Background
Fisher Asset Management, LLC — widely known as Fisher Investments — is one of the world’s largest independent investment advisory firms, managing over $387 billion in assets for more than 200,000 clients globally. The company holds two federally registered trademarks for the name “Fisher Investments,” covering investment management and advisory services, and operates a European subsidiary called Fisher Investments Europe Limited.
In early 2026, unknown third parties registered two domain names — “fisher-investments-europe.org” and “fisherinvestmentseurope.net” — and used them to host websites falsely presenting themselves as official Fisher Investments Europe portals. The first site posed as a French business-consulting firm; the second advertised wealth-management technology, AI-based trading, cryptocurrency services, and more — in English, French, and German. Both sites solicited users’ personal information including names, email addresses, and phone numbers. Neither site was authorized by Fisher, and neither had any real affiliation with the company.
Fisher tried every available extrajudicial avenue: abuse complaints to domain registrar Dynadot (headquartered in San Mateo, CA), direct notices to the email addresses listed on the fake websites, and cease-and-desist letters. Dynadot refused to disable the domains or identify the registrants without a court order. Fisher’s emails to the sites bounced back undelivered. Browsers and security services eventually flagged the sites for suspected phishing — but the sites stayed online. Fisher filed suit on May 13, 2026, proceeding in rem (against the domain names themselves) under the Anticybersquatting Consumer Protection Act (ACPA). The court granted a temporary restraining order (TRO) on May 15, 2026. At the follow-on show-cause hearing on May 27, 2026, no registrant appeared.
The Court’s Holding
Judge P. Casey Pitts granted Fisher’s preliminary injunction on June 1, 2026, finding that all four Winter factors were satisfied.
Likelihood of success on the merits. Because Fisher sought transfer of the domain names — not merely a freeze — the court applied the more demanding “mandatory injunction” standard, requiring that the facts and law clearly favor Fisher. They did. Fisher’s registered marks were presumptively valid. The infringing domains incorporated “Fisher Investments” in full and hosted websites advertising the same types of investment services Fisher offers, creating an obvious risk of consumer confusion. The registrar, Dynadot, is located in the Northern District of California, establishing venue for the in rem action. And Fisher had exercised due diligence in attempting to identify the registrants — to no avail.
Judge Pitts also issued a notable statutory ruling: he disagreed with prior N.D. Cal. decisions that had required a showing of bad faith for in rem ACPA claims. The ACPA’s bad-faith requirement appears only in the in personam provisions of § 1125(d)(1); the in rem provisions of § 1125(d)(2) are silent on bad faith. The court held those are distinct causes of action, and Fisher was not required to prove bad faith to succeed in rem.
Irreparable harm. The ACPA itself creates a rebuttable presumption of irreparable harm upon a showing of likely success. Beyond the presumption, the phishing-flagged sites were actively collecting personal data from users who likely believed they were dealing with Fisher — damage to Fisher’s reputation and consumer goodwill that cannot be undone after the fact.
Balance of equities and public interest. Any hardship to the registrants — lost profits from an activity likely constituting infringement — merited little equitable consideration. Public policy strongly favors shutting down confusing infringers to protect consumers, and no bond was required given the strength of Fisher’s claims and the negligible risk of harm to the registrants.
Key Takeaways
- In rem ACPA claims may not require bad faith. Under the ACPA’s in rem provisions, a trademark owner does not need to prove the domain registrant acted in bad faith — the court here explicitly rejected the bad-faith requirement that some earlier N.D. Cal. decisions had imposed. This creates a split within the district.
- The ACPA’s in rem mechanism works even when cybersquatters hide. If the domain registrar is in the U.S., the trademark owner can sue the domain name itself and obtain a transfer or cancellation order — no need to identify or serve the human behind the registration.
- Registrars must comply once a court order issues. Dynadot initially refused to act without a court order, but once the TRO and preliminary injunction issued, it was required to deposit domain control documents with the court under 15 U.S.C. § 1125(d)(2)(D)(i)(I).
- Phishing sites face strong presumption of irreparable harm. Sites that collect consumer data under a famous mark’s name will face the ACPA’s statutory presumption plus evidence of actual ongoing harm to goodwill.
Why It Matters
Cybersquatters who register lookalike domains to impersonate established financial firms are a growing threat — not just to brand owners, but to consumers who may hand over sensitive personal and financial data to fraudsters. This case demonstrates that the ACPA’s in rem mechanism works efficiently even when the bad actors hide behind privacy protections and refuse to respond: a U.S. trademark owner can freeze and ultimately recover an infringing domain simply by showing its marks were violated, without ever tracking down the person behind the curtain.
Judge Pitts’s ruling on bad faith is also worth watching. If other courts adopt the view that in rem ACPA actions require no bad-faith showing, brand owners will face a lower evidentiary burden when pursuing domain recovery through in rem suits — making the ACPA an even more attractive first response to cybersquatting incidents.