Latest news of the domain name industry

Recent Posts

End of the road for Neustar as GoDaddy U-turns again and buys out its registry biz

GoDaddy has changed its mind about the registry side of the industry yet again, and has acquired the business of Neustar, one of the largest and oldest registries.

The deal will see GoDaddy purchase, for an undisclosed sum, all of Neustar’s registry assets, amounting to 215 TLDs and about 12 million domains.

It means the gTLD .biz is now under the new GoDaddy Registry umbrella, as are the contracts to run the ccTLDs .us, .in, and .co, 130 dot-brand gTLDs and 70 open gTLDs.

Neustar’s registry staff are also being taken on.

“We’re bringing the whole team aboard. One of the things we’re very excited about is bringing the team aboard,” Andrew Low Ah Kee, GoDaddy’s chief operating officer, told DI today.

He added that, due to coronavirus job insecurities wracking many minds right now, GoDaddy has promised its entire workforce that there will be no layoffs in the second quarter.

Nicolai Bezsonoff, currently senior VP of Neustar’s registry business, will run the new unit. He said for him the opportunity for “innovation” was at the heart of the deal.

“We’ve always been one step removed from the customer, so it can be hard to understand what customer wants to do,” he said. “This gives us huge customer insight into what customers want and how they want to use domains.”

Pressed for hypothetical examples of innovation, Bezsonoff floated ideas about selling domains for partial-year periods, or doing more to crack down on DNS abuse.

The deal is an example of “vertical integration”, which has been controversial due to the potential risk of a dominant registry playing favorites with its in-house registrar, or vice versa.

While registries such as Donuts, CentralNic and until recently Uniregistry vertically integrated with little complaint, the industry is currently nervous about Verisign’s newfound ability under its ICANN contract to own and run a registrar.

Because GoDaddy is the Verisign — the runaway market leader — of the registrar side of the industry, one might expect this deal (expected to close this quarter) to get more scrutiny than most.

But the company says it’s going to “strictly adhere to a governance model that maintains independence between the GoDaddy registry and registrar businesses”.

Low Ah Kee said that this means the registry and registrar “won’t share any information that gives or appears to given any unfair advantage” to the GoDaddy registrar, that their business performance will be assessed separately, and that they’ll be audited to make sure they’re not breaking this separation.

If GoDaddy appears to be preemptively expecting criticism, there’s a good reason why: the proposed acquisition of .org manager PIR by private equity group Ethos Capital has caused huge upset in recent months, and there are some parallels here.

First, like .org, pricing restrictions were lifted in Neustar’s .biz under a contract renewal with ICANN last year. It fell under the radar a little as .biz is substantially smaller, not a legacy gTLD as such, and not widely used.

Like the .org deal, the transfer of control of .biz will also be subject to ICANN’s approval before GoDaddy and Neustar can seal the deal.

Could we be looking at another big public fight over a gTLD acquisition?

But unlike Ethos with .org, GoDaddy says it has no intention of raising prices with .biz.

“We will not be raising prices, in fact we will look into reducing prices for some TLDs,” Bezsonoff said.

One TLD where one assumes prices won’t be going down is .co, where Neustar has just had its margins massively slashed by the Colombian government.

The acquisition was announced just days after the Colombian government announced that it has renewed its contract with Neustar to run .co for another five years, but under financial terms hugely more favorable to itself.

Whereas the initial 10-year term saw the government being paid 6% to 7% of the .co take, that number has soared to 81%, making .co — arguably Neustar’s registry crown jewel — a substantially less-attractive TLD to manage.

One assumes that the acquisition price would have fluctuated wildly based on the outcome of the .co renegotiation, but the GoDaddy/Neustar execs I talked to today didn’t want to talk about terms.

GoDaddy’s history with the registry side of the business has been changeable.

As far as ICANN contract is concerned, it is already a registry because it owns the .godaddy dot-brand. But that’s currently unused, with the registry functions outsourced to — cough — Neustar’s arch-rival Afilias.

Given Neustar’s religious devotion to the dot-brand concept, and the weirdness of using one of your primary competitors for a key function, one might expect both of those situations to change.

GoDaddy did also apply for .casa and .home back in 2012, but changed its mind and abandoned both bids fairly early in the process.

The sudden excitement about the registry business today begs the question of why GoDaddy didn’t buy Uniregistry’s registry business at the same time as it bought its secondary market and registrar earlier this year, but apparently it was not for sale.

Following the acquisition, Neustar is keeping its DNS resolution services and GoDaddy will continue to use them, so Neustar is not entirely out of the domain game, but it looks like the end of the road for Neustar as a brand I regularly report on.

The registry started life in 2000 as “NeuLevel”, a joint-venture between Neustar and Aussie registrar Melbourne IT formed to apply to ICANN for new gTLDs. It wanted .web, but got .biz, which now has about 1.7 million names under management, down from a 2014 peak of 2.7 million.

CentralNic seeing no impact from coronavirus

CentralNic, the triple-play domain company, has told the markets that the coronavirus pandemic is not having an impact on its financial health.

In a statement yesterday, the company said:

To date, CentralNic has not experienced interruptions in its services to customers or in its supply chain, and the Company confirms that its current trading is in line with market expectations.

CentralNic’s business is expected to remain resilient. Its services are procured and delivered over the internet, and the majority of CentralNic’s revenues are payments from existing subscribers and customers on rolling contracts. The Company’s core product is the sale of domain names, which are core infrastructure that enable the functioning of email and websites — the most important communication tools used between work colleagues working remotely and between companies and their customers.

The company makes most of its money from the retail side of the industry nowadays, largely via a network of thousands of resellers, but it also runs its own TLD registries and acts as a back-end for some high-volume TLDs such as .xyz.

It expects to report its 2019 financial results and a summary of its Q1 performance a few weeks from now.

Namecheap and others banning coronavirus domains

Kevin Murphy, March 26, 2020, Domain Registrars

Anyone wanting to buy a coronavirus-related domain for scamming purposes won’t be able to do it via Namecheap, which has preemptively banned keyword domains on its storefront.

For the last several days, the registrar has rejiggered its web site to prevent customers adding domains containing certain keywords — such as “coronavirus” or “covid” or “vaccine” — to their shopping carts.

The company said today that customers wishing to register such domains for legitimate purposes can continue to do so by calling up Namecheap customer service and having the name registered manually.

CEO Richard Kirkendall said in an email to customers that Namecheap is also “actively working with authorities to both proactively prevent, and take down, any fraudulent or abusive domains or websites related to COVID19”.

A GoDaddy spokesperson told DI this week that it has also taken down domains when alerted to their usage as coronavirus scams.

Meanwhile, .uk registry Nominet said that it has added keywords such as “coronavirus” and “covid” to its Domain Watch initiative, the same semi-automated system it uses to flag and suspend phishing and “rape” domains preemptively at point of registration. Nominet said:

Those that look suspicious — based on our algorithm and then a manual check — are suspended until we see evidence of good intentions from the registrants.

So far, we have suspended over 180 domains while we conduct this extra due diligence. A small proportion responded to our satisfaction and had their domain names reactivated. It’s highly likely that those who did not respond were intending to use their domains to manipulate a public in need of information.

Another domain company taking action is aftermarket site Dan.com, which today said on Twitter that it will remove all coronavirus related domains from its marketplace.

Namecheap is also offering some customers payment flexibility when it comes to some products — largely non-domain products such as hosting — if they can convince customer service reps of their coronavirus-related financial hardship.

“I urge you not to abuse this offer, please allow it to be used by those who need it most, who are otherwise unable to pay,” Kirkendall wrote.

Verisign, the .com registry, yesterday hinted that it will be offering its registrars some similar flexibility, which one assumes could be passed on to registrants.

US officials gunning for coronavirus domains

Kevin Murphy, March 24, 2020, Domain Registrars

US state and federal law enforcement are pursuing domain names being used to push bogus products and misinformation related to coronavirus Covid-19.

In separate actions, the US Department of Justice forced Namecheap to take down a scam site that was allegedly using fear of coronivirus to hoodwink visitors out of their cash, while the New York Attorney General has written to registrars to demand they take action against similar domains.

The DoJ filed suit (pdf) against the anonymous “John Doe” registrant of coronavirusmedicalkit.com on Saturday and on Sunday obtained a temporary restraining order obliging Namecheap to remove the DNS from the domain and lock it down, which Namecheap seems to have done.

Namecheap is not named as a defendant, but the complaint notes that the DoJ had requested the domain be taken down on March 19 and no action had been taken by the evening of March 21.

The web site in question allegedly informed visitors that the World Health Organization was giving away free coronavirus vaccines to anyone prepared to pay a $4.95 shipping fee by handing over their credit card details.

This is an identity theft scam and wire fraud, the complaint says.

Meanwhile, NYAG Letitia James has sent letters, signed by IT chief Kim Berger, to several large US registrar groups — including GoDaddy, Dynadot, Name.com, Namecheap, Register.com, and Endurance — to ask them to “stop the registration and use of internet domain names by individuals trying to unlawfully and fraudulently profit off consumers’ fears around the coronavirus disease”.

In the letter to GoDaddy (pdf), Berger asks for a “dialogue” on the following preventative measures:

  • The use of automated and human review of domain name registration and traffic patterns to identify fraud;
  • Human review of complaints from the public and law enforcement about fraudulent or illegal use of coronavirus domains, including creating special channels for such complaints;
  • Revising your terms of service to reserve aggressive enforcement for the illegal use of coronavirus domains; and
  • De-registration of the domains cited in the articles identified above that were registered at GoDaddy, and any holds in place on registering new domains related to coronavirus, or similar blockers that prevent rapid registration of coronavirus-related domains.

In other words: try to stop these domains being registered, and take them down if they are.

No specific malicious sites are listed in the letter. Rather, Berger cites a study by Check Point Software that estimates that something like 3% of the more than 4,000 coronavirus-related domains registered between January and March 5 are “malicious” in nature.

More domain industry response to coronavirus

Kevin Murphy, March 18, 2020, Domain Registrars

It’s beginning to look like home-working has become the norm, rather than the exception, in the domain name industry.

Following on my post Monday, here are the latest companies and organizations to provide updates on their responses to the coronavirus pandemic.

  • ICANN has told its staff in Brussels, Geneva and Singapore to work from home, while recommending that its guys in Istanbul, LA and Washington DC do the same. Staff in Montevideo and Nairobi, where confirmed cases of the virus are pretty light, will carry on as normal for now. The edict will be in effect until March 31. One imagines there’s a good chance it could be renewed.
  • In the UK, Nominet said yesterday that it has “initiated home-working across all our teams from today” and expects “business as usual”. All in-person events through the end of May have been postponed.
  • In Ireland, registry IEDR said that it closed its offices in Dublin on Friday and may reopen March 30, pending further government guidance. Like other registries, IEDR said it’s already well-equipped for staff to work remotely.
  • Also in Ireland, registrar Blacknight Solutions tells me its team are also now working from home.
  • Canada-based registrar Tucows said: “On Sunday March 8, Tucows’ executive leadership announced that all employees who could conceivably work from home were encouraged to do so in the week that followed. On Monday, it looked like an overabundance of caution but by Thursday morning it seemed prescient.” While there is expected to be no impact to the registrar side of the house, the Ting Internet ISP arm has cancelled and rescheduled all home egineering visits, which obviously could cause customer disruption.
  • French registrar Gandi, operating under some of the world’s most stringent government guidelines, said yesterday its staff are naturally enough now all working from home.
  • Not strictly domain industry, but the World Intellectual Property Organization said yesterday it has limited access to its Geneva headquarters to only “essential” staff.
  • US-based registrar MarkMonitor said Monday it has implemented a remote-working regime for its staff.

Given how dog-bites-man such announcements have rapidly become, I doubt I’ll be following up this series of posts again, unless something truly extraordinary happens. It’s pretty safe to assume that before long almost everyone in the industry will be working from home.

GoDaddy cancels in-person investor day over coronavirus fears

Kevin Murphy, March 13, 2020, Domain Registrars

GoDaddy has followed in the footsteps of many other companies and organizations, cancelling a large in-person meeting to avoid exacerbating the coronavirus pandemic.

The market-leading registrar, listed on the New York Stock Exchange, announced this week that will host its investor day, scheduled for April 2, as a webcast only, out of “concern for the health and well-being of participants and attendees”.

There had been planned a face-to-face component in New York, but that will no longer go ahead.

New York’s mayor this week slapped a ban on public gatherings of over 500 people, but GoDaddy’s announcement predates that edict.

The news came as ICANN conducted its first-ever online-only public policy meeting.

Facebook WILL sue more registrars for cybersquatting

Kevin Murphy, March 13, 2020, Domain Registrars

Facebook has already sued two domain name registrars for alleged cybersquatting and said yesterday that it will sue again.

Last week, Namecheap became the second registrar in Facebook’s legal crosshairs, sued in in its native Arizona after allegedly failing to take down or reveal contact info for 45 domains that very much seem to infringe on its Facebook, Instagram and WhatsApp trademarks.

In the complaint (pdf), which also names Namecheap’s Panama-based proxy service Whoisguard as a defendant, the social media juggernaut claims that Whoisguard and therefore Namecheap is the legal registrant for dozens of clear-cut cases of cybersquatting including facebo0k-login.com, facebok-securty.com, facebokloginpage.site and facebooksupport.email.

In a brief statement, Facebook said these domains “aim to deceive people by pretending to be affiliated with Facebook apps” and “can trick people into believing they are legitimate and are often used for phishing, fraud and scams”.

Namecheap was asked to reveal the true registrants behind these Whoisguard domains between October 2018 and February 2020 but decline to do so, according to Facebook.

The complaint is very similar to one filed against OnlineNIC (pdf) in October.

And, according to Margie Milam, IP enforcement and DNS policy lead at Facebook, it won’t be the last such lawsuit.

Speaking at the second public forum at ICANN 67 yesterday, she said:

This is the second in a series of lawsuits Facebook will file to protect people from the harm caused by DNS abuse… While Facebook will continue to file lawsuits to protect people from harm, lawsuits are not the answer. Our preference is instead to have ICANN enforce and fully implement new policies, such as the proxy policy, and establish better rules for Whois.

Make no mistake, this is an open threat to fence-sitting registrars to either play ball with Facebook’s regular, often voluminous requests for private Whois data, or get taken to court. All the major registrars will have heard her comments.

Namecheap responded to its lawsuit by characterizing it as “just another attack on privacy and due process in order to strong-arm companies that have services like WhoisGuard”, according to a statement from CEO Richard Kirkendall.

The registrar has not yet had time to file its formal reply to the legal complaint, but its position appears to be that the domains in question were investigated, found to not be engaging in nefarious activity, and were therefore vanilla cases of trademark infringement best dealt with using the UDRP anti-cybersquatting process. Kirkendall said:

We actively remove any evidence-based abuse of our services on a daily basis. Where there is no clear evidence of abuse, or when it is purely a trademark claim, Namecheap will direct complainants, such as Facebook, to follow industry-standard protocol. Outside of said protocol, a legal court order is always required to provide private user information.

UDRP complaints usually take several weeks to process, which is not much of a tool to be used against phishing attacks, which emerge quickly and usually wind down in a matter of a few days.

Facebook’s legal campaign comes in the context of an ongoing fight about access to Whois data. The company has been complaining about registrars failing to hand over customer data ever since Europe’s GDPR privacy regulation came into effect, closely followed by a new, temporary ICANN Whois policy, in May 2018.

Back then, its requests showed clear signs of over-reach, though the company claims to have scaled-back its requests in the meantime.

The lawsuits also come in the context of renewed attacks at ICANN 67 on ICANN and the domain industry for failing to tackle so-called “DNS abuse”, which I will get to in a follow-up article.

Chinese registrars ask ICANN to waive fees due to Coronavirus

Almost 50 registries and registrars based in China have asked ICANN to temporarily waive its fees due to the economic impact they say Covid-19 — the new Coronavirus — is having on them.

They’ve all put their names to a February 21 letter (pdf) that ICANN published over the weekend, saying they “believe that it’s essential that ICANN provides immediate fee waiver to registries and registrars in China”.

The letter, signed by more than half of the currently accredited registrars in China, notes the cancellation of the Cancun public meeting, adding:

We highly respect and welcome ICANN’s approach to keep our community safe. Meanwhile, the contracted parties in China, including their staff, suppliers, and relevant business counterparts, are being hit and suffered by the 2019-nCoV in a much greater scale than in other countries and regions combined since January 2020. Many of the staff members have been restrained to perform sales and support functions at the level they are required to. There are significant delays in collections, payments and wire transfers. While we expect that the scale of 2019-nCoV could not go greater, the business growth estimate in 2020 has been jeopardized and the time of recovery can be very long.

While domestic aid on tax, rentals, etc. are being discussed and confirmed, we believe that it’s essential that ICANN provides immediate fee waiver to registries and registrars in China. The waiver of 2020 fees, including annual fees and transaction fees, will greatly help stabilize our business in the difficult time.

This is not a small ask. ICANN collects fees based on transaction volume, and many millions of transactions originate in China. That’s particularly true in the new gTLD space, where China dominates.

The Chinese companies say that ICANN could afford to waive the fees due to the money they say ICANN will save by cancelling Cancun and other international travel.

My hunch is that ICANN won’t agree to these demands. While China is currently undoubtedly disproportionately affected by Covid-19, that situation is rapidly changing.

In the coming weeks and months it’s quite possible — worst-case scenario — the rest of the world could be similarly affected. Is ICANN prepared to set a precedent that could see it sacrifice its entire annual budget? I doubt it.

All previous requests for ICANN to waive its fees for various other reasons have been denied.

Registrar terminated after what looks like domain hijacking

Kevin Murphy, January 10, 2020, Domain Registrars

ICANN has canned its first registrar of the year.

Los Angeles-based World Biz Domains will be going out of bizness after ICANN terminated its registrar contract earlier this week, following its non-responsiveness to what appears to be case of domain hijacking.

It’s a nothing registrar, with fewer than 100 domains under management, but it once had over 5,000.

The termination comes following the suspension I blogged about in October, which was related to the transfers to World Biz of 15 potentially valuable domains in late 2018.

The names were all either short numerics or the names of famous places in Singapore and Malaysia.

ICANN spent most of last year demanding records showing that the transfers were legit, but was ghosted.

World Biz allegedly also had failed to deliver Whois records in the proper format, and was behind on its ICANN accreditation fees.

The company will lose its accreditation officially on January 22.

GoDaddy girls often make more money than the men

Kevin Murphy, December 12, 2019, Domain Registrars

Women in some roles at GoDaddy are making more money than their male counterparts, according to data released by the registrar today.

In technical positions in the US, female employees are making on average $1.03 for every $1 men make, GoDaddy said. Women in leadership positions make two cents more than men.

But women in non-techie, non-leadership jobs make a penny less than males, the company said.

“The 2019 global salary data shows that GoDaddy is paying men and women at parity across the company, when comparing men and women in like roles,” GoDaddy said.

The new data also shows that 29% of GoDaddy employees globally are female, which is the same as last year.

But the proportion of women in technical jobs decreased by two points to 17%.

Meanwhile, 36% of non-technical roles are staffed by women, up one point from 2018.

In the US, the female contingent was a little higher — 30% overall, 19% of techies and 37% of non-techies.

The male-female mix at GoDaddy appears to be in the same ballpark as what we generally see with attendance statistics coming out of ICANN meetings — roughly 70/30.

GoDaddy started publishing this data five years ago as part of a plan to foster diversity, reduce unconscious bias, and generally get away from its roguish foundational image as a company that flogged millions of domains with “GoDaddy Girls” — usually busty spokesmodels in skimpy clothing.