Latest news of the domain name industry

Recent Posts

Registrar suspended over dodgy transfers

Kevin Murphy, October 1, 2019, Domain Registrars

ICANN has suspended a Los Angeles-based registrar after failing to get answers to its questions about a bunch of domain transfer.

World Biz Domains won’t be able to sell any gTLD domains, or accept transfers, from October 16 until January 13 next year. It will also have to post ICANN’s suspension notice on its home page.

Its crime? Failing to provide ICANN with records proving that the change of registrant requests for 15 potentially valuable domain names were legitimate.

ICANN has been badgering World Biz for these records since April, but says it was given the runaround.

The domains in question — 28.net, 68.net, 88.org, changi.com, tay.net, goh.net, koh.net, kuantan.com, yeong.com, merlion.org, og.net, raffles.net, sentosa.org, sg.org and shenton.com — all appear to have been registered to a Singaporean investor using the registrar DomainDiscover until about a year ago.

The non-numeric names all have significance to Singapore or neighboring Malaysia one way or the other. Some of them are arguably UDPR fodder.

Shenton is a busy street and hotel in the city, Merlion is Singapore’s lion mascot, Sentosa is a Singaporean island, and Raffles is of course the name of the famous hotel. Other domains on the list are common Chinese surnames used by Singaporeans.

It appears that about a year ago, according to DomainTools’ historical Whois records, they were transferred to World Biz and put under privacy protection.

There’s no specific claim in ICANN’s notice that any domain hijacking has taken place, but it’s easy to infer that the original registrant was for some reason not happy that the domains changed hands and therefore complained to ICANN.

Some of the domains in question have since been transferred to other registrars and may have been returned to the original registrant.

If ICANN’s track record of demanding records is any guide, this will not help World Biz come into compliance.

Should it be terminated, it looks like very few registrants will be affected.

While World Biz at one point had over 5,000 gTLD domains under management, it’s been shrinking consistently for the best part of a decade and in May had just 74 DUM.

September last year, when the domains in question moved to World Biz, was the company’s most-successful month in terms of inbound transfers — 17 domains — since I started tracking this kind of data nine years ago.

Net 4 India gets brief reprieve from ICANN suspension

India registrar Net 4 India has been given a bit of breathing space by ICANN, following its suspension last month.

ICANN suspended the registrar’s accreditation a month ago, effective June 21, after discovering the company had been in insolvency proceedings for some time.

But on June 20 ICANN updated its suspension notice to give Net4 more time to comply. It now has until September 4, the same day its insolvency case is expected to end, to provide ICANN with documentation showing it is still a going concern.

The registrar was sued by a debt collector that had acquired some Rs 1.94 billion ($28 million) of unpaid debts from an Indian bank.

ICANN’s updated suspension notice adds that Net4 is to provide monthly status updates, starting July 18, if it wants to keep its accreditation.

The upshot of all this is that the registrar can carry on selling gTLD domains and accepting inbound transfers for at least another couple months.

India’s largest registrar goes insolvent, gets suspended

India’s largest independent registrar has been found insolvent by a local court, after failing to pay back $28 million in bank loans.

Net 4 India has now also had its right to sell gTLD domains suspended by ICANN as a result.

Judging by legal papers (pdf) buried on Net4’s web site, the insolvency relates to a series of loans the company took out with the State Bank of India between 2002 and 2012.

After the company failed to pay those loans back, in 2014 the debt was acquired from SBI by Edelweiss Asset Reconstruction, which specializes in buying debt cheap then recovering it through the courts.

Edelweiss sued Net4 to get its money back a couple of years ago and, in March this year after what appears to have been a slam-dunk, won its case.

The ruling states that the outstanding debt in 2017 was almost two billion rupees — Rs 1,940,860,284, which works out to just short of $28 million at today’s rates.

Having learned about the insolvency in April, ICANN set about trying to contact Net4’s management to see if the company was coming back into compliance.

ICANN’s Registrar Accreditation Agreement says ICANN can terminate registrars’ contracts if they are in insolvency proceedings for more than 30 days.

After the company failed to show it was compliant, this week its RAA was suspended from June 21 to September 19.

During that period, Net4 will not be able to sell new domain registrations or accept incoming transfers. It will also have to display a notice on its web site to that effect.

If it has not demonstrated compliance by August 28, ICANN may start its termination process.

Net4 is the largest ICANN-accredited registrar based in India, as measured by number of registered gTLD domains (excluding Public Domain Registry, LogicBoxes, and several affiliated dummy accreditations, which are all owned by US-based Endurance International).

It had over 100,000 gTLD domains under management at the end of February — almost all in .com and other legacy gTLDs — but its DUM had been shrinking hard for many months.

At some point, Net4 appears to have been listed on both India’s National Stock Exchange and the Bombay Stock Exchange, but was delisted about a year ago.

Belgium to crack down on fraud domains

Kevin Murphy, November 28, 2018, Domain Registries

DNS Belgium says it will shortly implement a new policy that will see it take down .be domains associated with fraud within 24 hours of discovering them.

The new scheme, which comes into effect December 1, essentially grants the Belgian government’s ministry of the economy — FPS Economy or Federal Public Service Economy in local parlance — a trusted notifier status when it comes to takedowns.

Previously, requests had to go through public prosecutors and took about two weeks, giving attackers a longer window to milk their victims.

Under the old regime, FPS Economy could only request a suspension in cases where the Whois data was inaccurate.

The registry said it will only suspend domains that are involved in “serious crimes”, including phishing and fraudulent web stores.

Registrants will have two weeks to appeal their suspensions. After six months, the domains will be deleted.

Several hundred .be domains per year are expected to be affected.

Rape ban results in just one .uk takedown, but piracy suspensions soar

Kevin Murphy, February 19, 2016, Domain Registries

Nominet’s controversial policy of suspending domain names that appear to condone rape resulted in one .uk domain being taken down last year.

That’s according to a summary of take-downs published by Nominet yesterday.

The report (pdf) reveals that 3,889 .uk names were taken down in the 12 months to October 31, 2015.

That’s up on the the 948 domains suspended in the six months to October 31, 2014.

The vast majority — 3,610 — were as a result of complaints from the Police Intellectual Property Crime Unit. In the October 2014 period, that unit was responsible for 839 suspensions.

Unlike these types of suspensions, which deal with the allegedly illegal content of web sites, the “offensive names” ban deals purely with the words in the domain names.

Nominet’s systems automatically flagged 2,407 names as potentially in breach of the policy — most likely because they contained the string “rape” or similar — in the 12 months.

But only one of those was judged, upon human perusal, in breach.

In the previous 12 months period, 11 domains were suspended based on this policy, but nine of those had been registered prior to the implementation of the policy early in 2014.

The policy, which bans domains that “promote or incite serious sexual violence”, was put in place following an independent review by Lord Macdonald.

He was recruited for advice due to government pressure following a couple of lazy anti-porn articles, both based on questionable research by a single anti-porn campaigner, in the right-wing press.

Assuming it takes a Nominet employee five minutes to manually review a .uk domain for breach, it seems the company is paying for 200 person-hours per year, or 25 working days, to take down one or two domain names that probably wouldn’t have caused any actual harm anyway.

Great policy.

XYZ says it won’t block censored Chinese domains

Kevin Murphy, November 6, 2015, Domain Registries

New gTLD registry XYZ.com has said it will not preemptively censor domain names based on the wishes of the Chinese government.

Over the last couple of days, CEO Daniel Negari has sought to “clarify” its plans to block and suspend domain names based on Chinese government requests.

It follows XYZ’s Registry Services Evaluation Request for a gateway service in the country, first reported by DI and subsequently picked up by the Electronic Frontier Foundation, a Wall Street Journal columnist, Fortune magazine and others.

The clarifications offered up by XYZ probably did more to confuse matters.

A blog post on Wednesday said that XYZ will not reserve any .xyz domain names from being registered, except those ICANN makes all new gTLD registries reserve.

Subsequent comments from Negari stated that XYZ will, as the RSEP stated, prevent names that have been banned in China from being registered.

However, there’s one significant difference.

Now, the registry is saying that it will only put those bans in place for domain names that have been specifically banned by the Chinese government when the name had already been registered by a Chinese registrant.

So, if I understand correctly, it would not preemptively ban anyone anywhere from registering [banned term].xyz.

However, if [banned term].xyz was registered to a Chinese resident and the Chinese government told the registry to suspend it, it would be suspended and nobody would be able to re-register it anywhere in the world.

Negari said in a blog comment yesterday:

if we receive a Chinese legal order tomorrow (before the gateway has launched) which requires disabling a domain name registered in China and properly under Chinese jurisdiction, then it will be disabled at the registry level, and not by the gateway. When the gateway launches the name will continue to be unavailable, and the gateway will not implement the action on a localized basis only in China. The normal registry system would continue to be the only system used to resolve the name globally. Again — the specific stability concern ICANN had was that we would use the Chinese gateway to make .xyz names resolve differently, depending on what country you are in. I completely agree that our [RSEP] re-draft to address that concern came out in a way that can be read in a way that we sincerely did not intend.

So there is a list of preemptively banned .xyz, .college, .rent, .security and .protection domains, compiled by XYZ from individual Chinese government requests targeting names registered to Chinese registrants.

Negari said in an email to DI yesterday:

To clarify the statement “XYZ will reserve domains,” we meant that XYZ will takedown domains in order to comply with “applicable law.” Unfortunately, the inaccuracies in your post caused people to believe that we were allowing the Chinese government to control what names could be registered or how they could be used by people outside of China. The idea that XYZ is going to impose Chinese law and prevent people outside of China from registering certain domain names is simply incorrect and not true. To be 100% clear, there is no “banned list.”

That was the first time anyone connected with XYZ had complained about the October 12 post, other than since-deleted tweets that corrected the size of the list from 40,000 domains to 12,000.

The RSEP (pdf) that causes all this kerfuffle has not been amended. It still says:

XYZ will reserve names prohibited for registration by the Chinese government at the registry level internationally, so the Gateway itself will not need to be used to block the registration of of any names. Therefore, a registrant in China will be able to register the same domain names as anyone else in the world.

This fairly unambiguous statement is what XYZ says was “misinterpreted” by DI (and everyone else who read it).

However, it’s not just a couple of sentences taken out of context. The context also suggests preemptive banning of domains.

The very next sentence states:

When the Gateway is initially implemented we will not run into a problem whereby a Chinese registrant has already registered a name prohibited for registration by the Chinese government because Chinese registrars are already enforcing a prohibition on the registration of names that are in violation of Chinese law.

This states that Chinese residents are already being preemptively banned, by Chinese registrars, from registering domains deemed illegal in China.

The next few paragraphs of the RSEP deal with post-registration scenarios of domains being banned, clearly delineated from the paragraph dealing with pre-registration scenarios.

In his blog post, Negari said the RSEP “addressed the proactive abuse mitigation we will take to shut down phishing, pharming, malware, and other abuse in China”.

I can’t believe this is true. The consequence would be that if China sent XYZ a take-down notice about a malware or phishing site registered to a non-Chinese registrant, XYZ would simply ignore it.

Regardless, the takeaway today is that XYZ is now saying that it will not ban a domain before it has been registered, unless that domain has previously been registered by a Chinese resident and subsequently specifically banned by the Chinese government.

The registry says this is no different to how it would treat take-down notices issued by, for example, a US court. It’s part of its contractual obligation to abide by “applicable law”, it says.

Whether this is a policy U-turn or a case of an erroneous RSEP being submitted… frankly I don’t want to get into that debate.

Disclosure: during the course of researching this story, I registered .xyz domains matching (as far as this monoglot can tell) the Chinese words for “democracy”, “human rights”, “porn” and possibly “Tiananmen Square”. I have no idea if they have value and have no plans to develop them into web sites.

Yes, you are dangerous, arbitrator tells “cybersquatter” OpenTLD

Kevin Murphy, August 25, 2015, Domain Registrars

Free domains provider OpenTLD has been dealt a crushing blow in its fight against the suspension of its Registrar Accreditation Agreement.

ICANN is now free to suspend OpenTLD’s RAA, due to the company’s “pattern of cybersquatting”, following a decision by an independent arbitrator.

The arbitrator ruled yesterday that OpenTLD’s suspension should go ahead, because “OpenTLD’s continued operation could potentially harm consumers and the public interest.”

The 90-day suspension was imposed by ICANN Compliance in June, after it became aware that OpenTLD had lost two UDRP cases filed by competing registrars.

WIPO panelists found in both cases that the company had infringed its competitors’ trademarks in order to entice resellers over to its platform.

The suspension was put on hold voluntarily by ICANN, pending the arbitrator’s ruling on OpenTLD’s request for emergency stay. That request was conclusively rejected yesterday.

The arbitrator wrote:

the Arbitrator has little doubt that the multiple abusive name registrations made by OpenTLD, each of which included the registered mark of a competing domain name registrar and OpenTLD’s subsequent use of those domains… formed part of a broad concerted effort by OpenTLD calculated to deliberately divert name registration business, otherwise destined for competing domain name registrars… away from those registrars to OpenTLD instead.

He wrote that OpenTLD needs to put a process in place to prevent similarly cybersquatty behavior in future, rather than just making a commitment to changing its ways.

It’s pretty harsh stuff.

OpenTLD said recently that a suspension would “devastate” and “decimate” its business, due to the intertwining of its massive ccTLD business and rather smaller gTLD platform, but the arbitrator thought a technology workaround would be rather simple to implement.

No RAA means no gTLD sales and no inbound transfers.

OpenTLD is part of Freenom, which runs .tk and other free-to-register ccTLDs.

The company’s only ray of sunlight in the ruling is that the arbitrator said the costs of the proceeding should be split equally, not all falling on OpenTLD’s shoulders.

ICANN has not yet re-instituted the suspension, but it could come soon.

The full ruling can be read here.

Korean registrar suspended

Kevin Murphy, September 26, 2014, Domain Registrars

ICANN has suspended the accreditation of Korean registrar Dotname Korea over failures to comply with Whois accuracy rules.

The company was told this week that it will lose the ability to sell names for three months.

“No new registrations or inbound transfers will be accepted from 7 October 2014 through 5 January 2015,” ICANN compliance chief Maguy Serad told the company (pdf).

The suspension follows breach notices earlier in the year pertaining to Dotname’s failure to show that it was responding adequately to Whois inaccuracy complaints.

Other breaches of the Whois-related parts of the 2013 Registrar Accreditation Agreement were also alleged.

The company has until December 16 to show compliance of face the possibility of termination.

Cartier sues Nominet hoping to set global domain name take-down precedent

Kevin Murphy, January 22, 2014, Domain Policy

Luxury watchmaker Cartier has taken .uk registry Nominet to court, hoping to set a precedent that would enable big brands to have domain names taken down at a whim.

The company sued Nominet in a London court in October, seeking an injunction to force the registry to take down 12 domain names that at the time led to sites allegedly selling counterfeit watches.

We’ve only become aware of the case today after Nominet revealed it has filed its defense documents.

Judging by documents attached to Nominet’s court filings, Cartier sees the suit as a test case that could allow it to bring similar suits against other “less cooperative” registries elsewhere in the world.

In a letter submitted as evidence as part of Nominet’s defense, Richard Graham, head of digital IP at Cartier parent company Richemont International, said that he was:

seeking to develop a range of tools that can be deployed quickly and efficiently to prevent Internet users accessing websites that offer counterfeit goods… [and] looking to establish a precedent that can be used to persuade courts in other jurisdictions where the registries are less cooperative.

It’s worth noting that Richemont has applied for 13 dot-brands under ICANN’s new gTLD program and that Graham is often the face of the applications at conferences and such.

Pretty soon Richemont will also be a domain name registry. We seem to be looking at two prongs of its brand protection strategy here.

According to the company’s suit, the 12 domains in question all had bogus Whois information and were all being used to sell bogus Cartier goods.

None of them used a Cartier trademark in the domain — this is explicitly about the contents of web sites, not their domains names — and Cartier says most appeared to be registered to people in China.

Rather than submitting a Whois inaccuracy complaint with Nominet — which could have led to the domains being suspended for a breach of the terms of service — Cartier decided to sue instead.

Graham actually gave Nominet’s lawyers over a week’s notice that the lawsuit was incoming, writing his letter (pdf) on October 22 and filing the complaint (pdf) with the courts November 4.

Cartier seems to have grown frustrated playing whack-a-mole with bootleggers who cannot be traced and just pop up somewhere else whenever their latest web host is persuaded to cut them off.

Graham’s letter, which comes across almost apologetic in its cordiality when compared to the usual legal threat, reads:

Cartier therefore believes the most cost effective and efficient way to disrupt access to the Counterfeiting Websites operating in the UK is to seek relief from you, as the body operating the registry of .uk domain names.

Armed with the foreknowledge provided by the letter, Nominet reviewed the Whois records of the domains in question, found them lacking, and suspended the lot.

Ten were suspended before Cartier sued, according to Nominet. Another expired before the suit was filed and was re-registered by a third party. A fourth, allegedly registered to a German whose scanned identity card was submitted as evidence by Nominet, was suspended earlier this month.

As such, much of Nominet’s defense (pdf) relies upon what seems to be a new and obscure legal guideline, the “Practice Direction on Pre-Action Conduct”, that encourages people to settle their differences without resorting to the courts.

Nominet’s basically saying that there was no need for Cartier to sue, because it already has procedures in place to deal with counterfeiters using fake Whois data.

Also offered in the defense are the facts that suspending a domain does not remove a web site, that Nominet does not operate web sites, and the following:

Nominet is not at liberty under its Terms and Conditions of Domain Name Registration to suspend .uk domain names summarily upon mere receipt of a demand from someone unconnected with the domain name registrant.

That seems to me to be among the most important parts of the defense.

If Cartier were to win this case, it may well set a precedent giving registries (in the UK at least, at first) good reason to cower when they receive dodgy take-down orders from multibillion-dollar brands.

Indeed, that seems to be what Cartier is going for here.

Unfortunately, Nominet has a track record of at least accelerating the takedown of domains based on nothing more than third-party “suspicion”. Its defense actually admits this fact, stating:

Inaccurate identity and contact information generally leads to the suspension of a domain within three weeks. Where suspicions of criminality are formally confirmed by a recognised law enforcement agency, suspension may be very significantly expedited.

I wonder if this lawsuit would have happened had Nominet not been so accommodating to unilateral third-party take-down notices in the past.

In a statement to members today, a copy of which was sent to DI, Nominet encouraged internet users to report counterfeiting web sites to the police if and when they find them.

Rogue registrar suspended over “stolen” domain

Kevin Murphy, February 20, 2012, Domain Registrars

ICANN has told Turkish domain name registrar Alantron that its accreditation will be suspended for a month due to its shoddy record-keeping.

The suspension, which will become effective March 8, follows an investigation into allegations of double-selling.

ICANN issued the suspension last Thursday after trying unsuccessfully for almost three months to get its hands on Alantron’s registration records.

The company now has until March 28 to sort out its compliance problems or face losing its accreditation entirely.

I understand the investigation was prompted by complaints filed by an American named Roger Rainwater over the potentially valuable domain name pricewire.com.

Pricewire.com spent a couple of years under Whois privacy but was grabbed last August by Turkish registrant Altan Tanriverdi, according to historical Whois records.

Rainwater, who says he had been monitoring it for three or four years, subsequently paid Tanriverdi an undisclosed sum for the domain, signing up for an Alantron account so it could be pushed.

Rainwater showed up in the Whois for pricewire.com on September 7 last year. But he says he was unable to change his name servers and 48 hours later the name disappeared from his account.

He says he was told by Alantron that it had put the domain in Tanriverdi’s account “by mistake” and that it was sold to SnapNames as part of a batch of dropping domains.

According to emails sent to Rainwater, seen by DI, Alantron said that pricewire.com was “registered via a partner company called Directi for a company called Snapnames”.

SnapNames had already auctioned the name – apparently there were more than 40 bidders – and the name has since been transferred to one Sammy Katz of Philadelphia.

However, given that Whois reliability is at question here, it’s not entirely clear who owns it. It’s currently parked at InternetTraffic.com.

Tanriverdi, who appears to be equally aggrieved, has published an extensive history of the dispute, along with screenshots, here (in Turkish).

In short: Alantron stands accused of double-selling pricewire.com.

ICANN’s compliance team has been unable to get its hands on the underlying transaction data despite repeated attempts because Alantron apparently doesn’t have it.

Its suspension notice alleges that Alantron was running two registration systems in parallel and that they weren’t talking to each other, resulting in the same name being sold to two parties.

Read ICANN’s suspension notice in PDF format here.