Cops seize 132 domains in Cyber Monday crackdown

Law enforcement agencies in the US and Europe have shut down 132 domain names in order to stop the selling of counterfeit merchandise online.

According to the US Immigration and Customs Enforcement agency, the now-annual Cyber Monday crackdown included domain names in the .eu, .be, .dk, .fr, .ro and .uk ccTLDs.

Law enforcement from those countries were involved, via Europol, in their respective local seizures, while ICE nabbed 101 domains in generic TLDs whose registries are based in the US.

One person was also arrested, and ICE plans to seize $175,000 in ill-gotten gains sent to a PayPal account connected with the sites.

It’s the third year in a row that ICE has led an operation of this kind before “Cyber Monday”, which in recent years has become the most popular day of the year for e-commerce deals.

The operation started when ICE and Europol “received leads from various trademark holders regarding the infringing websites”, ICE said in a press release.

ICE domain seizures enter second phase

The US Immigration & Customs Enforcement agency seems to be consolidating its portfolio of seized domain names by transferring them to its own registrar account.

Many domains ICE recently seized at the registry level under Operation “In Our Sites” have, as of yesterday, started naming the agency as the official registrant in the Whois database.

ICE, part of the Department of Homeland Security, has collected over 100 domains, most of them .coms, as part of the anti-counterfeiting operation it kicked off with gusto last November.

The domains all allegedly either promoted counterfeit physical goods or offered links to bootleg digital content.

At a technical level, ICE originally assumed control of the domains by instructing registries such as VeriSign, the .com operator, to change the authoritative name servers for each domain to seizedservers.com.

All the domains pointed to that server, which is controlled by ICE, resolve to a web server displaying the same image:

(The banner, incidentally, appears to have been updated this month. If clicked, it now sends visitors to this anti-piracy public service announcement hosted at YouTube.)

Until this week, the Whois record associated with each domain continued to list the original registrant – a great many of them apparently Chinese – but ICE now seems to be consolidating its portfolio.

As of yesterday, a sizable chunk — but by no means all — of the seized domains have been transferred to Network Solutions and now name ICE as the registrant in their Whois database records.

Rather than simply commandeering the domains, it appears that ICE now “owns” them too.

But ICE has already allowed one of its seizures to expire. The registration for silkscarf-shop.com expired in March, and it no longer points to seizedservers.com or displays the ICE piracy warning.

The domain is now listed in Redemption Period status, meaning it is starting along the road to ultimately dropping and becoming available for registration again.

Interestingly, most of the newly moved domains appear to have been transferred into NetSol from original registrars based in China, such as HiChina, Xin Net and dns.com.cn.

After consulting with a few people more intimately familiar with the grubby innards of the inter-registrar transfer process than I am, I understand that the names could have been moved without the explicit intervention of either registrar, but that it would not be entirely unprecedented if the transfers had been handled manually under the authority of a court order.

If I find out for sure, I’ll provide an update.

ICANN will not attend White House drugs meeting

ICANN has declined an invitation from the Obama administration to attend a meeting tomorrow to discuss ways to crack down on counterfeit drugs web sites.

The meeting, first reported by Brian Krebs, was called with an August 13 invitation to “registries, registrars and ICANN” to meet at the White House to talk about “voluntary protocols to address the illegal sale of counterfeit non-controlled prescription medications on-line.”

The meeting is reportedly part of the administration’s Joint Strategic Plan to Combat Intellectual Property Theft, which was announced in June.

It also follows a series of reports from security firms that called into question domain name registrars’ willingness to block domains that are used to sell fake pharma.

ICANN tells me that, following talks with White House Intellectual Property Enforcement Coordinator Victoria Espinel, it was agreed that it would “not be appropriate” for ICANN to attend.

The decision was based on the fact that ICANN’s job is to make policy covering internet names and addresses, and not to regulate the content of web sites.

ICANN’s vice president of government affairs for the Americas, Jamie Hedlund, said the meeting was “outside the scope of our role as the technical coordinator of the Internet’s unique identifiers.”

I suspect it also would not have looked great on the global stage if ICANN appeared to be taking its policy cues directly from the US government rather than through its Governmental Advisory Committee.

Demand Media-owned registrar eNom, which has took the brunt of the recent criticism of registrars, recently signed up to a service that will help it more easily identify and terminate domains used to sell counterfeit medicines.