Germany-based ICANN-accredited registrar EPAG owned by Tucows has informed ICANN that it plans to stop collecting Whois contact information from its customers as it violates the GDPR rules. more
When a brand goes so far as to ask a domain name registrar for Whois (the registration contact details) of a potentially abusive domain name, there's likely a lot at stake. Most often, the request is prompted by consumer safety concerns, such as the risk to consumers posed by a malicious site. Other times, the demand has a simple goal: to have a dialog with the registrant about the use of trademarks or other intellectual property in order to avoid extreme action. more
In my day job I run one of the largest registrars / resellers of IE domains (the IE ccTLD is the domain name for Ireland). In the course of doing that I have spent quite a lot of time becoming accustomed to the rules and regulations that govern both the naming and general registration criteria of IE domains. In some cases I can understand why rules are the way they are, whereas in others I am completely baffled... more
There's a well-documented crisis facing the domain name system: very few who rely on domain name registration data from the Whois database to perform vital functions can do so any longer, which is escalating consumer harm and abuse on the internet worldwide. And the problems, thanks to ICANN's overly restrictive policy post-GDPR and a failing policy process, are piling up. more
On February 4, 2004, United States Congress held a hearing on a new proposed bill called the Fraudulent Online Identity Sanctions Act (FOISA). This bill will increase prison sentences by up to seven years in criminal cases if a domain owner provides "material and misleading false contact information to a domain name registrar, domain name registry, or other domain name registration authority." What follows is a collection of commentaries made in response to this proposed bill. more
Late last week, ICANN published the guidance from the Article 29 Working Party (WP29) that we have been waiting for. Predictably, WP29 took a privacy maximalist approach to the question of how Europe's General Data Protection Regulation (GDPR) applies to WHOIS, a tool widely used by cybersecurity professionals, businesses, intellectual property owners, consumer protection agencies and others to facilitate a safer and more secure internet. more
My general impression of the Task Force 3 (TF3) output was that it was a prettified way of accusing the community of internet users as being cheats and liars and demanding that the costs of trademark enforcement be offloaded from the trademark owners onto the backs of domain name registrants and the DNS registration industry. (It is amazing how often the trademark industry forgets that the purpose of trademarks is to protect the consumer's right and ability to identify goods and services and to distinguish such goods and services from one another.. The trademark industry forgets that trademarks are intended to benefit the customer, not the seller, and that any benefit to the seller is merely incidental.) more
In June of 2008 KnujOn reported that 70 Registrars did not have a business address listed in the InterNIC Registrar Directory. Only after reporting a month later that little had changed did ICANN perform a mass update of the directory. On further inspection we found many of the newly disclosed addresses were phantom locations, false addresses, and PO boxes. more
When it comes to stealing domain names, I suspect that there are two reasons why so many web bandits appear to be immune from ICANN (the Internet Corporation for Assigned Names and Numbers uses the acronym ICANN): the first reason I discussed in my last column on domain name theft (where I described a substantive void in domain name "regulation" as a primary factor for the increasing incidence of domain name theft), the second reason, which is the focus of this column, is the procedural anomaly that currently infuses ICANN's uniform dispute resolution process (UDRP) by providing no administrative forum for domain name registrants who become victims of domain name theft carried out by ICANN's registrars. more
Two months ago, the Federal Bureau of Investigation (FBI) alerted the public to a list of domains that could easily be mistaken to be part of its network. The list of artifacts contained a total of 92 domain names, 78 of which led to potentially malicious websites, while the remaining 14 have yet to be activated or are no longer active as of 23 November 2020. more
With so many new gTLDs moving into their respective general availability periods, and incidents of cybersquatting beginning to appear, many companies are now looking towards the URS (Uniform Rapid Suspension) as a possible solution for quickly remediating abuse. As a reminder, domains that are the subject of a successful URS ruling are suspended for the remainder of the registration term, or can be renewed for an additional year at the current registrar. more
Looking back at the year that just ended, here are the top ten most popular news, blogs, and industry news on CircleID in 2009 based on the overall readership of the posts. Congratulations to all the participants whose posts reached top readership in 2009 and best wishes to the entire community in 2010. more
In a recent article, eWeek reports on researchers at Microsoft revealing large-scale, typo-squatting schemes that use "multi-layer URL redirection to game Google's AdSense for domains program". According to this report, the Microsoft Research Systems Management Research Group succeeded in tracking a ring of typo-squatters registering misspelled domain names that generated traffic for serving advertising from Google. more
In Ian Flemming's Thunderball M sends 007 to the Bahamas on a hunch that SPECTRE is hiding something there. Well, it's been our hunch for a while that the Bahamas "office" for the Registrar Internet.BS does not exist. Now we have confirmation of such. It has been documented in an explosive undercover expose by LegitScript that Internet.BS address as stated could not be verified, could not accept mail, and that the business itself could not actually be found in the Bahamas. more
The Internet Governance Forum (IGF) is an annual UN conference on Internet governance which was held this year in Rio de Janeiro, Brazil. The topics discussed range from human rights online to providing Internet access in developing countries. A somewhat secondary topic of conversation is Internet security and cyber-crime mostly limited to policy and legislative efforts. Techies and Internet security industry don't have much to do there, but I have a few updates for us from the conference. more