Latest news of the domain name industry

Recent Posts

Registrars could be held liable for US gun violence

Kevin Murphy, August 20, 2019, Domain Policy

A US presidential candidate has come out in support of amending the law to make domain name companies liable when customers use their services to incite violence.

Beto O’Rourke, a former member of Congress, stated last week that he wants to amend the Communications Decency Act to hold providers of “domain name servers” liable “where they are found to knowingly promote content that incites violence”.

He’s believed to be the first among the swarm of 2020 Democratic presidential hopefuls to lay out a plan to combat online hate speech.

The proposed amendments to Section 230 of the CDA are part of a sweeping package of reforms O’Rourke is proposing in order to tackle gun violence and domestic terrorism in the US.

He comes from El Paso, Texas, which was the target of a race-based terrorist attack a couple of weeks ago.

He’s also pushing for stricter gun controls, such as compulsory licensing and training.

But I’m not going to get into that stuff here. This is a blog about domain names. I’m British, so you can probably guess what my opinion on guns is.

In terms of online content, O’Rourke’s plan seems primarily aimed at getting the big social media platforms to more heavily moderate the content produced by their users.

But it specifically calls out domain name companies also:

Beto would require large internet platforms to adopt terms of service to ban hateful activities, defined as those that incite or engage in violence, intimidation, harassment, threats, or defamation targeting an individual or group based on their actual or perceived race, color, religion, national origin, ethnicity, immigration status, gender, gender identity, sexual orientation or disability. These companies also would be required to put in place systems designed to identify and act on content violating the terms of service. Platforms must be transparent when they block content and provide for an appeal process in order to guard against abuse.

Beto supports amending Section 230 of the CDA to remove legal immunity from lawsuits for large social media platforms that fail to change their terms of service and put in place systems as described above. Informational service providers of all sizes, including domain name servers and social media platforms, also would be held liable where they are found to knowingly promote content that incites violence.

Should registrars be worried about this?

If the legal test was that registrars “knowingly promote content that incites violence”, that seems like a pretty high bar.

I’m not convinced even Epik, which has come under fire for providing domain services to the likes of Stormfront and 8chan — both of which O’Rourke cites in his policy — “knowingly promotes” incitements to violence.

That’s not to say that registrars couldn’t find themselves prosecuted or sued anyway, of course.

O’Rourke is not a current front-runner in the Democrat presidential pack. While still in the race, he’s towards the bottom of the top 10, polls suggest.

What O’Rourke’s policy statement does suggest is that the regulation of online speech could become a significant issue in the 2020 election, and that the domain name industry in the US could find itself a political football in an extremely divisive game.

After more racist shootings, take one guess which registrar 8chan just switched to

Kevin Murphy, August 5, 2019, Domain Registrars

Controversial web forum 8chan has moved its domain name to a new registrar after it was linked to at least one of the two mass shootings that occurred in the US over the weekend.

According to Whois records, it’s just jumped to racist-friendly Epik, having been registered at Tucows since 2003.

The switch appears to have happened in the last few hours. At time of writing, you’re going to get different results depending which Whois server you ping.

Some servers continue to report Tucows as the registrar of record, perhaps using cached data, but Epik’s result looks like this:

Whois output

8chan is an image/discussion board that describes itself as “the Darkest Reaches of the Internet”. It’s reportedly heavily used by racists, extremists and those with an interest in child pornography.

It was widely linked by the media to the shooting in the border town of El Paso, Texas on Saturday, which claimed the lives of 20 people and left 26 more injured.

The suspect in the case reportedly posted to 8chan a 2,300-word racist “manifesto”, in which he ranted against Latino immigration, just 20 minutes before launching the attack.

This morning, Cloudflare announced that it would no longer provide denial-of-service attack protection for the web site, saying:

The rationale is simple: they have proven themselves to be lawless and that lawlessness has caused multiple tragic deaths. Even if 8chan may not have violated the letter of the law in refusing to moderate their hate-filled community, they have created an environment that revels in violating its spirit.

Google removed the site from its index a few years ago, due to allegations about child abuse material.

At this point, it’s not clear whether Tucows also ejected 8chan, or whether its owners decided to jump ship, perhaps sensing which way the wind is blowing.

Its new home, Epik, calls itself the “Swiss bank” of domain registrars, and has actively courted sites that enable far-right political views.

The registrar openly sought the business of Gab.com, the Twitter clone used largely by those who have been banned by Twitter, after GoDaddy suspended the site’s domain last November.

In March this year, Epik CEO Rob Monster came under fire for publicly doubting the veracity of the video of the mosque shootings in Christchurch, New Zealand, which killed 50 people.

8chan was also frequented by the perpetrator of that attack, among others.

Epik is described as “cornering the market on websites where hate speech is thriving”, according to the Southern Poverty Law Center, an anti-racist group.

Monster has said that he does not support the views of extremists, but merely wants to provide a platform where registrants can exercise their rights to free speech.

Oh, the irony! Banned anti-Islam activist shows up on “Turkish” new gTLD domain

Kevin Murphy, April 23, 2019, Domain Policy

Tommy Robinson, who has been banned from most major social media platforms due to his anti-Islam “hate speech”, is now conducting business via a domain name that some believe rightfully belongs to the Muslim-majority nation of Turkey.

The registration could add fuel to the fight between ICANN and its governmental advisers over whether certain domains should be blocked or restricted.

Robinson, the nom de guerre of the man born Stephen Yaxley-Lennon, is the founder and former leader of the far-right English Defence League and known primarily for stirring up anti-Muslim sentiment in the UK for the last decade.

He’s currently, controversially, an adviser to the UK Independence Party. Former UKIP leader Nigel Farage, also a thoroughly unpleasant bloke, considers Robinson so far to the right he quit the party in response to the appointment.

Over the last year, Robinson has been banned from Twitter, Facebook and Instagram, and had his YouTube account placed under serious restrictions. This month, he was also banned from SnapChat, and the EDL he used to lead was among a handful of far-right groups banned from Facebook.

Since his personal Facebook page went dark in February, he’s been promoting his new web site as the primary destination for his supporters.

It features news about his activities — mainly his ongoing fights against social media platforms and an overturned contempt of court conviction in the UK — as well as summaries of basically any sufficiently divisive anti-Islam, anti-immigration, or pro-Brexit stories his writers come across.

The domain he’s using is tr.news, a new gTLD domain in a Donuts-owned registry. It was registered in December via GoDaddy.

Given it’s a two-character domain, it will have been registry-reserved and would have commanded a premium price. Other two-character .news domains are currently available on GoDaddy for between $200 and $10,000 for the first year.

It will come as no surprise at all for you to learn that the domain was transferred out of GoDaddy, which occasionally kicks out customers with distasteful views, to Epik, now de facto home of those with far-right views, a couple of weeks after the web site launched.

The irony of the choice of domain is that many governments would claim that tr.news — indeed any two-character domain, in any gTLD, which matches any country-code — rightfully belongs to Turkey, a nation of about 80 million nominal Muslims.

TR is the ISO 3166-1 two-character code for Turkey, and until a couple of years ago new gTLD registries were banned from selling any of these ccTLD-match two-letter domains, due to complaints from ICANN’s Governmental Advisory Committee.

Many governments, including the UK and US, couldn’t care less who registers their matching domain. Others, such as France, Italy and Israel, want bans on specific domains such as it.pizza and il.army. Other countries have asked for blanket bans on their ccTLD-match being used at all, in any gTLD.

When new gTLDs initially launched in 2012, all ccTLD matches were banned by ICANN contract. In 2014, ICANN introduced a cumbersome government-approval system under which governments had to be consulted before their matches were released for registration.

Since December 2016, the policy (pdf) has been that registries can release any two-letter domains, subject to a provision that they not be used by registrants to falsely imply an affiliation with the country or registry with the matching ccTLD.

Robinson is certainly not making such an implication. I imagine he’d be as surprised as his readers to learn that his new domain has a Turkish connection. It’s likely the only people who noticed are ICANN nerds and the Turkish themselves.

Would the Turkish people look at tr.news and assume, from the domain alone, that it had some connection to Turkey? I think many would, though I have no idea whether they would assume it was endorsed by the government or the ccTLD registry.

Would Turkey — a government whose censorship regime makes Robinson’s social media plight look like unbounded liberalism — be happy to learn the domain matching its country code is being used primarily to deliver divisive content about the coreligionists of the vast majority of its citizens? Probably not.

But under current ICANN policy it does not appear there’s much that can be done about it. If Robinson is not attempting to pass himself of as an affiliate of the Turkish government or ccTLD registry, there’s no avenue for complaint.

However, after taking the cuffs off registries with its December 2016 pronouncement, allowing them to sell two-letter domains with barely any restrictions, ICANN has faced continued complaints from the GAC — complaints that have yet to be resolved.

The GAC has been telling ICANN for the last two years that some of its members believe the decision to release two-character names went against previous GAC advice, and ICANN has been patiently explaining the process it went through to arrive at the current policy, which included taking GAC advice and government comments into account.

In what appears to be a kind of peace offering, ICANN recently told the GAC (pdf) that it is developing an online tool that “will provide awareness of the registration of two-character domains and allow for governments to report concerns”.

The GAC, in its most-recent communique, told ICANN its members would test the tool and report back at the public meeting in Montreal this November.

The tool was not available in December, when tr.news was registered, so it’s not clear whether Turkey will have received a formal notification that its ccTLD-match domain is now registered, live, and being used to whip up mistrust of Muslims.

Update April 30: ICANN informs me that the tool has been available since February, but that it does not push notifications to governments. Rather, governments can search to see if their two-letter codes have been registered in which gTLDs.

“Stringent” new online censorship law could affect domain companies

Kevin Murphy, April 8, 2019, Domain Policy

Blame Zuck.

The UK government is planning to introduce what it calls “stringent” new laws to tackle abusive behavior online, and there’s a chance it could wind up capturing domain name registries and registrars in its net.

The Department for Culture, Media and Sport this morning published what it calls the Online Harms White Paper, an initial 12-week consultation document that could lead to legislation being drafted at a later date.

The paper calls for the creation of a new independent regulator, charged with overseeing social media companies’ efforts to reduce the availability of content such as incitements to violence, self-harm, suicide, child abuse, “hate crime” and even “fake news”.

It basically would increase the amount of liability that companies have for user-generated content hosted on their services, even when that content is not necessarily illegal but is nevertheless considered “harmful”.

The regulator would have to create a code of conduct for companies the legislation covers to abide by.

When the code is breached, the regulator would have the authority to issue fines — possibly comparable to the 4% of profits that can be fined under GDPR — against not only the companies themselves but also their senior management.

The paper seems to most directly address ongoing tabloid scandals related to Facebook and its ilk, such as the suicide of Molly Russell, a 14-year-old who viewed material related to self-harm on Instagram before her death.

While it does not mention domain names once, the government clearly anticipates casting a wide net. The paper states:

The scope will include companies from a range of sectors, including social media companies, public discussion forums, retailers that allow users to review products online, along with non-profit organisations, file sharing sites and cloud hosting providers.

That’s a broad enough definition such that it could even cover blogs, including this one, that allow users to post comments.

The paper also discusses asking search engines to remove sites from their indexes, and compelling ISPs to block abusive sites as a “last resort” measure.

There’s a short mental hop from ISP blocking to domain name takedowns, in my view.

The paper also discusses steps the regulator could take to ensure companies with no UK legal presence are still covered by the rules.

While the paper, as I say, does not mention the domain name industry once, subsidiary services provided by registrars, such as hosting, could be directly affected.

There’s no guarantee that the paper will become a bill. There’s already a backlash from those who believe it constitutes unacceptable censorship, comparable to regimes such as in China.

There’s also no guarantee such a bill would eventually become law. The UK government is arguably currently the weakest it has ever been, with a propped-up minority in Parliament and many MPs in open revolt over Brexit.

With talk of an early general election incessant recently, it’s also possible the government may not last long enough to bring its plans to fruition.

Still, it’s probably something the domain industry, including ICANN, should probably keep an eye on.

The full 100-page white paper can be found here (pdf) and an executive summary can be read here.

After NZ shooting, Epik has a Monster PR problem

Kevin Murphy, March 21, 2019, Domain Registrars

Domain name registrar Epik.com has come under fire from prominent domain investors and others after CEO Rob Monster suggested that video of the recent mosque shootings in New Zealand, which he hosted on an Epik service and shared on social media, was a hoax.

Domainer-bloggers including Shane Cultra, Konstantinos Zournas, and DNPlaybook.com have questioned Monster’s decision, and one of his own senior staffers, former DomainNameWire contributor Joseph Peterson, took to a domainer forum to in parts criticize and defend his boss.

Cultra was particularly harsh in his criticism this week, calling for domainers to move their domains out of Epik and for his friend, Epik director Braden Pollock, to remove himself from the board.

He wrote: “I would like to think that any respectable domain investor remove their domains from Epik… Rob Monster’s agenda has no place in our industry”.

DNPlaybook wrote that Monster has become “Facilitator of Hate and Promoter of Conspiracies”.

Other domainers have written that they have removed, or will remove, their domains from Epik, though Monster wrote earlier this week that the impact on its business so far has been minimal.

Epik is an ICANN-accredited registrar with about 400,000 gTLD names under management at the last count. It’s almost doubled in size over the last two years.

The company and its CEO have been subject to criticism for months over their decision to provide services to web sites that enable the promotion of far-right ideologies such as white supremacism and Nazism.

But the latest row kicked off on March 15, when Monster used his personal Twitter account to share a link to the self-shot, first-person video of one of the terrorist attacks at a mosque in Christchurch.

Fifty people, all Muslims attending Friday prayers or in the vicinity of the mosques, were killed by the same person during the attacks.

The first attack was live-streamed on Facebook from a head-mounted camera. Apparently viewed live by fewer than 200 people, copies were nevertheless widely circulated on social media and elsewhere.

The copy of the video linked to by Monster was hosted by Epik-owned privacy services provider Anonymize.com, on an “effectively uncensorable” file-sharing service the company is currently developing.

In a subsequent tweet, Monster threw doubt upon whether the footage was real, writing: “Shell casings simply vanish into thin air. Etc. It looks like low budget CGI”.

Anyone with a grain of common sense who has seen the video will tell you that Monster is clearly talking absolute bollocks here. It’s not a fake.

Monster’s Twitter account has since been deleted. According to Peterson, Epik’s director of operations, Monster deleted it himself. Reading between the lines, it appears he was pressured to do so by his staff, including Peterson.

Monster has not yet deleted — and is in fact still actively using — his @epik account on Gab.com, the Twitter clone often used by far-right activists who have been banned from or choose not to use Twitter due to their views.

A March 15 post on Gab by Monster links to a copy of the Christchurch killer’s rambling “manifesto”, again hosted on anonymize.com. This link is still live, but I’ve redacted it in the screen-cap below, which shows Monster effectively using the manifesto to promote the forthcoming Anonymize service.

Monster on Gab

I’ve been unable to confirm whether Epik is still hosting the video of the attack, though there are reports that it was taken down a matter of hours after posting. (UPDATE 1816 UTC: the video is in fact still live on the Anonymize service).

Epik and Monster drew attention last November when Monster publicly offered to become the registrar for Gab.com, after the domain was suspended by GoDaddy.

Monster at the time said the move was to protect freedom of speech online.

Epik again attracted attention last month when it acquired BitMitigate, a denial-of-service protection startup which has been providing services to unapologetic Nazi propaganda site The Daily Stormer since August 2017, when Cloudflare told the site to GTFO.

It’s also taken on the domain business of video hosting site BitChute, which is often used as a refuge for political vloggers (including some on the far right) who have been demonetized or banned by YouTube.

For these reasons, in January Epik attracted the attention of the Southern Poverty Law Center, an anti-racist group based in the US. The SPLC wrote that “Epik is cornering the market on websites where hate speech is thriving”.

The post, and other news reports, strongly hint that Monster’s own political views might be more aligned with those of his customers than he cares to admit.

Monster naturally rebuts these suggestions, calling the SPLC post “highly defamatory and inaccurate”. In one of his most recent posts on Namepros, before his staff asked him to back away from the public square for a while, he wrote:

As for those members of the domain community who have taken the opportunity this week to rebuke me for allowing free speech to continue on the Internet, please know that I am neither seeking publicity or controversy. I am of sound mind. I am not a Nazi, an anti-semite, a homophobe, a misogynist, a bigot, or a racist. I believe love and understanding will overcome hate and divisiveness.

The future of the domain industry is being determined in 2019. Censorship, WHOIS privacy, sinkholing, DDoS, deplatforming, demonetization, unpersoning, are all symptoms of the disease which is a relentless desire by the few to dictate the narratives and choices to be consumed by the many.

Peterson has also denied that his boss harbors secret extremist views, in a series of lengthy, nuanced posts (starting here) on Namepros this week.

He writes that Monster has a “weird conspiratorial streak” and a natural inclination to believe in “false flag” conspiracy theories. He doubts the official story on 9/11 and believes the moon landings were faked, Peterson said. Monster is also a “Bible-believing Christian”, according to his Gab profile.

Peterson also writes that a significant portion of Epik’s employees, including some in important roles, are Muslims. He writes that he was “appalled” by Monster’s decision to post the video, but added:

But to infer that he did this because he hates muslims and condones murder is not just simplistic; it is LUDICROUS. One person murders 30+ muslims. The other person hires them and works with them closely on a daily basis. To equate these 2 is simply wrong. Whatever the reasons Rob felt it necessary to re-publish a link to content others had decided to censor, hatred of muslims was NOT the reason.

He goes on to say:

I object to Epik — the team I work with and the customers we look after — being portrayed falsely as some epicenter of “hate speech” or the alt right. We are not. We are a domain registrar and marketplace with a wide range of services. We are a company whose boss has taken controversial (and in some ways courageous) steps to protect free speech. Unfortunately, that same boss has stepped on that message with some very bad PR moves. When Rob does that, it irritates me to the point of exasperation. And I tell him so.

According to Peterson, Monster and his wife came under attack last year with a leafleting campaign in his local neighborhood, denouncing him as a Nazi.

He suspects this kind of behavior may have caused his boss to “double-down” on exactly the same kinds of activities that invited the controversy in the first place.

Whatever the reason, Epik certainly has got a PR problem on its hands right now.

I doubt this is the last we’ll hear of it.