Latest news of the domain name industry

Recent Posts

End in sight for Go Daddy’s 60-day transfer lock

Kevin Murphy, January 21, 2012, Domain Registrars

Go Daddy’s unpopular 60-day domain name lockdown period, which prevents customers moving to other registrars, could be reduced to as little as five days under new ICANN policy.

ICANN’s GNSO Council this week voted to amend the Inter-Registrar Transfer Policy, which is binding on all registrars, to clarify when and how a registrar is allowed to block a transfer.

Today, Go Daddy has a policy of preventing transfers for 60 days whenever the registrant’s name is changed in the Whois record.

It’s designed to help prevent domain name hijacking, but to many customers it’s frustrating and looks shady; as a result it’s one of the most frequently cited criticisms of the company.

Other registrars may have similar policies, but Go Daddy is the only one you ever really hear complaints about.

Some have even posited that the practice violates the IRTP, which explicitly prevents registrars spuriously locking domains when customers update their Whois.

But ICANN’s compliance department has disagreed with that interpretation, drawing a distinction between “Whois changes” (cannot block a transfer) and “registrant changes” (can block a transfer).

Essentially, if you change your name in a Whois record the domain can be locked by your registrar, but if you change other fields such as mailing address or phone number it cannot.

Go Daddy and other registrars would still be able prevent transfers under the revised policy, but they would have to remove the block within five days of a customer request.

This is how ICANN explains the changes:

Registrar may only impose a lock that would prohibit transfer of the domain name if it includes in its registration agreement the terms and conditions for imposing such lock and obtains express consent from the Registered Name Holder: and

Registrar must remove the “Registrar Lock” status within five (5) calendar days of the Registered Name Holder’s initial request, if the Registrar does not provide facilities for the Registered Name Holder to remove the “Registrar Lock” status

Registrars may have some freedom in how they implement the new policy. Unblocking could be as simple as checking a box in the user interface, or it could mean a phone call.

Go Daddy, which was an active participant in the IRTP review and says it supports the changes, supplied a statement from director of policy planning James Bladel:

In the coming months, Go Daddy is making a few changes to our policy for domains in which the registrant information has changed.

We believe this new procedure will continue to prevent hijacked domain names from being transferred away, while making the transfer experience more user-friendly for our customers.

The changes were approved unanimously by the GNSO Council at its meeting on Thursday.

Before they become binding on registrars, they will have to be approved by the ICANN board of directors too, and the soonest that could happen is at its February 16 meeting.

The changes are part of a package of IRTP revisions – more to come in the near future – that have been under discussion in the ICANN community since 2007. Seriously.

Go Daddy’s 60-day domain lockdown loophole

Kevin Murphy, September 8, 2011, Domain Registrars

Perhaps the most common complaint of the many leveled at Go Daddy over the years is that it refuses to allow customers to transfer domains to another registrar for 60 days after an ownership change.

The latest person to fire this criticism at the company is tech blogger Scott Raymond, who published a lengthy tirade against Go Daddy and its policy on ZDNet today.

Raymond points out that Go Daddy seems to be in violation of ICANN’s Inter-Registrar Transfer Policy, which explicitly prohibits the rejection of a transfer request due to a recent Whois change.

He’s not alone. Even Andrew Allemann of Domain Name Wire, hardly Go Daddy’s fiercest critic, said as recently as May that he thinks the company is in violation of the IRTP.

With good reason – this April 2008 ICANN advisory seemed to be specifically written with a ban on Go Daddy’s 60-day policy in mind.

But is the company non-compliant? ICANN doesn’t seem to think so.

I’ve tracked down this November 2009 email from David Giza, then ICANN’s head of compliance, in which he describes what seems to amount to a loophole Go Daddy and other registrars exploit.

Giza explains that the 2008 advisory “only addresses mandatory updates to Whois contact information, not a transfer or assignment to a new registrant”.

Registrants are obliged to keep their Whois data up-to-date; that’s what he means by “mandatory”.

Giza’s email adds:

the transfer policy does not prohibit registrars from requiring registrants to agree to the blocking of transfer requests as a condition for registrar facilitation of optional services such as the transfer of a registration to a new registrant.

We understand GoDaddy.com’s 60-day lock is a voluntary opt-in process where registrants are made aware of and agree to the restriction that the domain name is not to be transferred for 60-days following the completion of transfer. As such, this practice is not prohibited by the transfer policy.

In other words, there are “Whois Changes” and there are “Registrant Changes”, and registrars are only allowed to trigger a lock-down in the latter case, according to Giza.

And according to DNW’s reporting on the subject, that’s exactly what Go Daddy continues to do — locking the domain if certain fields in the registrant record are changed.

So the 60-day lock appears to be kosher, at least in the opinion of ICANN’s erstwhile compliance chief. Whether that could change under the department’s new management is unknown.

As it happens, the subject was raised by a recent working group that was looking into revising the IRTP, but it was so contentious that consensus could not be found.

The problem has been bounced down the road. The most recent mention came in this ICANN issue report (pdf, page 14-15).

Anyway, if I lost you several paragraphs ago, the net result of all this seems to be that Go Daddy probably isn’t breaking the rules, but that nobody can agree whether that’s a good thing or not.

The fact that one has to do this much digging into ICANN esoterica just to figure out whether Go Daddy is screwing its customers over isn’t very reassuring, is it?

  • Page 2 of 2
  • <
  • 1
  • 2