Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
IP Mirror rapped for failing to deal with abuse
Here’s something you don’t see every day: a corporate brand management registrar getting smacked by an ICANN breach notice.
Singapore-based registrar IP Mirror has been sent a warning by ICANN Compliance about a failure to respond to abuse complaints filed by law enforcement, which appears to be another first.
Under the 2013 Registrar Accreditation Agreement, registrars are obliged to have a 24/7 abuse hotline to field complaints from “law enforcement, consumer protection, quasi-governmental or other similar authorities” designated by the governments of places where they have a physical office.
According to its web site, IP Mirror has offices in Singapore, Australia, Canada, Hong Kong, Indonesia, Japan, Malaysia, South Korea, Taiwan and the UK, but ICANN’s breach notice does not specify which authority filed the complaint or which domains were allegedly abusive.
Registrars have to respond to such complaints within 24 hours, the RAA says.
The ICANN notice (pdf) takes the company to task for alleged breaches of other related parts of the RAA, such as failure to retain records about complaints and to publish an abuse contact on its web site.
The company has been given until December 5 to come back into compliance or risk losing its accreditation.
IP Mirror isn’t massive in terms of gTLD names. According to the latest registry reports it has somewhere in the region of 30,000 gTLD domains under management.
But it is almost 15 years old and establishment enough that it has been known to sponsor the occasional ICANN meeting. It’s not your typical Compliance target.
DreamHost hit with big breach notice
DreamHost, a web hosting provider which says it hosts over 1.3 million web sites, has been hit with a lengthy ICANN compliance notice, largely concerning alleged Whois failures.
The breach notice raises questions about the company’s popular free Whois privacy service.
Chiefly, DreamHost has failed to demonstrate that it properly investigates Whois inaccuracy complaints, as required by the Registrar Accreditation Agreement, according to ICANN.
The notice contains numerous other complaints about alleged failures to publish information about renewal fees, its directors and abuse contacts on its web site.
The domain highlighted by ICANN in relation to the Whois failure is senect.com
ICANN sent three compliance notices to DreamHost concerning a Whois inaccuracy report for the domain name
and requested DreamHost demonstrate that it took reasonable steps to investigate the Whois inaccuracy claims. DreamHost’s failure to provide documentation demonstrating the reasonable steps it took to investigate and correct the alleged Whois inaccuracy is a breach of Section 3.7.8 of the RAA.
Weirdly, senect.com has been under private registration at DreamHost since the start of 2012.
ICANN seems to be asking the registrar to investigate itself in this case.
DreamHost offers private registration to its customers for free. It populates the Whois with proxy contact information and the registrant name “A Happy DreamHost Customer”.
DomainTools associates “A Happy DreamHost Customer” with over 710,000 domain names.
As an accredited registrar, DreamHost had over 822,000 gTLD domain names at the last count. According to its web site, it has over 400,000 customers.
The breach notice also demands the company immediately start including the real contact information for its privacy/proxy customers in its data escrow deposits.
ICANN has given the company until November 21 to resolve a laundry list of alleged RAA breaches, or risk losing its accreditation.
ICANN terminates deadbeat registrar
ICANN has started termination proceedings on Domain Services Rotterdam, a Dutch registrar, for failure to pay accreditation fees.
The company owes ICANN $5,118.83 in dues but has failed to pay up despite breach notices dating back to May, according to an ICANN termination notice (pdf)
Domain Services does not have any gTLD domains under management, so no registrants will be affected by the termination, which is due to kick in November 21.
The registrar was accredited in March this year.
“Send registrars to jail!”, ICANN hears
ICANN is ramping up its focus on contractual compliance in the midst of calls for domain industry offenders to “go to jail”.
CEO Fadi Chehade yesterday revealed that he has has promoted chief contracting counsel Allen Grogan to the newly created role of chief contract compliance officer.
Grogan, who Chehade has worked with off and on since 1991, will report directly to him. Maguy Serad, who has been heading compliance under Chehade for the last couple of years, will now report to Grogan.
In a session with the GNSO Council at the ICANN 51 public meeting in Los Angeles yesterday, Chehade said the appointment was part of a new “strategic, analytical” approach to compliance.
It was hinted that the compliance focus may form part of Chehade’s address at the formal opening ceremony of ICANN 51 later today.
Ron Andruff of the Business Constituency made the “jail” comments in response.
“We need to see action, we need to see teeth,” he said. “We never see any really strong action taken and it’s time we did. It’s time we saw people go to jail for doing things, lose their contracts for doing things.”
“We’ve lived through 15 years of ICANN with all manner of transgressions, some very serious ones, but they all get slid off to the side and there’s never any mention of it,” he said.
“Should someone be the recipient of extremely strong actions — losing their contract, being thrown out the community — that would send a signal,” he said.
Andruff appeared to be relating comments made by the Intellectual Property Constituency’s Kristina Rosette, at a private Commercial Stakeholders Group meeting earlier that day.
However, Rosette was quick to take to Twitter to deny she’d said anything about jail time.
Um, I never said anything about people going to jail for compliance breaches. Yikes.
— Kristina Rosette (@kristinarosette) October 12, 2014
Chehade, in reply to Andruff, agreed with the need for action but clarified what he plans to do.
“It doesn’t mean to create a police force, that’s not what we need,” he said. “What we need is thoughtful, analytical analysis.”
“It doesn’t mean we’re going to take the job of all the global consumer protection agencies,” he said earlier in the session.
The notion of ICANN having the power to directly jail somebody is of course laughable — all of its power comes from its contracts with registrars and registries.
However, it’s not beyond the bounds of possibility that ICANN could refer registrars to law enforcement should it come across suspected illegality in the course of its compliance investigations.
ICANN Compliance currently employs 21 people and deals with 5,000 complaints per month, Chehade said.
In the last year, the number of breach, suspension and termination notices against registrars has been on the increase.
Notably, last November a registrar owned by “spam king” Scott Richter was terminated. Notorious domain “slammer” NameJuice faces possible termination this Friday based on a July suspension notice.
Korean registrar suspended
ICANN has suspended the accreditation of Korean registrar Dotname Korea over failures to comply with Whois accuracy rules.
The company was told this week that it will lose the ability to sell names for three months.
“No new registrations or inbound transfers will be accepted from 7 October 2014 through 5 January 2015,” ICANN compliance chief Maguy Serad told the company (pdf).
The suspension follows breach notices earlier in the year pertaining to Dotname’s failure to show that it was responding adequately to Whois inaccuracy complaints.
Other breaches of the Whois-related parts of the 2013 Registrar Accreditation Agreement were also alleged.
The company has until December 16 to show compliance of face the possibility of termination.
ICANN terminates billion-dollar gTLD applicant over unpaid $3,000 bill
Telefonica Brasil, part of the massive Telefonica group of telecoms companies, has lost its registrar accreditation after failing to pay its ICANN fees.
The company, which had revenue last year of $14.6 billion, is facing termination of its Registrar Accreditation Agreement over the pitiful sum of $3,082.12.
It’s also embarrassing because Telefonica is applying for the new gTLD .vivo, its consumer brand in Brasil, which will require it to sign a Registry Agreement with ICANN.
I don’t think the loss of the RAA affects the company’s ability to get its gTLD contracted and delegated.
According to ICANN (pdf), Telefonica also failed to comply with the Registrar Information Specification, a pretty basic rule in the 2013 Registrar Accreditation Agreement requiring registrars to provide their address and names of officers and any parent companies.
The company has no gTLD names under management, so registrants will not be affected by the termination, which will take effect September 25.
ICANN sent its initial breach notice in July, but Telefonica did not comply before the August deadline. It also received a breach notice over an unpaid $10,000 bill a year ago.
Domain “slammer” finally gets suspended by ICANN
The beneficiary of the long-running Domain Registry of America scam is finally at risk of losing its ICANN accreditation.
ICANN has suspended Brandon Gray Internet Services, which does business as NameJuice.com, due to the “deceptive” marketing practices carried out by its “resellers”.
The company won’t be able to register any gTLD names or receive transfers for 90 days.
If NameJuice hasn’t sorted out its act by October 17, it faces the risk of losing its accreditation permanently.
The company, you will recall, is the primary beneficiary of the “slamming” scam, which tricks customers of other registrars into transferring their names with confusing, invoice-style junk mail.
Slammers have been operating under various names including Domain Registry of America, Domain Registry of Europe and Domain Registry of Canada for close to 15 years.
I received one in 2011 from the “Domain Renewal Group”, which I blogged about here.
It was sued by Register.com in 2002 over the practice, was forced into a settlement with the US Federal Trade Commission in 2003, and has been involved in tangles with regulators all over the world for the last decade.
But it seems ICANN’s hands were tied until Brandon Gray signed the new 2013 Registrar Accreditation Agreement, which gives ICANN’s compliance department more power over resellers.
ICANN said:
Since at least 2009, ICANN has received numerous complaints from Registered Name Holders, registrars, and various ICANN Supporting Organizations and Advisory Committees regarding the business solicitation practices of Brandon Gray’s resellers. Such practices were not specifically prohibited under the 2001 and 2009 RAAs. Section 3.12 of the 2013 RAA, however, requires registrars to ensure its reseller’s actions comply with the RAA, as well as the Registrants’ Benefits and Responsibilities Specification, which protects Registered Name Holders from false or deceptive practices.
ICANN fingered “reseller” Registration Services Inc as the party behind DROA and the other slamming scams.
In order to cure the latest breach, NameJuice has until August 8 to provide a tonne of information about Registration Services, including its certificate of incorporation, samples of its mailshots, and details of how a sample of specific domains came to be transferred.
In order to avoid losing its accreditation by October 10, the company will also have to promise to force its reseller to stop its deceptive marketing and provide ICANN with samples of future mailings.
NameJuice has 13 tasks in total to comply with to avoid termination proceedings; it’s looking promising that ICANN will finally shut down this blight on the industry just a few months from now.
The irony is, of course, if NameJuice loses its accreditation, all of the names that were obtained under false pretenses will not revert naturally to their original registrar. Instead, if ICANN follows its standard practice, they’ll be transferred in bulk to a third registrar.
You can read the breach notice here and the suspension notice here.
Almost half of registrars “deficient” in compliance audit
Almost half of accredited domain name registrars were found “deficient” during a recent ICANN compliance survey.
Results of an audit published today show that 146 of 322 registrars (45%) picked at random for the September 2013 to May 2014 study had to carry out some form of remediation in order to comply with their contracts.
The report comes at the end of the second year of ICANN’s audit program, which aims to bring all accredited registrars and gTLD registries into compliance over three years.
The deficiencies noted at 146 registrars cover areas ranging from compliance with ICANN consensus policies to the availability of Whois services over the web and port 43.
In almost every instance the numbers were down on last year.
For example, ICANN documented 86 registrars who could not initially show compliance with requirements on the retention of registrant data, down from 105 a year ago.
Only 15 registrars of the 322 (4.6%) flunked the audit and will be re-tested. The others were all able to bring their systems into line with ICANN’s requirements during the course of the audit.
Three registrars were terminated as a result of deficiencies identified during this phase of the program.
The full report, along with the list of participating registrars, can be found here.
ICANN smacks new gTLDs for pre-sunrise auctions
Running a premium domain name auction before you’ve finished your new gTLD sunrise period is Officially Not Cool, according to ICANN’s compliance department.
People who won premium new gTLD domains in auctions that took place before sunrise periods now face the possibility of losing their names to trademark owners.
.CLUB Domains, and probably XYZ.com, operators of .club and .xyz, two of the highest-volume new gTLDs to launch so far, appear to be affected by the ICANN decision.
ICANN told .CLUB that its “winter auction“, which took place in late February, may have violated the rules about allocating or “earmarking” domains to registrants before sunrise takes place.
Meanwhile, NameJet has cancelled the auction for deals.xyz, which “sold” for $8,100 late last year, suggesting that .xyz’s pre-sunrise auction is also considered ultra vires.
ICANN told .CLUB that its auction sales “constitute earmarking” in violation of the rule stating that registries “must not allow a domain name to be allocated or registered prior to the Sunrise period”.
.CLUB had told its auction winners that a sunrise period registration would prevent them from getting the domain they wanted and that they would be refunded if a sunrise registrant emerged.
But ICANN evidently told the registry:
Irrespective of whether “[a]llocation was expressly conditioned upon any Sunrise claim,” or whether any Sunrise claim was made, the pre-selection, pre-registration or pre-designation to third parties, in this case via .Club Domains’ “winter auction,” constitutes improper allocation.
I kinda thought this would happen.
Back in November, when XYZ.com ran its first .xyz auction — about six months before its sunrise even started — CEO Daniel Negari told us he believed it was “comfortably within the rules“.
We said the auction “seems to be operating at the edge of what is permissible under the new gTLD program’s rights protection mechanisms, which state that no domains may be allocated prior to Sunrise.”
I’ve not yet been able to definitively confirm that .xyz is affected by this ICANN decision, but .club definitely is.
.CLUB Domains told its auction winners today that the names they won are now subject to a 60-day period during which they could be obtained by trademark owners.
If no trademark owner claims the name, .CLUB said it will give the auction winner a 10% rebate on their purchase price.
The email states:
We are placing the domain on hold for 60 days, during which time a Trademark Clearinghouse (TMCH) holder will have the opportunity to purchase the domain at Sunrise rates. Although, the domain is not currently in the TMCH, if a trademark holder should file in the TMCH over the next 60 days, the domain will be offered to that registrant. However, if the name is not claimed by filing in the TMCH over the next 60 days, your transaction will move forward as planned.
Although we disagree with ICANN compliance’s position on this matter, the actions we are taking are necessary to ensure that we are not offside with ICANN compliance in any way. We understand that you have been caught in the middle of this issue due to no fault of your own. Given these circumstances, we are offering you two options:
1) Should you decide to complete this transaction, we will issue you a payment of 10% of the purchase price after the transaction closes in 60 days, assuming the name is not registered by a TMCH mark holder because of the delay.
2) At any time during the 60 day period you have the option to rescind the auction bid and not purchasing the domain.
KnujOn scores a win as BizCN gets first breach notice
The Chinese registrar BizCN has received its first breach notice from ICANN’s compliance department, following a sustained campaign by anti-abuse activist KnujOn.
The notice concerns Whois accuracy, specifically for the domain names rapetube.org and onlinepharmacy4.org, and a bunch of other peripheral breaches of the Registrar Accreditation Agreement.
The “porn” site rapetube.org was the subject of a Washington Post article last December, in which KnujOn’s Garth Bruen said he feared the site might contain footage of actual crimes.
Bruen has been chasing BizCN about Whois inaccuracy, and specifically the rapetube.org domain, since 2011.
He said in a September 2013 CircleID post that he’s filed Whois inaccuracy complaints about the domain with ICANN “multiple times”.
His campaign against ICANN Compliance led to an Ombudsman complaint (which was rejected) last year.
Now Compliance appears to be taking the case more seriously. ICANN, according to the breach notice, has been on BizCN’s case about rapetube.org’s Whois since March 24 this year.
At that time, the name was registered to a Vietnamese name with a French address and phone number and a contact email address at privacy-protect.cn.
According to Bruen’s interview with the Post, this email address bounced and nobody answered the phone number. The privacy-protect.cn domain does not appear to currently resolve.
ICANN evidently has some unspecified “information” that shows the email “does not appear to be a valid functioning email address”.
But BizCN told ICANN April 2 that it had verified the registrant’s contact information with the registrant, and provided ICANN with correspondence it said demonstrated that.
ICANN says the correspondence it provided actually predated KnujOn’s latest complaint by six months.
In addition, when BizCN forwarded a scanned copy of the registrant’s ID card, ICANN suspected it to be a fake. The notice says:
Registrar provided copies of correspondence between the reseller and registrant. The response included the same email address that was still invalid according to information available to ICANN, and included a copy of a government identification card to confirm the registrant’s address. According to information available to ICANN, the identification card did not conform to any current or previous form of government identification for that jurisdiction.
Despite repeated follow-up calls, ICANN said it still has not received an adequate response from BizCN, so its accreditation is now in jeopardy.
BizCN has something like 450,000 gTLD names under management and is in the top 50 registrars by volume.
As for rapetube.org, it’s still registered with BizCN, but its Whois changed to a Russian company “Privat Line LLP”, at privatlinellp.me, on or about April 17.
That change is not going to help BizCN, however, which is being asked to provide evidence that it took “reasonable steps to investigate and reasonable steps to correct the Whois inaccuracy claims”.
It has until May 29 to sort out the breaches or face termination. Read the breach notice here.
Recent Comments