Home / Blogs

Domain Name Theft, Fraud And Regulations

When it comes to domain name disputes, no domain name has captured more media attention than sex.com. Of course, disputes about sex often obtain a great deal of attention, and the sex.com domain name dispute can grab its share of headlines because the case involves sex, theft, declared bankruptcy, a once-thriving Internet porn business, and fraud, instead of the typical cybersquatting allegations. Indeed, this case is remarkable for its potential impact on the development of caselaw concerning whether there is a valid basis to assume that trademark interests should overwhelm all non-commercial interests in the use of domain names. The answer is no, but the caselaw to support that answer is in tension with cases that strongly imply a contrary conclusion.

Two years ago I wrote a column asking whether the day would come that Internet Corporation for Assigned Names and Numbers (ICANN) ICANN would actively control domain name theft. At the time, ICANN was busy expanding its authority over the Internet while, at the same time, neglecting important duties assigned to it, one of which would be to require registrars to do a better job preventing domain name theft. Sadly, neither the sex.com case, nor plans to prevent domain name thefts have been successfully implemented in the nearly two years that have passed.

There is still abundant evidence that there are inadequate procedures in place to ward off domain name theft. Web bandits steal domain names by presenting fake requests to domain name registrars, who, upon receiving the request, transfer the domain name registration over to the individual named on the form. Acting quickly, web bandits attempt to sell domain names to unsuspecting third parties. This scam works for two reasons: [1] some domain names have a definite upward value in the secondary market for domain names, and [2] many domain name registrars do not have adequate security measures in place to preclude most domain name thefts. What is more, registrars occasionally compound the serious effects of domain name theft by engaging in their own specious advertising that appears to mimic the former practice of long distance telephone service providers who illegally slammed (stole) customers from one company to enroll the customer elsewhere. What is ICANN doing about this? Zilch.

The sex.com case illustrates how easy it can be to steal a domain name. Undoubtedly, you are familiar with the facts of this case, but a few salient points include: Stephen Cohen, it is alleged, stole Gary Kremen’s domain name, sex.com, simply by submitting a fake transfer letter to domain registrar Network Solutions with a forged signature. Since ICANN-approved registrars respond to domain name transfers in an automaton-like fashion, Stephen Cohen, a convicted felon, was able to con Network Solutions (now owned by Verisign) and to steal a domain name that by some accounts could be worth more than any domain name sold to date.
After he was released from the federal prison in Lompoc, California in 1995 (among other unlawful deeds committed by Cohen, he attempted to pose as a lawyer in a bankruptcy court proceeding), Cohen pretended to be authorized by Kremen to order Network Solutions to transfer the name of the registrant of the sex.com domain name over to his company. Cohen hoodwinked Network Solutions with a phony letter from a non-existent executive at Kremen’s company, Online Classifieds, authorizing transfer of Sex.com to Cohen. The letter was written and signed by a “Sharon Dimmick,” identified as the president of Online Classifieds. The letter is addressed to Stephen Cohen, and states that Online Classifieds is relinquishing the rights of sex.com to Cohen. The letter contained an instruction from the non-existent Dimmick to Cohen: “Because we do not have a direct connection to the Internet, we request that you notify the Internet registration on our behalf, to delete our domain name sex.com. Further, we have no objections to your use of the domain name sex.com and this letter shall serve as our authorization to the internet registration to transfer sex.com to your corporation.” It’s unclear whether this peculiar letter was necessary to trick Network Solutions, but, apparently, the letter served as back-up support when Cohen directed the registrar to give him the domain name. Kremen’s loss of sex may be atypical since it involved direct contact with the thief. Apparently, Kremen was initially discouraged from attempting to recover his domain name after receiving a call from someone identifying himself as a lawyer from the U.S. Patent and Trademark Office. The fake lawyer may have informed Kremen that Cohen had a trademark on sex. The telephone call worked. Kremen delayed filing a lawsuit. Today, Kremen believes that the government attorney was an imposter, perhaps, Cohen, himself.

Nearly two years ago, a judge ruled in favor of Gary Kremen’s claim that someone stole sex.com from him. Judge James Ware, on the district court in San Jose, California, returned the domain name to Gary Kremen on grounds that Cohen had likely secured the domain name five years ago through fraud, enabling Cohen to earn tens of millions of dollars in sex.com-related profits. Cohen may have created a $250,000,000 business during the years he had illicit control of the sex.com domain name. The judge’s ruling was made, in part, in response to Kremen’s fear that Cohen was moving his ill-gotten gains away from the jurisdiction of federal courts to off-shore accounts.

A year ago, Cohen was subject to a bench warrant for his arrest for failure to appear in court and failure to place a $25 million deposit with the court to cover potential damages in the case. Judge Ware resolved the liability issues last year also. In his ruling, the judge determined that Cohen was liable for fraud and forgery to the sum of $40 million in compensation for lost profits and $25 million in punitive damages. The $65 million judgment has not been collected yet. More recently, Kremen has targeted Verisign. For Kremen, the challenge is to remove the shield of registrar/registry immunity from Verisign if the original registrant could show negligence. One court has ruled that Registries are immune from civil suit in cases where it negligently handled a domain name, but with the assistance of the Electronic Frontier Foundation (EFF) Kremen is challenging that ruling in the Ninth Circuit Court of Appeals.

What standard of care do registrar’s (and/or registries) owe registrants in thwarting attempts at domain name theft? In part, this is a question of Internet governance, and ICANN should fulfill its role by providing guidance in its registrar agreements, and in issuing notices to registrants or by posting ground rules on its website.

ICANN was not around in 1995, but it has not insisted that registrars prove that they have systems and procedures in place to avoid domain name thefts. Indeed, domain name thefts have steadily increased since 1995. The registrar namespace is competitive due to one of ICANN’s success stories; ICANN has also made progress toward its initial expansion of the Top-level domain name space. With a number of businesses newly operating in the names-space, it is increasingly important for ICANN to focus on what systems and policies must be in place to deter the theft of domain names and domain name services. ICANN should convene a Working Group to consider and resolve the many thorny issues that are at the heart of cases like the sex.com case; namely, what is the ICANN-level remedy for a requester who requests a domain name transfer and the registrar refuses to do so because of suspected fraud? In light of the circumstances of domain name transfers, should domain names be treated as property with property rights belonging to the registrant? What safe harbors should there be for registrars who comply with ICANN mandated fraud detection directives? What are the directives? Once ICANN completes its reform, it has real work to do.

By Rod Dixon, Attorney

Filed Under


Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet



Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC


Sponsored byDNIB.com

New TLDs

Sponsored byRadix

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API


Sponsored byVerisign