People tend to ask for a UDRP the way they ask for a Kleenex, as if it were the only product. It is the most common tool, but it is one of three, and using the wrong one wastes time and money. The three are the UDRP, the URS, and the ACPA. They answer different questions.
The questions are: do you want to own the name, or just switch it off? How fast do you need it gone? And do you want money from the person who did this?
The UDRP: take the name back
The UDRP is the default for a reason. It transfers the domain to you, it works on essentially every generic extension and many country ones, and it resolves in about two months. You prove three things on the balance of probabilities: confusing similarity to your mark, no legitimate interest, and registration and use in bad faith. The only outcomes are transfer or cancellation, with no money attached.
Reach for it when the goal is ownership of the name and the facts are reasonably clear. That covers most copycat-domain matters.
The URS: switch it off, fast
The URS, Uniform Rapid Suspension, was built alongside the wave of new extensions launched from 2012 onward. It is the fast, cheap option, and it comes with three real limits.
- It suspends, it does not transfer. A win means the domain stops resolving and shows a notice for the rest of its registration term. You do not get the name. When the term lapses, it can be registered again.
- It only covers newer gTLDs. The URS does not apply to legacy extensions like .com, .net, or .org. For those, the UDRP is your only administrative route.
- It demands more proof. The standard is clear and convincing evidence, higher than the UDRP’s balance of probabilities. It is meant only for clear-cut abuse, not genuine disputes.
In exchange you get speed and price: a determination often lands in roughly three to four weeks, and provider fees start around $375, about a thousand dollars under a UDRP. Reach for it when a clearly abusive domain on a new extension needs to go dark immediately and you do not need to own it.
The ACPA: when you want damages
The ACPA, the Anticybersquatting Consumer Protection Act, is US federal law, not arbitration. It is the heavyweight, and the only one of the three that touches money.
A court weighs nine bad-faith factors, including whether the registrant offered to sell the name, provided false contact details, or registered a pattern of others’ marks. If you win, the court can order transfer, and it can award statutory damages of $1,000 to $100,000 per domain at its discretion, in place of proving actual losses.
It has one more power the others lack. If you cannot get personal jurisdiction over the registrant, because they are anonymous or overseas, the ACPA lets you proceed in rem, suing the domain name itself in the district of the registry or registrar. In an in rem action the remedy is limited to forfeiture, cancellation, or transfer, with no damages, but it gives you a way to act when there is no one to serve.
Reach for it when you want money, when you want to deter a repeat offender, or when there is no reachable defendant and you need the in rem route.
A quick way to choose
| You want to… | Use |
|---|---|
| Own the name, clear case, any extension | UDRP |
| Switch off a clear abuse fast, new gTLD, ownership not required | URS |
| Recover money, deter a bad actor, or act against an anonymous registrant | ACPA |
These are not mutually exclusive. A UDRP and an ACPA action can run at the same time, and registrar-level enforcement can run alongside either when a domain is being used for active phishing or counterfeiting.
The choice is rarely obvious from the outside, because it turns on the extension, the evidence, the registrant’s location, and what you actually want at the end. That is the judgement a confidential review is for: not just finding the lookalikes, but recommending the path with the highest probability of success for each one, before a dollar is spent filing.
