|
So-called domain tasting is one of the more unpleasant developments in the domain business in the past year. Domain speculators are registering millions of domains without paying for them, in a business model not unlike running a condiment business by visiting every fast food restaurant in town and scooping up all of the ketchup packets.
Since 2003, the contract between ICANN and each unsponsored TLD registry (.biz, .com, .info, .net, .org, and .pro) has added an Add Grace Period (AGP) of five days during which a registrant can delete a newly registered domain and get a full refund. Although this provision was clearly intended to allow registrars to correct the occasional typo and spelling error in registrations, speculators realized that this allows them to try out any domain for five days for free.
As soon as the speculators (who call themselves “domainers”) figured this out, they started using automated software to register domains like crazy. They put up web pages full of pay-per-click ads, keep the few that make money during the five days, and refund the rest. Many of the speculative domains are expiring ones, since those might already be indexed in Google and have some traffic, others are slightly misspelled versions of existing domains to catch traffic from people who make typing errors.
Registries are close-mouthed about the number of domains that are refunded, but informed estimates from Bret Fausett, citing VeriSign’s Stratton Scavlos, and from Godaddy’s Bob Parsons say that it’s grown in recent months to be about 99% of them. That’s bad.
The minor problem is that the vast speculative traffic makes it hard for normal registrants to get names they want, although there’s no particular reason to think that there’s much overlap between the recycled and typo domains the speculators favor, and the new domains that new registrants want. A related and slightly more serious problem is that domains are repurposed to new, different, and often sleazy uses, with the standard example being a rape crisis site that turned into a sex toy store. The big problem is that it puts a severe load on the registries, and the speculators are being subsidized by the real registrants. Assuming the 99% number is reasonably accurate, that means that for every normal paid registration, there are 100 speculative registrations and then 100 refunds, that is, 200 unpaid registry transactions for every paid one. Management at PIR, which runs the .ORG registry, have told me what a problem it’s been to keep up with the growing load of speculative registrations. Last month they wrote a letter to the ICANN Security & Stability Advisory Committee expressing their concern both about the load on the registry and showing the example of the crisis center site suddenly sprouting ads for butt plugs. Yet, Karl Auerbach noted that VeriSign hasn’t complained about the load on .com, so they can evidently afford the 200 free transactions for every $6 paid one, telling us that the actual cost to handle a registration is under three cents.
Fixing this problem would be easy—keep some of the money when a domain is refunded. Bob Parsons suggests keeping the 25 cent fee paid to ICANN but refunding the full registry fee, to avoid giving registries any incentive to encourage refunds.
Many other people have reported on this situation, but what I haven’t seen brought out is that this problem was both completely unnecessary and completely predictable. The AGP was added to registry contracts at the same time as the redemption period and other items to make it easier for a registrant to reclaim a domain that expired by mistake. Mistaken expiration problems were real, and there was considerable discussion at ICANN and elsewhere about them, but mistaken registrations simply are not a significant problem. There aren’t very many of them, and unlike a mistaken expiration, the most you lose from a mistaken registration is the ten bucks or so you paid for it. So where did the AGP come from? As far as I can see, nobody asked for it, some member of the ICANN staff added it, the board never debated it, and it went through on auto-pilot.
Anyone who registered domains back in the pre-ICANN era, which I hope would include some of the ICANN board members, should remember what went on back in the good old days. You e-mailed a registration form to NSI who did the registration within a day or so and sent you a bill for $100 or later $70. Unpaid domains were deleted after a couple of weeks. Domain speculators took advantage of that loophole, too, registering thousands of domains (limited by the slow e-mail based system), and, before the era of pay per click trying to resell them at a profit before they expired. It is my distinct recollection that the new multi-registrar system started in 1999 required prepayment to stop that speculation. I realize that 1999 was an aeon ago in Internet years, but it’s only seven people years. Have we really forgotten our history that fast?
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byVerisign
Sponsored byCSC
Sponsored byRadix
Sponsored byDNIB.com
Sponsored byIPv4.Global
John,
What is interesting is that aggressive and automated domain tasting seems to occur almost exclusively through just a handful of registrars (I should know).
-Ram
Although this business practice may indeed be in bad taste (it certainly makes me want to puke) are you sure it’s really bad for the registries?
Maybe their systems are automated to the point where the extra load doesn’t negate the value associated with receiving payment on stupid domains that end up working out for the domainers?
If they add extra chargers that discourage the business practice, they might be walking away from what is actually good business for them.
Last week I had dinner with one of the execs at the .ORG registry, and he told me quite vehemently that it’s costing them significant real money to handle all the speculative registrations and cancellations. That’s not surprising—you build your system to handle the load you expect to handle, and if it then turns out the load is 10 or 100 times that, you’re going to have to scale up the system accordingly.
I can’t feel all that sorry for .ORG, considering the vast surplus they deliver to ISOC, but if that surplus is going to be eaten up, I’d rather it be eaten by something better than people trying out millions of ways to misspell Yahoo.
Sorry, stupid question follows…
Okay then, so if the registry has already decided that their 5-day grace period is a bad business practice for them, why don’t they just, uh, change it? They created it in the first place, didn’t they?
Uh, no, the registries didn’t create it. Surely you read the second and seventh paragraphs of the article you’re responding to.
Ah yeah, I forgot about the ICANN <->
registry contract when I was making my followup post.
Like you say, there’s a pretty simple solution to the problem…probably more than one, even.
John, to complete your article: Not only gTLDs allow domain tasting, some of the ccTLDs also allow is, in some cases for a period of a few weeks.
When the grace period concept was raised to the ICANN board, the only kind of grace period discussed was a “redemption grace” period to help people who accidently forgot to renew. (The board accepted “redemption grace” at the meeting of March 14, 2002 in Accra, Ghana.)
The concept of “add grace”, i.e. the 5 day free taste, was never brought before the board nor was it ever discussed.
In other words “add grace” is a creation of ICANN’s staff. It was put into the contracts without properly informing the board of what kinds of things they added into hundreds of pages of contractual terms.
As it stands the actual language in the contracts for “add grace” pertains to a period at the start of a new registration. In those case where registrars are using this provision to take a 5-day taste of a name deleted by one of their customers it is hard to accept that this is a really a new registration. In other words, it may well be the case that at least some of this tasting is not justified under the existing contracts.
But the real concern here is this: ICANN recently justified an increase of the Verisign registry fee to $7 plus 7% on the basis that this amount is needed to cover Verisign’s registry expenses and leave a bit over to encourage innovation.
As we see from the numbers, the actual cost to Verisign is about $0.02 or less. That does not seem to warrant the $7, or 35000% profit, that ICANN is allowing Verisign to charge.
In other words, when, and if, ICANN ever fixes this egregious abuse, it should also remember to re-establish the Verisign registry fee (as well as the fees to other registries) at a level that reflects actual costs, which we now now is at most a few cents per name per year and nowhere near the $6 or $7 dollars now being levied on domain name users.
We’re starting to see botnets now taking advantage of this free period. It’s going to get ugly. A botmaster can register a domain to track their botnet / distribute their malware, and then poof, its gone the next day with no trace. They move on to their next one. An algorithm built into the malware that knows what domains to look for on what days could cause an endless supply of hard to track domains.
Please fix this - there are many ways. The only reason we see for giving this grace period is when you find that you’ve been given a fraudulent credit card and you need to cancel it (typically within 5 days). Give a registrar a certain amount of refunds and then thats it.
Some registries are considering implementing ideas such as a “Restocking Fee”. There is mixed reaction among registrars, maybe because there’s real $$ here…
Bob Parsons of Godaddy suggested making the 25 cent ICANN fee non-refundable, which would do the same thing and avoid giving the registries an incentive to encourage tasting churn. I don’t see how registries can impose a restocking fee without getting permission from ICANN to revise the agreements. But if they’re going to do that, why not just get rid of the AGP completely, since by general agreement nobody asked for it in the first place?