Home / Blogs

Two Years Later Dozens of Registrars Still in the Shadows

Garth Bruen

In June of 2008 KnujOn reported that 70 Registrars did not have a business address listed in the InterNIC Registrar Directory. Only after reporting a month later that little had changed did ICANN perform a mass update of the directory. On further inspection we found many of the newly disclosed addresses were phantom locations, false addresses, and PO boxes. This lead to a push to amend the RAA and require Registrar location disclosure and resulted in RAA 3.16: "Registrar shall provide on its web site its accurate contact details including a valid email and mailing address." However, policy without policy enforcement is useless. So far ICANN compliance has failed to enforce this rule even after being provided with extensive evidence in June, 2010. In fact, several Registrars cited five months ago for not posting their address have been allowed to renew their accreditation without complying.

The following Registrars still do not disclose their address on their website as required in RAA 3.16 and are in continued violation: Active Registrar, Inc. (activeregistrar.com), COMPANA LLC (budgetnames.com), Directi Internet Solutions Pvt. (publicdomainregistry.com), DOTALLIANCE INC (dotalliance.com), EVERYONES INTERNET LTD. (resellone.net), NICCO LTD. (nicco.com), RESELLER SERVICES INC. (ResellServ.com), UK2 GROUP LTD. (uk2group.com), VOLUSION, INC. (volusion.com), YNOT DOMAINS CORP (myorderbox.com), PREMIUM REGISTRATIONS SWEDEN (premiumregistrations.com), AB CONNECT (hosteur.com), FUNPEAS MEDIA VENTURES, LLC DBA DOMAINPROCESSOR.COM, DomainContext, Inc. (isregistrar.com), NEW GREAT DOMAINS (newgreatdomains.com), ONLINENIC INC. (onlinenic.com), OPEN SYSTEM LTD. (turbosite.com.br), OWN IDENTITY INC (ownidentity.com), PACNAMES LTD (pacnames.com), QUANTUMPAGES TECHNOLOGIES (ownregistrar.com), ULTRARPM INC. (metapredict.com), ZOG MEDIA, INC. (zognames.com), NAMEHOUSE, INC. (namehouse.net). The good news is that most of the 400 plus unique Registrars clearly provide their address in the home page footer, a CONTACT US, or ABOUT US link and several Registrars cited in June have since done so. Some Registrars bury the address in legal documents, while we do not consider this compliant ICANN provides no clear direction on where the address should be posted.

OnLineNIC is particularly troubling since their purported public location is an empty lot in California with their true location being in China, but only privately disclosed to ICANN. OnLineNIC's own domain registration has been cited multiple times by KnujOn as being false.

Additionally, KnujOn has discovered that nine Registrars have non-functional contact email addresses posted in the InterNIC directory: RU-CENTER, Best Bulk Register (also has a breach notice for failure to pay fees), Dynamic Network Services, Europe Domains, Homestead Limited, HTTP.NET, Namescout, Hostmaster.ca, Nameshare Inc, and Universo Online. Details of the email failures along with other results will be published in our supplemental report on Monday December 6th.

RAA 3.16 is not the only unenforced contract obligation. In fact, most of the RAA is unenforced with the exception being the Cardinal Sin of failing to pay ICANN fees. KnujOn will actually detail an unprecedented case in which a Registrar termination was reversed after back fees were paid.

While Registrars control the content of their websites, ICANN really is to blame for the failure to enforce the RAA and the anti-transparent practice of having one Registrar directory for public consumption with bad information and another internal list for their use.

By Garth Bruen, Internet Fraud Analyst and Policy Developer. More blog posts from Garth Bruen can also be read here.

Related topics: Registry Services, ICANN, Internet Governance, Policy & Regulation, Whois

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

Who is paying you to operate this 'crusade'? Jothan Frakes  –  Dec 03, 2010 1:07 PM PST

Please provide transparency to the readers about who is funding your efforts.

Seriously? Garth Bruen  –  Dec 03, 2010 2:06 PM PST

Your response to a report about transparency within the industry is to claim KnujOn is not transparent?

I suppose it is difficult to comprehend that a grass-roots effort is supported by ordinary Internet users sick of being ripped-off and spammed. Probably even more difficult to imagine someone NOT being motivated by cash but by doing the right thing. Unfathomable that a project could be driven by ingenuity, research and hard work.

Is everyone within the community who calls for more accountability somehow maliciously funded, or just me?

Once again, this is ad hominem attack unrelated to the substance of the posting.

Did that seem like an attack to Jothan Frakes  –  Dec 03, 2010 3:32 PM PST

Did that seem like an attack to you? 

So are you essentially responding by saying that painting someone into a corner that they have to fight their way out of is poor form?  I completely agree.  Would you care to abandon that approach?  I think it is poor form also.

I'm not opposed to the accountability you're seeking in the industry, and god bless you for any results you're getting. 

It seems like this crusade, however well intended, seems to be something that is benefiting someones objectives and I was curious as to that funding source.

"Crusade" Garth Bruen  –  Dec 03, 2010 3:45 PM PST

"ad hominem attack" is a common phrase used to describe this type of logical reasoning failure in an argument.

Who does it seem to be benefiting? Any guesses who is funding us? Who am I holding in the corner?

"Crusade" suggests a motivation other than money. Which is it?

Garth, my motivation is to ensure that Jothan Frakes  –  Dec 03, 2010 3:57 PM PST

Garth, my motivation is to ensure that things get cleaned up as well, we just have very different approaches to it.  And this sensationalist title has set my efforts back — all volunteer effort while being under employed or unemployed while we all wait for Godot to arrive and let the new TLD process start after 10 years.

(Half-Jesting, I was actually wondering if I could get your benefactors to fund my efforts.  =] )

We both mean to do good, and put our time and effort to it to improve the industry.  I just strongly believe that I get results by encouraging results, not putting a torch under a butt.

However well intended these crusades are, they paint an industry with a broad brushstroke and actually send self regulatory efforts backwards.

I have personally worked to get many of the registrars who have 'evolved' their way off earlier lists of yours into better compliance shape.  Most of my work has been in a volunteer basis by participation in things like the working groups, attending ICANN meetings, sitting in the registrar SG meetings and raising these issues with members, and working with such groups as the APWG, and more recently the High Security TLD Expert Group.

I am not on the payroll of any registrar.  Convincing registrars about compliance is an uphill battle, as it is purely a cost center for many of them, and is not always as strong a focus as their customers, but there is a lot of effort that I have put towards improving compliance.

I just really hate to see the registrars who I have worked with at different points in my career (none of which are listed above, btw) who do quite a lot of extremely hard work on making things better get thrown into the wood chipper with these sensationalist crusades.

I really recommend carrots over sticks as an approach.  That sounds good, but the reality is that I regret that the knujon pattern is sticks, because any carrots you might use with encouraging registrars who are not in compliance to do so will appear to be sticks.

So the question is, who benefits from the byproduct of the crusade, ie the erosion of institutional confidence in ICANN and their compliance efforts and/or registrars as a whole?

If you're saying this is the time honored '.COMmunist vs .COMmercial' (or better phrased as social good vs profit) argument, and you and your brother fancy yourselves the vigilantes who are taking back the night, that's cool.

still missing the point Garth Bruen  –  Dec 07, 2010 7:41 AM PST

I find really hard to believe that anything I'm doing interferes with your work.

Anyone who thinks this is "broad brushstroke" against the Registrars as a whole didn't read carefully. Two key statements from the posting:

1. "The good news is that most of the 400 plus unique Registrars clearly provide their address in the home page..."

2. "ICANN really is to blame for the failure to enforce the RAA..."

Let's focus on ICANN here The Famous Brett Watson  –  Dec 03, 2010 6:19 PM PST

There's no doubt in my mind that the Bruens are crusaders, and that "the knujon pattern is sticks" rather than carrots, but they have a very good point even so. It would be better to focus on that worthy point rather than try to look in the other direction for sinister and/or mercenary motives (which I suspect do not exist).

The point is this. ICANN has rules, and ICANN does not enforce those rules. The only rule you can rely on ICANN to enforce is the golden rule: i.e. if you owe them gold, they enforce that rule. It is hard to be anything other than deeply and profoundly cynical about ICANN as an organisation — particularly as an organisation which is supposed to represent the global public interest — when it engages in this kind of race to the bottom in relation to its own rules. There's one excellent reason to run an organisation this way, and that is profit maximisation: enforcement of anything other than payment is a net expense. If ICANN wants to paint itself as a fat bureaucracy, more interested in absorbing money and perpetuating itself than anything so quaint as fulfilling its actual charter, then this is exactly the sort of behaviour it should perpetuate.

I don't think that the list of non-compliant registrars is a terrible indictment against those registrars — it's more an indictment against ICANN for failure to enforce its own rules. Personally, I wouldn't want to deal with a non-compliant registrar, since domain name management is all about meticulous record keeping, and why should I trust someone who can't even keep their own business in order? That's not to say that all non-compliant businesses are malicious, however: I think most are just enjoying the race to the bottom that ICANN is, frankly, encouraging. Lying about your address is a different kettle of fish, of course: that's downright shady.

But let's focus the fire under the feet of ICANN for now, not the registrars. Fix ICANN and the registrar problem fixes itself.

Much as I agree with Jothan for most of this Suresh Ramasubramanian  –  Dec 03, 2010 7:47 PM PST

Several [not, not saying "all" as I have no data to that effect] of the registrars that Bruen is calling out do have a rather common problem .. a higher than average number of spam domains (and possibly, given Bruen's latest bee in the bonnet, internet pharmacy / pill spam domains, too).

When you combine that problem with the problem Bruen calls out ..

If that is indeed the case, Garth, your posting that sort of data rather than procedural nitpicking about registrar contact information will be more worthwhile.

Thanks... Garth Bruen  –  Dec 07, 2010 7:42 AM PST

you just made my point

I had to, you never did make it anywhere in your rant Suresh Ramasubramanian  –  Dec 08, 2010 6:53 AM PST

Coming to the point and avoiding ad hominem, vague rants helps.

A quipless response was too much to wish for... Garth Bruen  –  Dec 15, 2010 6:51 AM PST

While you may dismiss illicit online pharma as my personal pet peev, major providers and the U.S. gov't think otherwise:

Google, Microsoft, Others Join Obama to Fight Phony Pharmacies
http://www.pcworld.com/article/213677/google_microsoft_others_join_obama_to_fight_phony_pharmacies.html

Sigh. Understand that I dont disgree with what you want to do Suresh Ramasubramanian  –  Dec 17, 2010 12:18 AM PST

I only disagree with your approach to doing it, which appears to be based on carefully reading Dale Carnegie's "How to win friends and influence people" and then doing exactly the opposite.

As you pointed out - lots of people do agree with you about phony pharmacies and do work to take them down.  You are not a lone crusader fighting against gross injustice - and as long as you don't behave like one you'll find lots of friends to help you.

Huh? Garth Bruen  –  Dec 19, 2010 11:12 AM PST

This is about friendship? I thought it was about policy…

The word you're looking for, from a policy perspective Suresh Ramasubramanian  –  Dec 21, 2010 9:37 PM PST

is "diplomacy" rather than friendship.

# 19 Reply (max. reply level reached)  |  Link  |  Report Problems
ICANN Compliance Publish Response Michele Neylon  –  Dec 09, 2010 11:01 AM PST

Without rehashing any of the arguments here (or on the various ICANN mailing lists that many of us are members of), I thought it worthwhile to draw people's attention to ICANN's compliance team response:

http://www.icann.org/en/correspondence/burnette-to-bruen-08dec10-en.pdf

@Garth - I gather you have replied to ICANN since this letter was published, so I look forward to reading it

Regards

Michele

I have just sent a response to Stacy Burnette's public letter to me Garth Bruen  –  Dec 10, 2010 7:43 AM PST

(http://www.icann.org/en/correspondence/burnette-to-bruen-08dec10-en.pdf).
As many of you know the issues I have been raising were reported in June to compliance staff. I note that response from Ms. Burnette is welcomed because it is all we asked for originally, a declaration from the department of what is compliant and what is non-compliant.

Dear Ms. Burnette,

Thank you for your response, albeit in an unexpected location, in the ICANN Compliance pages. To my knowledge, this is the first time a non-contracted party has been admonished within the Compliance area; I will consider it a distinction. While I would encourage a robust debate, a direct response to the report by ICANN press relations or a “counter-point” rebuttal article at the venue (CricleID) would have been expected. Using the Compliance area to address a public reporter in a similar manner as non-compliant Registrars may set a dangerous precedent for your office. Alternatively, it may provide a path to transparency as more responses to public complaints are posted in this space.

I am disappointed in the fact that only “nine registrars appeared non-compliant” is being celebrated when all nine violations were reported to compliance staff nearly six months ago. That only now is ICANN following up with the normal process is an embarrassment.

As for some particular items cited in your response, there are problems with what you consider “inaccurate.” First, the termination COMPANA LLC is not posted publicly within the Compliance area at ICANN.ORG so it would be impossible for us to know it was a moot issue. Additionally, the lack of this public disclosure points to a deficit in transparency.

Until recently, the InterNIC directory listed the home page of YNOT DOMAINS as “myorderbox.com”, which is still an inoperable site. The clarification is suitable.

As for ONLINENIC, this is a more serious situation. Their address is not readily available on their site, nor is listed at "contact us", "company info", "support" or "about us.” Buried within the site is this address: “909 Marina Village Pkwy #236 Alameda, CA” which is a UPS box and the third purported California address for ONLINENIC in as many years. ONLINENIC’s first purported address was determined to be an empty lot. The second purported address is associated with a business registration which has been suspended by the California Secretary of State. ONLINENIC’s real address is likely: “7F International Trade Building, 388 South Hubin Road, Xiamen China” which is far from California’s Bay Area. While ICANN considers this compliance some would call it concealment and others an effort of anti-transparency.

As for the remainder, there is no correction required since they did not display their address. The theme of our article concerns the slow pace of disclosure. The fact that these Registrars, by your admission, are party to a contract ten-year’s out of date and apparently excluded from ICANN consensus policies. Once again, the apparent success touted in your memo is that Compliance has no power over their contracted parties in this area. While it may temporarily be seen a failure of Garth Bruen, it is in fact a serious loss for the whole community.

In response to your question about reinstated Registrars I point to the termination reversal of A Technology Company, of which you are already aware. A Technology co. was issued a non-renewal by ICANN on June 30, 2010 for failure to pay accreditation fees. The termination was reversed thirteen days later after the fee was paid. As you will recall they were still manipulating the WHOIS record for their website and not posting the business address after being accredited under the 2009 RAA. They were in fact non-compliant for a month and this was only corrected because KnujOn raised the issue. Incidentally, A Technology co. was allowed to cure its breaches after approximately 61 days which is well beyond the 15-day period stated in the RAA. As another example I would point to Naugus Limited LLC (naugus.com), a Registrar terminated in 2009 (http://www.icann.org/correspondence/burnette-to-goodwin-09oct09-en.pdf) which has apparently been re-instated and accredited under the new RAA. If they are in fact accredited they are in violation of RAA 3.3.1 for linking their WHOIS to a third-party paid WHOIS service. As you stated all prior to renewal Registrar’s websites are checked for compliance, but this issue was apparently overlooked.

While you consider our claims about Registrar terminations being mostly related to money “baseless”, I invite you to review the 14 terminations from 2010. Thirteen we terminated chiefly for failure to pay fees. One, as you mentioned, was terminated for insolvency. Insolvency is the inability to pay debts, hence their inability to pay ICANN accreditation fees. Yes, there are other violations cited and breach notices issued for additional problems, but the outcome of these breach notices is not made public regularly which is why the only terminable violation remains failure to pay fees.

Regretfully, I must also cite that address disclosure is but one problem area reported to compliance staff by KnujOn nearly six-months ago. To reiterate some of the issues (sent separately yesterday) we are concerned about:

(A) Registrars without Apparent Functioning Web-Based WHOIS

“3.3.1 At its expense, Registrar shall provide an interactive web page and a port 43 Whois service providing free public query-based access to up-to-date (i.e., updated at least daily) data concerning all active Registered Names sponsored by Registrar for each TLD in which it is accredited.”

EnetRegistry, Inc. (enetregistry.net): Website does not resolve
New Great Domains, Inc.(newgreatdomains.com): No content
VocalSpace LLC (DesktopDomainer.com): “Login Screen” Only
Premium Registrations Sweden AB (premiumregistrations.com): Login screen only
Alfena, LLC (alfena.com): Links to Domaintools.com – a paid WHOIS service

The following Registrars have a “Domain Look-up” service which only reveals whether or not the domain is available, this is not a WHOIS service:
Add2Net Inc. (lunarpages.com)
Bottle Domains, Inc. (bottledomains.com.au)
Digitrad France (digitrad.com)
DomainSpa LLC (domainspa.com)
NetRegistry Pty Ltd. (netregistry.com)
Nominalia Internet S.L. (nominalia.com)
Sedo.com LLC (sedo.com)

We could not locate the web-based WHOIS engine for these Registrars
Porting Access B.V. (portingxs.com)
VentureDomains, Inc. (upc360.com)
Verelink, Inc. (verelink.com)
Hosting.com, Inc. (Hosting.com)
Zog Media, Inc. (zognames.com)

Domainz Limited (domainz.com): Returns: "Your request could not be completed"

And Autica Domain Services Inc. (autica.com): Only thin WHOIS

(B) Registrars Not Displaying Fees and Deletion Policies

“3.7.5.5 If Registrar operates a website for domain name registration or renewal, details of Registrar's deletion and auto-renewal policies must be clearly displayed on the website.”

“3.7.5.6 If Registrar operates a website for domain registration or renewal, it should state, both at the time of registration and in a clear place on its website, any fee charged for the recovery of a domain name during the Redemption Grace Period.”

Domain Services Rotterdam BV (tellus.com): Only reseller information available
Premium Registrations Sweden AB (premiumregistrations.com): Policies not posted, “member login”
UltraRPM, Inc.(metapredict.com): No conspicuous terms link
VentureDomains, Inc. (upc360.com): Policies not posted
Zog Media, Inc. (zognames.com): No conspicuous terms/policy link

(C) Terminated Registrars Still Selling gTLD Domains and/or Claiming Accreditation

AfterGen, Inc. dba JumpingDot (jumpingdot.com) was terminated by ICANN June 10, 2009 (http://www.icann.org/correspondence/burnette-to-bourov-10jun09.pdf) but is still claiming ICANN accreditation.

Lead Networks Domains Pvt. Ltd. (leadnetworks.com) was issued a letter of Non-Renewal (http://www.icann.org/correspondence/burnette-to-malik-14jul09-en.pdf) on July 14, 2009. Are they still in court-ordered receivership? They are not listed in the InterNIC directory.

Broadspire Inc. (broadspire.com) has not been listed in the directory for some time and while there is no termination document there is a note on an ICANN page that Broadspire is “NO LONGER ACCREDITED”. However, this company still sells gTLDs and claims ICANN accreditation.

In conclusion, I also hope this is constructive as I am concerned about what appears, from outside ICANN, to be the disintegration of compliance.
Sincerely and seriously, Garth Bruen

... as for Jothan Frakes' comments -- Fred Showker  –  Dec 10, 2010 10:39 AM PST

... as for Jothan Frakes' comments — I've been there, and know that when anyone undertakes seemingly 'unselfish' activities, there are always those who look for the ulterior motives and the profit or revenue stream. Society needs those kinds of people. It gives those of us taking the high road, and working toward what is right an opportunity to remind others of the differences between right and wrong.

Quite frankly, to me, it makes no difference if Garth Bruen is going broke, or getting rich. In fact, for the GOOD work he and Knujon are doing, I hope they are getting rich. (Which I know they're not.) They truly deserve any rewards that come from their toils. They have stepped up to the plate to tackle the unsavory tasks that no one else has the stomach to tackle.

I realize this is not about Wikileaks, but the entire Wikileaks debacle has brought to the forefront the truth that society has become detached from the principles of right and wrong. The ongoing lack of accountability on the internet allows less than honorable people to appear honorable, and gather a following. Then the media turns it into norm, and makes it look okay. There is nothing honorable or right about Wikileaks and their growing army of followers. They are information terrorists.

How does this relate to ICANN, and the discussion above? If you can't see the answer to that, you need your eyes examined.

ICANN is the epitome of a "used-to-be-honorable" entity — with blood on their hands because they did not do what is honorable, and right. They have allowed themselves (either by intent or by neglect) to become part of the problem rather than what they are supposed to be in the first place — part of the solution. It is because of ICANN's failure to recognize the difference between right and wrong, that makes it possible for the Wikileaks of the world to hold honorable people hostage.

All users of the internet should thank God that there are individuals with staunch principles and the sturdy backbones to stand up — and continue standing up — for what is right.

Good day.

Fred

Right vs. wrong Steve Magruder  –  Dec 14, 2010 9:23 AM PST

I also believe in right vs. wrong, vehemently.

Accordingly, I strongly believe transparency is right and opaqueness is wrong.

In that light, KnujOn and Wikileaks are right (well, except where particular released leaks cause serious criminal damage other than embarrassment), and governments doing things in our name that we as citizens don't know about is wrong.

Further, Wikileaks are not "information terrorists" any more than the New York Times and the Washington Post are such.  Wikileaks didn't do the leaking, but rather reported what was leaked to them.  The New York Times does this too, albeit with additional discretion.  But is that discretion always or even usually valid?

I believe the opposite of your postulate in that the reason society is moving away from understanding right vs. wrong is because we don't know all the information we rightfully ought to have in our possession.  How can right vs. wrong even be evaluated without such information?  If we don't know much of what's happening in our world, aren't we actually most in danger of becoming a society as imagined by 1984?

Right vs Wrong Fred Showker  –  Dec 19, 2010 5:06 AM PST

I see my carefully written rebuttal we not published here.
I'll publish it elsewhere. :-)

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Season's Greetings - 2014 End of Year Message from DotConnectAfrica

Minds + Machines in 2014 and 2015

DNW Podcast Interview with Antony Van Couvering

TLD Registry and Right of the Dot Establish a Domain Name Industry "Dream Team"

TLD Registry Ltd Welcomes New Board Members

"Chinese Domaining Masterclass" to be Presented at NamesCon Las Vegas in January 2015

Auction and Sales Channel Update

Radix Set to Launch .SITE TLD in 2015

Annual Manthan Award Event This Week

Domain Name .Africa Faces Hurdles - Q&A with Sophia Bekele

LogicBoxes Announces Automation Solutions for ccTLD

Update on Minds + Machines' Top-Level Domain Launches

ICANN Los Angeles Recap Webinar

TLD Registry Appoints First China General Manager, Mr Jin Wang

TLD Registry Opens China Headquarters in "China's Silicon Valley"

.nyc Goes Public to Brand the Big Apple

Afilias Director Wins ICANN's 2014 Leadership Award

Infographic: Where in the World Do Chinese People Live?

Public Interest Registry Seeks Leaders to Serve on its NGO Community Advisory Council

Auctions Update: MMX Wins .law and .vip

Sponsored Topics

Afilias

DNSSEC

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
dotMobi

Mobile

Sponsored by
dotMobi