Domain Registry of America Suspended By ICANN

First time accepted submitter EpicMaxGuy writes ICANN has suspended Domain Registry of America aka Brandon Gray Internet Services aka NameJuice. The registrar is forbidden from registering any new domain names or accepting any inbound transfers until 17 October 2014. The announcement was posted on the ICANN website and will probably be welcomed in many circles."

From TFA

[morethanapapercert]

What happened exactly?

ICANN posted two letters regarding Brandon Gray today. One is the suspension notice, while the other is a detailed breach notice which explains it all.

Essentially Brandon Gray got finally caught out by a couple of clauses in the 2013 registrar contract with ICANN (RAA):

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices, pursuant to Section 3.12.7 of the RAA and Section 3 of Domain Name Registrants’ Rights of the Registrants’ Benefits and Responsibilities Specification (“RBRS”).

ICANN would also like to know how they managed to mine whois data to send out all the letters to registrants without falling foul of the section 3.3.5 of the RAA, which states:

3.3.5 In providing query-based public access to registration data as required by Subsections 3.3.1 and 3.3.4, Registrar shall not impose terms and conditions on use of the data provided, except as permitted by any Specification or Policy established by ICANN. Unless and until ICANN establishes a different Consensus Policy, Registrar shall permit use of data it provides in response to queries for any lawful purposes except to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, postal mail, facsimile or other means of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient’s own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of any Registry Operator or ICANN-Accredited registrar, except as reasonably necessary to register domain names or modify existing registrations.

For the rest of the article, including images of the actual letters, follow the link in the summary.

Re:From TFA

[jopsen]

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices, pursuant to Section 3.12.7 of the RAA and Section 3 of Domain Name Registrants’ Rights of the Registrants’ Benefits and Responsibilities Specification (“RBRS”). >

Sure you can treat that as a contract breach, but it seems more like a criminal matter to me... Why do you even put that in the contract, it's needless to say that criminal conduct will not be tolerated.

Only took 10 years

These guys have been slime since they started business. Why did it take so long to shut them done?

Re:Only took 10 years

You see, even with regulations in place the consumer gets screwed. Now imagine the self-regulatory fantasy some folk have, that would sure be good to society.

For those that don't know:

[slashdice]

They snail mail "renewal bills" for your domains (registered elsewhere). I hope most of slashdot would recognize it for what it is. But I'm sure a lot of sheeple accidentally transferred.

Re:For those that don't know:

[LordKaT]

Oh! THOSE guys.

Yeah, fuck these assholes.

Re:For those that don't know:

[sjwest]

We got one once, the paper envelope was then returned with lots of junk paper [reply paid by droa] and we never got another.

Wow Icann did something.

Re:For those that don't know:

[Sandman1971]

The Domain Registry of Canada has been doing this scam for years, sending false renewal bills for my .net and .org domains. I wish ICANN and CIRA would suspend their operations as well.
http://www.domainpeople.com/al...

Re:For those that don't know:

[Qzukk]

If you believe that's not a scam then boy do I have a deal for you! One bridge*, slightly used!

Re:For those that don't know:

[mysidia]

Is that not disclosed in their Terms of Service or is it more like, "big boobs on TV so I didn't bother to read the agreement"?

Hi. Compliance with the accredited registrar policy is not optional; it is part of a signed agreement between the registrar and ICANN. ICANN posted an advisory clearly alerting registrars to their obligations: 1. Registrars are prohibited from denying a domain name transfer request based on non-payment of fees for pending or future registration periods during the Auto-Renew Grace Period; and 2. A registrant change to Whois information is not a valid basis for denying a transfer request.

GoDaddy adopted practices that were directly contrary to the ICANN policy.

It doesn't matter if GoDaddy disclosed it in the terms of service, the ICANN terms have priority: the practice was a violation of policies that accredited registrars have promised to adhere to, before being allowed to be accredited registrars, and before being able to maintain that status and any access to the registry database or the ability to be in the business of transferring or creating domain registrations.

Re:For those that don't know:

[theskipper]

I doubt a registrar would sell their internal customer billing database to an entity whose sole purpose is to take their business away. If you want to speculate, try this. When DROA scraped whois for targets, they filtered by Godaddy customers instead of Fabulous or Moniker. The thought being that more average Joes use GD and therefore easier to fool.

On the other hand it doesn't mean they didn't target the lesser known registrars. I've gotten plenty of DROA scam letters targeted toward my domains in the small registrars.

IOW, I don't think you can draw a conclusion that they filtered by registrar. If they did target, it would make sense to blanket those whois records with an organization name (i.e. formal businesses). And the bigger the better so it has a chance of hitting AP in accounting. Getting a $500 renewal on 5 years is much more likely to happen in that scenario.

tl;dr: DRA smacked for domain transfer fraud

[Snowhare]

Domain Registry of America has made a business out of sending deceptive letters to domain owners using other registrars asking them to "renew" their domain registration with DRA. The letters are cleverly written to make it unobvious so that people who think they are just renewing their domain actually have their domain registry transfered from their current registrar to DRA.

Ok, but

[hcs_$reboot]

ICANN has suspended Domain Registry of America

"First time accepted submitter EpicMaxGuy" didn't even bother to tell us the reason why it was suspended... So for one

Brandon Gray’s resellers subjecting Registered Name Holders to false advertising, deceptive practices, or deceptive notices

and also the article mentions that

mining your competitors’ data to send unsolicited and misleading marketing messages isn’t allowed

.

Hijacking

[EmagGeek]

I get hijack letters from them all the goddamn time. I have about a dozen domains and I constantly get "expiration" notices that are really transfer authorizations in the fine print. It's sleazy and deceitful, and they deserve to be shut down.

I can't imagine how many suckers fall for it and end up paying $40 or more for domain registration... does DRA even allow outbound transfers?

Good!

[flightmaker]

It's always nice to get at least one item of good news in a day. I guess this is it.

I've also had the snail mailed fake invoices from them, which I can only suppose is an illegal use of the whois database. I guess their strategy is to land these on the desks of overworked administrators who are more likely than me to rubber stamp them and pass them along for payment. Me? I always put them in the shredder.

Why did it take so long? I really don't know. Why is it not a permanent shut down? Don't know that either, but at least they're shut down for now.

My story with those assholes...

A couple of years ago I wanted to register my family name as a domain.
I had no immediate plans for it, just wanted to claim it for possible future use.

Before registering my domain I checked whois to see if it was free. It was.

Phone goes, lengthy call, I get back to the computer 30 minutes later.
I try to register the domain and I see that the .com, .co.uk and .nl versions are all taken by RNA.
Eventually I registered the .info version, just to make sure they couldn't grab that too.

2 days later I start getting emails to the registration-address for the .info domain offering the .com, .co.uk and .nl names for sale.
At $10.000 a piece. I didn't bother replying.
After a week the emails went into "your last chance" mode and the price dropped to $5.000.
Another week later price went to $1.000 and after a month they started to offer the set of 3 domains for $1.000.
I still get a reminder every 3 months or so. Price was down to $ 500 the last time I bothered reading one of those emails.

It is about time ICANN does something about these jerks.
They have been running various scams since at least 2005.

Re:My story with those assholes...

[The+Cisco+Kid]

Avoid using whois on registrar sites to check availability. It's trivial for them to hijack that info and then allow someone else to see what domains people have been checking, so they can pre-emptively register them.

The best way is to check the TLD server directly, using "dig"

Failing that, use a real whois client (NOT anything web-based)

$ dig thisdomaindoesnotexist.com ns

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> thisdomaindoesnotexist.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39567
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;thisdomaindoesnotexist.com. IN NS

;; AUTHORITY SECTION:

com. 899 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1405884613 1800 900 604800 86400

;; Query time: 178 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sun Jul 20 15:31:01 2014
;; MSG SIZE rcvd: 117

$ whois thisdomaindoesnotexist.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net/
for detailed information.

No match for "THISDOMAINDOESNOTEXIST.COM".
>>> Last update of whois database: Sun, 20 Jul 2014 19:30:55 UTC <<<

Re:Now if only

[mysidia]

If you have evidence of it, please write to ICANN to complain about the obvious WHOIS data mining for marketing/e-mail spam purposes....

What, ICANN did something!?

That is the real news, actually.

Re:What, ICANN did something!?

[sjames]

Perhaps the resorts in Geneva were closed for renovation.

ICANN is not the police, prosecutor, judge or jury

[dutchwhizzman]

You'd have to wait for the government to declare Brandon Gray an illegal organization or punish them some other way if you want to rely on the criminal part of the law to deal with this. That is why you want obvious criminal actions to be named in your contract as a reason to suspend/stop delivering services or payments.