Latest news of the domain name industry

Recent Posts

Cybersquatting cases down in .uk

Kevin Murphy, June 23, 2017, Domain Policy

The number of cybersquatting complaints filed against .uk domains fell in 2016, according to data out this week from Nominet.

The .uk registry said that there were 703 complaints filed with its Dispute Resolution Service in the year, down from 728 in 2015.

However, the number of individual domains complained about appears to have increased, from 745 to 785. That’s partly due to registrants owning both .co.uk and .uk versions of the same name.

The number of cases that resulted in domains being transferred was 53%, the same as 2015, Nominet said.

The large majority of cases were filed by UK-based entities against UK-based registrants, the stats show.

Now new gTLDs are being scapegoated for child abuse material (rant)

The guy responsible for getting the string “rape” closely restricted for no reason in .uk domain names is now gunning for ICANN and new gTLDs with a very similar playbook.

Campaigner John Carr, secretary of the little-known Children’s Charities’ Coalition on Internet Safety, wants ICANN to bring in strict controls to prevent convicted pedophiles registering domains in child-oriented domains such as .kids.

He’s written to the UK prime minister, the two other ministers with the relevant brief, the US federal government and the California attorney general to make these demands.

That’s despite the fact that he freely acknowledges that he does not have any evidence of a problem in existing kid-oriented TLDs and that he does not expect there to be a problem with .kids, should it be delegated, in future.

Regardless, ICANN comes in for a bit of a battering in the letter (pdf), with Carr insinuating that it and the domain industry are quite happy to throw child safety under the bus in order to make a quick buck. He writes:

ICANN has definitely not been keeping the internet secure for children. On the contrary ICANN shows complete indifference towards children’s safety. This has led to real dangers that ICANN could have prevented or mitigated.

ICANN, the Registries and the Registrars have an obvious financial interest in increasing the number of domain names being sold. Their interest in maximising or securing their revenues appears sometimes to blind them to a larger obligation to protect the weak and vulnerable e.g. in this instance children.

Despite this worrying premise, Carr admits in an accompanying paper (pdf) that the Russian version of .kids (.дети), which has been live for three years and only has about 1,000 registrations, does not seem to have experienced a deluge of sex offenders.

Nevertheless, he says ICANN should have forced the .дети registry to do criminal background checks on all registrants to make sure they did not have a record of sexual offences.

While at the time of writing we have no information which suggests anything untoward has happened with any Russian .kids websites, and we understand the volume of sales has been low so far, the matter should never have been left open in that way. When ICANN let the contract it could have included clauses which would have made it a contractual obligation to carry out the sort of checks mentioned. The fact that ICANN did not do this illustrates a degree of carelessness about children’s well-being which is tantamount to gross negligence.

Quite how a domain registry would go about running criminal records checks on all of its customers globally, and what the costs and the benefits would be, Carr does not say.

The letter goes on to state incorrectly that Amazon and Google are in contention for .kids.

In fact, Google applied for the singular .kid. While the two strings are in contention due to an adverse String Confusion Objection, there’s also a second applicant for .kids, the DotKids Foundation, which proposes to keep .kids highly restricted and which Carr is either unaware of or deliberately omits from his letter.

Based on his assumption that .kids is a two-horse race between Amazon and Google, he says:

while I am sure both Google and Amazon will choose to do the right thing, whichever one is the eventual winner of the contract, the point is matters of this kind should never have been left as an option

So not only does Carr not have any evidence that extant “.kids” domains are currently being abused years after delegation, he’s also sure that .kids won’t be in future.

But he wants Draconian background checks implemented on all registrants anyway.

His letter coincides with the release of and heavily cites the 2016 annual report (pdf) of the Internet Watch Foundation — the organization that coordinates the takedown of child abuse material in the UK and elsewhere.

That report found that new gTLD domains are being increasingly used to distribute such material, but that Verisign-run TLDs such as .com are still by far the most abused for this purpose.

The number of takedowns against new gTLD domains in 2016 was 272 (226 of which were “dedicated to distributing child sexual abuse content”) the IWF reported, a 258% increase on 2015.

That’s 272 domains too many, but averages out at about a quarter of a domain per new gTLD.

There were 2,416 domains being used to distribute this material in 2016, IWF said. That means new gTLDs accounted for about 11% of the total child abuse domains — higher than the 7.8% market share that new gTLDs command (according to Verisign’s Q4 industry brief).

But the IWF report states that 80% of the total abuse domains are concentrated in just five TLDs — .com, .net, .se, .io, and .cc. Even child abusers are not fans of new gTLDs, it seems.

Despite the fact that two of these domains are operated under ICANN contract, and the fact that .io is operated by a British company representing a British overseas territory, Carr focuses his calls for action instead on new gTLDs exclusively.

And his calls are receiving attention.

A The Times article this week cries “New internet domain is magnet for paedophiles, charities warn”, while tabloid stable sister The Sun reported on “fears predators are exploiting new website addresses to hide indecent material”.

This is how it started with Carr’s campaign to get “rape” domains banned in the UK.

Back in 2013, he wrote a blog post complaining that it was possible to register “rapeher.co.uk” — not that it had been registered, only that it could be registered — and managed to place a couple of stories in the right-leaning press calling for Nominet to do more to prevent the registration of “depraved and disgusting” domains such as the one he thought up.

This led to a government minister calling for an independent policy review, an actual review, and a subsequent policy that sees some poor bastard at Nominet having to pore over every .uk registration containing rapey strings to see if they’re potentially advocating or promoting actual rape.

Implementation of that policy has so far confirmed that Carr’s worries were, as I said in my 2013 rant, baseless.

In 2016, there were 2,407 registrations of domains containing the string “rape”, but just one of them was found to be using it in the context of sexual assault and was suspended, according to Nominet stats.

In 2015, the number of suspensions was the same. One.

The same story is playing out now — a single Don Quixote with a tenuous grasp of the systems he’s criticizing calling for ludicrous policies to prevent a problem that he freely admits does not exist and probably won’t exist in future.

Still, at least he gets to wave some headlines in front of his employers to pretend he’s actually earning his salary.

Nominet gets new chair

.uk registry Nominet has appointed a new chair from the world of news media.

Mark Wood will replace outgoing chair Rennie Fritchie on April 28, the company said yesterday.

Wood is formerly a director of Reuters and chair/CEO of the UK television news company ITN. He’s also on the board of CityWire and the advisory board of PwC.

Baroness Fritchie has chaired Nominet for seven years.

Did Whois blow the lid off a Labour leadership coup, or is this just pig-fuckery?

Kevin Murphy, February 28, 2017, Gossip

A British Member of Parliament has been forced to deny he was behind the registration of several domain names promoting him as a future leader of the Labour party.

Clive Lewis, until recently a member of the shadow cabinet, told the Guardian yesterday that he did not register the batch of domains, which included cliveforleader.org.uk, cliveforlabour.org.uk and their matching .org, .uk and .co.uk domains.

“None of this is true: I haven’t done this,” he told the paper, following a Huffington Post article revealing the names had been registered June 29 last year, just a couple of days after he was appointed shadow defence secretary.

Lewis resigned from the shadow cabinet three weeks ago after refusing to vote in favor of triggering the Article 50 process that will take the UK out of the European Union.

The Labour Party has been dogged by stories about potential leadership challenges ever since Jeremy Corbyn — popular among grassroots party members, unpopular with voters — took over.

Questions about Corbyn’s leadership reemerged last week after a disastrous by-election defeat for the party.

The domains were taken as an indication that Lewis had been plotting a coup for many months, which he has denied.

The Whois records do not support a conclusion one way or another.

Under Nominet rules, individuals are allowed to keep their phone number, postal and email addresses out of Whois if the domains are to be used for non-commercial purposes, a right the registrant of the names in question chose to exercise.

Public Whois records show the .uk names registered to “Clive Lewis”, but contain no contact information.

They do contain the intriguing statement “Nominet was able to match the registrant’s name and address against a 3rd party data source on 29-Jun-2016”, a standard notice under Nominet’s Whois validation program.

But Nominet does not validate the identity of registrants, nor does it attempt to link the registrant’s name to their purported address.

The statement in the Whois records translates merely that Nominet was able to discover that a person called Clive Lewis exists somewhere in the world, and that the postal address given is a real address.

The .org and .com domains, registered the same day by the same registrar, use a Whois privacy service and contain no information about the registrant whatsoever.

Lewis himself suspects the batch of names may have been registered by a political opponent in order to force him to deny that he registered them, noting that fellow MP Lisa Nandy had a similar experience last July.

His initial statement to HuffPo, on which he reportedly declined to elaborate, was:

A lesson from LBJ [US President Lyndon B Johnson] in how to smash an opponent. Legend has it that LBJ, in one of his early congressional campaigns, told one of his aides to spread the story that Johnson’s opponent f*cked pigs. The aide responded: ‘Christ, Lyndon, we can’t call the guy a pigf*cker. It isn’t true.’ To which LBJ supposedly replied: ‘Of course it ain’t true, but I want to make the son-of-a-bitch deny it.’

Since then, along with his denial to the Guardian, he’s told his local Norwich newspaper that he’s tasked his lawyers with finding out who registered the names.

“I have instructed a solicitor to go away and look at this. They can try and make sure we find the identity, the IP address and the payment details,” he told the Eastern Daily Press.

Nominet suspends over 8,000 “criminal” domains as IP complaints double

Kevin Murphy, November 15, 2016, Domain Policy

Police claims of intellectual property infringement led to the number of .uk domains suspended doubling in 2016, according to Nominet.

Statistics released today show that the .uk registry suspended 8,049 domains in the 12 months to October 31, compared to 3,889 in the year-ago period.

It’s an almost tenfold increase on 2014, when just 948 domains were taken down.

Nominet suspends domains when law enforcement agencies tell it the domains are being used in crime. No court order is required and Nominet rarely refuses a request.

Registrants can have the suspension lifted if they can show to law enforcement that the allegedly criminal behavior has stopped.

The vast majority of the complaints in 2016 again came from the Police Intellectual Property Crime Unit, which asked for and got 7,617 names suspended.

Just 13 suspensions were reversed, Nominet said. Most of these were due to sites selling so-called “legal highs” being slow to respond to a change in the law.

The controversial ban on “rape” domains resulted in just one suspension among the 2,407 domains automatically flagged for containing rapey substrings.

Nominet published the following infographic with more stats:

Nominet infographic