Home / Blogs

The US DOJ Rogue Internet Pharmacy Settlement: Implications for Registrars

John Horton

In the wake of Google's settlement with the Department of Justice for permitting advertising by illegal online pharmacies, what are the legal implications for Domain Name Registrars and ISPs in the US and elsewhere?

In short, if you're a Registrar or ISP, it's a new ballgame. Here's why it's critical for you to steer clear of criminal and civil liability by making sure your registration services aren't used by rogue online pharmacy criminals. (And, here's how to do it.)

Defining Internet Drug Dealers

First, what is a "rogue Internet pharmacy"? The vast majority of websites that facilitate the sale of prescription drugs are illegal: the National Association of Boards of Pharmacy (NABP) has consistently found, as has LegitScript, that about 96% of all Internet pharmacies don't require a prescription, aren't appropriately licensed, and sell unregulated drugs — that is, drugs that are not part of the "closed supply chain" required by most countries' laws, thus raising the risk that the drugs are counterfeit or adulterated.

In other words, these are Internet drug dealers. And, their websites are dangerous.

A drug is classified as "prescription-only" for the simple reason that it requires medical supervision to be used safely. Similarly, unregulated drugs may be genuine or fake. LegitScript has received numerous reports of individuals who have been hospitalized or sickened — or even died — as a result of fake or counterfeit drugs shipped from rogue online pharmacies.

In contrast to other forms of cybercrime like phishing and identity theft, online pharmaceutical crime is in a category of its own for a very simple reason: victims can die.

Welcome to the New Ballgame
The Google-DOJ settlement signals changing expectations by law enforcement as to how Internet platforms (ISPs, Registrars, payment service providers, etc.) should respond when put on notice about rogue online pharmacies.

So what do Registrars need to know — and do?

Registrars that knowingly permit their registration services to be used by rogue Internet pharmacies, including accepting registration or re-registration fees for domain names that they have been put on notice are being used in facilitation of illegal conduct, may be subject to criminal or civil liability for facilitating and/or profiting from criminal activity. For Registrars, reducing your liability and disallowing the use of your services by these illegal websites means suspending and locking rogue online pharmacy domain names once you are put on notice.

If you're an ICANN-accredited Registrar, you have the sanctioned ability, and arguably responsibility, to do this. The Uniform Dispute Resolution Policy (UDRP), by which all ICANN-accredited Registrars are bound, requires Registrars to prohibit the use of their domain names in furtherance of unlawful activity (see Paragraph 2). That's important because it gives Registrars the explicit authority to suspend online pharmacies operating illegally. Indeed, as a contractual matter, there's a solid argument that you're bound to act — not ignore the notification.

But how far do you have to go? DOJ's recent actions signal an expectation that online platforms will take "reasonable steps" to avoid facilitating criminal activity — but that doesn't mean you have to be clairvoyant. After all, no Registrar can know what every customer or website is doing. But if a Registrar is put on notice by a credible source as to rogue online pharmacy domain names using its registration services, a continued pattern of non-responsiveness may be viewed as the turning of a blind eye to, or even willfully profiting from, criminal behavior.

A Letter to Registrars on Behalf of Regulators

So what's a credible source of information, and how can you know if an Internet pharmacy is legal or not? The NABP, which represents the government agencies that license and regulate pharmacies in the US and elsewhere, has issued a letter to Registrars endorsing LegitScript's listing of rogue online pharmacies as accurate and reliable, and requesting that Registrars suspend and lock rogue online pharmacy domain names LegitScript notifies Registrars about. LegitScript currently offers this notification as a complimentary service, and regularly submits information to several registrars including GoDaddy, eNom, Dynadot, DomainContext, Directi and others.

Liability may be Criminal...or Civil

The risk of liability isn't just criminal — it's potentially civil as well. One of these days, an enterprising civil attorney is going to ask if a Registrar (who failed to act) was notified prior to her client's overdose or wrongful death from drugs ordered online. In multiple cases, the answer would be Yes. And it's not clear that the US Communications Decency Act would protect a Registrar from a multi-million dollar wrongful-death claim.

Locking, Not Transferring

Most Registrars we work with on this issue typically suspend and lock the domain names, effectively shutting down the website and killing the illegal business. However, we've seen a few situations where a Registrar suspends the domain name, then lets it transfer to another Registrar and continue selling drugs. Could a Registrar who does this be criminally or civilly liable?

Our answer is Yes, for several reasons. First, permitting the transfer to another Registrar, when you are on notice of the website's illegal activity, is an affirmative step that helps the criminal continue their behavior. Second, Registrars can't claim that ICANN requires them to permit the transfer: after all, most Registrars do NOT permit the transfer. And third, of course, the legitimacy of an online pharmacy doesn't depend on where the Registrar is; rather, the key question is what the website is doing. (Would you permit a child pornography site's domain name to transfer?) A rogue online pharmacy doesn't magically become safe by being transferred to an "offshore" Registrar.

In an effort to get the Registrar to permit the transfer, we've seen it all — bad-actor Registrants who promise to remove the content; provide a (genuine) pharmacy license; or argue that they are in fact operating legally where they are physically located, and don't need to adhere to the laws in the jurisdictions where they are shipping the prescription drugs.

But remember, rogue online pharmacies are a multi-billion dollar business: some affiliate pharmacy marketers pull in five- or even low-six-figures (USD) a month. They are highly motivated to continue their illegal business: if they are willing to sell prescription drugs without requiring a prescription, it should come as no surprise that they'll be willing to lie about it. Moreover, a pharmacy license alone is not proof of legitimacy: the drugs that these websites sell have to come from somewhere, and an extra-jurisdictional (but real) pharmacy is often the source — or pass through point. Put another way, "fake" online pharmacies and "rogue" online pharmacies are different problems. The former just takes your money and doesn't send you anything. The latter sends unregulated medicines with or without a prescription, putting the customer's health at risk.

Wrapping It Up

While it's true that Registrars and ISPs can't be expected to be the "Internet police," the US Justice Department's recent actions indicate that when it comes to illegal online pharmacies, Internet companies can't turn a blind eye to criminals using their services. It doesn't mean that Registrars need to monitor every single domain name, or be telepathic about what their customers are doing. It does mean that they need to have clear policies and procedures prohibiting illegal activity, and more than that, enforce those policies.

If a Registrar or ISP is put on notice about such illegal websites, it should take reasonable steps to enforce its Terms and Conditions and act in accordance with ICANN's UDRP. In the online pharmacy sphere, where roughly 95% of websites are accurately described as criminal entities, this means suspending and locking the domain name, not turning a blind eye to the activity or facilitating the transfer of the domain name to another Registrar.

By John Horton, President of LegitScript. More blog posts from John Horton can also be read here.

Related topics: Cybercrime, Domain Names, Internet Governance, Law, Policy & Regulation, UDRP


Don't miss a thing – get the Weekly Wrap delivered to your inbox.




( www.comprarcitotec-go.com, www.comprarcitotec-sp.com,www.comprarcitotec-es.com, www.comprarcitotec-bh.com, www.comprarcitotec-rj.com,www.comprarcitotec-rs.com, www.comprarcitotec-pr.com, and www.citoteque-aborto-cytotec-citotec-citotek-misoprostol-ru486.com )



Following this email copies of false allegations of Mr. Ryan, as such sites are listed on the rogue list LegitScript, but Mr. Ryan, even though the consciousness of this fact takes no action.

Ryan, Oct 23 12:26 (MDT):


If you believe domains to be in breach of our terms of service we ask that you send your request to Legiscript directly at abuse.team@legitscript.com. They will contact Domainsite.com directly with the results of their investigation.)

Ryan, Oct 23 11:16 (MDT):


Please note that should we receive a complaint from any authorized third party organization indicating that a domain registered with Name.com, the domain in question would be disabled and transferred to a holding account.

The following activities are in direct breach of our Registration Agreement.

The sale of prescription drugs without a valid prescription as required by law.
The sale of prescription drugs that are not approved for sale in the destination jurisdictions.
The sale of prescription drugs without required pharmacy licenses.

The domain(s) would remain in these accounts until Name.com received confirmation that the domain is licensed and authorized to sale prescription pharmaceuticals by the NABP (http://www.nabp.net/).

If you have evidence of domains that are registered with Name.com that are in possible breach of our terms of service, please respond with further evidence and we are happy to investigate the matter further.

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Dig Deeper

IP Addressing

Sponsored by Avenue4 LLC

Mobile Internet

Sponsored by Afilias Mobile & Web Services


Sponsored by Verisign

DNS Security

Sponsored by Afilias

Promoted Posts

Buying or Selling IPv4 Addresses?

ACCELR/8 is a transformative IPv4 market solution developed by industry veterans Marc Lindsey and Janine Goodman that enables organizations buying or selling blocks as small as /20s to keep pace with the evolving demands of the market by applying processes that have delivered value for many of the largest market participants. more»

Industry Updates – Sponsored Posts

Domain Registrations Reach 331.9 Million, 6.7 Million Growth Year over Year

.brands Spotlight: Banking and Finance Industries

Google Buys Business.Site Domain for 'Google My Business'

Radix Announces Global Web Design Contest, F3.space

Global Domain Name Registrations Reach 330.6 Million, 1.3 Million Growth in First Quarter of 2017

.TECH Gets Its Big Hollywood Break

Why the Record Number of Reverse Domain Name Hijacking UDRP Filings in 2016?

Attacks Decrease by 23 Precent in 1st Quarter While Peak Attack Sizes Increase: DDoS Trends Report

UDRP: Better Late than Never - ICA Applauds WIPO for Removing Misguided 'Retroactive Bad Faith'

The Rise and Fall of the UDRP Theory of 'Retroactive Bad Faith'

.PRESS Supports Press Freedom Day for 3rd Consecutive Year

Leading Internet Associations Strengthen Cooperation

5 Afilias Top Level Domains Now Licensed for Sale in China

Radix Announces Largest New gTLD Sale with Casino.Online

2016 Year in Review: The Trending Keywords in .COM and .NET Domain Registrations

Global Domain Name Registrations Reach 329.3 Million, 2.3 Million Growth in Last Quarter of 2016

i2Coalition to Present Tucows CEO Elliot Noss With Internet Community Leadership Award

A Look at How the New .SPACE TLD Has Performed Over the Past 2 Years

Verisign Releases Q4 2016 DDoS Trends Report: 167% Increase in Average Peak Attack from 2015 to 2016

Michele Neylon Appointed Chair Elect of i2Coalition