Latest news of the domain name industry

Recent Posts

ICANN’s top DC lobbyist gets consumer safeguards role

Kevin Murphy, January 5, 2017, Domain Policy

ICANN has named veteran staffer Jamie Hedlund as its new senior VP for contractual compliance and consumer safeguards.

It’s a new executive team role, created by the departure of chief contract compliance officer Allen Grogan. Grogan announced his intention to leave ICANN last May, and has been working there part-time since August.

The “consumer safeguards” part of the job description is new.

ICANN first said it planned to hire such a person in late 2014, but the position was never filled, despite frequent poking by anti-spam activists.

Now it appears that the two roles — compliance and consumer safeguards — have been combined.

This makes sense, give that ICANN has no power to safeguard consumers other than the enforcement of its contracts with registries and registrars.

From the outside, it does not immediately strike me as an obvious move for Hedlund.

While his job title has changed regularly during his six or so years at ICANN, he’s mainly known as the organization’s only in-house Washington DC government lobbyist.

He played a key role in the recent IANA transition, which saw the US government sever its formal oversight ties with ICANN.

His bio shows no obvious experience in consumer protection roles.

His replacement in the government relations role is arguably just as surprising — Duncan Burns, a veteran PR man who will keep his current job title of senior VP of global communications.

The appointments seem to indicate that lobbying the US government is not as critical to ICANN in the post-transition world, and that institutional experience in the rarefied world of ICANN is a key qualifier for senior positions.

ICANN terminates penis pill pimp registrar

Kevin Murphy, January 5, 2017, Domain Registrars

ICANN is to terminate the contract of a Chinese registrar linked to dodgy pharmaceuticals web sites and other malfeasance.

Nanjing Imperiosus Technology Co, which does business as DomainersChoice.com, has been told it will lose its registrar accreditation February 3.

ICANN said in the termination notice that the company had failed to keep records related to abuse reports, failed to validate Whois records, and failed to provide ICANN with registration records, all in breach of the Registrar Accreditation Agreement.

The breaches related to complaints filed by illegal pharmacy watchdog LegitScript last September, I believe.

DomainersChoice and its CEO Stefan Hansmann were listed in Whois as the owners of potentially hundreds of domains that were being used to sell medicines for conditions ranging from heart disease to erectile dysfunction.

The domains 5mg-cialis20mg.com, acheterdutadalafil.com, viagra-100mgbestprice.net and 100mgviagralowestprice.net were among those apparently owned by the registrar.

According to LegitScript, thousands of DomainersChoice domains were “rogue internet pharmacies”.

The registrar has also been linked by security researchers to mass typosquatting campaigns.

The company’s web site even has a typo generator. While one could argue such tools are also useful to brand owners, DomainersChoice’s name suggests it’s geared towards domainers, not brands.

DomainersChoice had about 27,000 domains under management at the last count, which ICANN will now migrate to another registrar.

It’s not known how many of those were self-registered domains and how many were being used nefariously, but LegitScript CEO John Horton estimated (pdf) at least 2,300 dodgy pharma sites used the registrar.

Registrar accused of pimping prescription penis pills

Kevin Murphy, October 14, 2016, Domain Registrars

ICANN has implicated a Chinese domain name registrar in the online selling of medications, including Viagra and Cialis, without the required prescription.

The organization’s Compliance department filed a contract breach notice with Nanjing Imperiosus, which does business as DomainersChoice.com, today.

The move follows an allegation from pharmacy watchdog LegitScript in the US Congress that DomainersChoice is “rogue internet pharmacy operator”.

Because ICANN has no authority to police online pharmacies, it’s gone after the registrar based on an obscure part of the Registrar Accreditation Agreement.

Section 3.7.7 of the 2013 RAA says that domains must be registered to a third party, unless they’re used by the registrar in the course of providing its registrar services.

According to ICANN, DomainersChoice has refused to provide evidence that many of its domains are not in fact registered to itself and CEO Stefan Hansmann, in violation of this clause.

It cites 5mg-cialis20mg.com, acheterdutadalafil.com, viagra-100mgbestprice.net and 100mgviagralowestprice.net as examples of domains apparently registered to Hansmann and his company.

Historical Whois records show Hansmann and Nanjing Imperiosus as the registrant of these names until recently.

The domains all refer to erectile dysfunction medicines, which are usually only available in the US with a prescription.

A reverse Whois lookup reveals Hansmann’s name in the records for many more pharmaceuticals-related domains, some of which are for more serious medical conditions.

Several of the domains contain the words “without prescription” or similar, where the drug in question requires a prescription in the US.

Some of the domains do not currently resolve or no longer provide current Whois records and others have been recently transferred, but some resolve to apparently active e-commerce sites.

ICANN’s breach notice (pdf) doesn’t allege any illegal activity.

The same cannot be said for LegitScript CEO John Horton, who lumped DomainersChoice in with a few other registrars he believes are operating “illegal online pharmacies”.

Horton testified (pdf) before Congress last month that the registrar was playing host to 2,300 such sites.

The testimony was filed September 14, the same day ICANN began its compliance investigation.

ICANN’s notice, which alleges a handful of other relatively trivial breaches, asks that Hansmann provide a full list of domains registered in his and his company’s name via DomainersChoice.

It also demands evidence that the domains were either used to provide registrar services or were registered to a third party.

It wants all that by November 2, after which it may start to terminate the company’s RAA.

ICANN slaps first deadbeat dot-brand with breach notice

The world’s third-largest mobile phone company, worth some $14 billion a year, is the first new gTLD registry operator to refuse to pay ICANN fees.

That’s according to ICANN’s compliance department, which last night slapped Bharti Airtel with the new gTLD program’s first public contract breach notices.

The notices, which apply to .bharti and .airtel, claim that the Indian company has been ignoring demands to pay past due fees since February.

The ICANN quarterly fee for registries is $6,250. Given .airtel and .bharti were delegated 11 months ago, the company, which has assets of $33 billion, can’t owe any more than $37,500.

Bharti Airtel is, according to Wikipedia, the third largest mobile network operator in the world and the largest in India, with 325 million subscribers.

Yet ICANN also claims it has had terrible difficulty getting in touch with staff there, saying:

ICANN notes that Bharti Airtel exhibits a pattern of non-response to ICANN Contractual Compliance matters and, when responses are provided to ICANN, they are often untimely and incomplete.

The compliance notices show that ICANN has also communicated with Verisign, the registry back-end operator for both gTLDs, to try to get the matters resolved.

According to ICANN, the registry is also in breach of terms that require it to publish links to its Whois service, abuse contacts and DNSSEC practice statements on its web site.

The sites nic.airtel and nic.bharti don’t resolve (for me at least) with or without a www., but the Whois services at whois.nic.airtel and whois.nic.bharti appear to work.

These are the first two registries of any flavor emerging from the 2012 application round to receive public breach notices. Only one pre-2012 gTLD, .jobs, has the same honor.

ICANN has given Bharti Airtel 30 days from yesterday to come back into compliance or risk losing its Registry Agreements.

Given that both gTLDS are almost a year old and the nic. sites still don’t resolve, one wonders if the company will bother.

First registrar “breached” UDRP lock rule

Kevin Murphy, February 15, 2016, Domain Registrars

ICANN has charged a registrar with failing to abide by “cyberflight” rules for the first time.

Visesh Infotecnics did not lock down e-campaigner.com within two days of it being hit by a UDRP a couple of weeks ago, ICANN said in a compliance notice (pdf) on Thursday.

Visesh is based in India and does business as Signdomains.com. It has roughly 5,000 gTLD domains under management.

The transfer lock rule became ICANN consensus policy binding on all registrars last July, following four years of policy and implementation work.

It’s designed to prevent cybersquatters switching registrars when a UDRP lands in their inbox, a practice known as cyberflight.

The registrant of e-campaigner.com did not in fact change registrars, judging by Whois records.

The UDRP appears to have been filed in late January by a currently undisclosed entity. Signdomains put the domain on client-hold status February 8, according to Whois records.

This is the first time ICANN has publicly accused a registrar of failing to abide by the policy.

ICANN also says that the registrar does not display Whois data in the correct format on its web site, and that it owes some accreditation fees.

It has until March 3 to rectify these alleged breaches.