A new bill has been proposed in Congress (it has not passed or become law yet): The Anti-Phishing Consumer Protection Act of 2008
Essentially, under Sec. 3(b) of the bill, any deceptive or misleading domain names that are confusingly similar to a business name, entity, or government body, regardless of whether there is a trademark registration or not, could be in violation of this law.
The penalties (Sec. 4(f)(3)) are $250/violation (up to $750/violation if found to be willful), up to a maximum of $6 million, plus attorney fees.
While it may be good to help reduce Phishing practices, it may be going too far to cover any domain owner, even with a generic domain, that is not engaged in any phishing activity.