Recent Posts
- Verisign gave Trump $100,000
- Private Whois requests hit new low after Tucows quits RDRS
- Zoom says GoDaddy took it down for hours
- The Soviet Union might be safe after all
- Google says its ccTLDs “are no longer necessary”
- Facebook thinks ICANN is a bit rubbish
- ICANN spending $365,000 a year on coffee and booze
- Regulator going after suicide site that even Epik banned
- .ai sees $600,000 auction sales in a month
- Pru trims its dot-brand portfolio
- UK’s Nigel Hickson has died
- .blog registry ordered to change name to Knock Knock RDAP There
- WordPress buys Canadian, swaps CentralNic for CIRA
- Latest ICANN salary porn ruins my terrible pun
- .co deal worth $77 million up for grabs
- I get a wrongful kicking as .su registry denies turn-off plan
- Sales and profits dip at Team Internet
- Four deadbeat registrars get terminated
- “No timeline” to retire Soviet Union from the DNS
- ICANN to kill off 60-day domain transfer lock
- Lancaster bags up its dot-brand
- Google readying its next batch of gTLD launches?
- NomCom confirms Americans rejected from ICANN board
- Nova announces $45 million of new gTLD applications
- Registry makes .ai an option for Koreans
- it.com now bigger than Guatemala
- ICANN turns to AI and crowdsourcing for new gTLD program
- Amazon lawyer DiBiase elected to ICANN board
- Is .io safe now? Identity Digital now running Mauritian ccTLD
- Tucows quits ICANN’s Whois disclosure pilot
- Toshiba goes all-in on its dot-brand
- Google scuppers Team Internet acquisition after profit warning
- .ai channel doubles under new management
- Trump inclined to back deal that threatens .io
- As .com shrinks, China adds another 1.2 million domains
- Second new gTLD contention set revealed
- UK intros global domain takedown law
- No more Americans as Holland wins ICANN board seat
- Registries have started shutting down Whois
- ICANN wins IRP because complainant literally doesn’t exist
- .com could return to growth this quarter
- Could Musk’s DOGE kill off D3’s .doge?
- $2 million Christmas bonus for ICANN
- Another VW car dot-brand crashes out
- Largest back-end switch EVER as GoDaddy loses deal
- Yeah, we got phished, ICANN admits after crypto hack
- ICANN hacked to promote crypto scam
- Super Bowl a bit of a dud for .com?
- More gloom predicted for .com
- These are the .gov domains Trump has deleted so far
- Did Trump just create the world’s next ccTLD?
- $3,000 to do a Whois lookup?
- PIR to join GlobalBlock, but its crown jewel won’t
- LA wildfire victims get domain deletes delay
- .free domains to finally arrive as Amazon reveals three gTLD launches
- Six more gTLDs shown the door, five may be auctioned
- Registrar terminated after ignoring Whois transition
- $10 million ICANN giveaway winners picked
- Whois officially died today
- Typo left MasterCard open to hackers for years
- Could ICANN approve an R-word gTLD?
- These are the TLD growers and shrinkers of 2024 (part two)
- GoDaddy ordered to stop lying about crappy security
- These are the TLD growers and shrinkers of 2024 (part one)
- Dead terrorist domains for sale, just without the hyphens
- ICANN eyes more price hikes as it predicts dismal year for industry
- Meet the six people battling to join ICANN’s board
- New gTLD use cases not much use
- Defensive dot-brands are renewing, making ICANN millions
- Identity Digital offers free domain trials through LinkedIn
- Antisemitic remarks cost registrar dearly
- ICANN lawyers want to keep their clients secret
- Facebook cybersquatter asks ICANN to overturn UDRP ruling
- .xxx founder Stuart Lawley has died
- The new gTLD Next Round is really happening as two ICANN programs go live
- Verisign has much to be thankful for as .com contract renewed
- Another 40,000 .ai domains registered
- RDRS usage hits new low
- A dot-brand that was actually used is shutting down
- .id joins the million-domain club
- GoDaddy’s .xxx contract renewed
- Twitter clone Bluesky has one feature domain people should like
- ICANN confirms two bans on new gTLD gaming
- eBay slogan domain no longer has a BIN price
- Will Donald Trump be .io’s white knight?
- As customers flee legacy gTLDs, .org tops 11 million names
- Company accidentally puts porn domain on kids’ toys
- eBay’s new slogan looks like a $75,000 domain it doesn’t own
- Americans are deserting .com
- Weak Q3 for the domain universe, Verisign reports
- ICANN says it WILL raise its domain taxes soon
- Senator says domain industry “enables” Russian disinfo attacks
- bit.ليبيا? Libya to get its Arabic ccTLD
- Verisign gets eight more years running the root
- Two-horse race for open ICANN board seat
- Chinese say internet not ready for single-letter gTLDs
- Unloved INTA slams ICANN over new gTLDs
- Namecheap scores win in .org price-cap lawsuit
- Some Guy wants to take over .com and .net
- Second-shot gTLD bid rules revealed
- Nominet names directors after tight election
- Lawyer ban coming to ICANN
- Identity Digital to take over .ai
- ICA teams up with WIPO on UDRP reform
- Response to sex harassment lawsuit “inadequate”, say ICANN vets
- Unstoppable tops four million names
- Amazon readying fashion and book gTLDs
- Five times ICANN deleted a ccTLD, and what it means for .io
- Future of .io domains uncertain as UK hands over Chagos islands
- .ai now has over half a million names
- UK and Israel cut ICANN funding
- Twitter now up-to-date on linkification
- Moment of truth as .music domains finally go on sale
- ICANN fixes embarrassing “What is a Domain Name?” mistake
- Another ccTLD opens up its second level
- Reporter gains first access to .io island for decades
- .io sells $40 million of domains after massive uptick
- After five years, “useless” TLD has two web sites
- Verisign agrees to .com takedown rules
- New .com contract could see ALL domain prices go up
- Investing in .ad domains may be risky
- Plurals ban policy handed to ICANN board
- Three .now domains sell at premium EAP prices
- ICANN confirms new gTLD application fee
- New gTLD application fee rises by thousands after collision call
Namecheap scores win in .org price-cap lawsuit
Namecheap’s lawsuit over ICANN’s decision to lift price caps in .org and .info will be allowed to proceed, a California judge has ruled.
The Superior Court in Los Angeles recently threw out ICANN’s attempt to get the case dismissed, according to court documents released by ICANN. There will now be a hearing in January.
Namecheap’s lawsuit concerns ICANN’s decision in 2019 to lift price caps in Public Interest Registry’s .org contract and the .info contract then with Afilias (now Identity Digital).
Both registries had previously been limited to a 10% price increase every year.
The registrar filed an Independent Review Process case against ICANN, which is mostly won. In 2022, the IRP panel slammed ICANN for its secrecy and lack of adherence to its bylaws and issued seven recommended actions the Org could take to rectify its transgressions.
In the current lawsuit, filed this January, Namecheap claims that ICANN “largely ignored” most of these recommendations. It wants the court to force the Org to abide by the IRP ruling, which among other things calls for ICANN to look into reinstituting price caps.
But ICANN objected, saying Namecheap “is asking this Court to convert recommendations into requirements”, adding that it “does not have an obligation to act in accordance with the ‘recommendations’ of an IRP Panel”.
It demurred, asking the court to throw out Namecheap’s complaint, but the court declined to do so on legal grounds, meaning the claims will be heard on the merits.
In the five years since the .org and .info price caps were lifted, non-profit PIR has not raised .org prices once.
For-profit Identity Digital has raised .info prices every year, by between 9.38% and 11.03%, raising the cost from $10.84 in 2019 to $17.50 today. The price will go up again by 8.57% to $19.00 in January.
ICANN scores win in single-letter .com lawsuit
A Los Angeles court has handed ICANN a victory in a lawsuit filed against it by a domainer who thinks he has the rights to register all the remaining single-character .com domains.
Bryan Tallman of VerandaGlobal.com sued ICANN back in August, claiming the Org was breaking the law by refusing to allow him to register domains such as 1.com and A.com.
He already owns the matching domains in Verisign’s Chinese, Japanese and Hebrew .com IDNs, such as A.קום (A.xn--9dbq2a) and 1.コム (1.xn--tckwe), and says previous Verisign statements mean this gives him the right to the equivalents in vanilla .com.
These domains would very likely be worth tens of millions of dollars apiece. Verisign has held almost all single-character domain names in registry-reserved status since the 1990s. A few, notably Elon Musk’s x.com, pre-date the reservation.
Tallman claimed unfair competition, breach of contract, negligence and fraud and sought a declaratory judgement stating that ICANN be forced to transfer to him all of the 10 digits and all 23 of the remaining unregistered letters in .com, along with some matching .net names.
Pretty outlandish stuff, based on some pretty flimsy arguments.
ICANN filed a demurrer last year, objecting to the suit and asking the Superior Court of California in LA to throw it out, and the judge mostly agreed. In a February ruling (pdf), published recently by ICANN, he threw out all seven of Tallman’s claims.
Tallman was given permission to re-state and re-file five of the claims within 30 days, but his demand for a declaratory judgement was ruled out completely as being irreparably broken.
Freenom settles $500 million Meta lawsuit and will exit domain business
Facebook has claimed another domain industry scalp. Freenom said this week it has settled the cybersquatting lawsuit filed against it by Meta last year, and that it is getting out of the domain name business.
The registry/registrar said in a brief February 12 statement (pdf) that it will pay Meta an undisclosed sum and has “independently decided to exit the domain name business”.
Just how “independent” that decision was is debatable. The company lost its ICANN registrar accreditation last year and is believed to have lost its government contracts to run the ccTLDs for Equatorial Guinea, Central African Republic, Mali, Gabon, and possibly also Tokelau, its flagship .tk domain.
Meta had claimed in its complaint that Freenom had typosquatted its trademarks thousands of times, including domains such as faceb00k.ga. It sued for 5,000 counts under US anti-cybersquatting law, seeking $100,000 for each infringement, for a cool half-billion bucks in total.
Freenom and its network of co-defendant affiliates said in their defense that Meta had access to an abuse API that allowed it to turn off such domains, but had never used it. It also claimed many of the cited typosquats had already been shut down by the time the suit was filed.
It seems the names in question were likely those registered by abusive third-parties that were reclaimed and monetized by Freenom under its widely criticized free-domains business model, which made its TLDs some of the world’s most-abused.
But the claims on both sides evidently will not be tested at trial. The last court filing, dated late December, showed the two parties were to enter mediation, and Freenom put out the following statement this week:
Freenom today announced it has resolved the lawsuit brought by Meta Platforms, Inc. on confidential monetary and business Terms. Freenom recognizes Meta’s legitimate interest in enforcing its intellectual property rights and protecting its users from fraud and abuse.
Freenom and its related companies have also independently decided to exit the domain name business, including the operation of registries. While Freenom winds down its domain name business, Freenom will treat the Meta family of companies as a trusted notifier and will also implement a block list to address future phishing, DNS abuse, and cybersquatting.
Meta said in its Q4 Adversarial Threat Report this week that the settlement showed its approach to tackling DNS abuse is working.
Freenom’s gTLD domains have been transferred to Gandi. It’s less clear what’s happening to its ccTLD names, though social media chatter this week suggests the company has been giving registrants in affected ccTLDs nine-year renewals at no cost.
Namecheap sues ICANN over .org price caps
Namecheap has sued ICANN in California, asking a court to force the Org to revisit its decision to lift price caps on .org and .info domain names five years ago.
Registrar CEO Richard Kirkendall announced the suit on Twitter this afternoon:
Today we filed suit against @ICANN. After a previous ruling via a mediation process they have taken little action towards the recommendations of that ruling and so our hand has been forced to take this action. We feel that ICANN is in direct violation of their mandate and…
— Richard Kirkendall (@NamecheapCEO) February 5, 2024
The lawsuit follows an Independent Review Process case that Namecheap partially won in December 2022, where the panel said ICANN should hire an economist to look at whether price caps are a good idea before revisiting its decision to scrap them.
The panel found that the ICANN board of directors had shirked its duties to make the decision itself and had failed to act as transparently as its bylaws mandate.
Namecheap says that over a year after that decision was delivered, ICANN has not implemented the IRP panel’s recommendations, so now it wants the Superior Court in Los Angeles to hand down an injunction forcing ICANN to do so.
Before 2019, .org was limited to 10% price increases every year, but the cap was lifted, along with caps in .info and .biz, when ICANN renewed, standardized and updated the respective registries’ Registry Agreements.
After the decision was made to scrap .org price caps, despite huge public outrage, Namecheap rounded up its lawyers almost immediately.
The caps decision led to the ulimtately unsuccessful attempt by Ethos Capital to acquire Public Interest Registry, which runs .org.
Namecheap’s new lawsuit wants the judge to issue “an order directing ICANN to comply with the recommendations of the IRP Panel”.
That means ICANN’s board would be told to consider approaching PIR and .info registry Identity Digital to talk about reintroducing price caps, to hire the economist, and to modify its procedures to avoid any future transparency missteps.
Domainer asks court to block Epik sell-off
The customer suing Epik and its management over a fumbled $327,000 domain deal has asked a US court to prevent the company from selling off its assets and “absconding”.
Matthew Adkisson has amended his fraud complaint, first filed in March, to demand an injunction:
enjoining Defendants from transferring, liquidating, converting, encumbering, pledging, loaning, selling, concealing, dissipating, disbursing, assigning, withdrawing, granting a lien or security interest or other interest in, or otherwise disposing of Adkisson’s Escrow Funds and any other amounts owed to Adkisson, including but not limited to by transferring, liquidating, converting, encumbering, pledging, loaning, selling, concealing, dissipating, disbursing, assigning, withdrawing, granting a lien or security interest or other interest in, or otherwise disposing of any of Defendants’ assets or companies that Adkisson’s Escrow Funds were used in connection with
The amendment follows tweets from current Epik CEO Brian Royce which strongly suggested the company is in the process of selling off its assets. The complaint quotes former CEO and majority shareholder Rob Monster as confirming a sale was being “finalized”.
“If Royce, Monster, and Epik are allowed to sell Epik or its assets, consumers like Adkisson are highly unlikely to be repaid for the funds that Royce, Monster, and Epik and misappropriated,” the complaint says.
Adkisson attempted to buy the domain nourish.com via Epik and its “escrow” service last year, but after the sale fell through the company did not return his money. He now claims Epik was illegally mingling its escrow funds with its general operations fund.
The amended complaint now includes several citations from TrustPilot — other customers who says they bought domains only to see Epik take their cash and not hand over the domain.
While Epik has admitted that it owes Adkisson money, it has otherwise denied any wrongdoing. After the amendment, Royce withdrew his motion to dismiss the case.
Epik CEO tries to wriggle out of $327,000 refund lawsuit
Epik CEO Brian Royce has filed a motion to dismiss a lawsuit against him, as the company denies it defrauded a customer out of $327,000 in a botched domain purchase.
Royce was named alongside Epik companies and former CEO Rob Monster in a legal complaint last month by customer Matthew Adkisson, who had tried to buy the domain nourish.com through Epik’s escrow service.
But Royce says he should be removed from the list of defendants because he wasn’t employed by Epik when the deal was inked last May. He became CEO in September 2022, after Monster stepped aside.
The motion to dismiss was filed as the companies — Epik, parent Epik Holdings, and sister company Masterbucks — simultaneous denied the allegations of fraud and racketeering, while admitting they still owe Adkisson money.
Epik admits Adkisson paid $327,000 for the domain, that he never received the domain, and that he is still owed a refund:
Defendants admit that the domain name has not been transferred to Adkisson. Defendants additionally admit that they intended, and still intend, to return Plaintiff’s funds that he had paid for the purchase of the domain name
…
Defendants admit that Epik owes Adkisson a refund of the $327,000 in funds he previously transferred to it
Monster, who is also named as a defendant and remains Epik’s majority shareholder, has not yet filed his answer to the complaint with the court, according to PACER records.
Epik sued over financial meltdown
Domain registrar Epik has been sued by a customer who says he is owed $327,000 over an aborted secondary market purchase.
Matthew Adkisson says he paid the sum to Epik to buy the domain nourish.com from a third-party seller, with Epik paid $27,000 for its escrow service.
However, Adkisson alleges, the sale fell through and when he asked Epik for his money back he was given the runaround for months.
His lawsuit describes a scheme whereby Epik, former CEO Rob Monster and current CEO Brian Royce were using supposedly escrowed funds for general corporate — and possibly even personal — purposes.
There are even alleged Ponzi-like elements, with funds from new customers being used to pay off debts to former customers.
The suit describes it as a “widespread and illegal fraudulent scheme — replete with misrepresentations, embezzlement, and misappropriation”.
Similar complaints of this nature have been made against Epik for months, with many buyers and sellers struggling to get paid.
The suit, which suggests it believes some of Epik’s actions may have been criminal, lists eight counts including breach of contract, fraud and racketeering. Adkisson wants his money back, as well as unspecified damages.
You can read the complaint here (pdf). Hat tip to John Berryhill.
Facebook sues free domains registry for cybersquatting
Facebook parent Meta has sued Freenom, the registry behind multiple free-to-register ccTLDs including .tk, claiming the company engages in cybersquatting.
Meta alleges that Freenom infringes its Facebook, Instagram and WhatsApp trademarks over 5,000 domain names in the TLDs it operates.
While best-known for Tokelau’s .tk, which had almost 25 million registrations when Verisign stopped counting them a year ago, Freenom also operates .gq for Equatorial Guinea, .cf for the Central African Republic, .ml for Mali, and .ga for Gabon.
Apart from some reserved “premiums”, the company gives domains away for free then monetizes, with parking, residual traffic when the domains expire or, one suspects more commonly, are suspended for engaging in abuse.
Naturally enough, it therefore has registered, to itself, a great many domains previously used for phishing.
Meta lists these names as examples of infringers: faceb00k.ga, fb-lnstagram.cf, facebook-applogin.ga, instagrams-help.cf, instaqram.ml, chat-whatsaap.gq, chat-whatsaap-com.tk, and supportservice-lnstagram.cf, though these do not appear to be monetized right now.
It accuses the registry of cybersquatting, phishing and trademark infringement and seeks over half a billion dollars in damages (at $100,000 domain).
Today, Freenom is not accepting new registrations, but it’s blaming “technical issues” and says it hopes to resume operations “shortly”.
Facebook is one of the most prolific and aggressive enforcers of its trademarks in the domain space, having previously sued OnlineNIC, Namecheap and Web.com. OnlineNIC had to shut up shop due to its lawsuit.
(Via Krebs on Security)
XYZ bosses agree to pay $1.5 million to settle Fed’s loan scam claims
Some of XYZ’s top executives have agreed to pay $1.5 million to settle a US Federal Trade Commission lawsuit alleging they “deceptively” harvested vast amounts of personal data on millions of people and sold it “indiscriminately” to third parties including potential scammers and identity thieves.
The FTC says that the execs, through a network of interlinked companies, deceptively collected loan applications through at least 200 web sites, promising to connect the applicant with verified lenders, but instead sold the personal data willy-nilly to the highest bidder through a lead-generation marketplace.
The data was bought by companies that in the vast majority of cases were not in the business of providing loans, the FTC said. The buyers were not checked out by the XYZ execs and exposed consumers to identity theft and fraud, it added.
The allegations cover activities starting in 2012 and carrying on until recently, the FTC said.
“[They] tricked millions of people into giving up sensitive financial information and then sold it to companies that were not making loans,” Samuel Levine, director of the FTC’s Bureau of Consumer Protection said in a press release. “The company’s extraction and misuse of this data broke the law in several ways.”
“The FTC’s allegations were wholly without merit,” the defendants’ lawyer, Derek Newman, told DI in an email. “But litigation against the FTC is expensive and resource draining. For that reason, my clients chose to settle the case and move on with their business.”
“In fact, the FTC did not require any changes to my clients’ business practices that they had not already implemented before the case was filed,” he added.
The suit (pdf) named as defendants XYZ.com CEO Daniel Negari, COO Michael Abrose, business development manager Jason Ramin, and general counsel Grant Carpenter. Two other named defendants, Anisha Hancock and Sione Kaufusi, do not appear at first glance to be connected to the domains business.
The settlement (pdf) sees the defendants pay $1.5 million and agree to certain restrictions on their collection and use of data, but they did not admit or deny any liability.
The lead generation business was carried out via at least 17 named companies, including XYZ LLC (which appears to be a different company to the .xyz registry, XYZ.com LLC), Team.xyz LLC and Dev.xyz LLC. The FTC complaint groups them together under the name ITMedia.
Some of the companies are successors to Cyber2Media, the FTC said, a company that in 2011 had to settle a massive typosquatting lawsuit filed by Facebook.
Despite the personnel crossover, nothing in the complaint relates directly to the .xyz domains business, and the only domains listed in the complaint are some pretty nice .coms, including badcreditloans.com, personalloans.com, badcredit.com, fastmoney.com and cashadvance.com.
The complaint alleged deceptive representations and unfair distribution of sensitive information as well as violations of the Fair Credit Reporting Act. It reads:
In numerous instances, Defendants, through ITMedia’s actions, have shared and sold sensitive personal and financial information from consumers’ loan forms — including consumers’ full names, addresses, email addresses, phone numbers, birthdates, Social Security numbers, bank routing and account numbers, driver’s license and state identification numbers, income, status and place of employment, military status, homeownership status, and approximate credit scores—without consumers’ knowledge or consent and without regard for whether the recipients are lenders or otherwise had a legitimate need for the information.
Essentially, the complaint alleged that the defendants bullshitted consumers into handing over personal info thinking they were applying for a legitimate loan, when in fact the info was just being harvested for resale to sometimes dodgy buyers.
The complaint reads:
ITMedia’s practice of broadly disseminating consumer information, including to entities that share information with others whose identities and use of the information are unknown to ITMedia, exposes consumers to the risk of substantial harm from identity theft, imposter scams, unauthorized billing, phantom debt collection, and other misuse of the consumers’ information. Some consumers have complained that, shortly after submitting loan applications to ITMedia, they have received communications using the names of ITMedia websites to present sham loan offers or demands for repayment of counterfeit debt.
The $1.5 million settlement will be paid by “Individual Defendants and Corporate Defendants, jointly and severally”, according to court documents.
UPDATE: This article was updated shortly after publication with a statement from XYZ’s lawyer.
As .spa launches, former partner pisses in the champagne
The world’s newest gTLD is due to hit its landrush launch phase tomorrow, but a disgruntled former business partner is warning that it plans to get all the registrations cancelled.
DotPH, the ccTLD registry for the Philippines, reckons it is owed half of the equity in .spa under a 2012 agreement, and has been warning registrars that to sell .spa domains would be to breach three injunctions it has secured through a Hong Kong court.
The latest such injunction (pdf), dated April 23, in part prevents the registry, Asia Spa and Wellness Promotion Council:
(whether directly or indirectly and whether by itself or via its agents or service providers (viz. registrars and registry backend) (“Agents/Service Providers”), employees and/or associated corporate entities whatsoever) be restrained from entering into any agreements for the sale, lease or other use or disposal of any .spa sub-domains (“Launch Agreements”) and/or causing, procuring or giving consent to the Agents/Service Providers to enter into any Launch Agreements
The injunctions are being interpreted differently by DotPH and ASWPC.
DotPH told participating registrars — there are at least 36 of them, according to the ASWPC web site — in a May 12 letter (pdf) from its lawyers:
ASWPC must stop selling .spa domains – by itself, or by or through its agents including Registrars… ASWPC cannot allow or permit any of its Registrars to sell any .spa domains.
It goes on to say:
Our clients will seek orders to cancel all registrations accepted by the .Spa Registry in breach of the Court order. You should alert any existing registrants, and any intending registrants of the Court order, and of the likelihood that any .spa domains registered are likely to be cancelled – unless they have a contract dating before 19 April 2021 requiring ASWPC, or you, to register their domains.
ASWPC’s interpretation appears to differ, in that it does not believe registrars are bound by the injunction, due to the chain of contracts between registry and registrant.
DotPH says that the Hong Kong High Court is next due to consider the case in August.
The .spa landrush phase is due to run from 1600 UTC May 26 until October 1. It’s ostensibly a community-based gTLD, but has eligibility policies that make it open to essentially anyone.
Recent Comments