Recent Posts
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
Honey Salt stops responding to .sucks cybersquatting complaints
.sucks cybersquatter Honey Salt has stopped responding to UDRP and URS complaints related to the affiliated Everything.sucks web site.
Three UDRP decisions and one URS decisions resolved since early April have stated that the shadowy Turks & Caicos company defaulted or did not respond to the complaints.
It lost all four cases, all on pretty much the same grounds, losing its domains or having them suspended as a result.
Panelists concluded that while Everything.sucks presents itself as a grassroots free-speech wiki populated by user-generated content, in reality it’s just stuffed with undated, anonymous, context-free comments scraped from third-party web sites and designed to pressure brand owners into buying their .sucks domains.
Honey Salt has been hit with 19 UDPR and URS complaints covering 27 .sucks domains since last September. It’s lost all bar one of those that have been decided, an early UDRP in which the panelist bought its free-speech defense.
With the precedent that Everything.sucks is a cybersquatting enterprise pretty solidly set, it presumably doesn’t make much sense for Honey Salt to pay expensive lawyers to put up a defense any more.
In earlier cases, when Honey Salt was still responding, the company was represented by Orrick, Herrington & Sutcliffe, the US law firm that has also worked for .sucks registry Vox Populi.
Locked-down .music could launch this year
One of the most heavily contested new gTLDs, .music, could launch this year after new registry DotMusic finally signed its Registry Agreement with ICANN.
The contract was signed over two years after DotMusic prevailed in an auction against Google, Amazon, Donuts, Radix, Far Further, Domain Venture Partners and MMX.
It seems the coronavirus pandemic, along with ICANN bureaucracy, was at least partly to blame for the long delay.
I speculated in April 2019 that .music could launch before year’s end, but this time DotMusic CEO Constantinos Roussos tells me a launch in 2021 is indeed a possibility.
The contract the company has signed with ICANN contains some of the most stringent restrictions, designed to protect intellectual property rights, of any I’ve seen.
First off, there’s going to be a Globally Protected Marks List, which reserves from registration the names of well-known music industry companies and organizations, and platinum-selling recording artists.
Second, registrants are going to have to apply for their domains, proving they are a member of one of the registry’s pre-approved “Music Community Member Organizations”, rather than simply enter their credit card and buy them.
DotMusic will verify both the email address and phone number of the registrant before approving applications.
There’s also going to be a unique dispute resolution process, a UDRP for copyright, administered by the National Arbitration Forum, called the .MUSIC Policy & Copyright Infringement Dispute Resolution Process (MPCIDRP).
Basically, any registrant found to be infringing .music’s content policies could be slung out.
The content policies cover intellectual property infringement as you’d expect, but they also appear to cover activities such as content scraping, a rule perhaps designed to capture those sites that aggregate links to infringing content without actually infringing themselves.
The registry is also going to ban second-level domains that have been used to infringe copyright in other TLDs, to prevent the kind of “TLD-hopping” outfits like The Pirate Bay have engaged in in the past.
In short, it’s going to be one of the least rock-n-roll TLDs out there.
Tightly controlled TLDs like this tend to be unpopular with registrars. Despite the incredibly strong string, my gut feeling is that .music is going to be quite a low-volume gTLD. There’s no word yet on pricing, but I’d err towards the higher end of the spectrum.
Everything.sucks publishes transfer auth codes for thousands of domains in latest .sucks pimpage
Everything.sucks, which is quickly emerging as one of the world’s most prominent organized cybersquatting projects, has a novel new way to sell .sucks domains without, technically, selling them.
The company, which casts itself as a “non-profit organization and communications forum for social activism” has published the transfer authorization codes for what appears to be the thousands of .sucks domains in its portfolio.
This means that anyone can transfer any of the company’s .sucks domains into their own registrar account with just a few clicks and without asking the current registrant — if they can afford the exorbitant transfer fee and don’t mind legal exposure.
You may recall that Everything.sucks is a Wikipedia-style web site that is fed by traffic from thousands of .sucks domains that, as the company freely admits, match the trademarks of famous companies.
Typing poptarts.sucks into your browser address bar will take you to the Everything.sucks wiki pages for Pop-Tarts, which contains content critical of the brand scraped from third-party web sites.
Everything.sucks emerged last year, and in October I reported that hundreds of .sucks domains were pointing there.
At the time, the web site carried banner ads on each brand’s page that took visitors to secondary-market sales pages at Sedo or Uniregistry, where the price was usually the same as the .suck’s registry’s wholesale price of $200.
I thought it was weird that a registrant at the very least flirting with cybersquatting would put up their domains at cost price, but Vox Populi, the registry, denied any involvement with the domains.
The registrant of these names, according to several UDRP decisions that it lost, is a probably fictitious individual named Pat Honeysalt, from a company called Honey Salt Ltd based in either Turks & Caicos or the UK.
Honey Salt has told UDRP panels that it registers the names on behalf of Everything.sucks. Given the volume of registrations, it must have spent many millions of dollars.
In any event, shortly after the UDRP cases started trickling in and not long after DI’s initial coverage, the banner ads on the .sucks pages disappeared.
And now, the auth codes have appeared. It looks like this:
Publishing auth codes right there on its web site appears to be the latest stage in a cat-and-mouse game Everything.sucks is playing with the trademark lawyers pursuing it through the UDRP process.
The boilerplate reads:
We occasionally buy a dot sucks domain and point it at a specific page. We do this to bring awareness to our site and because, well, we love the dot sucks domain. If you ask us if we would sell the domain, our answer is simple. Absolutely not. We will give it to you.
It’s not technically offering to sell these domains any more, right? As far as this nominal non-profit is concerned, it’s giving them away for free to anyone who wants them, including the brand’s owner.
But if you want the names, you’ve still got to pay for the transfer, of course. In the case of poptarts.sucks, it’s $2,399 at the registrar screen-capped below. Another registrar has the same name priced at $2,599.99.
If we’re following the money here, the only beneficiaries that spring to mind are Vox Pop, which gets its fat-margin registry fee, and the hapless registrar, which gets whatever its markup on a .sucks domain transfer is.
I tried these auth codes at six leading registrars and found that four of their shopping carts informed me point-blank that they do not support .sucks transfers at all.
.sucks mystery deepens. Who the hell is Pat Honeysalt?
Another two .sucks domain names registered by the gTLD’s most prolific registrant have been found to be cases of cybersquatting, but now the squatter’s true identity is becoming more opaque.
In two recently decided UDRP cases before WIPO, registrant Honey Salt Ltd was found to have cybersquatted by registering and offering for sale bfgoodrich.sucks, uniroyal.sucks and tetrapak.sucks.
While earlier cases filed with the Czech Arbitration Forum had identified Honey Salt as a Turks & Caicos company, the latest few WIPO cases say it is a UK-based company.
However, searches at UK Companies House do not reveal any company matching that name.
The latest WIPO cases also identify an individual allegedly behind said company as a respondent, one “Pat Honeysalt”.
That’s either a pseudonym, or we’ve found one of those people who have somehow managed to keep their name out of Google’s index despite being well-funded and tech-savvy.
Honey Salt is believed to be the registrant of thousands of .sucks domains, all matching the trademarks of big companies, which all point to Everything.sucks, a wiki-style web site comprising scraped third-party criticism targeting the brands in question.
Its defense in its UDRP cases to date has been that it is providing non-commercial free speech criticism, and that the inclusion of “.sucks” in the domain means users could not possibly believe the site is officially sanctioned by the brand.
All but one UDPR panel has so far not believed this defense, with panelists pointing out that the domains in question are usually listed for sale on the secondary market (sometimes at cost, sometimes at an inflated price).
They further point out that the criticism displayed on the Everything.sucks site was written by third parties, often prior to the registration of the domain in question, so Honey Salt cannot claim to be exercising its own free-speech rights.
Honey Salt is represented in its UDRP cases by the very large US-based law firm Orrick, Herrington & Sutcliffe, which also represents .sucks registry Vox Populi.
Security firm sues Facebook to overturn UDRP loss of “good faith” typo domains
Security company Proofpoint has sued Facebook in order to keep hold of several typo domains that are deliberately intended to look like its Facebook and Instagram brands.
Proofpoint wants an Arizona court to declare that facbook-login.com, facbook-login.net, instagrarn.ai, instagrarn.net and instagrarn.org are not cases of cybersquatting because they were not registered in bad faith.
Proofpoint — a $7 billion company that certainly does not phish — uses the domains in anti-phishing employee training services, as it describes in its complaint:
Proofpoint uses intentionally domain names that look like typo-squatted versions of recognizable domain names, such as
, and the other Domain Names at issue in these proceedings. By using domain names similar to those of well-known companies, Proofpoint is able to execute a more effective training program because the workforce is more likely to learn to distinguish typo-squatted domains, which are commonly abused by bad actors to trick workers, from legitimate domain names.
Employees who click the bogus links are taken to harmless web pages describing how they were duped.
The court case comes shortly after Facebook prevailed in a UDRP case filed with WIPO.
In that case, the panelist decided that Proofpoint had no legitimate interest in the domains because they led to web sites that linked to Proofpoint’s web site, where commercial services are offered.
He therefore found that the names had been registered in bad faith, because visitors could assume that Facebook or Instagram in some way endorsed these services.
Proofpoint wants the court to reverse that decision and allow it to keep the names. Here’s the complaint (pdf).
It strikes me as at the very least bad form for Facebook to go after these domains, given that Proofpoint is tackling the Facebook phishing problem at source — user idiocy — rather than the reactive, interminable UDRP whack-a-mole Facebook seems to be engaging in.
WIPO handles 50,000th UDRP case as coronavirus drives complaints
The World Intellectual Property Organization handled its 50,000th UDPR case on November 20, the organization has announced.
It’s taken WIPO, which designed the policy and was the first to administer it back in 1999, over two decades to reach this milestone.
WIPO said that the 50,000 cases cover almost 91,000 domains, with complaints and respondents from over 180 countries.
The organization believes the coronavirus pandemic this year has driven growth, with an 11% increase in cases recorded between January and October. There were 3,405 cases over this period.
Erik Wilbers, director of the WIPO Arbitration and Mediation Center, said in a press release:
With a greater number of people spending more time online during the pandemic, cybersquatters are finding an increasingly target-rich environment. Rights owners, meantime, are stepping up their brand enforcement on the Internet as they further shift to marketing and selling online.
Free speech, or bad faith? UDRP panels split on Everything.sucks domains
The first wave of UDPR cases targeting domains used by Everything.suck have seen split decisions by the panels.
At least four .sucks domains, all owned by the same Turks and Caicos company, have been hit by UDRP complaints recently, and two have already been decided.
One case, over the domain miraplex.sucks, resulted in victory for the registrant while the other, over bioderma.sucks, led to defeat and a transfer.
Both domains are owned by Honey Salt Ltd, and both redirect to a page on Everything.sucks, a Wikipedia-style site that uses content scraped from third-party sites and social media to present a scrappy form of gripe microsite.
In both UDRP cases, Honey Salt chose to mount a “free speech” defense, claiming that it had rights to the names because they were being used to publish criticism of the brands in question.
As I noted last week, UDRP panels have historically been divided on when this defense should be successful. WIPO guidance suggests that gripe sites should be permitted as long as the criticism is genuine and non-commercial.
But Everything.sucks was decidedly commercial at the time these two complaints were filed. Each site featured a banner leading to a page on Sedo or Uniregistry where the domain could be purchased (usually at registry wholesale prices).
Miraplex is a brand of Parkinson’s disease medicine. In this case, the panel decided that the complainant, a pharmaceuticals company, failed to make the case that Honey Salt had no legitimate interests in the domain, writing:
the Complainant argues that the website linked to the disputed domain name displays information about the Complainant and its MIRAPEX medicines, but failed to explain (let alone substantiate) why this should be regarded as a lack of rights or legitimate interests in the disputed domain name (which seems to have a criticism purpose). Also, the Panel finds that the offering for sale of a domain name is not by itself a proof of lack of rights or legitimate interests.
The panel seems to have given special consideration to the fact that it’s a .sucks domain, where one might expect to see criticism.
Given the nature of the “.sucks” domain name gTLD, and given the evidence (or lack of evidence) submitted by the parties, the Panel finds that the Complainant did not prove that the Respondent lacks rights or legitimate interests in the disputed domain name. In particular, the Panel would have expected the Complainant to target its arguments and evidence to the specific criticism-nature of “.sucks” domain names (which the Complainant failed to do).
The decision is written in such a way as to suggest that it is the complainant’s lack of substantiating evidence, rather than the panel’s gullibility, that is to blame for the complaint failing.
The Panel finds that the Respondent’s claim that the website available through the disputed domain name has a criticism purpose is not devoid of credibility. The Panel would have expected the Complainant to argue (and corroborate) why it considers this “.sucks” domain name and its purported free expression character as a “smoke screen” and why it is of the opinion that the predominant purpose of the Respondent is to sell this domain name rather than to provide a forum for discussion and criticism. The Complainant did not explain nor substantiate why it considers the criticism character of this website as a pretext. The Panel also finds that the offering of a domain name for sale is not by itself evidence of bad faith.
The bioderma.sucks case is an entirely different story, with the panel writing that Honey Salt’s “entire endeavour seems to the Panel to be a pretext for commercial activity”.
Honey Salt’s “pretext” is that it registers domain names on behalf of a non-profit entity called Everything Sucks Inc, which appears to have been formed in Delaware this April. It told the Miraplex panel that whenever a wiki page is created at Everything.sucks, it registers the corresponding domain name.
Given that over two thousand .sucks domains were registered in June in the space of a couple days, that seems unlikely to me.
The Bioderma panel wasn’t buying it either.
The process by which the disputed domain name was registered seems to be automatic and, importantly, took place before any criticism whatsoever was even present on the website (as may be inferred from the Parties’ evidence, namely the Complainant’s screenshot of June 24, 2020). The alleged criticism seems to have been added as an afterthought between that date and the date when the Response was filed, further calling its genuineness into question.
It also noted that the content of the site comes from third parties, rather than the registrant, again calling its genuineness into question. The panel added:
Even assuming a third party generated the page on the Respondent’s website in order to engage in non-commercial criticism, rather than the Respondent itself, the Respondent immediately proceeds to exploit the position commercially by registering and offering the disputed domain name for sale.
This blatant commercial use was important to the panel in establishing a lack of legitimate interests and also bad faith.
Respondent’s approach was to take unfair commercial advantage of the Complainant’s name and trademark while having no actual criticism or free speech of its own in which to engage. It looked to sell the disputed domain name on the open market before any criticism had even been published. The fact that the disputed domain name is used for a web page not containing genuine criticism content but only automatically generated links loosely related to the Complainant’s product (as demonstrated by the Complainant’s screenshot dating from before the filing of the present Complaint) constitutes further evidence of bad faith. The fact that the disputed domain name is used in a page containing links to other companies and where the relevant domain names (to which the links point) are systematically put on sale by the Respondent is additional evidence of cybersquatting.
The panel ordered bioderma.sucks transferred.
Two cases, two very different outcomes.
Both complaints were filed at the Czech Arbitration Court by the same lawyer within a few days of each other, and were decided within a week of each other, but by different three-person panels.
With this in mind, it seems likely that both panels were presented with a very similar set of facts and evidence, and that the make-up of the panel was important to which party emerged victorious.
Two additional cases, bfgoodrich.sucks and mandmdirect.sucks, both Honey Salt domains, are currently active at WIPO. It’s unclear whether they were filed before or after Everything.sucks removed its banner ads, which happened about a week ago.
That .sucks weirdness? Worse than I thought
A business plan to turn .sucks into a massive Wikipedia-style gripe site, described by trademark lawyers five years ago as a “shakedown”, has reared it ugly head again.
You may recall that earlier this week I reported how somebody had registered many hundreds of .sucks domain names and listed them for sale on secondary market web sites at cost price. It looked weird, almost as if the registry or an affiliate was the registrant, which the registry denied.
It turns out I only told you half the story, for which I can only apologize.
At the time, the domains in question were not resolving for me, probably due to my terrible, block-happy ISP. But now they are resolving, and they reveal the return of Everything.sucks, a plan first floated by the .sucks registry in 2015.
It’s a network of hundreds of .sucks micro gripe-sites, each targeted to a specific brand and each each populated with content scraped, usually without citation, from Wikipedia, social media, and consumer-review aggregator web sites.
Here’s where jackdaniels.sucks takes you, for example (click to enlarge).
The description of the company is taken from Wikipedia. The customer comments below are taken from reviews of an apparently unrelated company called The Whisky Exchange published by TrustPilot, and the social media posts have been pulled from Instagram users deploying the hashtag #jackdanielssucks.
Other pages on the site seem to scrape content from GlassDoor, a site where employees review their employers.
While there’s nothing wrong with gripe sites, automating their creation over hundreds or even thousands of brands that you don’t genuinely have gripes with seems, charitably, churlish.
And these gripe sites are — or at least were — being monetized.
You’ll see a banner ad in the top-right corner of the above screen-grab, offering jackdaniels.sucks for sale. The link took you to a page on Sedo that offers the domain for sale with a buy-now price of $199 (the same as the registry’s wholesale fee).
Banners on other pages led to landers on GoDaddy-owned Uniregistry.com with prices of $599.
These banners, which appeared on every brand’s page that I checked, seem to have disappeared at some point over the last two days. I’m sure the change is unrelated to the fact that I started asking .sucks registry Vox Populi and parent Momentous difficult questions about these trademark-match domains on Wednesday.
While UDRP panels have disagreed over the years, there’s precedent dating back two decades that “trademarksucks.tld” domains with sites that contain genuine, non-commercial criticism can confer legitimate rights to the registrant and are therefore NOT cybersquatting.
I doubt a site that actively tries to sell the domain name in question for above out-of-pocket costs could be considered non-commercial.
Still, it looks like those banners are gone now, and I can’t find any other examples of obvious monetization.
I use jackdaniels.sucks as an example here as it’s the site I took a screenshot of before the changes, but there are many hundreds of similar trademark-match domains being used to feed traffic to Everything.sucks.
I note that unitedinternet.sucks, named after the parent company of Sedo, is for sale for $199 on Sedo and leads to a gripe site on Everything.sucks containing less-than-complimentary remarks. It’s for sale at $599 on Uniregistry.
But who is Everything.sucks?
The concept itself originates with the .sucks registry itself. Before the TLD launched in 2015, it floated the idea to a tsunami of criticism from trademark owners.
The plan back then was to sell .sucks domains for .com prices — a discount of a couple hundred dollars — but only to registrants unaffiliated with the trademark owner. These registrants would have had to forward their domains to an Everything.sucks-branded discussion forum.
Back then, Vox Pop said it planned to work with a non-for-profit third party on this initiative.
That third party never materialized, and later in 2015 appeared to mutate into a system called This.sucks, operated by a company called This.sucks Ltd, which took over the Everything.sucks domain name.
This.sucks sold .sucks domains for $12 a year, with the domains pointing to a forum/blogging platform that the company hoped to monetize.
Both This.sucks and Vox Pop denied there was any link between the two companies, but I later uncovered a lot of compelling circumstantial evidence linking the two companies, including the fact that Rob Hall, CEO of Vox Pop parent Momentous, paid for This.sucks’ web site design.
This.sucks appears to have fizzled out in the intervening years, but now Everything.sucks is back with a mystery registrant snapping up thousands of domains, at a cost of at least half a million bucks, under the Everything.sucks brand.
Public Whois is useless nowadays, of course.
But the front page of Everything.sucks describes it as “a non-profit organization and communications forum for social activism”.
Many of the domains that redirect to its site appear to be registered to a Turks and Caicos company called Honey Salt Ltd, a name that does not naturally suggest a non-profit entity.
Others use Momentous’ domain privacy service. All appear to be registered via Momentous-owned registrar Rebel, which sells .sucks domains at cost and is therefore one of the cheapest registrars on the market.
Back in 2015, intellectual property interests expressed doubt that the proposed Everything.sucks third party and the This.sucks third party were not in fact just smokescreens, fronts for the registry itself.
Vox Pop CEO John Berard on Wednesday denied to DI that the company had any involvement in the recent spurt of trademark-match registrations being used by Everything.sucks and expressed a lack of knowledge about the registrant’s intent.
I’ve not yet received comment from Momentous, but I’d be very surprised if the company does not know who is behind Everything.sucks.
At the very least, Vox Pop and Rebel are both privy to the unexpurgated Whois and/or customer records for whoever is running Everything.sucks and whoever it is that has grown the .sucks zone file by about 50% since June.
ICANN throws out “Ugly Houses” UDRP appeal
ICANN has rejected an unprecedented attempt to get a UDRP decision overturned using the Reconsideration process.
The Board Accountability Mechanisms Committee late last week summarily dismissed a Request for Reconsideration filed by a group called the Emily Rose Trust.
Emily Rose had lost a UDRP case in May concerning the domain name uglyhousesri.com, which it had been using for the last couple of years to run a home renovation-and-resale service in Rhode Island.
The complainant was a company called HomeVestors, which has been running a near-identical service called We Buy Ugly Houses (a phrase it has trademarked) for substantially longer.
The National Arbitration Forum panelist had decided that the domain was confusingly similar to the mark, and that the similarity of the services constituted bad faith use.
In filing the rather poorly-written RfR, Emily Rose argued among other things that “Ugly Houses” is a generic term not protected by the mark.
But ICANN did not consider the merits of its request, instead rejecting the RfR for being outside the scope of the process.
The BAMC said that UDRP decisions do not involved the action or inaction of the ICANN board or staff, and are therefore not subject to board Reconsideration.
While UDRP decisions are often contested in court, this RfR makes it clear that ICANN is not an avenue for appeal in individual cases.
Facebook WILL sue more registrars for cybersquatting
Facebook has already sued two domain name registrars for alleged cybersquatting and said yesterday that it will sue again.
Last week, Namecheap became the second registrar in Facebook’s legal crosshairs, sued in in its native Arizona after allegedly failing to take down or reveal contact info for 45 domains that very much seem to infringe on its Facebook, Instagram and WhatsApp trademarks.
In the complaint (pdf), which also names Namecheap’s Panama-based proxy service Whoisguard as a defendant, the social media juggernaut claims that Whoisguard and therefore Namecheap is the legal registrant for dozens of clear-cut cases of cybersquatting including facebo0k-login.com, facebok-securty.com, facebokloginpage.site and facebooksupport.email.
In a brief statement, Facebook said these domains “aim to deceive people by pretending to be affiliated with Facebook apps” and “can trick people into believing they are legitimate and are often used for phishing, fraud and scams”.
Namecheap was asked to reveal the true registrants behind these Whoisguard domains between October 2018 and February 2020 but decline to do so, according to Facebook.
The complaint is very similar to one filed against OnlineNIC (pdf) in October.
And, according to Margie Milam, IP enforcement and DNS policy lead at Facebook, it won’t be the last such lawsuit.
Speaking at the second public forum at ICANN 67 yesterday, she said:
This is the second in a series of lawsuits Facebook will file to protect people from the harm caused by DNS abuse… While Facebook will continue to file lawsuits to protect people from harm, lawsuits are not the answer. Our preference is instead to have ICANN enforce and fully implement new policies, such as the proxy policy, and establish better rules for Whois.
Make no mistake, this is an open threat to fence-sitting registrars to either play ball with Facebook’s regular, often voluminous requests for private Whois data, or get taken to court. All the major registrars will have heard her comments.
Namecheap responded to its lawsuit by characterizing it as “just another attack on privacy and due process in order to strong-arm companies that have services like WhoisGuard”, according to a statement from CEO Richard Kirkendall.
The registrar has not yet had time to file its formal reply to the legal complaint, but its position appears to be that the domains in question were investigated, found to not be engaging in nefarious activity, and were therefore vanilla cases of trademark infringement best dealt with using the UDRP anti-cybersquatting process. Kirkendall said:
We actively remove any evidence-based abuse of our services on a daily basis. Where there is no clear evidence of abuse, or when it is purely a trademark claim, Namecheap will direct complainants, such as Facebook, to follow industry-standard protocol. Outside of said protocol, a legal court order is always required to provide private user information.
UDRP complaints usually take several weeks to process, which is not much of a tool to be used against phishing attacks, which emerge quickly and usually wind down in a matter of a few days.
Facebook’s legal campaign comes in the context of an ongoing fight about access to Whois data. The company has been complaining about registrars failing to hand over customer data ever since Europe’s GDPR privacy regulation came into effect, closely followed by a new, temporary ICANN Whois policy, in May 2018.
Back then, its requests showed clear signs of over-reach, though the company claims to have scaled-back its requests in the meantime.
The lawsuits also come in the context of renewed attacks at ICANN 67 on ICANN and the domain industry for failing to tackle so-called “DNS abuse”, which I will get to in a follow-up article.
Recent Comments