Registerfly - Domain name pirate ICANN Enom GoDaddy

ICANN Registerfly Fact Sheet

Monday, 26 March 2007

Exectutive Summary

An ownership dispute, coupled with a history of poor service, at RegisterFly (a registrar), has meant that its customers have had tremendous difficulty managing their domain names.
The company’s activities have affected many of its estimated 100,000 (or more) customers and among other things resulted in the reported loss of hundreds, possibly thousands, of domains.
The organisation charged with ensuring the stability and security of the domain name system, the Internet Corporation for Assigned Names and Numbers (ICANN), attempted to get the registrar to address the problems.
After many months of discussion with RegisterFly and following the processes under the Registrar Accreditation Agreement, ICANN announced it was terminating the registrar’s accreditation.
The situation has highlighted several issues within the registrar system, and ICANN’s president has called on the community to reform the Registrar Accreditation Agreement and wider registrar policy.

Financial and operational difficulties at one of the companies approved to sell Internet domain names to the public - a “registrar” - compounded by an ownership dispute, had significant consequences for its estimated 100,000 (or more) customers, and their approximately one million domain names.

Argument between the owners of registrar RegisterFly, John Naruszewicz and Kevin Medina, eventually resulted in a lawsuit, but in the months prior to that, the company’s electronic systems for registering and managing domain names failed to work optimally. This resulted in an unusually high number of complaints from customers, many of them directed to the Internet Corporation for Assigned Names and Numbers (ICANN).

As efforts were made to rectify the situation, a significant number of registrants reported that their domain names had expired against their wishes; many were also not able to move control of their domains to a different company.

This factsheet will explain why and how the problem arose, give an explanation of the current system, and discuss possible solutions to prevent a similar failure from happening again.

What happened?

RegisterFly customers complained that the company was failing to renew expiring domain names (domain names such as “example.com” are typically registered for a period of one or two years and thereafter need to be renewed or the name is released for registration to the wider Internet community).

This resulted in a large number of customer complaints to RegisterFly, overwhelming the company’s customer service staff, resulting in more complaints. As the problem worsened, public awareness of the problem grew, further increasing pressure on the company.

ICANN had been trying for a number of months to rectify the situation, ultimately holding two face to face meetings with RegisterFly executives on 15 June 2006 and 3 December 2006, as well as a number of phone calls and emails, to explain where the failings were and what the company would need to do to overcome them.

When its internal difficulties descended into a lawsuit, ICANN stepped in, asserting its rights under the Registrar Accreditation Agreement before starting on the process to terminate that agreement with RegisterFly. ICANN sent two employees to RegisterFly’s offices in order to inspect and copy the company’s registration data (they were refused entry); threatened court action; issued a notice of termination of the RegisterFly accreditation agreement; and worked with registries and individual registrants to ensure as far as possible that the problem was contained.

The result at the time of publication continues to be a constant stream of concerned, upset and angry domain name holders.

Why did this happen?

Even though the RegisterFly situation has caused significant disruption to its customers on the Internet, the situation itself is not a unique event.

Since the creation of ICANN in 1998 and its subsequent opening up of the domain name market in March 1999, there have been several registrar failures and ICANN has, on occasion, been forced to remove accreditation from registrars. For the most part, however, any fallout has been negligible.

It is not uncommon for there to be a large number of complaints regarding domain names. ICANN typically receives between 600 and 800 complaints a month concerning domain names, many of them involving spam or hosting problems. As technical co-ordinator of the domain name system, ICANN concerns itself with the assignment of domain names rather than how they are used and has traditionally taken a free-market approach to the supply of domains in an effort to foster competition.

The result of this approach has, in the vast majority of cases, proved beneficial to end customers (registrants). In 1999, there was but a single registrar, Network Solutions, and it charged $50 per year for a domain name. As of March 2007, there are over 850 registrars and the cost of a domain name has fallen to the extent that you can get them for free as part of a bundled service (although the wholesale cost for most domains is $6).

The market-based approach has also fashioned its own response to individual business failings. In the past, when registrars had trouble or went out of business, their databases were simply purchased by another registrar, added to its existing system, and the first end-users would have known about it was when they received an email informing them of the change in sponsorship.

In order to make sure that the competition model worked effectively, ICANN also devised the Shared Registration System (SRS), which enabled registrants to move ownership of their domains to a different registrar if they were unhappy with the service they received at their existing registrar. As time has progressed, much of this system has become automated, often requiring only a few clicks of a mouse. The result has been a rich, diverse and competitive domain name market, something that has contributed to the explosion of the market which now covers nearly 80 million gTLD domain names.

So what was different about RegisterFly?

There were several unique factors with RegisterFly that caused the safety valves in the system to not work as usual.

The lawsuit created uncertainty over ownership of the company and may have hindered the sale of RegisterFly’s registrant data. A judge resolved ownership of the company, deciding in favour of Kevin Medina, at the beginning of March 2007.

In meetings with ICANN, RegisterFly consistently promised to put right faults in its system but, despite the negative impact it had on its own customers, failed to do so.

RegisterFly refused to allow ICANN to inspect and copy data that was vital to safeguard registrants’ interests and failed to fix its own systems to enable all customers to move their domains away from the company.

Such behaviour was against the interest of its own customers and was also inconsistent with its contract with ICANN.

How did RegisterFly become an accredited registrar?

ICANN has never approved RegisterFly as an accredited registrar.

RegisterFly originally acted as a “reseller” of registrations for other accredited registrars. Around the end of 2004, ICANN approved and entered into a Registrar Accreditation Agreement with a company called Top Class Names, Inc.

Within a couple months, the name of Top Class Names was changed to RegisterFly.Com, and eventually, ICANN was notified that the management of the company had also been changed. This was an example of “back-door accreditation” where an unaccredited company buys one that is accredited and then assumes their role.

What exactly is ICANN’s role?

One of ICANN’s founding principles was to create competition on the Internet and the gTLD domain names so its full potential could be realised. One of the first things ICANN did was make sure that the domain name system itself was split up into registries (such as .com or .info) and registrars (companies entitled to supply the names under the registries).

While it is important that only one company run a registry, there is no reason why hundreds of companies cannot supply the domain names for that registry (just so long as the system is in place to make sure the same name isn’t sold twice). This was a brand new and untested market at the time (March/April 1999) so considerable emphasis was placed on competition.

As such, ICANN has never attempted to act as a traditional economic regulator of the domain name market and it does not have any powers that provide it with that authority. ICANN is not a government agency and is not entitled to act like one: its authority over registrars is based on private contracts and ICANN requires the wider community’s approval to make changes to those contracts.

The organisation was criticised when the RegisterFly situation first entered the public consciousness for not having done more. ICANN disputes this charge since it had been closely following the situation for over a year and had persistently requested that RegisterFly fix some of its practices, with some success. It was only when the situation became untenable that ICANN decided it had no choice but to publicly demand RegisterFly comply with distinct requests.

During the process, in which ICANN attempted to enforce RegisterFly’s contractual obligations, RegisterFly took full advantage of the procedural protections within the RAA, with the result that ICANN could not immediately intervene and the problems continued.

There is now a strong case for alterations in both the Registrar Accreditation Agreement and policy to ensure that such a situation should not reoccur. As such, a public meeting will be held at ICANN’s meeting in Lisbon between 26 and 30 March 2007 as a first step. The aim is to elicit feedback and ideas for change and the community is strongly encouraged to contribute.

So does ICANN now want to become a traditional regulator?

Not at all. The competitive market for domain names has been a remarkable success and it would be self-defeating to dismantle that system. Especially since a key part of the success was that there was no regulatory body deciding what was and was not allowed. ICANN intends to keep it that way.

However it is clear that there is a hole that needs to be plugged to provide the average Internet user with greater security and peace of mind over their domains.

The ICANN community will have to decide what changes need to be made to achieve that goal without impinging on the effectiveness of the current system. It is also hoped that such changes will foresee future problems and pre-empt them.

So what are the solutions?

That is something that has to be discussed and fleshed out so that the resulting changes donít end up creating more problems than they attempt to solve.

To jumpstart the process and encourage widespread debate, ICANN president Paul Twomey publicly announced a series of questions for discussion.

The hope is that the result will be a reinvigorated system that will be capable of adapting to changes in the future rather than relying on one incident to force change.

Issues for Discussion

Purpose of Register Accreditation Policy and Agreement What is the primary purpose of the Registration Accreditation Agreement? Is it a compliance tool? If so how can it be strengthened to protect registrants?

Rating of Registrars
How should ICANN and/or the registrar constituency encourage a system that rates registrars according to customer service and performance and should this be available to registrants?

Affiliated Registrars / Group ownership
Affiliated registrars have common ownership or control. What is the best mechanism for ICANN to hold affiliated registrars accountable for an affiliates actions?

Additional compliance enforcement tools
Stronger compliance tools need to be included in any reform to the RAA. What are those tools? Do they encompass liquidated damages? Should registrars be able to be suspended more readily? Are there other options? What are the mechanisms that allow such options to be enforced quickly?

Transfer policy
What elements of the transfer policy need to be reformed? Should registrants have an alternative to their current registrar for the issuing of authocodes and the unlocking of them? Should ICANN or another entity be able to do this?

Registrar operator skill testing
How is it possible to assess registrar skills and to train registrars to a common standard of performance upon which registrants can rely?

The above is in Printable PDF Form here.