Secondary Liability for Counterfeit Goods via Sub-Domains

In the complex and evolving realm of online intellectual property enforcement, the question of secondary liability for counterfeit goods sold or advertised through sub-domains has emerged as a focal point of legal tension. While direct liability is relatively straightforward—whoever knowingly sells counterfeit goods online is in clear violation of trademark laws such as the Lanham Act in the United States or equivalent legislation globally—secondary liability adds a layer of nuance and contention. It involves holding domain registrants, hosting providers, marketplace operators, or even platform users accountable for facilitating or failing to prevent infringing conduct that originates from their infrastructure, including the use of sub-domains. In recent years, courts, regulators, and brand protection advocates have increasingly scrutinized the role of sub-domains in online counterfeiting operations, especially where they are used as decentralized digital storefronts mimicking legitimate retailers or brand affiliates.

Sub-domains function as subdivisions of a primary domain and are often used to segment content or operations. For example, “shop.example.com” or “brandname.partnerdomain.com” may lead to standalone ecommerce sites under the umbrella of a primary domain name. These sub-domains can be assigned by the main domain’s owner to third parties, such as distributors, affiliates, or franchisees, and sometimes to users in a self-service model, such as with web hosting platforms or white-label SaaS providers. When a sub-domain is used to sell or promote counterfeit goods, the question arises whether the primary domain holder—or the service provider facilitating the sub-domain’s deployment—can be held secondarily liable for contributory or vicarious trademark infringement.

Under U.S. law, particularly as interpreted by the Second and Ninth Circuits, contributory trademark liability arises when a party intentionally induces another to infringe a trademark or continues to supply a service to one whom it knows or has reason to know is engaging in trademark infringement. In the context of sub-domains, this standard has been applied to determine whether registrars, DNS providers, or domain name holders are facilitating infringement by knowingly allowing bad actors to operate infringing sites. Courts have often looked for specific knowledge and a failure to take action despite that knowledge. For example, if a domain owner receives credible notice that a sub-domain they control is being used to traffic in fake luxury goods, and the owner takes no action to disable or police that sub-domain, they may be exposed to contributory liability.

This liability can be even more acute where there is a commercial relationship or profit-sharing arrangement between the domain owner and the sub-domain operator. In such cases, plaintiffs may argue vicarious liability on the grounds that the domain holder had the ability to control the infringing conduct and derived a direct financial benefit from it. For example, if a marketplace operator allocates sub-domains to vendors (“vendorname.marketplace.com”) and those vendors use the sub-domains to sell counterfeit sneakers, and the marketplace profits via commissions or ad revenue, courts may consider whether the operator sufficiently policed its platform or turned a blind eye to red flags. Failure to implement reasonable monitoring mechanisms, respond to takedown requests, or enforce terms of service can be cited as evidence of willful blindness.

Internationally, similar doctrines are emerging under national trademark laws, but their application varies. In the European Union, for example, the E-Commerce Directive provides a safe harbor to hosting providers who act as passive intermediaries and remove infringing content expeditiously upon obtaining actual knowledge. However, the safe harbor does not apply if the provider exercises control over or has knowledge of illegal activity. With the rise of sub-domain abuse, courts in EU jurisdictions have considered whether the parent domain operator is akin to a “host” or a co-operator, depending on the technical and commercial structure. The Digital Services Act (DSA), now in force, imposes new obligations on online platforms to prevent the dissemination of counterfeit goods, and failure to monitor sub-domain content or respond to IP enforcement actions can now carry financial penalties and regulatory consequences within the EU.

Domain monetization companies, parking services, and affiliate networks are particularly vulnerable to such scrutiny. These entities often control vast portfolios of domains and sub-domains, monetized through advertising or third-party storefronts. If their sub-domains are systematically exploited for the promotion or sale of counterfeit goods, and especially if these companies profit from traffic or clickthroughs, liability can attach even if they did not originate the content. The same applies to “domain leasing” arrangements where a sub-domain is rented out with little to no oversight. Courts may examine whether the leasing party had policies in place to vet lessees, monitor for infringing activity, or enforce IP-related takedown protocols.

The rise of decentralized platforms and low-barrier website creation tools has compounded the enforcement challenge. Services that allow users to self-provision sub-domains without human review—such as some hosting resellers or decentralized name system layers—may argue that they lack practical control over end-user behavior. However, this defense becomes weaker when notice is provided and ignored. Under U.S. law, once a service provider is put on notice of specific infringing uses, it may be expected to investigate and act. In this light, platform operators offering sub-domain creation must implement robust notice-and-takedown systems, adopt repeat infringer policies, and maintain a reasonable degree of content moderation to retain legal protections.

Brand owners are increasingly turning to civil litigation to test the boundaries of secondary liability in these scenarios. High-profile cases have involved lawsuits against marketplaces, hosting providers, and registrants whose infrastructure facilitated widespread sale of counterfeit apparel, accessories, and software. The evidentiary threshold typically includes logs of domain ownership, sub-domain assignment records, communications between the parties, and financial data demonstrating profit derived from the infringing activity. Brand protection firms and digital forensics experts are frequently engaged to map the digital footprint of counterfeiters operating through networks of sub-domains, connecting them back to negligent or complicit upstream operators.

Ultimately, the legal calculus of secondary liability for sub-domains hinges on the degree of knowledge, control, and benefit. While the mere provision of a sub-domain, in itself, does not create liability, courts have increasingly shown a willingness to pierce technical neutrality arguments when the facts suggest willful blindness or systemic negligence. For domain industry stakeholders, this trend underscores the importance of proactive compliance practices. These include user vetting, contractual indemnities, IP enforcement portals, and escalation procedures for infringement reports. Failure to address sub-domain misuse not only invites litigation but also damages relationships with brand owners, threatens payment processing and ad network relationships, and in some jurisdictions may attract regulatory enforcement.

In conclusion, as counterfeiters adapt to enforcement pressure by fragmenting their operations across sub-domains and decentralized infrastructure, legal systems are evolving to impose secondary liability on actors who facilitate or fail to act against this conduct. Domain name operators, registrars, marketplaces, and platform providers must ensure that they are not passive enablers of counterfeiting schemes by instituting meaningful safeguards and acting decisively upon notice. In doing so, they protect not only their users and business partners, but also preserve the legal and reputational integrity of the domain name system as a whole.

In the complex and evolving realm of online intellectual property enforcement, the question of secondary liability for counterfeit goods sold or advertised through sub-domains has emerged as a focal point of legal tension. While direct liability is relatively straightforward—whoever knowingly sells counterfeit goods online is in clear violation of trademark laws such as the Lanham…