ICANN is to terminate the contract of a Chinese registrar linked to dodgy pharmaceuticals web sites and other malfeasance.
Nanjing Imperiosus Technology Co, which does business as DomainersChoice.com, has been told it will lose its registrar accreditation February 3.
ICANN said in the termination notice that the company had failed to keep records related to abuse reports, failed to validate Whois records, and failed to provide ICANN with registration records, all in breach of the Registrar Accreditation Agreement.
The breaches related to complaints filed by illegal pharmacy watchdog LegitScript last September, I believe.
DomainersChoice and its CEO Stefan Hansmann were listed in Whois as the owners of potentially hundreds of domains that were being used to sell medicines for conditions ranging from heart disease to erectile dysfunction.
The domains 5mg-cialis20mg.com, acheterdutadalafil.com, viagra-100mgbestprice.net and 100mgviagralowestprice.net were among those apparently owned by the registrar.
According to LegitScript, thousands of DomainersChoice domains were “rogue internet pharmacies”.
The registrar has also been linked by security researchers to mass typosquatting campaigns.
The company’s web site even has a typo generator. While one could argue such tools are also useful to brand owners, DomainersChoice’s name suggests it’s geared towards domainers, not brands.
DomainersChoice had about 27,000 domains under management at the last count, which ICANN will now migrate to another registrar.
It’s not known how many of those were self-registered domains and how many were being used nefariously, but LegitScript CEO John Horton estimated (pdf) at least 2,300 dodgy pharma sites used the registrar.
ICANN has implicated a Chinese domain name registrar in the online selling of medications, including Viagra and Cialis, without the required prescription.
The organization’s Compliance department filed a contract breach notice with Nanjing Imperiosus, which does business as DomainersChoice.com, today.
The move follows an allegation from pharmacy watchdog LegitScript in the US Congress that DomainersChoice is “rogue internet pharmacy operator”.
Because ICANN has no authority to police online pharmacies, it’s gone after the registrar based on an obscure part of the Registrar Accreditation Agreement.
Section 3.7.7 of the 2013 RAA says that domains must be registered to a third party, unless they’re used by the registrar in the course of providing its registrar services.
According to ICANN, DomainersChoice has refused to provide evidence that many of its domains are not in fact registered to itself and CEO Stefan Hansmann, in violation of this clause.
It cites 5mg-cialis20mg.com, acheterdutadalafil.com, viagra-100mgbestprice.net and 100mgviagralowestprice.net as examples of domains apparently registered to Hansmann and his company.
Historical Whois records show Hansmann and Nanjing Imperiosus as the registrant of these names until recently.
The domains all refer to erectile dysfunction medicines, which are usually only available in the US with a prescription.
A reverse Whois lookup reveals Hansmann’s name in the records for many more pharmaceuticals-related domains, some of which are for more serious medical conditions.
Several of the domains contain the words “without prescription” or similar, where the drug in question requires a prescription in the US.
Some of the domains do not currently resolve or no longer provide current Whois records and others have been recently transferred, but some resolve to apparently active e-commerce sites.
ICANN’s breach notice (pdf) doesn’t allege any illegal activity.
The same cannot be said for LegitScript CEO John Horton, who lumped DomainersChoice in with a few other registrars he believes are operating “illegal online pharmacies”.
Horton testified (pdf) before Congress last month that the registrar was playing host to 2,300 such sites.
The testimony was filed September 14, the same day ICANN began its compliance investigation.
ICANN’s notice, which alleges a handful of other relatively trivial breaches, asks that Hansmann provide a full list of domains registered in his and his company’s name via DomainersChoice.
It also demands evidence that the domains were either used to provide registrar services or were registered to a third party.
It wants all that by November 2, after which it may start to terminate the company’s RAA.