Latest news of the domain name industry

Recent Posts

Have your say on police domain takedown powers

Kevin Murphy, November 30, 2023, Domain Policy

The UK Parliament wants your input on a new proposed law that would give the police powers to take down domain names and IP addresses.

The broad-ranging Criminal Justice Bill 2023 (pdf) would give police the ability to obtain court orders requiring registries and registrars to suspend domains believed to be used in criminal activity.

Accompanying explanatory notes say that these court orders could be applied internationally against domain companies in other countries via various means.

The clock is ticking for submissions — the Public Bill Committee of Parliament is due to sit to consider evidence from December 12 and issue its report with suggested amendments by January 30.

The committee advises submitting evidence as soon as possible to maximize the time spent considering it.

BMW porn site leads to registrar getting suspended

Kevin Murphy, January 18, 2022, Domain Registrars

A Hong Kong registrar has had its ICANN contract suspended after failing to transfer a cybersquatted domain to car maker BMW.

ThreadAgent.com, which has about 32,000 .com and .net domains under management, attracted the attention of ICANN compliance after a customer lost a UDRP case concerning the domain bmwgroup-identity.net.

The domain led to a site filled with porn and gambling content, and the UDRP was a slam-dunk win for BMW.

But ThreadAgent failed to transfer the domain to BMW within the 10 days required by ICANN policy, leading to Compliance reviewing the registrar for other areas of non-compliance.

A December 22 breach notice led to the registrar transferring the domain to BMW last week, but it had failed to resolve the other issues ICANN had identified, leading to a suspension notice the very next day.

ICANN wants ThreadAgent to explain why the UDRP was not processed according to the policy, and how it will be compliant in futre. It also says the company is not operating a web Whois service as required.

ICANN has told the company it will not be able to sell gTLD domains or accept inbound transfers between January 28 and April 28, and must display a notice to that effect prominently on its web site.

That second requirement may prove complicated, as ThreadAgent appears to be one of about 20 registrar accreditations belonging to XZ.com, a Chinese group based in Xiamen. It has not used the domain threadagent.com in several years, and its other accreditations, which use the same storefront, are all still unsuspended.

GoDaddy, PorkBun and Endurance win domain “blocking” court fight

Kevin Murphy, June 17, 2020, Domain Policy

Three large registrar groups last week emerged mostly victorious from a court battle in which a $5.4 billion-a-year consumer goods giant sought to get domains being used in huge scam operations permanently blocked.

Hindustan Unilever, known as HUL, named Endurance, GoDaddy and PorkBun in a lawsuit against unknown scammers who were using cybersquatted domains to rip off Indians who thought they were signing up to become official distributors.

The .in ccTLD registry, NIXI, was also named in the suit. All of the domains in question were .in names.

Among other things, HUL wanted the registrars to “suspend and ensure the continued suspension of and block access to” the fraudulent domains in question, but the judge had a problem with this.

He’d had the domain name lifecycle explained to him and he decided in a June 12 order (pdf) that it was not technically possible for a registrar to permanently suspend a domain, taking into account that the registration will one day expire.

He also defined “block access to” rather narrowly to mean the way ISPs block access to sites at the network level, once again letting the registrar off the hook.

Judge GS Patel of the Bombay High Court wrote:

Any domain name Registrar can always suspend a domain that is registered. But the entire process of registration itself is entirely automated and machine-driven. No domain name registrar can put any domain names on a black list or a block list.

Where he seems to have messed up is by ignoring the role of the registry, where it’s perfectly possible for a domain name to be permanently blocked.

NIXI may not have its hands directly on the technology, but .in’s EPP registry is run by back-end Neustar (now owned by GoDaddy but not directly named in the suit), which like all gTLD registries already has many thousands of names permanently reserved under ICANN’s direction.

Patel also seems to assume that NIXI doesn’t get paid for the domain names its registrar sells. He wrote:

The relief against Defendants Nos. 14 and 15, the dot-IN registry and NIEI [NIXI] at least to the extent of asking that they be ordered to de-register or block access is misdirected. Neither of these is a registrar. Neither of these receives registration consideration. Neither of these registers any domain name. The reliefs against them cannot therefore be granted.

NIXI actually charges INR 350 ($4.60) per second-level .in name per year, of which a reported $0.70 goes to Neustar.

The judge also ruled that the registrars have to hand over contact information for each of the cybersquatters.

He also ordered several banks, apparently used by the scammers, to hand over information in the hope of bringing the culprits to justice.

Registrar suspended over dodgy transfers

Kevin Murphy, October 1, 2019, Domain Registrars

ICANN has suspended a Los Angeles-based registrar after failing to get answers to its questions about a bunch of domain transfer.
World Biz Domains won’t be able to sell any gTLD domains, or accept transfers, from October 16 until January 13 next year. It will also have to post ICANN’s suspension notice on its home page.
Its crime? Failing to provide ICANN with records proving that the change of registrant requests for 15 potentially valuable domain names were legitimate.
ICANN has been badgering World Biz for these records since April, but says it was given the runaround.
The domains in question — 28.net, 68.net, 88.org, changi.com, tay.net, goh.net, koh.net, kuantan.com, yeong.com, merlion.org, og.net, raffles.net, sentosa.org, sg.org and shenton.com — all appear to have been registered to a Singaporean investor using the registrar DomainDiscover until about a year ago.
The non-numeric names all have significance to Singapore or neighboring Malaysia one way or the other. Some of them are arguably UDPR fodder.
Shenton is a busy street and hotel in the city, Merlion is Singapore’s lion mascot, Sentosa is a Singaporean island, and Raffles is of course the name of the famous hotel. Other domains on the list are common Chinese surnames used by Singaporeans.
It appears that about a year ago, according to DomainTools’ historical Whois records, they were transferred to World Biz and put under privacy protection.
There’s no specific claim in ICANN’s notice that any domain hijacking has taken place, but it’s easy to infer that the original registrant was for some reason not happy that the domains changed hands and therefore complained to ICANN.
Some of the domains in question have since been transferred to other registrars and may have been returned to the original registrant.
If ICANN’s track record of demanding records is any guide, this will not help World Biz come into compliance.
Should it be terminated, it looks like very few registrants will be affected.
While World Biz at one point had over 5,000 gTLD domains under management, it’s been shrinking consistently for the best part of a decade and in May had just 74 DUM.
September last year, when the domains in question moved to World Biz, was the company’s most-successful month in terms of inbound transfers — 17 domains — since I started tracking this kind of data nine years ago.

Net 4 India gets brief reprieve from ICANN suspension

India registrar Net 4 India has been given a bit of breathing space by ICANN, following its suspension last month.
ICANN suspended the registrar’s accreditation a month ago, effective June 21, after discovering the company had been in insolvency proceedings for some time.
But on June 20 ICANN updated its suspension notice to give Net4 more time to comply. It now has until September 4, the same day its insolvency case is expected to end, to provide ICANN with documentation showing it is still a going concern.
The registrar was sued by a debt collector that had acquired some Rs 1.94 billion ($28 million) of unpaid debts from an Indian bank.
ICANN’s updated suspension notice adds that Net4 is to provide monthly status updates, starting July 18, if it wants to keep its accreditation.
The upshot of all this is that the registrar can carry on selling gTLD domains and accepting inbound transfers for at least another couple months.

India’s largest registrar goes insolvent, gets suspended

India’s largest independent registrar has been found insolvent by a local court, after failing to pay back $28 million in bank loans.
Net 4 India has now also had its right to sell gTLD domains suspended by ICANN as a result.
Judging by legal papers (pdf) buried on Net4’s web site, the insolvency relates to a series of loans the company took out with the State Bank of India between 2002 and 2012.
After the company failed to pay those loans back, in 2014 the debt was acquired from SBI by Edelweiss Asset Reconstruction, which specializes in buying debt cheap then recovering it through the courts.
Edelweiss sued Net4 to get its money back a couple of years ago and, in March this year after what appears to have been a slam-dunk, won its case.
The ruling states that the outstanding debt in 2017 was almost two billion rupees — Rs 1,940,860,284, which works out to just short of $28 million at today’s rates.
Having learned about the insolvency in April, ICANN set about trying to contact Net4’s management to see if the company was coming back into compliance.
ICANN’s Registrar Accreditation Agreement says ICANN can terminate registrars’ contracts if they are in insolvency proceedings for more than 30 days.
After the company failed to show it was compliant, this week its RAA was suspended from June 21 to September 19.
During that period, Net4 will not be able to sell new domain registrations or accept incoming transfers. It will also have to display a notice on its web site to that effect.
If it has not demonstrated compliance by August 28, ICANN may start its termination process.
Net4 is the largest ICANN-accredited registrar based in India, as measured by number of registered gTLD domains (excluding Public Domain Registry, LogicBoxes, and several affiliated dummy accreditations, which are all owned by US-based Endurance International).
It had over 100,000 gTLD domains under management at the end of February — almost all in .com and other legacy gTLDs — but its DUM had been shrinking hard for many months.
At some point, Net4 appears to have been listed on both India’s National Stock Exchange and the Bombay Stock Exchange, but was delisted about a year ago.

Belgium to crack down on fraud domains

Kevin Murphy, November 28, 2018, Domain Registries

DNS Belgium says it will shortly implement a new policy that will see it take down .be domains associated with fraud within 24 hours of discovering them.
The new scheme, which comes into effect December 1, essentially grants the Belgian government’s ministry of the economy — FPS Economy or Federal Public Service Economy in local parlance — a trusted notifier status when it comes to takedowns.
Previously, requests had to go through public prosecutors and took about two weeks, giving attackers a longer window to milk their victims.
Under the old regime, FPS Economy could only request a suspension in cases where the Whois data was inaccurate.
The registry said it will only suspend domains that are involved in “serious crimes”, including phishing and fraudulent web stores.
Registrants will have two weeks to appeal their suspensions. After six months, the domains will be deleted.
Several hundred .be domains per year are expected to be affected.

Rape ban results in just one .uk takedown, but piracy suspensions soar

Kevin Murphy, February 19, 2016, Domain Registries

Nominet’s controversial policy of suspending domain names that appear to condone rape resulted in one .uk domain being taken down last year.
That’s according to a summary of take-downs published by Nominet yesterday.
The report (pdf) reveals that 3,889 .uk names were taken down in the 12 months to October 31, 2015.
That’s up on the the 948 domains suspended in the six months to October 31, 2014.
The vast majority — 3,610 — were as a result of complaints from the Police Intellectual Property Crime Unit. In the October 2014 period, that unit was responsible for 839 suspensions.
Unlike these types of suspensions, which deal with the allegedly illegal content of web sites, the “offensive names” ban deals purely with the words in the domain names.
Nominet’s systems automatically flagged 2,407 names as potentially in breach of the policy — most likely because they contained the string “rape” or similar — in the 12 months.
But only one of those was judged, upon human perusal, in breach.
In the previous 12 months period, 11 domains were suspended based on this policy, but nine of those had been registered prior to the implementation of the policy early in 2014.
The policy, which bans domains that “promote or incite serious sexual violence”, was put in place following an independent review by Lord Macdonald.
He was recruited for advice due to government pressure following a couple of lazy anti-porn articles, both based on questionable research by a single anti-porn campaigner, in the right-wing press.
Assuming it takes a Nominet employee five minutes to manually review a .uk domain for breach, it seems the company is paying for 200 person-hours per year, or 25 working days, to take down one or two domain names that probably wouldn’t have caused any actual harm anyway.
Great policy.

XYZ says it won’t block censored Chinese domains

Kevin Murphy, November 6, 2015, Domain Registries

New gTLD registry XYZ.com has said it will not preemptively censor domain names based on the wishes of the Chinese government.
Over the last couple of days, CEO Daniel Negari has sought to “clarify” its plans to block and suspend domain names based on Chinese government requests.
It follows XYZ’s Registry Services Evaluation Request for a gateway service in the country, first reported by DI and subsequently picked up by the Electronic Frontier Foundation, a Wall Street Journal columnist, Fortune magazine and others.
The clarifications offered up by XYZ probably did more to confuse matters.
A blog post on Wednesday said that XYZ will not reserve any .xyz domain names from being registered, except those ICANN makes all new gTLD registries reserve.
Subsequent comments from Negari stated that XYZ will, as the RSEP stated, prevent names that have been banned in China from being registered.
However, there’s one significant difference.
Now, the registry is saying that it will only put those bans in place for domain names that have been specifically banned by the Chinese government when the name had already been registered by a Chinese registrant.
So, if I understand correctly, it would not preemptively ban anyone anywhere from registering [banned term].xyz.
However, if [banned term].xyz was registered to a Chinese resident and the Chinese government told the registry to suspend it, it would be suspended and nobody would be able to re-register it anywhere in the world.
Negari said in a blog comment yesterday:

if we receive a Chinese legal order tomorrow (before the gateway has launched) which requires disabling a domain name registered in China and properly under Chinese jurisdiction, then it will be disabled at the registry level, and not by the gateway. When the gateway launches the name will continue to be unavailable, and the gateway will not implement the action on a localized basis only in China. The normal registry system would continue to be the only system used to resolve the name globally. Again — the specific stability concern ICANN had was that we would use the Chinese gateway to make .xyz names resolve differently, depending on what country you are in. I completely agree that our [RSEP] re-draft to address that concern came out in a way that can be read in a way that we sincerely did not intend.

So there is a list of preemptively banned .xyz, .college, .rent, .security and .protection domains, compiled by XYZ from individual Chinese government requests targeting names registered to Chinese registrants.
Negari said in an email to DI yesterday:

To clarify the statement “XYZ will reserve domains,” we meant that XYZ will takedown domains in order to comply with “applicable law.” Unfortunately, the inaccuracies in your post caused people to believe that we were allowing the Chinese government to control what names could be registered or how they could be used by people outside of China. The idea that XYZ is going to impose Chinese law and prevent people outside of China from registering certain domain names is simply incorrect and not true. To be 100% clear, there is no “banned list.”

That was the first time anyone connected with XYZ had complained about the October 12 post, other than since-deleted tweets that corrected the size of the list from 40,000 domains to 12,000.
The RSEP (pdf) that causes all this kerfuffle has not been amended. It still says:

XYZ will reserve names prohibited for registration by the Chinese government at the registry level internationally, so the Gateway itself will not need to be used to block the registration of of any names. Therefore, a registrant in China will be able to register the same domain names as anyone else in the world.

This fairly unambiguous statement is what XYZ says was “misinterpreted” by DI (and everyone else who read it).
However, it’s not just a couple of sentences taken out of context. The context also suggests preemptive banning of domains.
The very next sentence states:

When the Gateway is initially implemented we will not run into a problem whereby a Chinese registrant has already registered a name prohibited for registration by the Chinese government because Chinese registrars are already enforcing a prohibition on the registration of names that are in violation of Chinese law.

This states that Chinese residents are already being preemptively banned, by Chinese registrars, from registering domains deemed illegal in China.
The next few paragraphs of the RSEP deal with post-registration scenarios of domains being banned, clearly delineated from the paragraph dealing with pre-registration scenarios.
In his blog post, Negari said the RSEP “addressed the proactive abuse mitigation we will take to shut down phishing, pharming, malware, and other abuse in China”.
I can’t believe this is true. The consequence would be that if China sent XYZ a take-down notice about a malware or phishing site registered to a non-Chinese registrant, XYZ would simply ignore it.
Regardless, the takeaway today is that XYZ is now saying that it will not ban a domain before it has been registered, unless that domain has previously been registered by a Chinese resident and subsequently specifically banned by the Chinese government.
The registry says this is no different to how it would treat take-down notices issued by, for example, a US court. It’s part of its contractual obligation to abide by “applicable law”, it says.
Whether this is a policy U-turn or a case of an erroneous RSEP being submitted… frankly I don’t want to get into that debate.
Disclosure: during the course of researching this story, I registered .xyz domains matching (as far as this monoglot can tell) the Chinese words for “democracy”, “human rights”, “porn” and possibly “Tiananmen Square”. I have no idea if they have value and have no plans to develop them into web sites.

Yes, you are dangerous, arbitrator tells “cybersquatter” OpenTLD

Kevin Murphy, August 25, 2015, Domain Registrars

Free domains provider OpenTLD has been dealt a crushing blow in its fight against the suspension of its Registrar Accreditation Agreement.
ICANN is now free to suspend OpenTLD’s RAA, due to the company’s “pattern of cybersquatting”, following a decision by an independent arbitrator.
The arbitrator ruled yesterday that OpenTLD’s suspension should go ahead, because “OpenTLD’s continued operation could potentially harm consumers and the public interest.”
The 90-day suspension was imposed by ICANN Compliance in June, after it became aware that OpenTLD had lost two UDRP cases filed by competing registrars.
WIPO panelists found in both cases that the company had infringed its competitors’ trademarks in order to entice resellers over to its platform.
The suspension was put on hold voluntarily by ICANN, pending the arbitrator’s ruling on OpenTLD’s request for emergency stay. That request was conclusively rejected yesterday.
The arbitrator wrote:

the Arbitrator has little doubt that the multiple abusive name registrations made by OpenTLD, each of which included the registered mark of a competing domain name registrar and OpenTLD’s subsequent use of those domains… formed part of a broad concerted effort by OpenTLD calculated to deliberately divert name registration business, otherwise destined for competing domain name registrars… away from those registrars to OpenTLD instead.

He wrote that OpenTLD needs to put a process in place to prevent similarly cybersquatty behavior in future, rather than just making a commitment to changing its ways.
It’s pretty harsh stuff.
OpenTLD said recently that a suspension would “devastate” and “decimate” its business, due to the intertwining of its massive ccTLD business and rather smaller gTLD platform, but the arbitrator thought a technology workaround would be rather simple to implement.
No RAA means no gTLD sales and no inbound transfers.
OpenTLD is part of Freenom, which runs .tk and other free-to-register ccTLDs.
The company’s only ray of sunlight in the ruling is that the arbitrator said the costs of the proceeding should be split equally, not all falling on OpenTLD’s shoulders.
ICANN has not yet re-instituted the suspension, but it could come soon.
The full ruling can be read here.