ORDER DENYING DEFENDANT NAMECHEAP’S MOTION TO DISMISS
On August 17, 2008, рlaintiff Solid Host, NL filed this action against defendants NameCheap, Inc., dba Whois Guard Protected; Demand Media, Inc., dba eNom, Inc.; and John Doe l. 1 Solid Host alleges that Doe “hijacked” its domain name, < solidhost.com >. On March 20, 2009, NameCheap filed a motion to dismiss • the claims asserted against it for failure to state a claim under Rule 12(b)(6) of the Federal Rules of Civil Procedure.
I. FACTUAL AND PROCEDURAL BACKGROUND
A. Technical Background
This action requires knowledge of certain of the technical aspects of registering domain names for internet web sites. The court will briefly summarize this technical background before outlining the facts of the case.
The location of individual sites on the internet is denoted by an internet protocol (“IP”) address composed of a string of four groups of digits separated by periods. Each site has a unique numeric internet address.
Lockheed Martin Corporation v. Network Solutions, Inc.,
One wishing to use a specific domain name must register the name with one of numerous competing companies known as *1095 registrars. In 1993, pursuant to a contract with the National Science Foundation, Network Solutions, Inc. (“NSI”) became the sole registrar for domain names in the most commonly used TLD’s (“.com,” “.net,” “.org,” and “.edu”). Id. at 1161. In 1998, the federal government adopted a policy favoring competitive domain name registration. “In furtherance of this policy, a private, non-profit corporation, the Internet Corporation fоr Assigned Names and Numbers (‘ICANN’), [ 2 ] was formed to assume responsibilities for managing the allocation of Internet Protocol numbers and the domain name system. Also as part of the transition to a competitive system, NSI’s domain name registration service was divided into two separate units: a registrar and a registry.” Id. The registry maintains a centralized, publicly accessible database of information concerning all domain names in a TLD, known as the Whois (or WHOIS) database; 3 this database is compiled from information submitted by registrars. Id. While there is only a single registry for each TLD, there are numerous competing registrars. Id. Registrars control the IP addresses associated with particular domain names. 4 Customers seeking to register specific domain names interact with registrars; the registrars submit information regarding domain names to the registry, which includes the information in the public Whois database. A registrar must be accredited by ICANN for each TLD in which it operates. As part of the certification process, all registrars must sign the ICANN Registrar Accreditation Agreement (the “ICANN agreement”). 5
Generally, an individual seeking to use a domain name submits an online application to a registrar.
Id.
at 1161-62. “[I]f someone submits an application for a particular domain name that already exists in the Registry WHOIS database by virtue of a prior registration, that name cannot be registered again, and the applicant is advised that the sought domain name is unavailable .... If there is no existing registration for a given SLD name within a given TLD, [however,] that domain name is considered available and generally may be registered on a first-come, first served basis.”
Id.
at 1162. The registrant must provide personal and contact information that becomes part of the Whois database.
American Girl,
*1096 The fact that “every person who wants to register a domain name either consents to put some sort of publicly accessible contact information on line, or is unable to register the domain name” has drawn criticism from privacy and free speech advocates. See Matthew Bierlin & Gregory Smith, Privacy Year in Review: Growing Problems with Spyware and Phishing, Judicial and Legislative Developments in Internet Governance, and the Impacts on Privacy, 11/S: J.L. & Pol’y for Info. Soc’y 279, 313-14 (2005); see also, e.g., Dawn C. Nunziato, Freedom of Expression, Democratic Norms, and Internet Governance, 52 Emory L.J. 187, 256 (Winter 2003) (“Because of the important role anonymous speech serves within expressive forums— which in turn are integral to democratic governments — ICANN should, in reevaluating its policies to accord meaningful protection for freedom of expression, revise its policy requiring domain name holders publicly to disclose their names and addresses. While protecting anonymous Internet speech is clearly an important component of free speech within the United States, it is even more important for ICANN to protect the identity of speakers from countries that are more inclined to retaliate against speakers based on the ideas they express”). ICANN has been reconsidering its policies in light of these concerns. Bierlin & Smith, supra, at 314. In addition, there has been a growth in “companies that will register domain names for individuals and act as a proxy by using the company’s contact information.” Id. Such serviсes allow domain name registrants concerned with maintaining their privacy to remain anonymous. Naturally, these services also appeal to registrants who wish to conceal their identities for illegitimate purposes. Name-Cheap’s provision of an anonymity service to Doe is central to the dispute before the court.
B. Allegations in Solid Host’s Complaint
1. The Parties
Solid Host is a corporation based in the Netherlands, which is in the business of providing various internet-related services, including web hosting. 6 Defendant eNom is an ICANN-accredited registrar and a signatory to the ICANN agreement. 7 Defendant NameCheap is also an ICANNaccredited registrar and signatory to the ICANN agreement; Solid Host alleges that it “does not currently know whether [NameCheap] may have acted as [a registrar] in connection with the facts of this particular case.” 8 In addition to functioning as a registrar, NameCheap offers an anonymity service known as “WhoisGuard,” whereby NameCheap becomes the registered owner of a domain name desired by a customer, and licenses the domain name to the customer. 9 As a result, NameCheap’s contact information rather than the customer’s appears in the Whois database. 10 Defendant Doe is an anonymous individual described by Solid Host as a “hacker.” 11
2. Doe’s Hijacking of Solid Host’s Domain Name
Solid Host alleges that it is the owner of the domain name <solidhost.com>. 12 It *1097 registered this name through eNom in December 2004, and has used the domain name to conduct its business since that time. 13
Solid Host asserts that on Monday, August 4, 2008, due to a “security breach” at eNom, “Doe unlawfully gained access to [Solid Host’s] domain registration account,” obtained Solid Host’s login and password information, and “stole” the domain name <solidhost.com>. 14 According to the complaint, Doe “either by himself, or through his agent, defendant Name-Cheap ... moved [Solid Host’s] domain name to another domain registration account with ... eNom.” 15 Doe “or Name-Cheap acting at Doe’s direction” altered the IP address associated with <solid-host.com>, so that internet users accessing < solidhost.com > viewed a website “controlled solely by Doe” rather than Solid Host’s site. 16 The website stated that the domain name <solidhost.com> was for sale, and provided an email address for inquiries. 17 Solid Host alleges that Doe and NameCheap entered into a contract pursuant to which NameCheap agreed to become the registrant for <solid-host.com > listed in the Whois database and to “license[] the domain’s operability and functionality back to Doe.” 18 Once the registration for <solidhost.com> was switched to a new account, Solid Host’s owner, Andre Van Vliet, could no longer alter the IP address associated with the domain name to re-direct internet traffic to Solid Host’s website. 19
After discovering that he could no longer control the < solidhost.com > web site, Van Vliet attempted to regain access of the domain name. Van Vliet contacted the email address listed on <solidhost.com> and received an offer to sell the domain name for $12,000 from a different email address. 20 Because Doe demanded payment via wire transfer, Van Vliet refused to pay. 21
Solid Host’s counsel then made various unsuccessful attempts to recover the domain name through eNom; these are not pertinent to the present motion. 22 On August 8, 2008, Solid Host’s counsel contacted NameCheap in a further attempt to regain control of the domain name. 23 Although Solid Host does not specifically allege how it learned of NameCheap’s involvement, it presumably discovered that NameCheap was listed as the registrant for the domain name in the Whois database prior to contacting the company. Solid Host’s counsel requested that Name-Cheap reveal the identity of the customer who had used NameCheap’s “WhoisGuard” service to register < solidhost.com > and asked that the company “immediately take whatever steps were in its power to cause the return of the [domain name] ... to [Solid Host’s] control.” 24
NameCheap’s counsel requestеd evidence of the purported theft. 25 Solid Host *1098 alleges that it provided “evidence, including (but not limited to) a sworn declaration of Andre Van Vliet attesting to the relevant facts.” 26 NameCheap contacted Doe, who claimed that he had legitimately purchased the domain name. 27 NameCheap communicated this information to Solid Host’s counsel, who denied that the domain named had been sold, and expressed the opinion that Doe’s story was not credible. 28 NameCheap indicated that it would “remain neutral” in what it perceived to be a dispute between Solid Host and Doe, and refused to reveal Doe’s identity. 29
C. Procedural Background
Solid Host filed its initial complaint on August 18, 2008. 30 On August 21, 2008, it filed an ex parte application for temporary restraining order. The court granted the application on August 26, 2008. 31 The court directed eNom to transfer <solid-host.com > to Solid Host’s control, directed NameCheap to cooperate with eNom, and required it to transfer the domain name to Solid Host if eNom failed to effect a transfer. That same day, eNom returned control of the domain name to Solid Host. 32 On September 4, 2008, NameCheap revealed Doe’s identity to Solid Host’s counsel. 33 Solid Host has not sought to amend its complaint to substitute this individual for the fictitious Doe defendant.
The order granting Solid Host’s application for temporary restraining order set September 4, 2008 as the date for a hearing on an order to show cause why a preliminary injunction should not issue. The parties stipulated to continue this hearing numerous times. Finally, on January 7, 2009, the parties stipulated to entry of a preliminary injunction. Solid Host filed an amended complaint on February 20, 2009, and a second amended complaint on February 27, 2009. On March 20, 2009, NameCheap filed the present motion.
The second amended complaint alleges three causes of action against NameCheap: cybersquatting in violation of the Anticybersquаtting Consumer Protection Act (“ACPA”), 15 U.S.C. § 1125(d); breach of contract as a third party beneficiary; and unfair competition in violation of California’s Unfair Competition Law (the “UCL”), California Business and Professions Code § 17200 et seq. NameCheap argues that because it is an accredited registrar, it is not subject to liability for cyberpiracy under the ACPA; that the complaint fails to state a claim for cybersquatting and breach of contract as a third party beneficiary; and that Solid Host’s UCL claim fails because it is based on the cybersquatting claim and is not brought on behalf of the general public. 34
*1099 II. DISCUSSION
A. Legal Standard Governing Motions to Dismiss under Rule 12(b)(6)
A Rule 12(b)(6) motion tests the legal sufficiency of the claims asserted in the complaint. Dismissal is proper only where there is either a “lack of a cognizable legal theory” or “the absence of sufficient facts alleged under a cognizable legal theory.”
Balistreri v. Pacifica Police Dep’t,
In deciding a Rule 12(b)(6) motiоn, the court generally looks only to the face of the complaint and documents attached thereto.
Van Buskirk v. Cable News Network, Inc.,
B. Whether Solid Host Has Stated a Cybersquatting Claim Against NameCheap
1. Standard Governing Liability for Cybersquatting Under the ACPA
Congress passed the ACPA in 1999 as an amendment to the Lanham Act. The statute is designed to reach activities that might otherwise fall outside the scope of the Lanham Act, i.e., the bad faith registration of domain names with intent to profit from the goodwill associated with the trademarks of another, or “cybersquatting.” See S.Rep. No. 106-140, at 4
*1100
(1999); see also
Porsche Cars N. Am., Inc. v. Porsche.Net,
According to the Senate Report accompanying the ACPA, cybersquatters are those who (1) “register well-known domain names in order to extract payment from the rightful owners of the marks”; (2) “register well-known marks as domain names and warehouse those marks with the hope of selling them to the highest bidder”; (3) “register well-known marks to prey on customer confusion by misusing the domain name to divert customers from the mark owner’s site to the cybersquatter’s own site”; or (4) “target distinctive marks to defraud customers, including to engage in counterfeiting activities.” S.Rep. No. 106-140, quoted in
Lucas Nursery and Landscaping, Inc. v. Grosse,
To establish liability under the ACPA, a plaintiff must prove, “without regard to the goods or services [offered by] the parties,” that the defendant:
“(i) has a bad faith intent to profit from [a] mark ...; and
(ii) registers, traffics in, or uses a domain name that—
(I) in the case of a mark that is distinctive at the time of registration of the domain name, is identical or confusingly similar to that mark;
(II) in the case of a famous mark that is famous at the time of registration of the domain name, is identical or confusingly similar to or dilutive of that mark; or
(III) is a trademark, word, or name protected by reason of section 706 of Title 18 [the Red Cross] or section 220506 of Title 36 [the Olympics].” 15 U.S.C. § 1125(d)(1)(A).
See also
Bosley Medical Institute,
ACPA also contains a safe harbor provision, which states: “Bad faith intent described under subparagraph (A) shall not be found in any case in which the court determines that the person believed and had reasonable grounds to believe that the use of the domain name was a fair use or otherwise lawful.” 15 U.S.C. § 1125(d)(l)(B)(ii). In addition, several provisions of the statute shield domain name registrars from liability under certain circumstances. 15 U.S.C. § 1114(2)(D)(i) provides that “[a] domain name registrar, a domain name registry, or other domain name registration authority” shall not be liable for damages or, with certain exceptions, subject to injunctive relief for “refusing to register, removing from registration, transferring, temporarily disabling, or permanently canceling a domain name” in compliance with a court order or “in the implementation of a reasonable policy ... prohibiting the registration of a domain name that is identical to, confusingly similar to, or dilutive of another’s mark.” 15 U.S.C. § 1114(2)(D)(iii) provides that “[a] domain name registrar, a domain name registry, or other domain name registration authority shall not be liable for damages under this section for the registration or maintenance of a domain name for another absent a showing of bad faith intent to profit from such registration or maintenance of the domain name.”
This particular case raises several novel interpretative issues regarding the ACPA. In considering these issues, the court is mindful that the statute’s scope is narrow. See
Harrods Ltd. v. Sixty Internet Domain
Names,
Several of the statutory interpretation questions before the court stem from the parties’ efforts to apply the ACPA to a situation that does not involve traditional cybersquatting. The court therefore prefaces its analysis by noting the various ways in which this action differs from the “paradigmatic” cybersquatting scenario. See
Lucas Nursery,
Typically, a cybersquatter registers a well-known trademark as a domain name before the trademark owner is able to register it. The prototypical cybersquatter is not, as Doe allеgedly is, a “hacker” who “steals” an existing domain name. Rather, he is a speculator who registers a domain name not yet in use, taking advantage of the first-come first-served registration system, with the expectation that the domain name will be of value to the trademark owner. Unlike the usual cybersquatting victim, which has not yet registered its trade name, Solid Host alleges that it was the registrant of the domain name at issue, and had been for several years prior to the alleged theft.
This distinction between prototypical cybersquatting and hacking is not the only aspect of the case that differs from the norm. Doe purportedly obtained control of < solidhost.com > by “hacking” into eNom’s system and transferring the registration to a different account; he did not register the domain name himself in the first instance. After obtaining the registration, however, Doe proceeded as a typical cybersquatter would, attempting to ransom the domain name to Solid Host, the alleged trademark owner. Thus, analyzing Doe’s liability under the ACPA would appear to be relatively straightforward. Doe’s liability is not presently at issue, however. Rather, Solid Host seeks to hold NameCheap liable for cybersquatting because it refused to reveal Doe’s identity. For its part, despite the fact that it did not act as a registrar in this case, NameCheap invokes the safe harbor provisions of the statute that were intended to shield registrars from liability for accepting domain name applications. The court first considers NameCheap’s argument that it is immune from liability under the ACPA.
2. Whether NameCheap’s Status as a Registrar Shields it from Liability
NameCheap advances two arguments in support of its contention that it cannot be held liable for cybersquatting because it is a registrar. Citing
Lockheed Martin II,
Drawing all inferences in Solid Host’s favor, although NameCheap is an ICANNaccredited registrar, it did not act in that capacity in this case. 38 A registrar is a company that accepts and processes applications for domain name registrations. Solid Host initially registered <solid-host.com > through eNom. Although Doe gained control of < solidhost.com > in a manner that the complaint does not detail fully, it appears clear that he did not gain access to the domain name by submitting an application to NameCheap to register it. Had he attempted to register <solid-host.eom> through a registrar, in fact, he would have been informed that the domain name was already in use. Instead, Doe gained access to eNom’s system and made two changes related to < solidhost.com >. He altered the IP address associated with the domain name so that it corresponded to an IP address in his control, and he altered the registration information to indicate that NameCheap, rather than Solid Host, was the registrant. 39 NameCheap did not use the domain name but licensed it back to Doe.
As can be seen, Solid Host does not allege that NameCheap acted as a registrar; that is, it did not allege that Name-Cheap processed the registration for <solidhost.com>, either for Doe or on its own behalf. Although some registrars, perhaps including NameCheap, offer anonymity services at the time of registration, see Ian J. Block, Comment, Hidden Whois and Infringing Domain Names: Making the Case for Registrar Liability, 2008 U. Chi. Legal F. 431, 431-32 (2008), Solid Host alleges that Doe used NameCheap’s anonymity service independent of its domain name registration service. Whether the statutory protection afforded registrars in § 1114(2)(D) applies to registrars who provide services other than processing applications for domain name registration, simply by virtue of their status as accredited registrars, is apparently a question of first impression. 40 Before examining the specific safe harbors set forth in § 1114(2)(D), the court addresses Name-Cheap’s argument that registrars cannot be held liable under the ACPA under any circumstances.
a. Whether Lockheed Martin II Grants Registrars Blanket Immunity from Liability Under the ACPA
Although the safe harbors for registrars provided by § 1114(2)(D) apply only in specific circumstances, NameCheap argues that registrars can never be held liable
*1104
under the ACPA. In asserting an entitlement to blanket immunity, NameCheap relies solely on
Lockheed, Martin II.
There, Lockheed Martin Corporation sued NSI, a domain name registrar, arguing that NSI had “failed to protect” it by accepting the registration of domain names that infringed its trademarks.
41
Lockheed Martin II,
Indeed, a close examination of Lockheed Martin II reveals that it stands merely for the proposition that a registrar is not liable under § 1125(d) when it acts a registrar, i.e., when it accepts registrations for domain names from customers. The court first noted that there was “no summary judgment evidence that [defendant was] a person who ... had a ‘bad faith intent to profit from’ specific marks, 15 U.S.C. 1125(d)(1)(A)(i), that [were] registered with it or contained in its registry.” Id. at 654. It then explained that “none of the conditions and conduct listed” in § 1125(d)(1)(B)(i) as relevant to a finding of bad faith “would be applicable to a person functioning solely as a registrar or registry of domain names.” Id. at 655 (emphasis added). Next, the court observed that none of the actions triggering liability under the statute is the type of conduct in which registrars engage when acting in their capacity as registrars:
“Moreover, the court has concluded that there is no summary judgment evidence that defendant fits within the (ii) clause of § 1125(d)(1)(A). There is no evidence that defendant is a person that ‘registers, traffics in, or uses a domain name____’ The word ‘registers,’ when considered in context, obviously refers to a person who presents a domain name for registration, not to the registrar. The ‘traffics in’ part of clause (ii) is defined by § 1125(d)(1)(E) to mean ‘transactions that include, but are not limited to, sales, purchases, loans, pledges, licenses, exchanges of currency, and any other transfer for consideration or receipt in exchange for consideration.’ There is no summary judgment evidence that defendant has engaged in transactions of any of those kinds in reference to domain names. Section 1125(d)(1)(D) expressly limits the ‘uses’ feature to the domain name registrant or the registrant’s authorized licensee.” Id.
Thus, Lockheed Martin held only that, where the record indicates that a defendant did nothing more than act as a registrar, no liability under § 1125(d) will lie.
As the court explained, to be liable under § 1125(d), a defendant must register, traffic in, or use a domain name. As used in the statute, to “register” means to regis *1105 ter a domain name by submitting an application to a registrar. “Trafficking” refers to selling and licensing domain names and similar activity. A registrar that processes domain name registration applications does not register or traffic in domain names as those terms are used in the statute (although the registrar presumably “registers” the domain name from which it conducts its business as a registrar). Similarly, § 1125(d)(1)(D) implicitly limits registrars’ liability for “use” of an infringing domain name. That section provides that “[a] person shall be liable for using a domain name under subparagraph (A) only if that person is the domain name registrant or that registrant’s authorized licensee.” Because a registrar, in its capacity as such, is merely an intermediary that registers domain names, and does not typically act as a domain name registrant or licensee (except, again, of its own domain name), this provision provides some protection for registrars. Nothing in Lockheed Martin II, however, suggests that a registrar is immune under the ACPA when it acts other than as a registrar. Indeed, to the extent that NameCheap was the registrant of the domain name and “used” the name, this section would support the imposition of liability on it, not a grant of immunity to it.
NameCheap’s blanket immunity argument, moreover, is inconsistent with the fact that ACPA provides safe harbors for registrars in limited circumstances. The provision of limited safe harbors would be unnecessary if the statute provided sweeping immunity. The court therefore turns to whether the safe harbors apply to actions taken by a registrar in some other capacity.
b. Whether NameCheap Is Immune Under Section 1114(2)(D)
As noted, § 1114(2)(D) provides statutory safe harbors for registrars under various circumstances. Section 1114(2)(D)(i) provides that “[a] domain name registrar, a domain name registry, or other domain name registration authority” shall not be liable for damages or, with some exceptions, subject to injunctive relief, for “refusing to register, removing from registration, transferring, temporarily disabling, or permanently canceling a domain name” when such action is in compliance with a court order or “in the implementation of a reasonable policy ... prohibiting the registration of a domain name that is identical to, confusingly similar to, or dilutive of another’s mark.”
ACPA’s legislative history indicates that this section was intended to “encourage[ ] domain name registrars and registries to work with trademark owners to prevent cybersquatting....” See S.Rep. No. 106— 140, at 11. It contemplates that registrars will respond to trademark owners’ complaints and help to resolve disputes between domain name registrants and trademark holders, either by adopting policies targeted at preventing cybersquatting, or, where the parties have taken their dispute to court, through compliance with court orders. Based on the factual allegations in the complaint, NameCheap is not in a position in this case to “work with [the] trademark owner[] to prevent cybersquatting” in the manner contemplated by the safe harbor. Instead of occupying the neutral position envisioned for registrars by the statute, NameCheap is, by virtue of the anonymity service it provides, the registrant of a domain name that allegedly infringes Sold Host’s trademark. Name-Cheap is not “work[ing] with trademark owners to prevent cybersquatting” by providing an anonymity service; although the service has legitimate uses, as this action demonstrates, preventing cybersquatting is not one of them. The court thus concludes that § 1114(2)(D)(i) was not intended to shield registrars from liability for actions outside their core function as registrars. While § 1114(2)(D)(I) might protect *1106 NameCheap if it acted as the registrar for < solidhost.com >, given the allegations in the complaint, the court must assume for purposes of this motion that it did not act as registrar of the name. Further, the complaint does not allege that Name Cheap registered, removed from registration, temporarily disabled or permanently cancelled the Solid Host domain name.
Section 1114(2)(D)(iii) provides that “[a] domain name registrar, a domain name registry, or other domain name registration authority shall not be liable for damages under this section for the registration or maintenance of a domain name for another absent a showing of bad faith intent to profit from such registration or maintenance of the domain name.” The purpose of this provision is to “promote! ] the continued ease and efficiency users of the current registration system enjoy by codifying current case law limiting the secondary liability of domain name registrars and registries for the act of registration of a domain name.” S.Rep. No. 106-140, at 11. Thus, this safe harbor applies to “the act of registration of a domain name,” an action that the complaint alleges eNom, not NameCheap, took here. Given the facts alleged by Solid Host, the provision is inapplicable. Additionally, because “bad faith intent to profit” is an element of liability under § 1125(d), the provision adds little to the basic liability analysis.
For all of these reasons, the court concludes that NameCheap’s status as an accredited registrar does not shield it from liability in cases where it did not act as a registrar. Because the court assumes for purposes of this motion that NameCheap did not act as registrar for <solid-host.com >, the fact that NameCheap is an accredited registrar does not prevent from Solid Host from stating a claim against it. The court thus considers whether Solid Host has adequately pled the elements of a cybersquatting claim against it.
3. Whether Solid Host’s Has Alleged Ownership of a Protected, Distinctive Mark
To plead a cyberpiracy claim, Solid Host must first allege that it is the owner of a protected, distinctive mark.
Bosley Medical Institute,
*1107 Solid Host alleges that its “services using <solidhost.com> have been visible and available throughout the United States,” and that it has used the mark in interstate and international commerce with American custоmers.” 44 It alleges that it registered the domain name < solidhost.com > in December 2004, and that it has used the name actively in conducting its web hosting business since that time. 45 On this basis, it asserts that it has acquired common law trademark rights in the “Solid Host” mark. 46
NameCheap contends that Solid Host’s complaint “offers no evidence or even an allegation showing ... that the Solid Host
is a mark that is inherently distinctive or ... that the mark has acquired distinctiveness through secondary meaning.”
47
Solid Host is, of course, not required to adduce “evidence” to survive a motion to dismiss. Further, because the existence of secondary meaning “may be ‘inferred from evidence relating to the nature and extent of the public exposure achieved by the designation,’ or from proof of intentional copying,” see
Ashlar, Inc. v. Structural Dynamics Research Corp.,
No. C-94-4344 WHO,
Here, Solid Host’s allegation that it has consistently used the “Solid Host” mark in commerce with American customers since 2004, construed liberally in its favor, suggests that the phrase “Solid Host” has become associated in customers’ minds with the company’s services. See
Levi Strauss,
In addition, Solid Host has alleged that Doe intentionally took control of the domain name <solidhost.eom>, which raises an inference that the mark is distinctive. See
Ashlar,
4. Whether Solid Host Sufficiently Alleges NameCheap’s Bad Faith with Intent to Profit
To state a cyberpiracy claim, Solid Host must also plead that NameCheap “ha[d] a bad faith intent to profit from [Solid Host’s] mark.” See 15 U.S.C. § 1125(d)(1)(A)(i). The requirement of bad faith intent to profit from the mark is distinct from the requirement that defendant “register[], traffic[] in, or use[] a domain name.” See 15 U.S.C. § 1125(d)(1)(A)(ii);
Fare Deals Ltd. v. World Choice Travel.Com, Inc.,
The bad faith required to support a cybersquatting claim is not general bad faith, but “a bad faith intent to profit
from the mark,”
15 U.S.C. § 1125(d)(1)(A)(i) (emphasis added). Thus, the defendant must intend to profit specifically from the goodwill associated with another’s trademark. See
Lucas Nursery,
Here, the sum total of Solid Host’s allegations regarding NameCheap’s bad faith is that NameCheap acted in bad faith by refusing to reveal Doe’s identity “after being presented with facts that would cause a reasonable person to conclude that Doe had stolen the domain [name].” 48 The complaint alleges that “NameCheap profited by charging a fee for the anonymity registration service it provided to Doe, [that it] ... also profited by maintaining the anonymous registration ... after being presented with facts that would cause a reasonable person to conclude that Doe had stolen the domain;” and that “Name-Cheap has an economic incentive to resist any attempts to expose [its customers’] identities, even where it is presented with reasonable evidence that it has registered stolen property, i.e., a domain name that was hacked and stolen by the party ... seeking anonymity protection from it.” 49 Based on these allegations, Solid Host concludes that “NameCheap had a bad faith intent to profit from [Solid Host’s] service mark <solidhost.com>....” 50
Solid Host’s reliance on these allegations to infer a bad faith intent to profit from its *1110 mark fails. Nothing in the complaint suggests that by affording Doe the benefits of anonymous registration, NameCheap sought to benefit in any way from the goodwill associated with Solid Host’s mark. The only bad faith alleged is NameCheap’s provision of an indisputably legal anonymous registration service without attempting to screen out customers who wish to use it to cybersquat; and its decision to maintain its customer’s anonymity when presented with evidence that its services had been used for this illegitimate purpose. 51 The only intent to profit alleged is linked to NameCheap’s operation and promotion of its anonymity service; none of Solid Host’s allegations suggests that NameCheap intended to profit from the goodwill associated with the Solid Host trademarks.
Whether NameCheap’s refusal to reveal Doe’s identity might constitute bad faith in some other context is irrelevant. See
Sporty’s Farm,
*1111
This failure, however, may not be fatal. The complaint plainly states a claim for cybersquatting against Doe. It alleges that he offered to sell the domain name to Solid Host after pirating it. This constitutes trafficking in the domain name with a bad faith intent to profit from Solid Host’s mark. See
Catalanotte,
5. Whеther Solid Host Has Stated a Claim for Contributory Liability
a. Legal Standard Governing Contributory Liability Under the Lanham Act
It appears that, in addition to pleading that NameCheap is directly liable for cybersquatting, Solid Host also asserts a claim for “contributory
cybersquatting.”
53
See
Newborn v. Yahoo!, Inc.,
In general, “[c]ontributory [trademark] infringement occurs when the defendant either intentionally induces a third party to infringe the plaintiffs mark or supplies a product to a third party with actual or constructive knowledge that the product is being used to infringe the service mark.”
Lockheed Martin Corp. v. Network Solutions, Inc.,
Under the extent of control theory, “a plaintiff must prove that the defendant had knowledge and ‘[d]irect control and monitoring of the instrumentality used by the third party to infringe the plaintiffs mark.’ ”
Louis Vuitton,
b. The Extent of NameCheap’s Control over Doe’s Means of Cybersquatting
NameCheap supplied an anonymous domain name registration service, which Doe allegedly used to “steal” Solid Host’s domain name and hold it for ransom. Because NameCheap offered a service rather than an infringing product, Solid Host must show that NameCheap either intentionally induced Doe to cybersquat or directly controlled and monitored the instrumentality used by Doe. There are no allegations that NameCheap induced Doe’s cybersquatting. As respects direct control and monitoring of the instrumentality Doe used to infringe, the court finds the Ninth Circuit’s analysis in Lockheed Martin I instructive on the application of this framework to domain name piracy.
*1113
There, the court considered whether NSI, as a registrar, could be liable for contributory infringement because it accepted for registration domain names that infringed Lockheed Martin’s trademarks.
54
Lockheed Martin I,
In
Lockheed Martin I,
the Ninth Circuit rejected Lockheed Martin’s efforts to characterize the case in a way that would fit the
Hard Rock Cafe
framework. The court first observed that “[wjhere domain names are used to infringe, the infringement does not result from NSI’s publication of the domain name list, but from the registrant’s use of the name on a web site or other Internet form of communication in connection with goods or services.... NSI’s involvement with the use of domain names does not extend beyond registration.”
Id.
at 985 (quoting district court,
Lockheed Martin Corp. v. Network Solutions, Inc.,
“Although we accept Lockheed’s argument that NSI licenses its routing service to domain-name registrants, the routing service is just that — -a service. In Fonovisa and Hard Rock, by contrast, the defendants licensed real estate, with the consequent direct control over the activity that the third-party alleged infringers engaged in on the premises. Hard Rock,955 F.2d at 1149 ; see Fonovisa,76 F.3d at 265 .” See id.
See also
Fare Deals,
In
Ford Motor Co.,
“Although the ‘flea market’ analysis generally has been applied in the infringement context, a similar standard arguably could be applied to allegations of cybersquatting. However, because the ACPA requires a showing of ‘bad faith intent’ — a subjective element not required under traditional infringement, unfair competition, or dilution claims— the standard would be somewhat heightened. For example, it would be insufficient that an entity such as [defendant] were merely aware that domain names identical or similar to protected marks were being sold over its website. Rather, because legitimate uses of others marks are protected under the ACPA, a plaintiff would have to demonstrate that the ‘cyber-landlord’ knew or should have known that its vendors had no legitimate reason for having registered the disputed domain names in the first place. Because an entity such as [defendant] could not be expected to ascertain the good or bad faith intent of its vendors, contributory liability would apрly, if at all, in only exceptional circumstances.” See id. at 647.
As “[n]o such exceptional circumstances [were] alleged” in the case before it, the court concluded that plaintiff had failed to state a claim for cybersquatting. Id.
In
Fare Deals,
It next examined whether HRN could be held contributorily liable for <fare-deals.com>’s infringement. See id. at 689-91. Citing Lockheed Martin I’s discussion of the direct control and monitoring rule, the court considered the flea market context in which the rule originated. It observed that “the flea-market operators were providing the very medium through which the infringing vendors conducted their businesses. If the flea-market operators had stopped providing the vendors space, the vendors would have been forced to shut down completely.” See id. at 689-90. The court contrasted this with that HRN’s service, which was not necessary to <faredeals.com>’s infringement; rather, it stated, “[i]f HRN severed its link to <faredeals.com>, the infringement could readily continue.” Id. *1115 at 690. The court thus found HRN’s position more analogous to that of the temporary worker who assembles an infringer’s booth at a flea market than to the owner of the market itself. Unlike the owner, the temporary worker is not hable for contributory infringement. Id.
The court also considered the knowledge element required for a finding of contributory infringement. It noted that there were no facts suggesting that HRN had any knowledge of the infringement before Fare Deals, mistakenly believing that HRN owned and controlled the site, sent it a letter demanding that < faredeals.com > be taken down. Id. The court observed that “[t]he demand letter ... gave HRN knowledge of Fare Deals’ ... position with respect to infringement by the <fare-deals.com > site; it may also have given HRN reason to suspect [that] it might be linked to a site infringing Fare Deals’ mark and so have given rise to an obligation on the part of HRN to investigate the matter.” Id.
The court noted, in this regard, that, under
Hard Rock Cafe,
“willful blindness” — defined as a “deliberate failure to investigate suspected wrongdoing” — could satisfy the knowledge requirement for contributory infringement.
Id.
(citing
Hard Rock Cafe,
The Fare Deals court found it unclear “what an investigation by HRN could have uncovered,” since an investigation “would have disclosed no more than that the site’s domain name was indeed <fare-deals.com >. It would not, self-evidently, have disclosed any infringement of the ‘Fare Deals’ mark, which was, as yet, unregistered.” Id. at 690-91. The court therefore concluded that even if Fare Deals could have established that HRN directly monitored or controlled the means of infringement, it could not establish HRN’s knowledge of the infringement. Id. at 691.
Turning to the present case, Name-Cheap’s position is сloser to that of a flea market operator or the owner of the auction site in
Ford Motor Co.
than it is to that of HRN in
Fare Deals
or a registrar like NSI in
Lockheed Martin I.
Name-Cheap acted as the registrant for the domain name utilized in Doe’s cybersquatting scheme, which it then licensed to Doe. Solid Host alleges that, while the website was “controlled solely by Doe,” Name-Cheap had the ability to transfer the domain name to Solid Host or to reveal Doe’s identity.
55
Thus, NameCheap was, to borrow a phrase from
Ford Motor Co.,
the “cyber-landlord” of the internet real estate stolen by Doe, i.e., the domain name <solidhost.com>. See
Ford Motor Co.,
Solid Host must also allege that Name-Cheap knew of Doe’s cybersquatting, however. See
Louis Vuitton,
The complaint alleges that Solid Host gave NameCheap “evidence, including (but not limited to) a sworn declaration of Andre Van Vliet attesting to the relevant facts,” which “would have led a normal and prudent person to conclude that the domain it registered had been stolen.”
56
Based on this allegation, the court cannot conclude, as matter of law, that Solid Host will be unable to prove exceptional circumstances satisfying the knowledge requirement for contributory liability. What constitutes exceptional circumstances, and whether they can be proved in this case are matters that can only be addressed on a more fully developed factual record. The court, however, offers a few preliminary observations. As
Fare Deals
suggests, in the case of cybersquatting, mere receipt of a demand from a third party will not generally suffice to provide notice of the illegitimate use of a domain name so as to justify the imposition of contributory liability. See
Fare Deals,
*1117
In general, cybersquatting is less easily detected than standard trademark infringement, both because it involves the consideration of intent and because it is less “transparent” than “handbags labeled Louis Vuitton and Gucci, cheaply made, lined with purple vinyl, and sold by itinerant peddlers at bargain-basement prices.” See
id.
at 691 (citing
Louis Vuitton
S.A.
v. Lee,
C. Whether Solid Host Has Stated a Claim for Breach of Contract as a Third Party Beneficiary Against NameCheap
1. Legal Standard Governing Third Party Beneficiaries’ Ability to Sue for Breach of Contract
Under California law, a third party may sue to enforce a contract if that party “can show that the contracting parties intended to benefit the third party and that the contract terms evidence that intent.”
Panavision International, L.P. v. Toeppen,
The third party “need not be named or identified individually to be an express beneficiary.”
Spinks,
2. Solid Host’s Breach of Contract Claim
Solid Host’s breach of contract claim is based on paragraph 3.7.7.3 of the ICANN agreement, which all accredited registrars must sign. 58 It provides:
“3.7.7 Registrar shall require all Registered Name Holders to enter into an electronic or paper registration agreement with Registrar including at least the following provisions: ...
3.7.7.3. Any Registered Name Holder that intends to license use of a domain name to a third party is nonetheless the Registered Name Holder of recоrd and is responsible for providing its own full contact information and for providing and updating accurate technical and administrative contact information adequate to facilitate timely resolution of any problems that arise in connection with the Registered Name. A Registered Name Holder licensing use of a Registered Name according to this provision shall accept liability for harm caused by wrongful use of the Registered Name, unless it promptly discloses the identity of the licensee to a party providing the Registered Name Holder reasonable evidence of actionable harm.” 59
Solid Host argues that it was an intended beneficiary of NameCheap’s promise to “promptly disclose the identity” of the licensee for < solidhost.com > once it provided “reasonable evidence of actionable harm,” and that NameCheap breached this promise. Solid Host asserts that Name-Cheap made the promise by entering into the agreement with ICANN, and by entering into a separate agreement with eNom, which incorporated paragraph 3.7.7.3 of the ICANN agreement. NameCheap executed the eNom agreement when it became the “Registered Name Holder” — i.e., the “registrant” — of <solidhost.com>. 60
3. Whether Solid Host Has Stated a Claim for Breach of the ICANN Agreement
In support of its motion to dismiss, NameCheap cites paragraph 5.10 of the ICANN agreement, which provides: “No Third-Party Beneficiaries. This Agreement shall not be construed to create any obligation by either ICANN or Registrar to any non-party to this Agreement, including any Registered Name Holder.” 61 This provision unambiguously manifests *1119 the parties’ intents not to benefit third parties. Moreover, paragraph 3.7.7.3 is not itself a term of the ICANN agreement; the agreement merely required that NameCheap include such a provision in future contracts between it and partiеs to whom it registered domain names. For these reasons, the court concludes that Solid Host has failed to state a claim for breach of the agreement between ICANN and NameCheap.
4. Whether Solid Host Has Stated a Claim for Breach of the Agreement Between eNom and NameCheap
Solid Host also alleges breach of a separate agreement between eNom and NameCheap that incorporated paragraph 3.7.7.3 of the ICANN agreement. This contract bound NameCheap to the substance of paragraph 3.7.7.3. The eNom/NameCheap agreement, however, is not before the court. Solid Host’s complaint does not allege any facts regarding the formation of the contract, nor does it allege that either eNom or NameCheap had an intent to benefit trademark owners faced with cybersquatting by anonymous domain name licensees. Construing all allegations in Solid Host’s favor, however, the court infers such intent from the language of paragraph 3.7.7.3, which is quoted in Solid Host’s complaint.
62
Because they involve factual questions of intent, third party beneficiary claims are often not appropriate for resolution via motion to dismiss. See
Hotel Employees and Restaurant Employees Local 2 v. Vista Inn Management Co.,
*1120 D. Whether Solid Host Has Stated a UCL Claim Against NameCheap
Under the UCL, any person or entity that has engaged, is engaging, or threatens to engage “in unfair competition may be enjoined in any court of competent jurisdiction.” Cal. Bus. & Prof.Code §§ 17201, 17203. “Unfair competition” includes “any unlawful, unfair or fraudulent business act or practice and unfair deceptive, untrue or misleading advertising.”
Id.,
§ 17200. The California Supreme Court has construed this term broadly. See
Cel-Tech Communications, Inc. v. Los Angeles Cellular Telephone Co.,
NameCheap’s primary argument for dismissal of Solid Host’s UCL claim is that the claim fails because it is based on Solid Host’s cybersquatting claim. The court has concluded that Solid Host’s complaint adequately pleads a cybersquatting claim against NameCheap on a contributory liability theory. Consequently, its derivative argument regarding the UCL claim is unavailing. Because Solid Host has sufficiently alleged that NameCheap engaged in a business practice that violated a law other than the UCL, i.e., the ACPA, it has stated an unfair competition claim. See, e.g.,
Aadventure Products, Inc. v. Simply Smashing, Inc.,
No. 07cv499 BTM(AJB),
NameCheap asserts that Solid Host’s UCL claim “is not adequately brought on behalf of the general public because it is unique and necessarily dependent upon the individual facts of [p]laintiffs own claim.”
64
*1121
The court is not aware of any requirement that a UCL claim be brought on behalf of the general public or be independent of “the individual facts” of a particular plaintiffs claim. California courts have held that, in addition to actions brought on behalf of the general public, private actions under § 17200 may be maintained. See, e.g., Cal. Bus. & Pkof.Code § 17204 (providing that a § 17200 action may be brought “by a person who has suffered injury in fact and has lost money or property as a result of the unfair competition”); see also
Hernandez v. Atlantic Finance Co.,
NameCheap cites
Committee on Children’s Television, Inc. v. General Foods Corp.,
In its reply, NameCheap quotes the opinion in
Gregory v. Albertson’s, Inc.,
III. CONCLUSION
For the reasons stated, the court denies NameCheap’s motion to dismiss.
Notes
. For convenience, the court refers to Name-Cheap, dba Whois Guard, as “NameCheap” and to Demand Media, dba eNom, as “eNom.”
. "ICANN has four mandates.... First, ICANN bears responsibility for overseeing the infrastructure of the Internet. Second, it bears responsibility for ensuring competition among domain name registrars of the TLDs. Third, ICANN bears partial responsibility for establishing domain name dispute resolution policies. And, fourth, ICANN bears responsibility for determining whether and when to add new TLDs.”
Lockheed Martin II,
. "Technically, WHOIS is not the database, itself, but a protocol for submitting a query to a database in order to find contact information for the owner of a domain name.” Matthew Bierlin & Gregory Smith, Privacy Year in Review: Growing Problems with Spyware and Phishing, Judicial and Legislative Developments in Internet Governance, and the Impacts on Privacy, 1 I/S: J.L. & Pol'y for Info. Soc’y 279, 313 (2005). Because it is common to refer to the "Whois database,” however, the court adopts that terminology.
. Second Amended Complaint, V 33.
. Id.,n 29-31.
. Second Amended Complaint, ¶ 6.
. Id., ¶¶29, 30.
. Id., ¶ 31. There are no allegations in the complaint suggesting that NameCheap acted as a registrar with regard to the domain name at issue in this case.
. Id., ¶¶ 34, 37.
. Id.
. Id.,fl6.
. Id., ¶ 13.
. Id., ¶¶ 13-14.
. Id., ¶ 10, 16-19.
. Id., ¶ 19.
. Id., ¶¶ 17, 20.
. Id., ¶¶ 38, 53.
. Id., ¶¶ 25-26.
. Id., ¶ 21.
. Id., ¶ 58.
. Id., ¶ 60.
. Id., ¶¶ 70-80.
. Id., ¶ 82.
. Id.
. Id., ¶ 83.
. Id., ¶ 84.
. Id., ¶ 85.
. Id., ¶86.
. Id., ¶ 87.
. Id., ¶ 95.
. Id., ¶ 96. Although the analysis below suggests that Solid Host may encounter some difficulty proving its cybersquatting claim, the TRO application was based on claims not at issue in this motion.
. Id.
. Id., ¶ 97.
. Defendant NameCheap, Inc.’s Notice of Motion and Motion to Dismiss Second Amended Complaint of Solid Host, NL ("Mot.”). In addition, NameCheap argues that the permanent injunctive relief sought by Solid Host is "impractical.” (Mot. at 14.) This argument does not address whether Solid Host’s complaint states a claim, and is based on numerous factual assertions that are unsupported and outside the complaint. Accordingly, the court declines to address it. The court will 'consider the propriety of the injunctive relief sought in the complaint if it concludes that Solid Host is entitled to a permanent injunction.
. The factors are:
"(I) the trademark or other intellectual property rights, if any, in the domain name; (II) the extent to which the domain name consists of the legal name of the person or a name that is otherwise commonly used to identify that person; (III) the person's prior use, if any, of the domain name in connection with the bona fide offering of any goods or services; (IV) the person’s bona fide noncommercial or fair use of the mark in a site accessible under the domain name; (V) the person’s intent to divert customers from the mark owner's online location to a site accessible under the domain name that could harm the goodwill represented by the mark, either for commercial gain or with the intent to tarnish or disparage the mark, by creating a likelihood of confusion as to the source, sponsorship, affiliation, or endorsement of the site; (VI) the person’s offer to transfer, sell, or otherwise assign the domain name to the mark owner or any third party for financial gain without having used, or having an intent to use, the domain name in the bona fide offering of any goods or services, or the person's prior conduct indicating a pattern of such conduct; (VII) the person’s provision of material and misleading false contact information when applying for the registration of the domain name, the person’s intentional failure to maintain accurate contact information, or the person's prior conduct indicating a pattern of such conduct; (VIII) the person's registration or acquisition of multiple domain names which the person knows are identical or confusingly similar to marks of others that are distinctive at the time of registration of such domain names, or dilutive of famous marks of others that are famous at the time of registration of such domain names, without regard to the goods or services of the parties; and (IX) the extent to which the mark incorporated in the person’s domain name registration is or is not distinctive and famous within the meaning of subsection (c)(1) of this section.”
. Mot. at 4.
. Id. at 5-7.
. Solid Host asserts that it "does not currently know whether [NameCheap] may have acted as [a registrar] in connection with the facts of this particular case.” (Second Amended Complaint, ¶ 37.) None of the facts alleged in the complaint, however, indicates that SolidHost acted as a registrar, and, in its opposition to the motion to dismiss, Solid Host argues that it did not.
. The order in which Doe made these changes, and the manner in which he accomplished them, is not clear.
.A student commentator has observed that "no federal court has considered whether the sale of hidden Whois services can open a registrar to liability under the ACPA, and no court to date has applied the ACPA to instances in which the registrar appears as a registrant in the Whois database.” Block, supra, at 443. The issue before the court is slightly different, as the comment does not address the possibility that a registrar might supply anonymity services separate and apart from its registration service. No court appears to have considered that scenario either.
. Although it is not entirely clear from the court’s opinion, Lockheed Martin apparently asserted claims against NSI both as a registrar and as a registry. As noted, these capacities are separate and distinct. As a registrar, NSI is one of numerous competing companies that processes domain name registration applications. As a registry, it maintains the centralized database of domain names for various TLD’s. Lockheed Martin’s allegations that NSI wrongly accepted registration of domain names appears to have concerned its actions as a registrar.
. The Lanham Act defines "mark” as including "any trademark, service mark, collective mark, or certification mark.” 15 U.S.C. § 1127. "Thus, there is no requirement that the protected 'mark' be registered [at the time of suit]: unregistered common law marks are protected by the Act.” 4 J. Thomas McCarthy, MCCARTHY ON TRADEMARKS AND UNFAIR COMPETITION § 25:78, at 295-96 (4th ed., Release #39, 2006)); see also
Kendall-Jackson Winery, Ltd.
v.
E. & J. Gallo Winery,
. Trademarks fall into four categories of distinctiveness: (1) generic, (2) descriptive, (3) suggestive, and (4) arbitrary or fanciful.
Japan Telecom, Inc. v. Japan Telecom Am. Inc.,
Terms that are suggestive, or arbitrary and fanciful, by contrast, are inherently distinctive, and protectable as trademarks.
Japan Telecom,
. Second Amended Complaint, ¶ 116.
. Id.,n 13-14.
. Id., ¶ 116.
. Mot. at 8.
. Second Amended Complaint, ¶ 121
. Id., ¶¶ 122-123.
.Id., ¶ 127.
. NameCheap appears to argue that it acted in good faith because Solid Host requested return of the domain name informally, and did not pursue NameCheap's formal dispute resolution policy. (Mot. at 6.) This argument relies on facts outside the complaint; Solid Host alleges, in fact, that NameCheap did not direct Solid Host to a formal dispute resolution process, but requested further evidence, which Solid Host provided.
. The court’s conclusion that the "bad faith” alleged in Solid Host’s complaint is outside ACPA’s scope is supported by the fact that, in enacting the statute, Congress addressed the anonymous registration of
domain
names. After weighing competing concerns regarding privacy rights and protection against anonymous cybersquatters, Congress concluded that creating
in rem
jurisdiction over domain names struck an appropriate balance between the two. See
Lucent Technologies, Inc. v. Lucentsucks.com,
. Solid Host also alleges that NameCheap was Doe’s "agent.” (Second Amended Complaint, ¶ 19.) It is not clear whether Solid Host contends that this provides a basis for holding NameCheap liable for Doe’s actions. Even if‘it does, Solid Host has not alleged any facts indicating the existence of an agency relationship between NameCheap and Doe. “To allege an agency relationship, a plaintiff must allege: (1) that the agent or apparent agent holds power to alter legal relations between [the] principal and third persons and between [the] principal and himself; (2) that the agent is a fiduciary with respect to matters within [the] scope of [the] agency; and (3) that the principal has right to control [the] conduct of [the] agent with respect to matters entrusted to him.”
Palomares v. Bear Steams Residential Mortg. Corp.,
No. 07cv01899 WQH (BLM),
. Lockheed Martin was decided prior to the enactment of the ACPA, which immunized registrars from liability for accepting registrations. See 15 U.S.C. § 1114(2)(D) and discussion, supra, part II.B.2.
. Second Amended Complaint, ¶ 17.
. Id., ¶¶ 84, 127.
. If NameCheap utilizes a formal dispute resolution process to resolve complaints about anonymous cybersquatters, as it contends it does, that may also be a factor weighing in its favor in conducting the exceptional circumstances analysis.
. Second Amended Complaint, ¶¶ 166-169.
. Request for Judicial Notice in Support of Defendant NameCheap, Inc.’s Motion to Dismiss ("RJN”) at 10. NameCheap has submitted a copy of the ICANN agreement with its motion to dismiss.
(Id.)
Because Solid Host relies on the ICANN agreement, refers to the agreement in its complaint, and does not dispute the authenticity of the copy submitted by NameCheap, the court may consider the agreement under the incorporation by reference doctrine. See
Marder,
. Second Amended Complaint, ¶¶ 166-169.
. RJN at 20.
. See Second Amended Complaint, ¶ 166.
. The court recognizes that the district court in
Panavision International,
addressing a factual scenario similar to this one, concluded, on a motion for summary judgment, that the dispute resolution policy set forth in an agreement between a registrar and a domain name registrant was not intended to benefit trademark owners, but only to protect the registrar. See
Panavision International,
. Mot. at 13.
. Proposition 64, passed by California voters in 2004, amended the UCL to bar persons from suing as "private attorneys general,” or from suing on behalf of others, absent a showing that they themselves had suffered injury as a result of the allegedly unfair business practice. See Cal. Bus. & Prof.Code § 17204;
Paulus,
. Defendant NameCheap, Inc.’s Reply in Support of Motion to Dismiss Second Amended Complaint of Solid Host, NL (“Reply”) at 12.
. Citing
Norwest Mortgage, Inc. v. Superior Court,