
    PETROLIAM NASIONAL BERHAD, (Petronas), Plaintiff-counterclaim-defendant-Appellant, v. GODADDY.COM, INC., Defendant-counter-claimant-Appellee.
    No. 12-15584.
    United States Court of Appeals, Ninth Circuit.
    Argued and Submitted Oct. 8, 2013.
    Filed Dec. 4, 2013.
    
      Perry Reed Clark (argued), Palo Alto, CA, for Plaintiff-counter-claim-defendant-Appellant.
    
      John Lawrence Slafsky (argued), David L. Lansky, and Evan M.W. Stern, Wilson Sonsini Goodrich & Rosati, Palo Alto, CA, for Defendant-counter-claimanL-Appellee.
    Ian Charles Ballon and Lori Chang, Greenberg Traurig, LLP, Los Angeles, CA, for Amicus Curiae eNom, Inc.
    Aaron M. McKown and Paula L. Zecchi-ni, Wrenn Bender LLP, Irvine, CA, for Amici Curiae Network Solutions, LLC and Register.com, Inc.
    Before: DOROTHY W. NELSON, MILAN D. SMITH, JR., and SANDRA S. IKUTA, Circuit Judges.
   OPINION

M. SMITH, Circuit Judge:

In this appeal, Petroliam Nasional Ber-had (Petronas) requests that we read a cause of action for contributory cybers-quatting into the Anticybersquatting Consumer Protection Act (ACPA or Act), 15 U.S.C. § 1125(d). Because we conclude that neither the plain text nor the purpose of the ACPA provide support for such a cause of action, we hold that there is none. We therefore affirm the judgment of the district court.

FACTS AND PRIOR PROCEEDINGS

Petrolium Nasional Berhad (Petronas) is a major oil and gas company with its headquarters in Kuala Lumpur, Malaysia. Pe-tronas owns the trademark to the name “PETRONAS.” GoDaddy.com, Inc. (Go-Daddy) is the world’s largest domain name registrar, maintaining over 50 million domain names registered by customers around the world. GoDaddy also provides domain name forwarding services, which, like its registration service, enables Internet users who type in a particular domain name to arrive at the target site specified by GoDaddy’s customer, the registrant.

In 2003, a third party registered the domain names “petronastower.net” and “petronastowers.net” through a registrar other than GoDaddy. In 2007, the owner of those names transferred its registration service to GoDaddy. The registrant used GoDaddy’s domain name forwarding service to direct the disputed domain names to the adult web site, “camfunchat.com,” which was hosted on a web server maintained by a third party, and which had been associated with the disputed domain names, using the previous registrar.

In late 2009, a Petronas subsidiary responsible for ferreting out potential trademark infringement contacted GoDaddy and requested that it “take action against the website associated with the ‘petronas-tower.net’ domain name.” Officials from the Malaysian and U.S. governments also contacted GoDaddy regarding the domain name. GoDaddy investigated the issue, but took no action with respect to the alleged cybersquatting because. (1) it did not host the site; and (2) it was prevented by the Uniform Domain Name Dispute Resolution Policy (“UDRP”) from participating in trademark disputes regarding domain name ownership.

Petronas sued GoDaddy in the United States District Court for the Northern District of California on a number of theories, including' cybersquatting under 15 U.S.C. § 1125(d), and contributory cybers-quatting. The district court dismissed all of Petronas’s claims on the pleadings, with leave to amend. Petronas filed an amended complaint, in which it continued to allege, inter alia, contributory cybersquat-ting. The district court allowed discovery because it “require[d] a record clarifying the mechanics of what GoDaddy did or does with regard to the disputed domain names, and what ‘forwarding’ and ‘routing’ are and whether either or both can be considered part of domain name registration services generally or the services offered by GoDaddy.” . Following the completion of limited discovery, the district court granted summary judgment in favor of GoDaddy. Petronas appeals from the grant of summary judgment only with respect to its claim of contributory cybers-quatting.

JURISDICTION AND STANDARD OF REVIEW

We have jurisdiction to review the district court’s grant of summary judgment under 28 U.S.C. § 1291. We review the district court’s order de novo, In re Ilko, 651 F.3d 1049, 1052 (9th Cir.2011), and may affirm on any ground supported in the record. Sams v. Yahoo! Inc., 713 F.3d 1175, 1179 (9th Cir.2013) (citing Islamic Republic of Iran v. Boeing Co., 771 F.2d 1279, 1288 (9th Cir.1985)).

DISCUSSION

The Lanham Act, 15 U.S.C. § 1051 et seq., passed in 1946, codified the then existing common law of trademarks, which in turn was based on the tort of unfair competition. See Moseley v. V Secret Catalogue, Inc., 537 U.S. 418, 428, 123 S.Ct. 1115, 155 L.Ed.2d 1 (2003) (“Traditional trademark infringement law is a part of the broader law of unfair competition that has its sources in English common law, and was largely codified in the Trademark Act of 1946 (Lanham Act).” (internal citations omitted)). Due primarily to the common law origins of trademark infringement, courts have concluded that the Lanham Act created a cause of action for secondary liability.. See, e.g., Inwood Labs., Inc. v. Ives Labs., Inc., 456 U.S. 844, 854, 102 S.Ct. 2182, 72 L.Ed.2d 606 (1982) (“[I]f a manufacturer or distributor intentionally induces another to infringe a trademark, or if it continues to supply its product to one whom it knows or has reason to know is engaging in trademark infringement, the manufacturer or distributor is contributorially responsible for any harm done as a result of the deceit.”).

In 1999, Congress passed the ACPA, which amended the Lanham Act by adding two new causes of action aimed at cybersquatting. Consolidated Appropriations Act, 2000, Pub.L. No. 106-113, Div. B, § 1000(a)(9), 113 Stat. 1536,1501 A-545. Under the ACPA, a person may be civilly liable “if ... that person has a bad faith intent to profit from that mark ... and registers, traffics in, or uses a [protected] domain name.” 15 U.S.C. § 1125(d)(1)(A). Congress also created an in rem action to facilitate recovery of domain names by their rightful owners. 15 U.S.C. § 1125(d)(2)(A). Petronas contends that the ACPA also provides a cause of action for contributory cybersquatting because Congress intended to incorporate common law principles of secondary liability into the Act by legislating against the backdrop of the common law of. trademark infringement, and by placing the ACPA within the Lanham Act. We disagree.

'Our first obligation in determining whether the ACPA includes a contributory cybersquatting claim is to examine the plain-text o'f the statute. ‘ See Hawaii v. Office of Hawaiian Affairs, 556 U.S. 163, 173, 129 S.Ct. .1436, 173 L.Ed.2d 333 (2009). Established common law principles can be inferred into a cause of action where circumstances suggest that Congress intended those principles to apply. Compare, e.g., Meyer v. Holley, 537 U.S. 280, 285, 123 S.Ct. 824, 154 L.Ed.2d 753 (2003) (“[W]hen Congress creates a tort action, it legislates against the legal background of ordinary tort-related vicarious liability rules and consequently intends its legislation' to incorporate those rules.”) with Cent Bank of Denver, N.A. v. First Interstate Bank of Denver, N.A., 511 U.S. 164, 182, 114 S.Ct. 1439, 128 L.Ed.2d 119 (1994) (“[W]hen Congress enacts a statute under which a person may sue and recover damages from a private defendant for the defendant’s violation of some- statutory norm, there is no general presumption that the plaintiff may also sue aiders and abettors.”).

. We hold that the ACPA does not include a cause of action for contributory cybersquatting because: (1) the text of the Act does not apply to the conduct that would be actionable under such a theory; (2) Congress did not intend to implicitly include common law doctrines applicable to trademark infringement because the ACPA created a new cause of action that is distinct from traditional trademark remedies; and (3) allowing suits against registrars for contributory cybersquatting would not advance the goals of the statute.

I. The Plain Text of the ACPA Does Not Provide a Cause of Action for Contributory Cybersquatting

“The preeminent canon of statutory interpretation requires us to ‘presume that [the] legislature says in a statute what it means and means in a statute what it says there.’ ” BedRoc Ltd., LLC v. United States, 541 U.S. 176, 183, 124 S.Ct. 1587, 158 L.Ed.2d 338 (2004) (quoting Conn. Nat’l Bank v. Germain, 503 U.S. 249, 253-254, 112 S.Ct. 1146, 117 L.Ed.2d 391 (1992)). We thus begin our analysis with the text of the ACPA.

The ACPA imposes civil liability for cybersquatting on persons that “register! ], traffic[ ] in, or use[ ] a domain name” with the “bad faith intent to profit” from that protected mark. 15 U.S.C. § 1125(d)(1)(A). The plain language of the statute thus prohibits the act of cybers-quatting, but limits when a person can be considered to be a cybersquatter. Id. The statute makes no express provision for secondary liability. Id. Extending liability to registrars' or other third parties who are not cybersquatters, but whose actions may have the effect of aiding such cybersquat-ting, would expand the range of conduct prohibited by the statute from a bad faith intent to cybersquat on a trademark to the mere maintenance of a domain name by a registrar, with or without a bad faith intent to profit. This cuts against- finding a cause of action for contributory cybers-quatting. See Cent. Bank, 511 U.S. at 177-178, 114 S.Ct. 1439 (“We cannot amend the statute to create liability for acts that are not themselves [prohibited] within the meaning of the statute.”).

Furthermore, “Congress knew how to impose [secondary] liability when it chose to do so.” Id. at 176, 114 S.Ct. 1439: Congress chose not to impose secondary liability under the ACPA, despite the fact that the availability of such remedies under traditional trademark liability should have increased the salience of that issue. See Pub.L. No. 106-113; Ives, 456 U.S. at 854, 102 S.Ct. 2182.

Petronas argues that the liability limiting language in Section 1114 (2) (D) (iii) indicates that Congress intended 15 U.S.C. § 1125(d)(1)(A) to create a cause of action for secondary liability. Section 1114(2)(D)(iii) provides that “[a] domain name registrar, a domain name registry, or other domain name registration authority shall not be liable for damages under this section for the registration or maintenance of a domain name for another absent a showing of bad faith intent to profit from such registration or maintenance of the domain name.” By its terms, Section 1114(2)(D)(iii), applies only to “this section,” meaning Section 1114. Section 1114, in turn, sets out remedies for the entire Lanham Act, including actions brought under Section 1125(a), which indisputably includes a cause of action for contributory infringement. Ives, 456 U.S. at 854, 102 S.Ct. 2182. Thus, the limitations on secondary liability in Section 1114 are equally consistent with the existence or absence of a cause of action for contributory , cybers-quatting under Section 1125(d). See, e.g., Lockheed Martin Corp. v. Network Solutions, Inc., 141 F.Supp.2d 648, 655 (N.D.Tex.2001).

Furthermore, the legislative history of the ACPA establishes that Section 1114(2)(D)(iii) was intended to codify the protéction that we granted registrars in Lockheed Martin Corp. v. Network Solutions, Inc., 194 F.3d 980, 984-985 (9th Cir.1999), which considered secondary liability of registrars for trademark infringement under 15 U.S.C. § 1125(a). S. Rep. 106-140 at 11 (“The bill, as amended, also promotes the continued ease and efficiency users of the current registration system enjoy by codifying current case law limiting the secondary liability of domain name registrars and registries for the act of registration of a domain name.” (citing, inter alia, Lockheed, 141 F.Supp.2d at 655)). Section 1114(2)(D)(iii) thus does not suggest that Congress intended to include a cause of action for contributory cybers-quatting in Section 1125(d).

II. The ACPA Created a New and Distinct Cause of Action

Petronas next argues that Congress incorporated the common law of trademark, including contributory infringement, into the ACPA. Petronas observes that a number of district courts have relied on this reasoning in finding a cause of action for contributory cybersquatting. See Verizon Cal., Inc. v. Above.com Pty Ltd., 881 F.Supp.2d 1173, 1176-79 (C.D.Cal.2011); Microsoft Corp. v. Shah, No. 10-0653, 2011 WL 108954, at *1-3 (W.D.Wash. Jan. 12, 2011); Solid Host, NL v. Namecheap, Inc., 652 F.Supp.2d 1092, 1111-12 (C.D.Cal. 2009); Ford Motor Co. v. Greatdomains.com, Inc., 177 F.Supp.2d 635, 646-47 (E.D.Mich.2001). We are not persuaded by such reasoning.

“[W]hen Congress enacts a statute under which a person may sue and recover damages from a private defendant for thé defendant’s violation of some statutory-norm, there is no general presumption that the plaintiff may also sue aiders and abettors.” Bank of Denver, 511 U.S. at 182, 114 S.Ct. 1439. Contributory liability has, however, been applied to trademark infringement under the Lanham Act. See Ives, 456 U.S. at 854, 102 S.Ct. 2182. Pe-tronas argues that by legislating against this background, and by placing the ACPA within the Lanham Act, Congress intended to include within the ACPA a cause of action for contributory cybersquatting. See United States v. Texas, 507 U.S. 529, 534, 113 S.Ct. 1631, 123 L.Ed.2d 245 (1993) (“[s]tatutes which invade the common law ... are to be read with a presumption favoring the retention of long-established and familiar principles, except when a statutory purpose to the contrary is evident.” (citations omitted)). We disagree.

Although there is no general presumption of secondary liability, Bank of Denver, 511 U.S. at 182, 114 S.Ct. 1439, courts' can infer such a cause of action where circumstances suggest that Congress intended to incorporate common law principles into a statute. The circumstances surrounding the passage of the Lanham Act support such an inference, as has been recognized by the Supreme Court. See Ives, 456 U.S. at 854, 102 S.Ct. 2182. The circumstances surrounding the enactment of the ACPA, however, do not support the inference that Congress’ intended to incorporate theories of secondary liability into that Act. Accordingly, we conclude that the ACPA did not incorporate principles of secondary liability.

Prior to the enactment of the Lanham Act, the Supreme Court incorporated a common law theory of contributory liability into the law of trademarks and unfair competition. See William R. Warner & Co., 265 U.S. at 530-31, 44 S.Ct. 615. The Lanham Act then codified the existing common law of trademarks. See Moseley, 537 U.S. at 428, 123 S.Ct. 1115 (“Traditional trademark infringement law is a part of the broader law of unfair competition that has its sources in English common law, and was largely codified in the Trademark Act of 1946 (Lanham Act).” (internal citations omitted)); see also Kenneth L. Port, The Illegitimacy of Trademark Incontestability, 26 Ind. L.Rev. 519, 520 (1993) (“[T]he Lanham Act’s primary, express purpose was to codify the existing common law of trademarks and not to create any new trademark rights.”). In light of the Lanham Act’s codification of common law principles, including contributory liability, the Supreme Court concluded that a plaintiff could recover under the Act for contributory infringement of a trademark. See Ives, 456 U.S. at 854, 102 S.Ct. 2182.

By contrast, the ACPA did not result from the codification of common law, much •less common law that included a cause of action for secondary liability. Rather, the ACPA created a new statutory cause of action to address a new problem: cybers-quatting. S. Rep. 106-140 at 7 (noting that “[cjurrent law does not expressly prohibit the act of cybersquatting”).

Consistent with their distinct purposes, claims under traditional trademark law and the ACPA have distinct elements. Traditional trademark law only restricts the commercial use of another’s protected mark in order to avoid consumer confusion as to the source of a particular product. New Kids on the Block v. News Am. Pub., Inc., 971 F.2d 302, 305-06 (9th Cir.1992); Bosley, 403 F.3d at 680. Cybersquatting liability, however, does not require commercial use of a domain name involving a protected mark. Bosley, 403 F.3d at 681. Moreover, to succeed on a claim for cybersquatting, a mark holder must prove “bad faith” under a statutory nine factor test. 15 U.S.C. § 1125(d)(1)(B). No analogous requirement exists for traditional trademark claims. Lahoti v. VeriCheck, Inc., 586 F.Bd 1190, 1202 (9th Cir.2009) (citing Interstellar Starship Servs., Ltd. v. Epix, Inc., 304 F.3d 936, 946 (9th Cir. 2002)).

These differences highlight the fact that the rights created in the ACPA are distinct from the rights contained in other sections of the Lanham Act, and do not stem from the common law of trademarks. Accordingly we decline to infer the existence of secondary liability into the ACPA based on common law principles. Cf. MDY Indus., LLC v. Blizzard Entm’t, Inc., 629 F.3d 928, 948 n. 10 (9th Cir.2011) (noting that new rights of action established by the Digital Millennium!' Copyright Act may not be subject to the same defenses available to traditional copyright claims).

III. Finding a Cause of Action for Contributory Cybersquatting would not Further the Goals of the Statute

Congress enacted the ACPA in 1999 in order to “protect consumers ... and to provide clarity in the law for trademark owners by prohibiting the bad-faith and abusive registration of distinctive marks....” S.Rep. No. 106-140 at 4. The ACPA is a “carefully and narrowly tailored” attempt to fix this specific problem. Id. at 12-13. To this end, the statute imposes a number of limitations on who can be liable for cybersquatting and in what circumstances, including a bad faith requirement, and a narrow definition of who “uses” a domain name. 15 U.S.C. §§ 1125(d)(1)(A)(i), 1125(d)(1)(B), 1125(d)(1)(D). Imposing secondary liability on domain name registrars would expand the scope of the Act and seriously undermine both these limiting provisions.

Recognizing this risk, some of the district courts that have recognized a cause of action for contributory liability have required that a plaintiff show “exceptional circumstances” in order to hold a registrar liable under that theory. See Above.com Pty Ltd., 881 F.Supp.2d at 1178; Shah, 2011 WL 108954, . at *2; Greatdomains.com, Inc., 177 F.Supp.2d at 647. This “exceptional circumstances” test has no basis in either the Act, or in the common law of trademark. Rather than attempt to cabin a judicially discovered cause of action for contributory cybers-quatting with a limitation created out of whole cloth, wé simply decline to recognize such a cause of action in the first place.

Limiting claims under the Act to direct liability is also consistent with the ACPA’s goal of ensuring that trademark holders can acquire and use domain names without having to pay ransom money to cybers-quatters. Because direct cybersquatting requires subjective bad faith, focusing on direct liability also spares neutral third party service providers from having to divine the intent of their customers. In order for a service provider like GoDaddy, with clients holding over 50 million domain names, to avoid contributory liability, it would presumably have to analyze its customer’s subjective intent with respect to each domain name, using the nine factor statutory test. 15 U.S.C. § 1125(d)(1)(B). Despite that nearly impossible task, service providers would then be forced to inject themselves into trademark and domain name disputes. Moreover, imposing contributory liability for cybersquatting would incentivize “false positives,” in which the lawful use of a domain name is restricted by a risk-averse third party service provider that receives a seemingly valid take-down request from a trademark holder. Entities might then b,e able to assert effective control over domain names even when they could not successfully bring an ACPA action in court.

When actionable cybersquatting occurs, mark holders have sufficient remedies under the ACPA without turning to contributory liability. In addition to the provisions imposing civil liability on cybersquatters, 15 U.S.C. § 1125(d)(1)(A), the ACPA authorizes an in rem action against a domain name if the registrant is not available to be sued personally. 15 U.S.C. § 1125(d)(2)(A). Finally, trademark holders may still bring claims for traditional direct or contributory trademark infringement that arises from cybersquatting activities. 15 U.S.C. § 1125(d)(3).

CONCLUSION

We hold that there is no cause of action for contributory cybersquatting under the ACPA, and affirm the judgement of the district court.

AFFIRMED. 
      
      . Registrars are required to comply with the UDRP, which establishes an expedited and inexpensive arbitration process for resolving cybersquatting claims. Uniform Domain Name Dispute Resolution Policy, Internet Corporation for Assigned Names and Numbers, http://www.icann.org/en/help/dndr/udrp/ policy (Last visited Nov. 18, 2013). It also provides that registrars need only intervene in a cybersquatting dispute upon order of a court or an arbitration decision. Id. The purpose of the UDRP procedure is to remove registrars from participation in domain name disputes.
     
      
      . The Supreme Court cites to William R. Warner & Co. v. Eli Lilly & Co., 265 U.S. 526, 44 S.Ct. 615, 68 L.Ed. 1161 (1924), a pre-Lanham Act decision recognizing contributory liability for unfair trade practices, and Coca-Cola Co. v. Snow Crest Beverages, Inc., 64 F.Supp. 980, 989 (D.Mass.1946), aff’d, 162 F.2d 280 (1st Cir. 1947), which held that trademark law under the- Lanham Act retained the character of pre-Lanham Act unfair competition law, in support of this proposition.
     
      
      . Cybersquatting can be understood as registering a domain name 'associated with a protected trademark either to ransom the domain name to the mark holder or to divert business from the mark holder. Bosley Med. Inst., Inc. v. Kremer, 403 F.3d 672, 680 (9th Cir.2005) (quoting DaimlerChrysler v. The Net Inc., 388 F.3d 201, 204 (6th Cir.2004)).
     