate on the exact words exchanged rather than the phonemes and sound waves which implement those words "below" or the meaning these words convey "above", an action typical of court reporters.

All computers connected to the Internet are identified with a unique IP address such as Since this is gibberish for ordinary users, the Internet also makes provision for a more meaningful upper layer at which servers are identified by domain names such as "geico.com" or "google.com". In keeping with the layered model described above, whenever a user makes a request to a specific domain, say "geico.com", the Internet without any need for user's intervention interprets this "upper layer" name into the "lower layer" IP address for the corresponding server computer. This is the role of the DNS administered by the so-called Internet registrars in conjunction with the Internet service providers. Pharming consists in fooling the DNS into translating the domain name of the target into the IP address of the attacker's computer. Because DNS translation is a decentralized process, the redirection may affect a fraction of the users only.

Since it involves either an illegal entry into the computers of some service company or fraudulent representations to their employees, pharming is clearly illegal. The more successful the attack, the shorter the time it can escape discovery. But meanwhile and coupled with a convincing imitation of the original target site, pharming can make "phishing" particularly effective since misdirected users know they typed the unique domain name of their intended target and are therefore convinced they must have reached it.

-4- The second case concerns the use of domain names.
While protecting individuals is normally outside of the scope of the Lanham Act, which focuses on commerce, Cyber Piracy Protection for individuals, 15 USC section 1129 specifies that, some exceptions put aside, the name of a person cannot be taken as an Internet domain name without that person's consent.
This Nov 1999 update to the Lanham Act also included similar protections for trademarks by extending section 1125 on false designations of origin and false descriptions. Important point, a mark does not have to be registered as such in order to be protected. It only need to be famous. Internet domain name registration is therefore a cross between two types of protection:

  • - protection without prior action, normally associated to private individuals (one can hardly imagine asking individuals to register their names)
  • - protection against name variants, regularly deemed by trademark law to be a source of objectionable confusion

The issue is that domain names are often neither trademarked nor trademarkable ("apple" can be and has been registered as a trademark to sell computers or music but not apples) nor famous nor do they correspond to names of individuals.
In this case many legal options are opened to generate interesting variations on a name such as:
  • - another suffix, such as "eprivacy.com" registered by "ePrio Inc.", "eprivacy.org" registered by "Consumer.net" or "eprivacy.net" registered by "Moniker Privacy Services", a domain name broker
  • - a spelling variant, such as "apropos.com" registered by "Apropos Technology", a call center supplier and "a-propos.com" registered by "ePrio Inc.", using the correct French spelling
  • - an expected "typo", such as "privacy.com" registered by "Relationship Management Programs Inc.", to be compared with "eprivacy.com" registered by "ePrio Inc."
  • - further qualification, such as "eprivacygroup.com" registered by "Vince Schiavone", to be compared with "eprivacy.com" registered by "ePrio Inc."
Note that the real life examples provided above are here only to illustrate how to create acceptable variations on a domain name. The author neither claims nor suggests that a company or an individual above mentioned engages or has engaged or intend to engage in ambush marketing.
For a legal case involving ambush marketing by "typo"-based variants, see a recent decision by the National Arbitration Forum.
Ordinary phishing often use similar name variations to trick the user. For example spoofed messages to earthlink.net users originate from activate-earthlink.net or earthlink-org.net. Needless to say phishers do not worry about the Lanham Act and whether the domain name targeted is trademarked or not.

ICANN is the self-governing industry authority on domain name attribution. Before taking any action relative to domain name registration, one also needs to read its dispute resolution policy.

-5- A third case creates significant exceptions to the protection of domain name appropration.
Even if the original domain name is granted trademarked protection, it is lawful to register a potentially infringing domain name without the consent of the trademark holder and use it for a site containing even material derogatory with respect to the trademark holder as long as it is done in good faith and without commercial gain in mind. For an example, see google-watch.org.

While most practitioners of ambush marketing might not be able to follow this pattern as they usually pursue commercial gain, targets will find little satisfaction in this restriction.
For legal precedents see West's Case updates in cyberlaw:

  • - Lucas Nursery and Landscaping v. Grosse, 359 F.3d 806 (6th Cir., 2004), the preemptive hijacking of one of the most likely domain names to be desired by Lucas Nursery and Landscaping, ie. lucasnursery.com
  • - TMI, Inc. v. Maxwell, 368 F.3d 433 (5th Cir., 2004), the creation of two variations of TMI's original domain name trendmakerhomes.com:
    • - one through an expected typo, trendmakerhome.com (Warning: the text in the West's case is marred by a typo on this typo!!), now used by TMI
    • - the other through the use of another suffix, trendmakerhome.info still managed by Mr Maxwell, the disgruntled customer.

-6- So far the redirection was either radical (pharming) or passive (domain name hijacking). The next case is more subtle and exploits current Internet practices. Assuming the target is popular, many prospects will not reach it directly but go instead through a search engine. If this search engine accept keyword-based or category-based advertising, it can be paid to give each target prospect the opportunity to switch instead to the substitute.

The case study in this chapter goes in some detailed to relate "GEICO versus Google". It transpires that, in the United States, mere use of a trademark as a search key does not infringe on the "exclusive use" enjoyed by the trademark holder.
Practical applications are not limited to "sponsored links" as used by Google in its Adword advertising service. "Pop up" advertising is also covered. Contrary to initial expectations, US Judge Walker from the US court of appeal for the second circuit finds in June 2005 that the mechanism used by WhenU.com does not "use" the trademark of 1-800 Contacts as it triggers a pop up advertising whenever prospects using its SaveNow software access the site of 1-800 Contacts, thereby invalidating the legal standing of the plaintiff 1-800 Contacts.

As a personal opinion, I find two of the assertions made by US Judge Walker in his opinion highly debatable:

  • - he distinguishes the name of the website (www.1800contacts.com) from the underlying trademark (1-800Contacts) by saying they are "similar but not identical". While obviously correct, this statement is contrary to the spirit of the Anti-cybersquatting Protection Act which take name variants into account
  • - he states that an internal reference to a trademark is not a "use" of the trademark. This may be literally true but is contrary to the trend started by the Computer Fraud and Abuse Act which does not hesitate to revise the meaning of common words in view of new technologies, declaring for example that mere "reading" is enough to "obtain" information even when no material copy is made
On the other hand I find much more convincing the relationship established by Judge Walker between WhenU.com mechanism and so-called "product placement" policies commonly used in retail. A careful reading of title 15 USC sections 1051-1129 shows that "exclusive use" can in fact be subject to qualifications. For example section 1125 explicitly :
  • - requires plaintiff to show "use in commerce... which is likely to cause confusion, or to cause mistake, or to deceive..."
  • - allows "fair use of a famous mark by another person in comparative commercial advertising or promotion to identify the competing goods or services of the owner of the famous mark ".
I would argue that keyword-based advertising internally referencing a trademark or a close variant does "use" the trademark "in commerce" but that, when the intented and actual result is akin to a "product placement" or "comparative advertising", such use should be found not "likely to cause confusion..." given the fact that the average US customer expects and accepts constant competitive sollicitations as a reality of the market place. In other words I agree with the conclusion reached by Judge Walker, not, with all due respect, with his argumentation.

-7- Let us briefly review what appear the three important principles behind ambush marketing:

  • - ambush marketing applies the principle of asymmetric warfare. it uses the very strength, ie. the popularity of a target, to attract prospects to the substitute. Attacking a weak target would be nonsense.
  • - some practices of ambush marketing are akin to comparative advertising or shopping. Compare the legal decisions relative to Google keyword-based advertising in France, which prohibits comparative advertising, and in the US, which admits it: not surprisingly, Google looses in France and wins in the US
  • - good ambush marketing combines tactics for greater effectiveness see for example the site www.google-watch.org, managed by legitimate Google bashers (in good faith and not for gain). It uses both:
    • - a name derived from the original Google name
    • - the fact that searching for "google" with the Google search engine returns a link to google-watch at position 14 out of 227,000,000 answers, a very good result (and not even paid for)
It must be emphasized that trademark and domain registration laws and regulations vary from country to country. For an organization intent on an international audience, and the practicioners of ambush marketing, the above comments focus on the United States and must be complemented by a similar analysis of foreign practices.


Since ambush marketing is asymmetric warfare, the first principle is to know the standing of one's own organization:
is it strong and a potential target or weak and a potential attacker ?
This is not always as clear cut as it looks for this assessment can vary:

  • - over time. Less than 6 years ago Alta Vista was the target and Google an obscure challenger !
  • - according to geography or product line

No matter the result of the assessment, it is important to protect one's own trademarks.
Remember once an attack has been recognized by a target, retaliating against the attacker might become as tempting for the target as attacking the target was for the attacker in the first place.

The next step is to monitor the battle field :

  • - domain name registration for base names and the most likely or damaging variations
  • - trademark registration
  • - customer feedback
This time tactics depend on the role.

Targets must make sure procedures are in place to avoid loss of ownership, whether for domain names or trademarks.
Attackers should try to position themselves to buy desired domain names if and when they become available or take opportunity of the dropping of a trademark legal standing.
An interesting case involves Hughes Network Systems. This manufacturer had created an Internet site for maintenance purposes, mentioned this name in field maintenance software and later forgot to renew the corresponding domain name. This manufacturer's own products started to send a stream of prospects to the company who picked up the name. The source implies no harm occurred but that the potential for trouble was high.

Targets should also review their procedures for listening to customer complaints. In most companies existing procedures already process the great majority of complaints in a satisfactory way and an ordinary review would only reinforce internal self-satisfaction. What is needed is a special review focused on how rare exceptions are handled or rather found. For the difficulty, as in credit fraud, is to spot the false negative, the customer the company thinks has been taken care of but has in fact turned vindictive. Two complementary approaches are recommended:
  • - creation of an ombudsman for the organization to whom, hopefully, disgruntled customers will turn before it is too late
  • - monitoring of truly independent user groups for early detection of vindictive griping
Company supported user groups might be included for good measure but they might prove too friendly to the company for the purpose of the disgruntled customer.

As a special defense against Pharming, targets are advised to buy and install a site security certificate, which guarantees the identity of the site owner. This secures all important user Internet communications through site authentification and data stream encryption using the https: protocol.
Assume an attacker redirects users to its own substitute site. Even if the substitute site has its own site certificate, it will be unable to present the original certificate, revealing a flaw most users will detect.

Assuming one belongs to a potential attacker, the following questions intends to help plan an attack:

  • - what target do I attack ?
  • - how do the target prospects usually find the target on the Internet ?
    • - direct access based on known target domain name
    • - search on a search engine based on particular terms characteristic of the target:
      • - which terms ?
      • - are they trademarks, trademarkable...
    • - use of influencial third party links
    • - use of comparative shopping sites
  • - is there a process which yields enough traffic and which I can attack ?
    • - how could I be selected myself based on the same search terms ?
    • - should I bid on relevant sponsored links ?
  • - is the target burdened with a legal retaliatory website ?
  • - am I willing to muddy the waters by building a chain of deniability ?

The last comment opens the door to dubious solutions. The intent here is not to promote unethical behavior but to inform targets of what to expect.
For example assume a disgruntled customer creates a retaliatory website which happens to mention better alternatives, mine especially. Can I insure that my relationship with this legitimate individual is kept at arm's length and does not bring a traceable monetary benefit to this individual ?

For another example assume the target, at apple.com, sells computers. Why not help funding a company at apples.com to sell music ? Granted, your company sells computers and is unlikely to profit from apple's prospects getting themselves at apples.com. But you are certainly harming the target. And why not at some point make sure that apples.com includes a link to a company, yours, selling computers ? Now that is genuine ambush marketing !
Confused ? This of course is a real case but happened unintentionally and the other way around. Applecorps, the Beatles' record company, was founded first, its site now at applecorps.com. It is naturally suing Apple Computer for trademark infringement now that Apple Computer is heavily promoting its own online music business. For the sake of completion apples.com does exist, is obviously not owned by Apple Computers and sports a list of sponsored links on its home page. Should Warner Music be tempted ?

For an example of clean, legal ambush marketing, look at WhichSSL a site for comparative shopping on SLL certificates quoted below.
What makes it interesting is that this well designed site is managed by Comodo, the challenger to SSL certificate market leader Verisign. This is readily acknowledged in its "about us" page and so ever lightly hinted at by the mention of "C.O.M.O.D.O" on the home page. Obviously Comodo thought that:
if the right attack venue does not exist or proves too expensive, why not create your own ? Since many prospects voluntarily search for comparative shopping, it might not cost a lot to advertise and, if it proves popular, the target might even be forced to pay the attacker for inclusion !

Assuming one considers one's organization to be a likely target, the following questions intends to help prevent attacks:

  • - what steps have been taken to insure prospects can get to your site directly ?
    • - do you advertise your website ?
    • - does your domain name obvious, simple to remember and to type ?
      if prospects who know your organization still need to use a search engine to find your domain name, you are inviting trouble
    • - do you own most likely variations due to typos or uncertainty and use those sites to reroute users ?
      amazone.com (French spelling) used to be an independent site. Now it automatically routes the user to amazon.fr, the French site of Amazon.com
  • - can you insure the first page returned by a search on your organization name is flooded with links to your web site ?
  • - how broad is the spectrum of keywords or expressions which, as keywords, will return a link to your site in a good position ?
    the broader the spectrum, the more expensive an attack based on sponsored links will become
    getting tagged and referenced optimally is a meaningful subspecialty
  • - if some of the keywords have a disproportionate yield, is it worth making preemptive bids on sponsored links tied to the same keywords ?
  • - do you have procedure in place to quickly respond to obvious schemes against which the law protects you
  • - do you have procedures in place to investigate dubious schemes such as derogatory or dilutive sites potentially financed by competitors ? see for example

Tools available:

Lawyers specialized in trademark law and other intellectual property (IP) rights
This topic focuses on words: words as trademarks, the meaning of words such as "to use", the manipulation of words as keys and tags. It is therefore proper and prudent to take trademark and IP lawyers as a priority resource.
Internet may not yet be the best way and is certainly not the only way, to find a good lawyer. The following links are provided for the sake of illustration only.

This is also a good time to stress again the fact that this site does NOT dispense legal advice.

Internet-related tools
This section is not homogeneous. View it more like a toolkit to look into according to specific needs.

  • - Whois engine to monitor domain registration status
  • - all relevant search engines, from the big ones (Google, Yahoo! ...) to specialized ones (taking trademark law as an example, see the links provided above),
  • - all relevant chat rooms and consumer feedback sites
    to get started, see for example the results of a Google search
  • - WhichSSL for comparative shopping on site security certificates (SSL standard)

Word of Mouth marketing
For a way to pay attention to what is being said about a target company or start others to do marketing for you at bargain prices, you might want to take a look at BuzzMetrics, a company which has recently met with notable success in its own public relationship campaign.

a link to an organisation, public or private, does not represent an endorsement
and no compensation has been received nor sollicited by the author for its inclusion.

July 2005
Copyright © 2005 Philippe Coueignoux. All rights reserved.