Domain Registry of America Suspended By ICANN

First time accepted submitter EpicMaxGuy writes ICANN has suspended Domain Registry of America aka Brandon Gray Internet Services aka NameJuice. The registrar is forbidden from registering any new domain names or accepting any inbound transfers until 17 October 2014. The announcement was posted on the ICANN website and will probably be welcomed in many circles."

From TFA

[morethanapapercert]

What happened exactly?

ICANN posted two letters regarding Brandon Gray today. One is the suspension notice, while the other is a detailed breach notice which explains it all.

Essentially Brandon Gray got finally caught out by a couple of clauses in the 2013 registrar contract with ICANN (RAA):

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices, pursuant to Section 3.12.7 of the RAA and Section 3 of Domain Name Registrants’ Rights of the Registrants’ Benefits and Responsibilities Specification (“RBRS”).

ICANN would also like to know how they managed to mine whois data to send out all the letters to registrants without falling foul of the section 3.3.5 of the RAA, which states:

3.3.5 In providing query-based public access to registration data as required by Subsections 3.3.1 and 3.3.4, Registrar shall not impose terms and conditions on use of the data provided, except as permitted by any Specification or Policy established by ICANN. Unless and until ICANN establishes a different Consensus Policy, Registrar shall permit use of data it provides in response to queries for any lawful purposes except to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, postal mail, facsimile or other means of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient’s own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of any Registry Operator or ICANN-Accredited registrar, except as reasonably necessary to register domain names or modify existing registrations.

For the rest of the article, including images of the actual letters, follow the link in the summary.

Re:From TFA

[jopsen]

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices, pursuant to Section 3.12.7 of the RAA and Section 3 of Domain Name Registrants’ Rights of the Registrants’ Benefits and Responsibilities Specification (“RBRS”). >

Sure you can treat that as a contract breach, but it seems more like a criminal matter to me... Why do you even put that in the contract, it's needless to say that criminal conduct will not be tolerated.

Re:From TFA

[Artifakt]

It's not needless to say, unfortunately:

(Start of facts) Right now, there's a dispute developing in New York state, over whether McDonalds should have their contracts with franchisees set up so if those franchisees are caught violating state labor laws McDonalds will terminate their franchise rights. Some of the violations at issue include what are definitely felonies (i.e. extortion, threats of death or physical injury). Others are sometimes just misdemeanors (theft of wages, if under a certain amount), but are still criminal. This is an example where a very large employer isn't treating certain areas of criminality as criminal at all. McDonalds has their contracts written to address those crimes they want to include, and these sections are not on the parent corp's lists.

  That much is fact (i'm expecting somebody to try to pick that section apart, before I even offer the my opinion section, so I'm trying to make that line very clear). As opinion, things such as that need to be in contracts because we let corporations form under limited liability rules, and if they are willing to keep doing business with known criminal franchisees who are also incorporated, those multiple corporate veils make it fantastically more difficult to fix. I don't think limited liability ought to extend to cases where somebody hired a hit man to kill a union organizer, and that's proved, but we can't look into whether anybody in particular knew, or passed money about or did other favors to make the hit happen. In the non-corporate world, if you're continuing to associate with a bunch of people you know are felons, and the courts have proved are felons, exchanging money with them and contracting with them is plenty of grounds for an investigation, but this looks like it comes with a clause saying 'unless that trail passes into another corporation'. To fix this, just one of the steps is we evidently do need to get corporations to say explicitly that all relevant criminal conduct will not be tolerated, or at least the New York state prosecutor's office is of that opinion.

Only took 10 years

These guys have been slime since they started business. Why did it take so long to shut them done?

Re:Only took 10 years

You see, even with regulations in place the consumer gets screwed. Now imagine the self-regulatory fantasy some folk have, that would sure be good to society.

Re:Only took 10 years

Because we're splitting hairs between them and domain racketeering sites like godaddy which will put holds on domain names you search for so you can't purchase them elsewhere, then immediately auction them to squatters so is essentially saying, "That's a nice domain name you found there, be terrible if something happened to it. Better buy it before it gets fed to the wolves who will sell it back to you at a higher price because they know you're interested."

Personally, when it comes to criminality I don't really see the distinction in terms of "false advertizing" vs "racketeering" or deceptive practices, etc. most registrars are equally disgusting.

For those that don't know:

[slashdice]

They snail mail "renewal bills" for your domains (registered elsewhere). I hope most of slashdot would recognize it for what it is. But I'm sure a lot of sheeple accidentally transferred.

Re:For those that don't know:

[LordKaT]

Oh! THOSE guys.

Yeah, fuck these assholes.

Re:For those that don't know:

[sjwest]

We got one once, the paper envelope was then returned with lots of junk paper [reply paid by droa] and we never got another.

Wow Icann did something.

Re:For those that don't know:

[Sandman1971]

The Domain Registry of Canada has been doing this scam for years, sending false renewal bills for my .net and .org domains. I wish ICANN and CIRA would suspend their operations as well.
http://www.domainpeople.com/al...

Re:For those that don't know:

[bill_mcgonigle]

Also, for those that don't know, they've been doing this for ten years and ICANN bothered to do something about it a decade or so after their peak.

Up to you whether you think this is good governance or not.

Re:For those that don't know:

[mysidia]

Up to you whether you think this is good governance or not.

ICANN always argued that regulation / enforcement / policing of the registrars was not their job in response to complaints about many registrar's activities --- such as GoDaddy's onerous "60 day hold/no registrar transfer period" after you renew your domain or change the name of any of your WHOIS contacts.

Re:For those that don't know:

[Qzukk]

If you believe that's not a scam then boy do I have a deal for you! One bridge*, slightly used!

Re:For those that don't know:

They're sending solicitations that are specifically designed to look like bills.

Re:For those that don't know:

[bill_mcgonigle]

ICANN always argued that regulation / enforcement / policing of the registrars was not their job in response to complaints about many registrar's activities

Even if the activities are illegal (statute or Common Law)? If not ICANN, than who else? This is one of the problems with giving ICANN a monopoly.

"60 day hold/no registrar transfer period" after you renew your domain or change the name of any of your WHOIS contacts

Is that not disclosed in their Terms of Service or is it more like, "big boobs on TV so I didn't bother to read the agreement"?

Not saying it's not scummy, but scummy and fraud are different. If it's not in their ToS but they do it anyway, it's probably illegal as unlawful holding of property (some courts in some jurisdictions have recognized domains as property). Regardless, experienced ski instructors usually advise you're gonna have a bad time if you register with GoDaddy.

Re:For those that don't know:

We got them all the time. They got returned with some toilet tissue that had had a teaspoon of instant coffee wetted and then smudged with the back of a spoon. It looks like a crappy skidmark (try it!). I'd love to have seen their faces opening them.

And yeah - Icann did something!

Re:For those that don't know:

[mysidia]

Is that not disclosed in their Terms of Service or is it more like, "big boobs on TV so I didn't bother to read the agreement"?

Hi. Compliance with the accredited registrar policy is not optional; it is part of a signed agreement between the registrar and ICANN. ICANN posted an advisory clearly alerting registrars to their obligations: 1. Registrars are prohibited from denying a domain name transfer request based on non-payment of fees for pending or future registration periods during the Auto-Renew Grace Period; and 2. A registrant change to Whois information is not a valid basis for denying a transfer request.

GoDaddy adopted practices that were directly contrary to the ICANN policy.

It doesn't matter if GoDaddy disclosed it in the terms of service, the ICANN terms have priority: the practice was a violation of policies that accredited registrars have promised to adhere to, before being allowed to be accredited registrars, and before being able to maintain that status and any access to the registry database or the ability to be in the business of transferring or creating domain registrations.

Re:For those that don't know:

[Charliemopps]

How is that in any way a scam? They say, right there in big block bold letters "THIS IS A SOLICITATION FOR THE ORDER OF SERVICES NOT A BILL OR INVOICE" and "You're not obligated to renew with either your existing provider or us, review our prices and decide for yourself" as well as making it perfectly clear several times that if you accept their offer, you'll be switching to using them.

If you consider that a scam, then you're evidently just an incredibly thick person. They're competing for business in a free market.

Just because the only people you ripp off are stupid, doesn't make you any less of a con artist... it just makes you a shitty con artist.

Re:For those that don't know:

[jopsen]

It looks like a bill if you don't read the bit that says "THIS IS NOT A BILL"?

So everybody agrees that they are deliberately trying to trick you; by giving their offer the graphical appearance of a bill. IMO that's fraud.
It's certainly not honest business conduct.

Well buddy, if you're in the habit of just randomly throwing your money at anyone who shoves a bit of paper in your face

I am in the that habit... In most cases the bill is probably legitimate, and it's a lot of work for me to validate that everything is correct. Even more work and cost, if I decide to fight a bill. Often the cheapest way out is to pay.
You right that failure to pay a "fake" bill, like have no consequences, but failure to pay a legitimate bill on time, because I could validate it, will cost me late payment fee, etc...

Re: For those that don't know:

[Bender+Unit+22]

They have been sending them all over the world. Not everyone are used to that type of wording in English, they just see their domain name and something that looks like a bill.

Re:For those that don't know:

[theskipper]

I doubt a registrar would sell their internal customer billing database to an entity whose sole purpose is to take their business away. If you want to speculate, try this. When DROA scraped whois for targets, they filtered by Godaddy customers instead of Fabulous or Moniker. The thought being that more average Joes use GD and therefore easier to fool.

On the other hand it doesn't mean they didn't target the lesser known registrars. I've gotten plenty of DROA scam letters targeted toward my domains in the small registrars.

IOW, I don't think you can draw a conclusion that they filtered by registrar. If they did target, it would make sense to blanket those whois records with an organization name (i.e. formal businesses). And the bigger the better so it has a chance of hitting AP in accounting. Getting a $500 renewal on 5 years is much more likely to happen in that scenario.

Re:For those that don't know:

[BronsCon]

It wasn't a violation of ICANN regulations until they were updated late last year. This is the 3rd violation, first suspension, since then.

tl;dr: DRA smacked for domain transfer fraud

[Snowhare]

Domain Registry of America has made a business out of sending deceptive letters to domain owners using other registrars asking them to "renew" their domain registration with DRA. The letters are cleverly written to make it unobvious so that people who think they are just renewing their domain actually have their domain registry transfered from their current registrar to DRA.

Ok, but

[hcs_$reboot]

ICANN has suspended Domain Registry of America

"First time accepted submitter EpicMaxGuy" didn't even bother to tell us the reason why it was suspended... So for one

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices

and also the article mentions that

mining your competitors’ data to send unsolicited and misleading marketing messages isn’t allowed

.

Hijacking

[EmagGeek]

I get hijack letters from them all the goddamn time. I have about a dozen domains and I constantly get "expiration" notices that are really transfer authorizations in the fine print. It's sleazy and deceitful, and they deserve to be shut down.

I can't imagine how many suckers fall for it and end up paying $40 or more for domain registration... does DRA even allow outbound transfers?

Re:Hijacking

[GoodNewsJimDotCom]

They're 100% scam artists. They just send snail mail "bills" to everyone who registers a domain. They expect people to fall for it and I'm sure many people do which is why they can afford the postage stamps and keep sending them out.

Re: Hijacking

[Scoth]

They do allow outbound transfers (it's a requirement of being an accredited registrar) but it's a giant pain in the ass. I used to do customer domain management for my company and getting the auth code and domain unlocked from these guys was an exercise in frustration. Took several calls and emails to "authorize". This was several years ago; maybe they have an online portal now.

Re:Hijacking

[Gavagai80]

If most domain owners were technical people, godaddy wouldn't exist.

Good!

[flightmaker]

It's always nice to get at least one item of good news in a day. I guess this is it.

I've also had the snail mailed fake invoices from them, which I can only suppose is an illegal use of the whois database. I guess their strategy is to land these on the desks of overworked administrators who are more likely than me to rubber stamp them and pass them along for payment. Me? I always put them in the shredder.

Why did it take so long? I really don't know. Why is it not a permanent shut down? Don't know that either, but at least they're shut down for now.

Re:Domain Registry of Canada

[exploder]

Not sure if they are connected but they used to send real mail to try and trap people into renewing/transferring with them. So it only takes 14+ years for ICANN to do something?

I know, motherfuckers act like they forgot about DRA.

Now if only

[lukelarris]

Now if only they'd suspend HugeDomains as well, I'd be happy. They snatch up domains as soon as they expire, as well as alternate TLDs of a domain you just bought, and then they email you. They cybersquat and charge ridiculous prices for the domains they've acquired.

FINALLY!

[slashmydots]

It's about damn time! That asshole sends out fake domain registration renewal notices via mail and fax. So many businesses fall for it and at the same time basically put this company in charge of their domain. They should have arrested this asshole years ago! In fact, it sounds like he's not arrested, he's just banned from registrations.

So there goes any hope that Perion Network will be shut down. They're responsible for the vast majority of advertising malware infections and they're in a lovely looking building over in Redmond Washington. They use their Israel location to do most of their illegal stuff so it's all cool with the US gov apparently. By the way, they're responsible for everything related to Conduit Malware, Sweetpacks, Smilebox, and basically everything else you've ever seen on a stupid person's computer.

My story with those assholes...

A couple of years ago I wanted to register my family name as a domain.
I had no immediate plans for it, just wanted to claim it for possible future use.

Before registering my domain I checked whois to see if it was free. It was.

Phone goes, lengthy call, I get back to the computer 30 minutes later.
I try to register the domain and I see that the .com, .co.uk and .nl versions are all taken by RNA.
Eventually I registered the .info version, just to make sure they couldn't grab that too.

2 days later I start getting emails to the registration-address for the .info domain offering the .com, .co.uk and .nl names for sale.
At $10.000 a piece. I didn't bother replying.
After a week the emails went into "your last chance" mode and the price dropped to $5.000.
Another week later price went to $1.000 and after a month they started to offer the set of 3 domains for $1.000.
I still get a reminder every 3 months or so. Price was down to $ 500 the last time I bothered reading one of those emails.

It is about time ICANN does something about these jerks.
They have been running various scams since at least 2005.

Re:My story with those assholes...

[The+Cisco+Kid]

Avoid using whois on registrar sites to check availability. It's trivial for them to hijack that info and then allow someone else to see what domains people have been checking, so they can pre-emptively register them.

The best way is to check the TLD server directly, using "dig"

Failing that, use a real whois client (NOT anything web-based)

$ dig thisdomaindoesnotexist.com ns

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> thisdomaindoesnotexist.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39567
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;thisdomaindoesnotexist.com. IN NS

;; AUTHORITY SECTION:

com. 899 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1405884613 1800 900 604800 86400

;; Query time: 178 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun Jul 20 15:31:01 2014
;; MSG SIZE rcvd: 117

$ whois thisdomaindoesnotexist.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net/
for detailed information.

No match for "THISDOMAINDOESNOTEXIST.COM".
>>> Last update of whois database: Sun, 20 Jul 2014 19:30:55 UTC <<<

Real Address?

[Rande]

What, you put your actual address in there? Why? No one I care about would use the Whois to contact me by snail mail. And if actual authorities need to find me, then they can subpoena my billing address (or maybe, y'know, just email me and set up an appointment?)
I think mine is currently set to some hotel in Uzbeckistan. Next renewal I think I'll set it to a Yurt in Mongolia.

Re:Real Address?

[Geeky]

In the UK you can request your details are hidden from whois for any .co.uk domain if you're a personal user rather than a business. It shows up as follows:

Registrant's address: The registrant is a non-trading individual who has opted to have their address omitted from the WHOIS service.

This is to comply with UK data protection laws. I don't think it applies to international domains registered within the UK though. Obviously your registrar still has the details on record.

Re:Now if only

[mysidia]

If you have evidence of it, please write to ICANN to complain about the obvious WHOIS data mining for marketing/e-mail spam purposes....

What, ICANN did something!?

That is the real news, actually.

Re:What, ICANN did something!?

[sjames]

Perhaps the resorts in Geneva were closed for renovation.

same company, CIRA already cut him off

[raymorris]

I believe that's one of many names for the same company.

Re:Domain Registry of Canada

[nwf]

So it only takes 14+ years for ICANN to do something?

Perhaps DRA sent a letter to ICANN concerining renewal of icann.org?

My guess is ICANN would pay it, too.

ICANN is not the police, prosecutor, judge or jury

[dutchwhizzman]

You'd have to wait for the government to declare Brandon Gray an illegal organization or punish them some other way if you want to rely on the criminal part of the law to deal with this. That is why you want obvious criminal actions to be named in your contract as a reason to suspend/stop delivering services or payments.