February 2, 2007 4:00 AM PST
Survey: Are domain registrars free-speech friendly?
- Related Stories
-
GoDaddy pulls security site after MySpace complaints
January 25, 2007 -
Politicos mull data retention by Web hosts, registrars
September 26, 2006 -
JavaScript opens doors to browser-based attacks
July 28, 2006 -
ICANN needs to clamp down on domain name abuse
June 21, 2006 -
GoDaddy.com suffers outage
November 30, 2005 -
Nessus security tool closes its source
October 6, 2005 -
Go Daddy ad cut from second Bowl airing
February 8, 2005 -
VeriSign sues ICANN to restore Site Finder
February 26, 2004 -
Madonna.com embroiled in domain ownership spat
August 21, 2000
It also prompted owners of domain names to wonder about the reliability of their own registrars--and whether the domains they own are safe from suspension in the absence of a court order.
In response to requests from readers, CNET News.com conducted the following survey of 12 leading registrars: DirectNIC; Dotster; eNom; Gandi.net; Go Daddy; Melbourne IT; Moniker.com; NameKing; Network Solutions; OnlineNIC; Register.com; and Tucows.
We found that the French registrar Gandi.net and New Orleans-based DirectNIC offered the most extensive guarantees against unnecessary domain name suspension.
DirectNIC said it would suspend a domain in the absence of a court order only if the content is "clearly focused on child porn or a phishing site." Gandi.net said it would take extensive steps to contact the owner of a domain name in advance.
Go Daddy, on the other hand, gave Seclists.org owner Fyodor Vaskovich only 52 seconds from the time the initial voicemail notification was left to the time the domain was marked as "suspended." That's according to a log of correspondence with Go Daddy that Vaskovich made public. Go Daddy made the request on behalf of MySpace, which said a list of usernames and passwords had been posted by a user to Seclists.org.
Gandi.net's Stephan Ramoin said someone claiming to be from MySpace also made the same request of his registrar last week. But because Gandi.net could not get in touch with MySpace, and "as we were not provided with any justification for the complaint, no action was taken," he said. (Meanwhile, Vaskovich has obtained the domain NoDaddy.com and is using it to publicize the situation.)
Following are verbatim responses to the 10-question survey from registrars that were contacted. Not all chose to answer the questions, however.
DirectNIC
completed survey DirectNIC is operated by Intercosmos Media Group, and is based in New Orleans. It offers Web hosting, POP e-mail accounts, and SSL certificates in addition to domain name registration. Domains are $15, with quantity discounts available if you're buying hundreds or thousands of domains.1. Under what circumstances will you suspend a customer's domain name based on the content of his or her Web site, in the absence of a court order?
In the absence of a court order we will suspend a domain name based on the content if the domain name is clearly focused on child porn or a phishing site. As an example, we would not shut down CNET.com if someone posted in a comment section a link to child porn hosted elsewhere. However, we would likely report the issue to CNET's abuse department so that they could take action.
2. How many times a month, on average, do you suspend a customer's domain name based on the content of his or her Web site?
Generally 20 to 50 domain names a month.
3. What are the most common reasons for suspension?
Child porn. Phishing. Credit card fraud. Often when we find illegal content like child porn or phishing (or that) the domain name was also registered using a stolen credit card. This provides an additional justification for suspending the domain name.
4. How many domain names do your customers currently have registered through you?
1.3 million.
5. Go Daddy last week suspended its customer's domain, Seclists.org, because of a complaint from MySpace. Would you have done the same thing in the same way if Seclists.org happened to be your customer?
No. Of course often a domain name will be "suspended" and it is not the fault of the registrar at all. We had a rash of complaints after we shut down MySpace.cn a week ago. The site was shut down due to their failure to renew the domain name. This happened right as MySpace was announcing to the world that they would be making a big push into China. So the sword cuts both ways. MySpace can complain and convince Go Daddy to suspend domain names. But, they need to watch their domain registrations a little closer as well. Last Friday night I talked on the phone to someone from MySpace and we renewed the domain name for them. The domain name MySpace.cn now resolves.
6. If you do suspend domain names in the absence of a court order, what procedures do you have in place to ensure that the customer is notified beforehand and given adequate opportunity to respond?
See more CNET content tagged:
registrar,
domain name,
court order,
domain,
suspension
http://domainnamewire.com/2007/02/02/cnet-surveys-registrars-about-godaddy-suspension/
on record defining their policies. While I understand that each
situation needs to be handled on a case-by-case basis, there
should be some policies and procedures in place that are clearly
outlined to the customer so that we understand the protocol if
such a situation arises. Did GoDaddy verify that indeed the
person making the claim was an employee of MySpace and had
the authorization to make a complaint? While I understand the
need to protect the public in cases of breaches of security, we
must temper that without resorting to kneejerk reactions and
immediate suspension. I sometimes feel that these companies
hide behind their Terms of Use and other legalese without
having any obligations to their customers.
Also, lots of borderline questionable activities are supported by GoDaddy's controversial "private registration" service, where they block the public from seeing the details about a domain registrar (via WHOIS) that are supposed to be (by ICANN policy) public record. I question whether they are doing the 'net as a whole any favors by providing that service. However no doubt they are generating handsome revenue from some of the shady operations that hide behind that scheme.
Back when Network Solutions was the 800 lb gorilla that everyone hated (for good reason - another example of a large arrogant dominant registrar offering poor service) and when the independent registrar industry was just getting started, I investigated many different registrars. It was a real eye-opener to read through the terms of service of some of the "most recognized" companies in the business (ie dotster, register.com, etc) which in many cases tried to not only marginalize the amount of control the registrant had over the domain, but also had clauses that imposed confiscatory fees and waiting periods over the slightest irregularity, and many of them included text that basically gave the registrar the right to abuse your private details to either spam you directly or sell these details to others to spam you.
I ended up settling on a company called Domain Discover for all of my own and my client's domains, because while they didn't offer the cheapest prices (TANSTAAFL), they offered astute, courteous, prompt 24x7 service, and their terms of service clearly tilted the power over the domain towards the domain-registrant, rather than the registrar. There was little if any "hidden fees" to re-register a domain that lapsed (as others have noted in other followups to an earlier article on the GoDaddy/Seclists/MySpace controversy), and I have never had a single problem with them. Their WHOIS servers are fast and reliable, their website is efficient and utilitarian rather than something the marketing department ran amuck with, etc.
So DomainDiscover is definitely a keeper, and I am sure there are some other good registrars out there that aren't as much of a "household name" as the biggest companies. (Gandi is probably one of them, but because they're based in France and didn't have telephone support when I investigated them, they weren't a great option for me)
Phil Koenig
Another reason I disliked GoDaddy is that when I recently renewed a domain using the PayPal option, GoDaddy stipulated a $500 monthly maximum in their PayPal agreement which to me is way out of line for an $8.95 transaction.
--Michael
Reasonably priced. Good service.
Stayed running through Katrina!
I am not here to give Microsoft a boost in their dismal stats for IIS over Apache and Linux.
I was happy having them parked on a Linux server. But Godaddy and Microsft did a deal and moved them to Windows without asking the customer.
Now that I think of it, I will move my domains from Godaddy. They are really starting to annoy me now.
:(
http://tucowed.blogspot.com
Ross
- http://www.thehostguru.com
I transfered a domain name that I purchased in January for $xx,xxx to Gandi.net from Network Solutions, Gandi was reccomended to me
by a friend in France from LVMH that has worked with Lycos before and knows that the former CEO of
Lycos Europe is the owner of Gandi.net and that you can trust a company like that, but can you?
Network Solutions claimed that we transfered the domain without authorization from the owner, but we were
the owner before it was transfered and we bought the domain from the seller fair and square.
My domain is frozen for over a month now and ive sent documents to Gandi.net that even
my Tax attorney in the US told me not to send, but I still sent them,
and in a few weeks I will send them the notorized documents, but it seems that Gandi trusts nobody.
I sent them copies of the purchase contract, invoices, scanned passport copy, office addresses, phone numbers,faxes,
company registration documents, shareholder meeting documents supporting me as President of my company e.t.c...
I spoke with their support staff, a Mr. Ryan Anderson, who was pretty friendly and told me that I will have control
over the domain by the 28th of Feb., but their lawyer a Mrs. Francoise told me that
I that I wont, only if I prove that the company is real, but I already sent
documents to them providing proof of myself, 10 numbers for contacting me,
my companies Registration documents, and my office details. They never even called my office, to confirm the companies
residence there, as my secretary told me. They only sent a Fedex to my P.O. Box that forwarded
the package to my office, after my staff opened it, it was the same letter that was faxed to
all my 5 fax machines. No UDRP or WIPO proceedure was filed by the former owner as he knows that he will lose
since we have all contracts and payment documents, but it seems that I have picked a Registrar
that can do anything they want with my domain name and has the right to ask me for "ANY" documents
just so I can control it again. Whats next, my medical records??? HIV/ and AIDS blood tests?
What? My lawyer at Gowlings is searching for a good I.T. lawyer in France to handle the situation
if it gets out of hand, but I dont understand how can people publish articles like
"Gandi protects your domain name" when the most important part the registrar should also
do is protect you, the client, plus a little trust on their part wont be bad either.
Has anything like this happend to you Gandi clients here??? Any reccomendations???
Thank You
Neal Baltz
baltz@usa.com
Mr. Baltz is referring to a litigious domain
name that was transferred to Gandi following a
fradulant ownership change at the previous
registrar.
In the short time that the domain was registered
with Gandi following a transfer, we were unable
to verify the authenticity of the documents
provided as evidence of the domain name's
registrant. The documents provided that Mr.
Baltz mentione are also currently under
investigation by the FBI as they are deemed to
be fradulant and/or part of a fradulant
transaction.
As Gandi takes extreme measures to protect the
rights of domain name owners, and as the
documents in the particular case to which Mr.
Baltz is referring were of inauthentic, we
requested only certified copies, which were not
provided.
Additionally, the .com registry, Verisign, the
former registrar, and Gandi were all in
agreement that the validity of the domain's
owner was questionable and thus the transfer of
the domain, irregular. Consequently, the domain
was returned by the Registry to the former
registrar, following a special inter-registrar
procedure set up for such purposes, where the
owner was returned to the legitimate owner by
the original registrar.
This is just another example of the importance
that registrars must take in ensuring that the
owner of a domain is indeed the owner before
undertaking any operation concerning the
modification of a domain name's owner.
This is the final communication that we will
make on this particular topic, which has been
resolved at the registry level.
---
Gandi SAS
www.gandi.net
Best Regards,
Ricardo Vaz Monteiro
http://www.Nomer.com.br