Latest news of the domain name industry

Recent Posts

XYZ bosses agree to pay $1.5 million to settle Fed’s loan scam claims

Kevin Murphy, January 14, 2022, Domain Registries

Some of XYZ’s top executives have agreed to pay $1.5 million to settle a US Federal Trade Commission lawsuit alleging they “deceptively” harvested vast amounts of personal data on millions of people and sold it “indiscriminately” to third parties including potential scammers and identity thieves.

The FTC says that the execs, through a network of interlinked companies, deceptively collected loan applications through at least 200 web sites, promising to connect the applicant with verified lenders, but instead sold the personal data willy-nilly to the highest bidder through a lead-generation marketplace.

The data was bought by companies that in the vast majority of cases were not in the business of providing loans, the FTC said. The buyers were not checked out by the XYZ execs and exposed consumers to identity theft and fraud, it added.

The allegations cover activities starting in 2012 and carrying on until recently, the FTC said.

“[They] tricked millions of people into giving up sensitive financial information and then sold it to companies that were not making loans,” Samuel Levine, director of the FTC’s Bureau of Consumer Protection said in a press release. “The company’s extraction and misuse of this data broke the law in several ways.”

“The FTC’s allegations were wholly without merit,” the defendants’ lawyer, Derek Newman, told DI in an email. “But litigation against the FTC is expensive and resource draining. For that reason, my clients chose to settle the case and move on with their business.”

“In fact, the FTC did not require any changes to my clients’ business practices that they had not already implemented before the case was filed,” he added.

The suit (pdf) named as defendants XYZ.com CEO Daniel Negari, COO Michael Abrose, business development manager Jason Ramin, and general counsel Grant Carpenter. Two other named defendants, Anisha Hancock and Sione Kaufusi, do not appear at first glance to be connected to the domains business.

The settlement (pdf) sees the defendants pay $1.5 million and agree to certain restrictions on their collection and use of data, but they did not admit or deny any liability.

The lead generation business was carried out via at least 17 named companies, including XYZ LLC (which appears to be a different company to the .xyz registry, XYZ.com LLC), Team.xyz LLC and Dev.xyz LLC. The FTC complaint groups them together under the name ITMedia.

Some of the companies are successors to Cyber2Media, the FTC said, a company that in 2011 had to settle a massive typosquatting lawsuit filed by Facebook.

Despite the personnel crossover, nothing in the complaint relates directly to the .xyz domains business, and the only domains listed in the complaint are some pretty nice .coms, including badcreditloans.com, personalloans.com, badcredit.com, fastmoney.com and cashadvance.com.

The complaint alleged deceptive representations and unfair distribution of sensitive information as well as violations of the Fair Credit Reporting Act. It reads:

In numerous instances, Defendants, through ITMedia’s actions, have shared and sold sensitive personal and financial information from consumers’ loan forms — including consumers’ full names, addresses, email addresses, phone numbers, birthdates, Social Security numbers, bank routing and account numbers, driver’s license and state identification numbers, income, status and place of employment, military status, homeownership status, and approximate credit scores—without consumers’ knowledge or consent and without regard for whether the recipients are lenders or otherwise had a legitimate need for the information.

Essentially, the complaint alleged that the defendants bullshitted consumers into handing over personal info thinking they were applying for a legitimate loan, when in fact the info was just being harvested for resale to sometimes dodgy buyers.

The complaint reads:

ITMedia’s practice of broadly disseminating consumer information, including to entities that share information with others whose identities and use of the information are unknown to ITMedia, exposes consumers to the risk of substantial harm from identity theft, imposter scams, unauthorized billing, phantom debt collection, and other misuse of the consumers’ information. Some consumers have complained that, shortly after submitting loan applications to ITMedia, they have received communications using the names of ITMedia websites to present sham loan offers or demands for repayment of counterfeit debt.

The $1.5 million settlement will be paid by “Individual Defendants and Corporate Defendants, jointly and severally”, according to court documents.

UPDATE: This article was updated shortly after publication with a statement from XYZ’s lawyer.

New gTLD pioneer MMX to wind up

Kevin Murphy, January 14, 2022, Domain Registries

MMX, the new gTLD registry also known as Minds + Machines, has decided to close down and de-list.

The company said today that it plans to return its remaining cash to investors through a tender offer and then cancel its remaining shares, which are listed on London’s Alternative Investment Market.

The cancellation plan is subject to shareholder approval at a February 7 general meeting, but the tender does not require approval.

MMX will buy back shares to the tune of £19 million ($26 million) at 10.4 pence per share, a premium of 26.1% on yesterday’s closing price and 24.8% on the last month’s average price.

It follows an $80 million tender offer completed in October.

MMX sold off its major assets — 22 new gTLD registry contracts — to GoDaddy last year in a $120 million deal, and has wound down its legacy registrar businesses.

Now, all that remains is a transition services agreement with GoDaddy, which will soon end.

There had been talk of using the AIM listing as a reverse-takeover vehicle for an operating business seeking quick access to the public markets, but it appears that’s no longer on the table.

If everything goes according to plan, MMX will cease to exist as a public company on February 22. Shareholders have until January 28 to accept the tender offer.

It seems the remaining shareholders will be losing out — if the tender offer is fully subscribed, they’ll only get to sell one share for every 1.485 shares they currently own.

Monte Cahn revealed as third new gTLD buyer

Kevin Murphy, January 11, 2022, Domain Registries

Domain investor Monte Cahn has revealed himself as the third partner in the controversial acquisition of new gTLD .hiphop from UNR.

Cahn Enterprises named itself alongside already-reported consultant Jeff Neuman of JJN Solutions and publicly traded startup Digital Asset Monetary Network (DigitalAMN) as a partner in newly formed registry vehicle Dot Hip Hop LLC.

DHH bought .hiphop privately from Frank Schilling’s UNR last April at around the same time as UNR auctioned off the other 22 gTLDs in its portfolio, exiting the registry business.

Cahn founded the registrar Moniker, aftermarket pioneer SnapNames and gTLD auction coordinator RightOfTheDot.

RightOfTheDot’s Scott Pruitt has also joined DHH to lead marketing, Cahn’s press release revealed.

The new registry plans to lower the price of .hiphip domains, which currently retail for over $150 a year, as part of an effort to get broader adoption in the hip-hop cultural community.

The company is strongly pushing digital empowerment and “financial literacy” in an “underserved” community as a public benefit of its plans for the TLD.

The problem DHH continues to face is ICANN’s ongoing blocking of the transfer of .hiphop, and the other 22 UNR TLD contracts, due to confusion about the ownership status of matching TLDs on the Ethereum Name Service, a blockchain-based alt-root.

ICANN is fearful of alternative DNS roots which, if they ever gain broad appeal, in theory could break internet interoperability as well as eroding ICANN’s own uniquely powerful and uniquely lucrative authority over the DNS.

DHH’s Neuman recently accused ICANN of foot-dragging and retaliation over the delayed transfers, which is costing the DHH partners money while their legal status is in limbo and they are unable to sell any names.

ICANN’s top brass subsequently denied these accusations, saying the Org is merely following its established (and rather convoluted) appeals procedures.

While these procedures could delay approval of .hiphop’s transfer for another few months, forcing DHH to burn more capital, ICANN said it is “considering the potential impact on the requestor as we have been requested to do”, so it may cut DHH some slack.

“National security” cited as registry says you have to ask its CEO if you want to register more than TWO domains

Kevin Murphy, January 10, 2022, Domain Registries

India, a country with some 2.2 million ccTLD domains, has implemented perhaps the strangest and most Draconian restrictions on bulk registration of modern times.

The local registry, NIXI, informed its registrars all over the world in late December that they will have to seek formal written permission directly from the CEO if a customer wishes to register more than two .in domains.

Registrars breaking the rules face losing their accreditation, NIXI said.

A terse notice (pdf) published on the registry’s web site, signed by CEO Anil Kumar Jain, reads:

It is decided that a written approval of CEO, NIXI is required if an individual Registrant submit a request for registering more than two domains.

In case a registered accredited company try to book domains more than 100 than also a written approval of CEO, NIXI is required.

In case any Registrar is booking domains violating the above norms NIXI has right to disallow/disconnect the domains booking under that category. A process may be initiated for de-accreditation of such Registrar.

Approval will be given within 24 hours of a request, regardless of weekends or holidays, the notice reads.

Asked for clarification, Jain told DI in an email that the “new procedure is drawn after reviewing national security concerns” and that “NIXI registry is not stopping any domain registration.”

“An individual can book up to 2 domains and a company can book up to 100 domains without permissions,” he wrote. “Permission sought is given within 24 hrs.”

The new rule has registrars scratching their heads, with one describing it as “crazy”, “very vague” and very difficult to enforce.

NIXI uses GoDaddy Registry as its back-end, but GoDaddy does not appear to be playing a role in the implementation of the new policy. A spokesperson said in a statement:

At this time, the responsibilities are on the registrars and it’s a discussion between NIXI and them. As the back-end provider, we work closely with .in on any changes they would like to make at the registry level.

ICANN is blocking 23 gTLD transfers over blockchain fears

ICANN is objecting to the transfer of 23 new gTLDs from UNR to an unknown number of third parties, because it’s scared that the associated non-fungible tokens may break the internet and its own authority over it.

The mystery of how UNR’s auction in April of its entire new gTLD portfolio has so far not resulted in a single ICANN Registry Agreement changing hands appears to have been solved.

It’s because UNR bundled each contract sale with a matching top-level “domain name”, in the form of an NFT, on the Ethereum Name Service, an alt-root based on the Ethereum blockchain, and ICANN is worried about what this means for both the long-term interoperability of the DNS and its own ability to act as the internet’s TLD gatekeeper.

This all emerged in an emergency Request for Reconsideration filed by a company called Dot Hip Hop, which bought .hiphop from UNR earlier in the year.

It turns out .hiphop is the TLD alluded to by Digital Asset Monetary Network, which in October became the first to out itself as a UNR buyer while not naming its gTLD. The purchase was made separately from the April auction, despite .hiphop being “mistakenly” listed as one of the lots.

It also turns out that consultant Jeff Neuman, who’s been a leading figure in the ICANN community since its inception, was behind long-time employer Neustar’s application for .biz, and is a big fan of musical theater, is chief legal officer of and a partner in DHH.

In his reconsideration request, Neuman rages against the fact that it had been over 120 days at time of writing since DHH and UNR had applied to have the .hiphop contract reassigned, but that ICANN is continuing to drag its feet despite DHH long ago passing its due diligence review (which Neuman says cost an excessive $17,000).

DigitalAMN lists DHH as a subsidiary in its recent Securities and Exchange Commission filings. The company is publicly listed but essentially pre-revenue, making its ability to start selling domain names rather quickly rather important.

ICANN has repeatedly delayed approval of the reassignment, provided no visibility into when approval will come, and has repeatedly asked the same questions — largely related to the NFTs — with only slight rewording, Neuman says:

ICANN Org has already communicated to DHH that it has already met all of the criteria required under the Registry Agreement. Yet still, ICANN is withholding consent based on its mere curiosity about the former owner of the .hiphop, TLD (UNR Co), and based on the questions that ICANN keeps re-asking, has presumably conjured up non-issues that: (a) have already been addressed by DHH on multiple occasions over the past 123 days, (b) are beyond the scope of ICANN’s mission, and (c) are philosophical, fictional and frankly do not exist in this matter.

The ENS NFT is a “de minimus” component of the transaction that DHH didn’t even know about until after it had already decided to buy .hiphop, the request states, and ICANN has no authority over the blockchain so the existence of an NFT is not a valid reason to deny the reassignment.

I think I also detect a race card being played here. The RfR spends a bit of time talking about how ICANN’s foot-dragging is making the Org look bad to “traditionally underserved communities where the Hip Hop culture has thrived, globally”.

Apparently referring to DigitalAMN, the RfR states:

In addition to such partner being established at the birthplace of Hip Hop (Bronx New York), by its founder who shares the same birthdate as Hip Hop (August 11th), its mission is to provide financial literacy and economic opportunities for those communities and cultures that are traditionally under-represented, under-funded and under-valued.

DigitalAMN is majority-owned and led by Ajene Watson, who is black. One of company’s stated goals is to connect early stage companies with capital from non-traditional investors (not just the “privileged few”) using non-traditional means.

The RfR goes on to say:

The most dominantly underserved, under-funded and under-valued communities, are also those that embrace and are part of the Hip Hop culture. This Partner has embraced what seemed to be an opportunity to provide domain name registration services to a culture that knows nothing of ICANN, nor the domain name industry. Now, its first impression of the ICANN community is unnecessary delay, a lack of transparency, and bureaucratic indecision—just another gatekeeper to prevent equitable access. In their eyes, they consistently see deadlines that are never met (by ICANN), a lack of information as to why their launch is being held up, and an entity (ICANN) that takes weeks/months to act on anything with no end in sight. In their view, it would appear that ICANN, as an organization, cares nothing about serving the public interest, or about the impact of its actions (or in this case inactions) on the undervalued communities this Partner aims to support.

It should be noted that 22 other unrelated UNR gTLD reassignments are also in limbo, so it’s not like ICANN has a problem in particular with hip-hop music or those who enjoy it.

ICANN, in its response to the RfR, lays all the blame with UNR for, it says, refusing to provide “fulsome and complete” answers to its questions about the NFTs. In a December 10 letter to Neuman, ICANN VP Russ Weinstein wrote:

Significant questions remain, including regarding the role and rights conveyed to the proposed assignees related to the NFTs created on the ENS. For these reasons, ICANN must continue to object to and withhold its consent to all pending Assignments proposed by UNR, including yours.

The RfR was denied by ICANN’s Board Accountability Mechanisms Committee on a technicality. DHH had filed an “emergency” request based on ICANN’s staff inaction, but emergency requests only apply to board action or inaction.

Neuman appears to have known this in advance. It appears DHH just wanted to get something in the public record about the state of play with UNR’s gTLDs.

ICANN seems to have two problems with the NFTs, and they’re both big, existential ones.

First, ENS is essentially an alt-root, and when you have competing roots there’s the risk of TLDs colliding — two or more registries claiming authority for the same TLD — breaking the global interoperability of the internet.

Second, but related, the existence of alt-roots threatens ICANN’s authority.

ICANN has no authority over ENS or the NFT names that live on it, so for a registry to run a TLD in the both the authoritative ICANN root and the alt-root of the ENS could cause problems down the road.

While NFTs can be “owned”, gTLDs are not. UNR is merely the party ICANN has contracted with to run .hiphop. While UNR and any subsequent assignees have a presumptive right of renewal, it’s possible for ICANN to terminate the contract and hand stewardship of the gTLD to another registry. It’s not merely a hypothetical scenario.

Should that ever happen with .hiphop, ICANN wouldn’t have the authority to seize the ENS NFT, meaning the old registry could carry on running .hiphop in the ENS while the new registry runs it in the ICANN root, again breaking global DNS interoperability.

You could spin it either way — either ICANN is worried about interoperability, or it’s worried about protecting its own power. These are not mutually exclusive, and are both probably true.

One thing’s the sure, however — in roadblocking these gTLD transfers, ICANN is playing into the hands of critics and blockchain fanboys who argue for decentralized control of naming, with ICANN as their bogeyman.

GoDaddy gets another year to negotiate .xxx contract

Kevin Murphy, December 15, 2021, Domain Registries

ICANN and GoDaddy seem to have missed their deadline for long-term renewal of their .xxx registry agreement for a second time.

The contract was extended earlier this week until December 15, 2022, giving the parties another full year to bash out whatever amendments are needed.

The initial deal, signed in 2011, was due to expire March 31, but was extended until today to give more time for renegotiation.

.xxx was the last gTLD approved prior to the 2012 application round, and as such it has a few differences to the standard gTLD contract.

The fee structure is particularly complicated; originally, the registry had to pay ICANN $2 per domain, to stuff ICANN’s war chest for anticipated litigation, but that has been reduced through amendments over the years.

ICANN is always keen to bring older contracts into line with the standard Registry Agreement.

The .xxx contract, like legacy gTLDs before it, will be subject to public comment before approval.

GoDaddy is currently pushing renewals for its AdultBlock trademark-protection services.

GoDaddy wins .tv contract after Verisign blows off 20-year deal

Kevin Murphy, December 14, 2021, Domain Registries

GoDaddy is taking over the contract to run .tv from Verisign, after Verisign didn’t even bother to bid for renewal.

The deal brings to an end a relationship between Verisign and the tiny Pacific island nation of Tuvalu that has lasted 20 years and contributed millions to the country’s economy.

The country’s communications ministry said on its Facebook page that GoDaddy Registry was selected after a “competitive tender process”, but DI understands that Verisign did not participate.

While terms of the new GoDaddy deal have not been disclosed, it seems likely that Tuvalu was looking for a far bigger slice of the pie than the $5 million a year it was getting from Verisign, and for moneybags Verisign, with its .com cash-printing machine, it simply wasn’t worth the hassle.

Tuvalu has around 11,000 inhabitants and gross national income of around $60 million — its .tv money was a big deal for the country, even at the amount Verisign was paying.

With a likely bigger chunk of change coming from GoDaddy, it’s going to have more to invest in what it calls its “digital nation” strategy, which appears to involve investing heavily in blockchain-based technologies to compensate for the fact that it may well disappear beneath the waves over the next few decades.

.tv is a cornerstone of this strategy, the government says.

There’s thought to be at least half a million registered .tv domains, and the bog-standard non-premiums retail for about $50 a year, so it’s been a nice little earner for Verisign over the last two decades.

The company first took on .tv in 2001 when it acquired startup .tv Corp, which had inked the original deal with Tuvalu in 1998, for $45 million. The contract has been renewed a few times since then.

The ccTLD was the first example of a mainstream TLD offering tiered pricing, with premium strings carrying bigger price tags — controversial 20 years ago, almost standard practice today.

There have been reports over the years that the country thought it was getting short-changed by the deal, and the contract was put up for bidding earlier this year.

Despite reports that the tender seemed suspiciously tailored for a Donuts win, it seems GoDaddy has emerged the victor.

One can only assume it’s offered Tuvalu a bigger slice of the pie, which is what it had to do (under its previous incarnation as Neustar) to keep hold of the contract to run Colombia’s .co last year.

Neither Verisign nor GoDaddy has publicly released a statement about the switch. While it’s a lot of money, it’s not strictly material to either company’s already swollen top lines.

EURid’s CEO is retiring

Kevin Murphy, December 9, 2021, Domain Registries

EURid’s long-serving CEO is leaving and the company has started looking for someone to fill the role.

A spokesperson for the .eu registry told DI this morning that Marc Van Wesemael is planning to retire after his replacement is found, which should be a matter of months.

Van Wesemael has been CEO (general manager) of the Belgium-based company since its foundation and since it was first awarded the contract to run .eu way back in 2005.

EURid announced without sentiment or fanfare this week that candidates should apply via an agency on this LinkedIn page.

Given the nature of the role as an EU government contractor, the company is looking for somebody familiar with the workings of the European Commission.

Van Wesemael’s departure announcement comes just a few months after EURid was re-awarded the contract to run .eu and its Greek and Cyrillic variants for another five years, giving his successor some breathing room.

.org back-end deal will come up for re-bid, PIR says as it acquires four new gTLDs

Kevin Murphy, December 8, 2021, Domain Registries

The industry’s most lucrative back-end registry services contract will be rebid, Public Interest Registry said today.

The deal, which sees PIR pay Afilias $18.3 million a year to run .org, according to tax records, will see a request for proposals issued in the back half of 2023, according to PIR.

Given that’s two years away, it’s strange timing for the announcement, which came at the bottom of a press release and blog post announcing that the company is acquiring four new gTLDs, three of which belong to Afilias’ new owner, Donuts.

PIR said Donuts is to transfer control of .charity, .foundation and .gives, which will be “reintroduced” to the market. .foundation currently has about 20,000 registered domains; the other two have a few thousand each.

It’s also acquiring the unlaunched gTLD .giving from a company called Giving Ltd.

All four are on-message for PIR’s not-for-profit portfolio, which also includes the barely-used .ngo and .ong for non-governmental organizations.

Those two gTLDs are getting decoupled, allowing registrants to register one without having to buy the other, PIR also said today.

The last time the PIR back-end contract came up for renewal, in 2015, Afilias was also the incumbent but increased competition — it was up against 20 rivals — meant that its slice of .org revenue was cut in half.

EURid to drop 48,000 Brexit domains in one day

Kevin Murphy, November 23, 2021, Domain Registries

All the .eu domain names formerly belonging to Brits and UK residents will be released for registration on a first-come, first-served basis in one day, EURid announced today.

There are about 48,000 of them, and they’ll be released in batches starting at 0900 UTC on January 3, two days later than the previously announced date, the registry said.

The names all belonged to UK registrants that lost their eligibility when the country left the EU in January last year.

There were almost 300,000 .eu domains registered in the UK at the time of the Brexit referendum in 2016. Most have since dropped or been transferred to EU-based entities or EU citizens that still qualify.