Board discussion over RegisterFly

by Kieren McCarthy on April 3, 2007

The following is the discussion held over RegisterFly at the ICANN Board meeting on Friday 31 March 2007.

RegisterFly was also the topic of discussion for an hour at the end of the Public Forum on Monday 26 March 2007. The public forum’s full transcript is available here.

Note: Although transcript output is largely accurate, in some cases it is incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid to understanding the proceedings at the session, but should not be treated as an authoritative record.

NB: This is an edited excerpt of the full meeting transcript, broken down according to each Board member and produced in an effort to provide easy access to the substantive discussion. For the Board meeting’s full transcript click here.

Broken down according to speaker:

>> VINT CERF: Many of you will know that we recently have been through a period of complex difficulty because a registrar, has, in fact, failed in many respects to fulfill its duties under the agreement with ICANN and has, in fact, been disaccredited. Paul, I would like to ask you to introduce this discussion.

>>PAUL TWOMEY: Thank you, Steve. Chairman, throughout the last — well, months and weeks, the issue of performance and compliance by registrars and one registrar in particular with registrar accreditation agreement and the appropriate protection of registrants has been a major item both of work and of comment. Related to that is the — two issues, I think. One has been raised which is issues around ICANN’s compliance program and also the actual specifics of this agreement of this particular registrar.And I’m going to ask Kurt Pritz to take us through a presentation briefly on that particular set.

Chairman, there is a process going forward of that discussion and consensus building amongst the community about what are the new — what are the new things that should be done in response, not just in the case of RegisterFly but more broadly about both the registrar accreditation agreement, other actions outside that agreement which could also improve performance of the protection of registrants and related to that a clear — as Steve Crocker himself has made the case several times this week, a clear understanding of what is the parameters of which we are trying to solve and what is the appropriate model that we need to have and what is the appropriate boundaries or actions that should take place to support registrants and clearly understand which parts may not be within ICANN’s scope or even the registrar’s scope.

So I will ask — if you would like a second discussion that’s already started this week in the workshop, the board may have views about what they would like to see out of that discussion going forward.

But before we hear those, I would ask Kurt to just take us through where we are on compliance on the registrar accreditation agreement, both in a historical sense but also where are we in the case of the registry RegisterFly.

>>KURT PRITZ: I think a discussion of this sort starts with ICANN’s existing compliance program and the existing registrar accreditation agreement, registry agreements and other agreements with which — for which ICANN has compliance responsibility. There is significant action and work that can be taken in the current environment while we seek to improve the tools we have and improve the contractual conditions that will further protect registrants.
ComplianceVery briefly the existing compliance program, you can see it at, includes basically handling consumer complaints and then having procedures in place for escalating those complaints when they become serious, numerous or potential breaches of the registrar accreditation agreement, registry agreement or other agreement.

And then a sense or practice of perseverance on these issues to see them through to completion, that’s where the registrant will — will see relief or be protected. And then there is a proactive part to the compliance program, too, rather than receiving complaints and reacting to them. And that is a proactive audit schedule and that schedule is also published, so the activity would be the execution of that.

So the first — the first part of that is responding to consumer complaints, and this is not necessarily always within ICANN’s mission and the customer service levels provided by registrars.

We receive complaints through several ICANN mailboxes and a lot of phone calls, the primary source of these inquiries is the registrar info mailbox where we receive with about 650 or 700 complaints a month. Each complaint is sorted and then sent to the responsible registrar or registry as indicated in the mailbox in the case of — sorry about that — in the case of the registrar mailbox, it is the registrar.

Statistics described in the complaints are on the Web site. This is kind of an eye chart. I apologize for that in advance, but you can see that there’s several, several issues that are the subject of these complaints. The biggest by far has to do with transfers and then the next has to do with WHOIS-type complaints, whether WHOIS data has been changed or is inaccurate and cannot be changed. That’s a sort on the complaints in the year 2006 that ICANN received. Like I said, it’s posted.

The other activities are more pointed to ICANN’s mission and that is to follow up on compliance concerns and issues. Obviously we have an internal escalation process so that we can determine those issues that should be prosecuted, particularly by the ICANN staff. Maybe when there’s a number — complaints are numerous or they’re serious.

So for an example in the last 20 working days, ICANN has followed up on 40 cases that have been escalated personally with registrars and interceded on registrants behalf to some sort of resolution. So that 90 active compliance actions in one month of working days is fairly typical. It has been fairly constant. I think last month it was higher than that.

The 90 complaints just for information were about 42 different registrars and there were four significant reasons for complaints that could be RAA related. One is failure to transfer according to the transfer process. That’s the largest. The others are problems with WHOIS information, customer service and particularly problems with a reseller of an ICANN accredited registrar.

The last part of the compliance program is the audit process. There is audit schedules posted for both registries and registrars. Recently, we completed a registry WHOIS audit within the past fiscal year. Also, there is audits of registrars as they go through the RAA renewal process to bring them into compliance, and presently there is a registrar WHOIS Web site program going on.

So with a backdrop of that existing compliance program, here came RegisterFly and its behavior.

RegisterFly background

RegisterFly, this is just some background. It has always been a reseller, and then having not gained an accreditation through the ICANN process obtained one through purchase. There were continued complaints about RegisterFly, mostly about customer service levels. A lot of complaints, questionable whether they were violations of the agreement.

Nonetheless, ICANN undertook an audit and requested a lot of information and got involved with RegisterFly in mid 2006 and the number of complaints dropped. But then they rose again and included chargebacks that occur when customers don’t get what they pay for, unauthorized WHOIS changes, underfunded registry accounts and transfer policy violations.

Now we’re going through — as everyone knows, a deaccreditation process that’s clearly defined in the RAA. Through the process, we have been doing a few things with the big ICANN community, registrars, registries are facilitating transfers. There is a lot of ICANN involvement on a personal basis on hundreds and hundreds — to facilitate hundreds and hundreds of transfers. And registrars are providing advice and technical support to RegisterFly to help them make transfers and help registrants.

There has also been a coordinated effort among registries to prevent deletions of names during this time so that the rights of registrants can be preserved until the situation sorts itself out, and we’re also working to escrow timely data, including proxy data, that data that underlies the privacy registrations.

And finally, we are working with registrars and registries to develop a coherent predictable method so that registrants can transfer their name away from RegisterFly in the event of termination.

Data escrow

So one of these issues was escrow of data. A case study always teaches you more and this is a very fact-specific situation, but I think every registrar and potential registrar failure will be a very fact-specific situation.

We’ve learned that escrow data is very important, and we have a program in place to complete that program and implement it, but there’s other issues that are very important, too. And, that is, the whole issue of proxy data. So if we have escrow data, the people who have registered privacy registrations really don’t have their data escrowed anywhere and they are not protected in the event of failure. Should proxy data be escrowed or should registrants be using a proxy service to take on a higher level of risk?

And then there is — once you have the data, what do you do with it? And how can you use it? At one point in a termination process or a breach process can ICANN use the data and act in a way to protect registrants? All the parties have rights. The registrants, the registrars and so under what circumstances can the data be used or transferred?

I just want to talk a bit about the data escrow program. This is a program to implement data escrow pursuant to the ICANN registrar accreditation agreement. So there’s — the implementation plan really has five steps and that is to write a technical specification and a draft of that is done. It is going to be submitted to registrars and others in the community for technical review. And then to secure the surfaces of a he is — services of an escrow provider. Or in the case of registrars that want to secure their own data escrow, a process for approving third-party providers. And then the last two parts of the implementation will be a development of the audit procedures and a test. So those are pretty straightforward. That program plan is going to be prosecuted within with the community.

At this meeting, in a meeting with registrars, the registrars — the gTLD registrars appointed a team or task force — I don’t know what you call it, but a bunch of good people to work with ICANN to accelerate the implementation of a data escrow program. We’re also redefining the project to include these issues that have been raised — that have been raised due to this set of circumstances. And we’ve also agreed to accelerate the plan significantly, and we’re going to publish the final schedule next month.

So Mr. Chairman, I’m just going to take a couple more minutes, if it’s permissible, to review the discussion we’ve had with registrars here at this meeting and show progress and then I’ll be done. But these are the issues that Paul Twomey raised in his posting to the community regarding improvements that can be made in the relationship between registrars and their — and the community, their registrants, and potential changes for the RAA.

Registrar discussion

The discussion with registrars first went to, you know, some of these things can be done right away and we can discuss them right away, and some of them require a change to the agreement. So I’ve italicized the items here that require some change to the RAA, and so that change would be on the critical path to actually getting some of this stuff done.

I’ve also — I’ve already talked about data escrow and I think there’s a — there’s a clear plan and I’m going to refer to my notes here, to make sure I’ve captured the gist of what was said in the meeting, but I think I’ve clearly stated what we’re — the path forward on data escrow.

The problems associated with proxy registrations were discussed again, and, you know, we discussed a proxy registering service that can be certified. One that could take the privacy data and actually store it at a third party and release it, then, under certain circumstances. So that idea is being pursued.

There’s extensive discussion about the rating of registrars. It’s something that can be done, but something that’s done that’s accurate, meaningful, and available to registrants might be problematic. It’s an area where resources could be expended without real benefit, so there’s enthusiasm for discussion of it, and moving forward with it in a way that would be beneficial.

ICANN’s looking at the system of affiliated registrars and group ownerships. Affiliated registrars have common ownership or control over — you know, among many registrars, and currently ICANN requires a separation of affiliated registrars when they apply for accreditation in a way that might inhibit this. So ICANN has an action to take up with its general counsel’s office to determine how this can be best pursued.

Stronger or additional compliance enforcement tools were discussed in detail. There are some that could be invoked or implemented without a change to the RAA, such as publication of breaches or publications of bad behavior. Others, such as escalated sanctions, one might be suspension of ability to register names for a period of time would require a change to the agreement. There are brief discussions — and I’ll tell you why — about changes to the transfer policy, and that is that that effort’s already ongoing. ICANN staff had furnished a report to the GNSO Council on experiences with the —

>>VINT CERF: Kurt, I’m sorry. Can you slow down a little bit, please?

>>KURT PRITZ: I’m going to try. So — it’s not my nature. I’m sorry.

>>KURT PRITZ: So ICANN has turned a report to the GNSO Council suggesting reporting experiences and suggesting changes to the transfer policy, and as — since that report, furnished clarifications and a list of policy issues. That’s a draft document, and so we want to energize those discussions and when I say “energize,” I mean provide staff support for those discussions to continue on discussion about the transfer policy.

We discussed the idea of registrar certification of staff. This seems to be a straightforward thing to do but again, to do it in a meaningful way that’s just not an administrative burden to registrars is important, so that discussion will continue.

There is an opinion that accreditation by purchase is difficult to prevent at first examination, given the M&A process and the M&A environment, and — but we did discuss several measures to prevent problems due to transfer of ownership. Such as higher levels of scrutiny by ICANN in the case of a change in contact information or a change in entity. So that — that part of the discussion is ongoing, and then how the accreditation by purchase might be prevented is a deeper legal discussion.

Registrar Accreditation Agreement

And then we discussed reseller liability under the RAA, and each registrar went around the table and took complete ownership of the behavior of resellers, and so that was — that was — that was essentially the extent of that discussion. Registrars committed that issues regarding resellers and reseller compliance would receive sufficient resources and attention to assure better accountability by resellers to registrars. To registrants, rather.

And then there was quite a bit of discussion about the process for amending the RAA and we’ll have to — there’s more of an investigation that has to occur there. It has to be according to the agreement in some consensus based process, so I think that provides quite a bit of opportunity for moving forward on a rapid basis.

So Mr. Chairman, that was quite a bit of material, and I’m sorry for taking up so much time and talking fast but I wanted to provide some background for the discussion here and then after we leave here, too.

>>VINT CERF: Thank you very much, Kurt. I would suggest when you have a lot of material, that it should not cause you to speak at 900 words per minute. In deference to the hard work of our scribes.I’d like to make an observation about what Kurt has just reported. The first one is that the ICANN staff have actually been very much involved in compliance in various ways over the course of some years, so the RegisterFly matter, although it is by far one of the most visible of the problems arising is not, by any means, the only one. And for many people who might not have known, staff has been actually quite engaged in dealing with problems of this sort, trying to respond to registrant protection through the compliance mechanisms. I’d like to suggest to you, though, that the board has an obligation to discuss — if not here, then at another time — the extent of the obligations that we have to registrants. I mean, my belief is that in general, our whole role is to assure that the registrants are able to register in their chosen domain names and that the system will continue to serve them. To the extent that we can assure that through contractual means, through compliance and the like, I think that’s very important, but we should have a fundamental discussion about how far we can go.

For example, if a registry fails, are we responsible for turning into receivers to operate it? If a registrar fails, how far do we go to reconstitute the operation?

The data that is needed may not be sufficient to reconstitute operation precisely in the same way that a particular registrar has been functioning. I’m thinking that the — the databases and the user interfaces and the like for each registrar may be quite different.

So we need to find some guidelines for the degree to which we are able to offer various protections for — for registrants.

So I think we should have that fundamental discussion. I don’t know how to make the metric, but clearly it has to be feasible, it has to be affordable, it has to be scalable, as more and more registrars and more registries are created.

So I put that on the table as a potential discussion, if not now, then later during the course of 2007, as we try to lay out what our responsibilities are.

I would suggest that we will have similar kinds of discussions with regard to new TLDs, again, trying to identify the limits of our responsibilities in order to permit additional TLDs to be created.

Are there any questions and comments? Peter?

>>PETER DENGATE THRUSH: Thank you, Vint. First of all, I’d just like to thank Kurt for the presentation, and I and I think other members of the board are probably very grateful to know that that work is going on in compliance. Mostly invisible to me, I’m sure to many other members of the community. So thank you for exposing all of that good work that’s going on. Secondly, I’d like to support Vint’s call that we do need to have a fundamental policy discussion about the extent of all of those issues.
We’re talking about a delicate balancing in a fairly contested commercial climate of the rights of registries with registrars and registrants, and that is something that we may find from time to time that we change the balance as conditions move. So we need to keep up with that.The other thing that we do need to do is complete the obligations in the contracts for preparing an escrow compliance — an escrow program, but at the same time we recognize the message that came to us from the registrar community that even full escrow would not necessarily solve the RegisterFly situation. Obviously, it’s an important step to have in our compliance and backup program.

So I think really Kurt and Paul, it’s a call for an appropriate timetable for completing that escrow obligation in the contracts and get that done in a timely but complete sort of way.

And then run, Vint, your requirement for a full policy discussion about all the other things that we need to have to complete that picture.
So I don’t know how we — those seem to be the two things that we need to set up. One is reasonably rapid to be honest with you effective completion of the escrow issue and a full policy debate on all the other issues that are required.

>>VINT CERF: Any other comments? Yes, Vittorio.

>>VITTORIO BERTOLA: Yes. Well, the first thing that I want to say is that this is a really important matter for the at-large and for registrants in general. I think much more important than dot xxx or any other issues that — on which we have been spending a lot of time. The At-Large Advisory Committee has released a statement. It was presented briefly yesterday at the public forum. But basically, we agreed that it is important to enforce the current contracts, and escrow specifically, but I think that — I mean, I agree with you that we need a discussion on where ICANN needs to stay into this environment, and especially what kind of provisions it has to add to the contracts to protect the registrants. And there’s a number of situations where this is actually necessary. Maybe not many of them, so I’m not thinking that this should become a heavily regulated market, but for the market to be a market, there needs to be a basic level of competition. And so as a minimum, registrants must be actually free to move from one registrar to the other.So, for example, we have suggested that there are some provisions in the contracts that require registrars to supply an easy way for transferring domains away. Compatibly with security, of course.

So in general, I think we need to have that discussion. Maybe other things could be obtained by nonbinding measures, so I think — I really think that most of it could be a discussion between the registrars and the registrants, the at-large, and anyone else about practices. Perhaps there’s the need to write down some things. I mean, one of the most usual complaints I see is people registering a domain name and then discovering that it’s — I mean, in the WHOIS system, the registrant is actually the reseller, not them, so they cannot get back their domain if they want to change their Web hosting company, for example. And this is clearly outside of the purview of ICANN directly, but at the same time, I don’t think that there’s any documents stating anywhere that in the DNS it should be you that gets the ownership of the domain and not the reseller. So maybe just by agreeing on some best practices like this, we can provide some registrants a way to show that they have a right when they have to discuss with their suppliers. So I basically look forward to this discussion. I don’t know how to do it. Maybe it’s just as in — the registrants just have to arrange it separately, but I think it’s something that we really need to have.

>>VINT CERF: Just a reminder, Vittorio, that was very rapid-fire delivery. A reminder to board members, please slow down. Steve Crocker.

>>STEVE CROCKER: Thank you, Vint. I just want to add from the perspective of the Security and Stability Advisory Committee, equal emphasis and shared purpose in exactly the focus of protecting registrants. This is a general topic that we have spent time on before. I think we have shared purpose across different segments of the community here. We stand ready to work cooperatively with at-large or with any other portion of the community, and in particular, our view of security and stability necessarily includes the entire system that is involved, not just narrow operating components of a particular service, for example.So I would like very much to see and applaud the efforts that Kurt has described and the staff’s attention to using the mechanisms that exist and exercising them to full measure. And at the same time, a broader discussion about what our objectives are, what our values are in this area at the board level, and at the community level, and then eventually translating those thoughts and decisions into perhaps new mechanisms or additional mechanisms that make the whole system work quite effectively. I think we all subscribe to the general notion of a free and open market. That is a nice embracing concept. There is no market that operates completely unfettered by some sort of constraints. Those that do rapidly — often, anyway, rapidly run into — off the deep end somewhere where they’re totally captured or they have some other flaw in them. So I don’t see it inconsistent with our general mandate to have a vibrant, free, open marketplace with equally a set of carefully selected and well-crafted protections built into the marketplace in order to make that marketplace continue to function vibrantly. Thank you.

>>VINT CERF: Thank you, Steve. I’d just like to make one other observation about all of this.

We have perhaps — or could have an overly simple model of this market. The connection between a registrant and these things we call registrars and registries can sometimes be quite distant. If you wanted to get a Web site, you might go to a hosting company which will undertake to register a domain name for you, to provide you with host services and so on. That party might go to a reseller in order to perform the registration. There are a variety of linkages that connect or potentially connect a registrant to the system with which we actually have contracts.

The result is that trying to protect a registrant is going to be, if not a distant goal, at least a complex one, and I think under all circumstances, we will be unable to provide the protections that Vittorio, the at-large community, might expect simply because of the variety of ways in which registration can occur.

I don’t say this as a way of trying to inhibit ICANN from trying to do the right thing, but I would say we should be conscious of the fact that our only tool for compliance today is contract, and that we don’t actually have contracts with every component of this complex marketplace. So we should not be surprised if there are some cases that don’t work. The comment that in the case of RegisterFly, perfect data might still not have solved the problem, because we couldn’t get our hands on it or the party wasn’t cooperative or there was a dispute within the company as to who was in charge of it and who could make agreements, those are all the kinds of real-world physics that get in the way of the virtual models that I wish that we could actually work with.

As a mathematician and a computer scientist, “virtual” is very cool, but as a pragmatist, I understand that sometimes it doesn’t apply.

Are there other comments on this particular topic? I got one from Janis. I’m sorry. Did I see Susan? No. Janis, and anyone else? No. Janis?

>>JANIS KARKLINS: Thank you. And I think the issue you raised concerning consumer protection or registrant protection from Government Advisory Committee perspective is a very valid one. That is a public policy concern, and I would like to agree that implementation of that principle may be difficult, but the absence of the provision in the contract which obliges registrars ensure that customers do not suffer as a result of some kind of collisions. That is not acceptable. The provisions should be there, and I think that this is the minimum ICANN can do in order to follow this the principle of consumer protection.

>>VINT CERF: So this term “customer” introduces a potential hazard here. Because the customer of a registrar might be a reseller. The customer of a registrar might be a hosting service. We would have to, in our further deliberations about where our responsibilities lie, we might, for example, have to insist that the ultimate registrant has to be exhibited in the data tables. I don’t know what the ramifications of that are, and I don’t suggest that we have the debate now, but I’m fond of observing that Einstein once said that “things should be as simple as possible but no simpler,” and that is to say, let’s be careful that we don’t try to design and build a system of compliance around a model which is, in fact, inadequate to reflect the real world.If there are no other — there are two. One from Susan and then one from Peter.

>>PETER DENGATE THRUSH: Thank you but I’ve just been drafting an easy resolution, but if Susan has another comment, I can defer.

>>SUSAN CRAWFORD: Oh, just very briefly. We have a lot of soft power here that we can use, informational — getting news out to registrants and other actors about what it means to register a domain name and what their rights and obligations and who to call. We can do a better job at that, I think. Also, I think it might be helpful to rapidly convene a group that amends this contract to include these lesser-included things that we need to protect registrants. You know, ultimately this is a matter of customer service, in a sense. Our service to the Internet community and the registrars’ service to their registrants. And if we can help with building in escalation procedures short of de-accreditation, I think we have an opportunity now to seize this moment and amend the contract and get registrars working together with all of us to make this a better situation for registrants. But I wouldn’t discount the communication/education function that ICANN can serve in this regard.>>VINT CERF: Thank you, Susan. I see Peter’s hand and then Paul’s. Peter, if you’re about to introduce a resolution, normally my practice is not to do resolutions on the fly, but I think we should hear what you have in mind to do, so please go ahead.

>>PETER DENGATE THRUSH: Thanks, Vint. I’m just trying to be helpful, going forward. I suggest that we direct the president to report to the board in San Juan on progress with developing a program for escrow as provided in the RAA, and on stimulating a policy debate to create policies for the appropriate protection of registries, registrars, and registrants. Reporting in San Juan on those two issues. One, escrow; and two, a policy debate. Which hopefully would lead to Susan’s and JANIS’ issue about amending the contracts.>>VINT CERF: A procedural suggestion might be to record a sense of the board with these two things are designed, as opposed to a formal resolution. I’m not trying to rule out that at all. I would like to get some comment from Paul on this, since he had his hand up anyway, and Alex after that, and we’ll come back, Peter, to the proposal.

>>PAUL TWOMEY: Yeah. Thank you, Vint. I’d like to support what Susan said a hundred percent. I think she’s right on the money. And I think to come to what Peter suggested, I think there’s — there’s potentially four options, four avenues we have here. One is, we should report back on the existing obligations on, for instance, the escrow policy. So that’s the first item.The second one is: There are — I think Susan is absolutely right. There are a series of actions that we could encourage registrars to do and which ICANN itself could creatively do which do not require a change to the RAA and which could improve some of these — some of these aspects. So I think we should report back on that.

Thirdly, on — when it comes to the accreditation agreement itself, very importantly, the wording of the agreement for its amendment, it calls for consensus, not for consensus policy. And as we know, that issue is fairly significant, because we could well, for the speed of time, convene the sort of working groups, the cross-constituency working groups and feels if the board that is a consensus approach by Sao Paulo — San Juan, should I say, for amendment to the contract. If there are specific things that then need or require consensus policy — in other words, they have to go through a PDP through the GNSO — then they could be identified as well. So it’s not to exclude out things that would go through the — the GNSO PDP, but it may not necessarily — it may not be — for the sort of amendments I’m hearing the registrars now just talking about, we may be able to implement those amendments without necessarily having to have the PDP.

>>VINT CERF: I was signaling you to slow down, Paul. Did you — have you finished?

>>PAUL TWOMEY: That’s it.

>>VINT CERF: All right. Let me get Alex and then we’ll come back to Peter’s proposal.

>>ALEJANDRO PISANTY: Vint, I share with many the concern that registrants, individual small business owners or nonprofit organizations are left hanging by things like the RegisterFly and many other potentially occurring failures now or in the future. I would urge this board and the community not to get carried away before studying also what the consumer protection role is.Consumer protection is something that varies widely among countries. There are countries which have very strong organizations which are mostly grass-roots citizens organizations which have been well-organized and funded and can put up a lot of pressure on providers who fail consumers. There are countries where this is a government function. There are countries where this is basically a wild west or a jungle. And one could try to — one should be very careful and get information and advice from the GAC as to how to better implement a consumer protection function that scales globally, that scales cross — across jurisdictions, judiciary traditions and so forth, and that doesn’t put ICANN again in a nontechnical coordination role.
I am baffled and surprised and I would like to look in more detail to make sure it’s not exactly the same people who make claims against ICANN overstepping its technical coordination role, that as soon as they see a flap occurring in the market,some outreach — some outrage, sorry, to make my pronunciation specific for the scribes — that immediately are turning ICANN into something that also exceeds the technical coordination mandate which would be sort of the consumer protection agency of cyberspace.

This is a dangerous path, and I would insist in first studying the implications. I think that the call by JANIS and several other of the people present here, board members and liaisons, are valuable. Careful study is required. And I insist we should not get carried away and suddenly saddle ICANN with an unmeetable function.

>>VINT CERF: Okay. Thank you, Alex. Let me suggest, Kurt, that it’s okay for you to stand down now. I’m sorry that I left you standing up there. And thank you, again, for that report.

There are several people who have asked to speak. Rita had her hand up. Let me ask you, Rita: Do you want to speak to something which would have an influence on Peter’s proposal or can I proceed with that first? What’s your — what is the topic that you’d like to cover.

>>RITA RODIN: Vint, I’m sorry, I don’t remember Peter’s proposal. It’s just a quick comment on something that Alex said.
[Laughter]>>VINT CERF: Go ahead.

>>RITA RODIN: All right. I just wanted to echo something that Alex said. I think it is important, as everyone has discussed, to deal with the protection of registrants in a situation of registrar failure, because it is important to keep the Web running. But I do want to echo what Alex said, that there shouldn’t be this notion that anyone — you know, as a U.S. lawyer, I know that it’s impossible to draft a perfect contract to protect someone, and I do want us to just be temperate in terms of looking at contracts and dealing with too many burdens on registrars and trying to think that there will never be any issues that will come up in the space.

>>VINT CERF: Peter is trying very hard to get something done. Alex, I hope a brief comment?

>>ALEJANDRO PISANTY: It will be a footnote to Rita’s comment saying it’s not only the Web. There’s 65 535 ports out there. Not just port 80. This is the Internet, not the Web, the Corporation for Assigned Names and Numbers.

>>VINT CERF: Thank you, Alex. Peter, let’s come back — Rita, the proposal that Peter made was to ask the board — I’m sorry, ask the staff for a report on where we stand with regard to compliance and to engage in substantive discussions about the compliance questions and our role in it. Peter, would you like to repeat the proposal?

>>PETER DENGATE THRUSH: Thank you, Vint.Directing the president to report to the board in San Juan on progress with developing a program for escrow, as provided in the RAA, and on stimulating a policy debate on policies for appropriate protection for registries, registrars, and registrants. If I can just speak to that, I put that on a slightly wider context at the end than simply registrants’ rights in the case of registrar failure, which is the particular event which has stimulated this. It seems to me that we are at a nexus, and we can’t tweak — we can’t pull one part of this without having regard to what that does to the rest of the balance, and that the debate really needs to take that all into account. The trouble with that, I recognize, is that it opens it up to a much wider scope, so depending on the urgency, we may — we may choose to limit it, and deal with it in chunks.

>>VINT CERF: I think those issues, though, don’t necessarily influence the basic request that you’re making. Paul?

>>PAUL TWOMEY: Thank you, chairman. I think this is a good thrust. May I suggest, just for good housekeeping, that we just take the wording on notice and perhaps we could move to the next item and come back to the wording, just to allow Peter to consult with the normal people we do consult in resolutions, the general counsel and others, just to make certain the wording is fine. It might just be an opportune thing to do.

>>VINT CERF: Peter, is that an acceptable path?


>>VINT CERF: All right. So we will ask counsel to work on the actual wording of this proposal and move on to the next topic, as Paul suggests.


Kamil Iskra 04.03.07 at 2:46 pm

Maybe my expectations were set too high, but frankly, the discussion disappointed me.

Sure, there was some interesting discussion about possible future policy changes, but so far as the matter at hand is concerned, which is RegisterFly’s meltdown, basically no new information has been provided, and no decisions have been made.

repb 04.03.07 at 3:02 pm

Unlike many anger voices from the RF-victims “constituency” i do not believe that ICANN has not been doing everything possible. The single disturbing fact is that there is really no strong effective mechanism to enforce the RAA when a registrar behaves as erratically as RF has.

Furthermore I don’t believe that ICANN can ever have the fire power to handle such an abnormal situation. The kind of SWAT-like action required will never be in ICANN powers to do. And i don’t even think that anyone would want that!

One solution,as already pointed by me and many others would be to stenght the registrants power “against” registrars. The implematation of some kind of PUK code ( as analog to cell phones ) that would allow registrants, under extenuating circunstances, to circunvent the normal transfer process, would be a matter to give some thought.

Another idea would be to migrate the .com and .net TLDs from thin to thick, like is already in place for .org and .biz and some other sTLDs and ccTLDs. This would address the problem of data escrow in a much cleaner way.

These combined would altogether prevent problems with rogue registars to ever happen in the future

Rui Bebiano

Phill K. 04.03.07 at 3:39 pm

i have to disagree. ICANN’s lack of of imagination and not having in place mechanisms for dealing with a Registerfly type scenario is glaring. What other things have they been ignoring?

Yes it may make people feel uncomfortable here, but I think it’s time to move things out from the wine and cheese parties and put them under a magnifying glass.

kmfkm 04.03.07 at 3:56 pm

Well, I think ICANN made it clear. They only have the death penalty and nothing in between when dealing with misbehaving registrars. Funny how dictator have done well with that threat, but ICANN feels powerless. First, how about three-strikes rule. And let the first strike be really easy for minor infractions, but also goes away after 6-months. The second strike at another level of failure, but will stick for a year. Third strike, instant, no appeal death.

Gil 04.03.07 at 4:57 pm

With regards to obtaining the registrant data on domains locked in RegisterFly’s care, we are trying to build a public database of RegisterFly domain ownership for aiding and resolving transfers and disputes. The web address is here: This is very empty at the moment so please add your domains and they will get pride of place.

Dave Zan 04.03.07 at 6:10 pm

If one of those expectations was instant action, then you might want to tone that down. :P

One first tricky part is creating policies that are realistically enforceable. Another is being able to impose them at the soonest possible time.

Probably stupid, but I suggest ICANN consider ways to obtain the internal registration data from the registrar rather than just WHOIS. Of course, constantly updating that can pose another logistical nightmare that only few are prepared to deal with.

kmfkm 04.04.07 at 6:08 am

Registerfly is still taking payments for doing NOTHING, then seizing account for chargebacks. A cease and desist order needs to be issued by a judge NOW. Arbitration is fine. But registerfly needs to be FROZEN from all activities until the process is over. Get the cops involved if they won’t cease all activities.

Paul Levins 04.04.07 at 7:21 am


A quick response to your concerns about not being under enough scrutiny. We have some of the most transparent Board discussions anywhere globally. You can see all the minutes of each meeting and they are posted within 72 hours of the discussion taking place each month. Our processes are being made very clear – see the new processes button on our new website where you can find out not only what the processes are but where a particular discussion is on the timeline. We invite world media to all our meetings. We have input from a global audience via the various constituency groups represented at each meeting. We have this corporate blog where we are held accountable and engage in dialogue. We have electronic newsalerts which you can subscribe to that instantly tell you anyhting we have announced or are consulting on. We have weekly newsletters that are sent to subscribers that summarise the weeks events as announced on our home site. We get input advice and comment from governments and government agencies from around the world through the Governmental Advisory Committee. We ask for comments on every new proposal and idea we put forward. We have a new public participation site that allows people to participate in our meetings remotely and which operates between meetings. We have three avenues of dispute resolution including an independent Ombudsman. We issue an Annual Report to the global internet community each year. We publish and consult on our Corporate Operating Plan and our Strategic plan every year. We have a discussion and consultation taking place right now on how we can be more transparent and accountable after having been reviewed by an independent organisation: One World Trust, which ‘audits’ global organisations to make them accountable to the people they represent. We were reviewed by the United States Government three times per year for the last 7 years and we also came under close scrutiny during the World Summit on the Information Society (WSIS) held by the United Nations in 2005. I’m sure there are a few things I have missed.

So I think it is not so much a matter of being put under a magnifying glass as people looking carefully through through the one that we have been living under already for quite a while. I should add we are always interested in improvement. We want to improve and I would encourage you to participate in our current discussion on transparency and accountability.

Paul Levins
Executive Officer
Vice President Corporate Affairs

repb 04.04.07 at 7:34 am

Hi Paul

I would much appreciate if you could comment on my remarks instead…

Registerflies 04.04.07 at 9:32 am

This topic seems to have very little to due specifically with Registerfly and more aimed at the underlying problems with ICANN and the safety of the internet and it’s users.

There is however a need for consumer protection when it comes to the internet and the web. In order to keep the internet going in a positive direction, people need to fee that there is some security and safety in owning a domain name. Currently there is none.

Based on all the documents I’ve reviewed, it’s quite clear that ICANN is just concerned with the money and the spreading of wealth around it’s tight knit group of constituents rather than focusing on the future and productivity of the internet.

I sent an Email to Mike Zupke a few days ago which goes unanswered to this date asking him why there are so few businesses in charge of so many Accredited Registrars and requested a list of who owns what so the general community knows.

Keeping the internet competitive to promote safe and balanced future growth seems like a growing concern, yet you have a company like Enom that owns roughly 100 ICANN Accreditations through various other DBA’s or Corporations… again, I’m trying to get a straight answer. The community at-large wants to know what the benefit of this is.

In 2004 ICANN made it possible for Registrars to renew expired domains and toss them back if they didn’t like the traffic. Although that’s not what the 5 day grace period was for, it certainly spiked registrations which has in turn allowed ICANN to siphon more money out of the industry with increased registrations. Allowing on company to have multiple accreditations would seem to be conflicting in promoting a fair and balanced marketplace.

Going on, with the ability for Registrars to domain taste, Registrars have been discovering where the real money lies. With Registrars allowed by ICANN to test drive domains for the purpose of traffic monetization, this has only promoted a conflicting interest in the marketplace. Not only is it a conflict of interest but Registrars are seemingly less concerned with the nickles and dimes of their customers and more concerned with sweeping up expired domains to build a long term mass revenue generating machine.

There is a serious problem with this picture. At one time a domain registrar started a business to provide a service to Registrants for the registration and management of domain names and additional services to their customers. Now it’s become a pool of sharks with absolutely no concern for the registrants as they all race to build large domain portfolios for themselves and constituents.

In the case of Registerfly, this may be directly related to a case of registrars focus on building a personal portfolio and with absolutely no regard for the customers effected.

With Registerfly, when a customer goes into renew a domain name, they are charged multiple instances. Once that customer finds out that this happened and they resort to unsuccessful attempts with customer service they proceed with a chargeback. This triggers the entire customer account to be pushed into a FRAUD account where the account is held up for ransom. So if you charged back one domain transaction for services no rendered and have 3000 domain names in your account, all 3000 go into fraud and are parked. This is where Registerfly has the opportunity to test their traffic or domain taste in Registerfly’s own sick manner. If you read the fine print in Registerfly’s agreement, this is covered.

With ICANN controlling the ability to become an accredited Registrar to sell domain names, (actually the better reason would be to build a personal portfolio) then ICANN should also be in control and directly responsible for the actions of those under the accreditation. As I currently see it, ICANN want to control the process of getting there where the money is concerned and then after that just let the games begin – wild west. This is way out of balance and is a serious problem in the industry.

Maybe the solution would be to get a FOR PROFIT company to do the job of ICANN. Although ICANN is a not for profit organization it seems as though that’s all that ICANN is concerned about.

You all need to deal with the Registerfly problem immediately and then a much higher level of government should step in and sort out the difficulties face with implementing all the changes that are discussed above. ICANN has been enough of an embarrassment to themselves and the U.S., it’s time something is done.

I look forward to someone explaining to me why DomainSponsor and Enom are allowed have multiple ICANN accreditations and how Enom is allowed to continue to extort money from Registerfly customers.

Bigfoot 04.04.07 at 9:39 am

I’ve seen this list, as have probably lots of others.

I won’t be placing my domain names on a public list, who knows what will happen to that information. To me it’s like hanging a notice outside my house or car and saying “The alarm system isn’t working, come in and try and take what you want as I can’t protect it at present”. It’s an open invitation to those with evil intent to target the domains, especially those that have somehow expired due to the RF mess or are under the ‘Protection’ of Protectfly.

No thank you. I’ll continue to send e-mails to compliance@ whatever organisation is appropriate and give them the details. They can do something good with the data (hopefully) and are less likely to do something bad with the data.

Paul Levins 04.04.07 at 9:48 am


All useful suggestions worth thinking about. I would encourage you to participate in our forum on RAA reform. Alternately I can make sure these are provided as inputs.


Paul Levins 04.04.07 at 9:49 am

I have above Rui. Thanks for your contribution

Hated by KM 04.04.07 at 10:13 am

“RegisterFly, this is just some background. It has always been a reseller, and then having not gained an accreditation through the ICANN process obtained one through purchase. There were continued complaints about RegisterFly, mostly about customer service levels. A lot of complaints, questionable whether they were violations of the agreement.”

“then having not gained an accreditation through the ICANN process obtained one through purchase”…


“then having not gained an accreditation through the ICANN process obtained one through purchase”…

so ICANN admits they didnt get “accreditation” correctly.

i guess im still left wondering – if they didnt get the “accreditation” correctly, why are they honored with the rights of an “accredited” registrar? the full benefits of being “accredited” should only be for registrars that get the “accreditation” properly though the ICANN process. i am baffled by the logic. i hope there is some tool in place now to stop “purchasing accreditation” and you have to wonder, who benefited from the “purchase”, was it eNom? We may never know.

repb 04.04.07 at 1:51 pm

Again, i do not agree with you that the answer is not more US-gov control. For all the reasons i told you on Registerflies forum.

Again i have to agree with you most of what you said, namely about domain tasting. This might of course considered off-topic, but it is real.

On the other hand i see no point on shooting the pianist – ICANN. As things stand now i can see no way out of this all RF scandal, unless by fololowing the procedures outline in the RAA ( though some changes are paramount, this can only be helpful for the future). Unless you can make the 7h Cavalry to storm in. Have anyone tried to file a bankrupcy process against RF? How long would this take in the US legal system? Have anyone call the Feds in the fraud issues?

in the meanwhile i do think that some actions should be taken on behalf of the inocent registrant. Like preventing domains from going into expiration and out of the root zone files.

Steve H. 04.04.07 at 1:56 pm

while i appreciate the work to improve the ICANN contracts and whatnot, as a current victim of illegal actions, I’m much more concerned with getting control of our domain back.

We who are in immediate danger of losing our names to various domain squatters and other dodgey practices, just want our names back. Nothing more.

Granted what you decide and do now will help in the future, we victims need assistance NOW, not 3 months or 3 yrs from now.

thank you.

repb 04.04.07 at 2:13 pm


I would gladly do that. Can you direct me to the proper place? is there an online public forum i can join?

Chris 04.04.07 at 7:59 pm

I understand your frustration, but you should continue to try to work with RegisterFly. I can testify from personal experience that they sometimes respond and promptly take care of the issue — but obviously not always.

My request had been ignored for a long time, but received a positive and satisfactory response within two business days after having it passed to RF via That was almost impressive.

RegisterFly is a rapidly sinking ship, but my suspicion is they are hoping for the best and trying to salvage the situation. They seem limited in their ability to do so, with inadequate staff and unfunded registry accounts, but they seem to be trying. They are definitely making selfish choices — most registrants would probably feel better getting it over with and getting transfered to another registrar via ICANN bulk transfer — but they seem to want to stay in business in some form.

I suspect RegisterFly will go back to being a reseller of another accredited registrar. They will recover from the recent crisis, because most people — those whose domains are not in danger of expiring — won’t ever hear of this situation.

mike 04.05.07 at 11:52 am

All the control and power of action would rest with ICANN if a central database could be created and maintained by ICANN
ICANN could control hajacked names disputes etc and stop at once bad registrars + block or temporarely suspend accreditation at once without the pain caused lately to registerfly customers.
A central domain database is a must, the people that reject this idea are the ones that can unlawfully gain using ICANN weakness of control, none else. ICANN may alaso want to consider a more international representing body based worldwide, ie Europe, Asia not just the USA. The internet is not just an USA thing.

G Man 04.11.07 at 5:28 pm

I have problems with registerfly for over 9 months.
I was able to tranfer some of my domains but some of them are still in the limbo of RF – ICAAN – NEW REGISTAR

I keep getting the WRONG and INVALID AUTH Codes from RF after many requests through the phone, emails ………. as for the submit a ticket method thats tottaly ignored by RF.

What is ICANN responsible of? How does ICANN protect domain owners?

Problems with RF like I said are over 9 months. When will someone take action and help all the domain owners?

Why should I have to lose a domain and start negotiations with its new owner? What is ICANN going to do then? Protect me? or the current owner? Why not Solve this NOW ? I hate to take this to court but if I have to RF , ICANN and who ever else is responsible will be involved on my lawsuit.

Registerflies 04.12.07 at 8:06 am

No Response.

I have to wonder if ICANN is hiding something from the public with regards to this. I’ve also sent a letter to the incompetent Mike Zupke and he didn’t respond to this either.

We want to know who owns which Registrars and how it’s possible one company can own 100 Accredited Registrars or more and for what reasons.

This is a question that needs to be addressed because it should be public knowledge. No response leads me to believe that maybe ICANN has an interested in domains and domain parking. Certainly there is a lot of revenue coming into this non-profit organization.

Registerflies 04.12.07 at 8:08 am

Please understand that I’m not saying more government control, I’m saying the Government needs to take a close look at ICANN and the US Department of Commerce.

Then we need to find a solution to protect the public interest in intellectual property.

Kieren McCarthy 04.12.07 at 9:12 am


There is a part of the Comment Policy for this blog which states:

“Libel, conjecture, nonsense — Likewise, we will delete – without notice or appeal – blog posts that contain unsubstantiated claims, libellous accusations, or accusations of conspiracy. The ICANN blog will not deal in wild claims. We are a professional organisation and will remain entirely disinterested in anything that has no factual basis or useful, practical point.”

It could have been written specifically for your post. There is no conspiracy here. Everything concerning the RAA and the history of the RAA is written in black and white and has been discussed in public fora with the transcripts readily available online.

We will continue to welcome any useful and practical comments, responses and information you may have. The rest of it will be deleted.

Kieren McCarthy
General manager of public participation, ICANN

Kristen 04.15.07 at 11:45 pm

ICANN can initiate a class action lawsuit because doesn’t want to be ICANN accreditted and ICANN can’t do anything about what is happening to all of us? I must say I am beginning to believe we are all sitting here blaming the WRONG entity.

I have 2 domains that not only have been denied transfers, but the whois info was conveniently changed to reflect that the owners are now registerfly. To top it off, registerfly was more than happy to take my money to renew the names but NEVER DID. NOBODY answers the phone, NOBODY answer the tickets, NOBODY answers the emails, NOBODY HAS ANSWERS period!!!

I think this frivilous crap should stop. If my company didn’t want to be ICANN accredited why should I?? Is ICANN God??

I am angry with every single one of you!!! Both ICANN and Registerfly cost me my business. You both know where to go!!!

Bishan 04.18.07 at 1:22 am


We want to know who owns which Registrars and how it’s possible one company can own 100 Accredited Registrars or more and for what reasons.


John 04.25.07 at 4:46 pm

Two of my domains and were paid for by credit card (even though I still have money stuck in a registerfly account) but were never renewed. They double billed me for both domains and then immediately removed them from my account and started using them to show sponsored ads which means they are now illegally profiting from my domains. Any suggestions to rectify this situation would be welcome.

From what I have learned from this site if I want to recover my domains I will need to go through a complex, time consuming and possibly expensive arbitration process through ICANN, which does not inspire confidence at this point.

I have to question ICANN’s lack of action against registerfly and their ability to function in the capacity they now hold. Why didn’t they act sooner to suspend their accreditation and prevent registerfy from changing their customer records and stealing from their customers like this? More importantly how does ICANN allow someone to sell their accreditation let alone let someone else purchase it. We were under the impression ICCAN approved their accreditation or we would never have remained with registerfly after they parted company with enom.

We are still attempting to move our other domains back to enom but even that is proving difficult. Registerfly’s system refuses to remove the protectfly data from my whois info. Enom has requested a screen capture of the real whois data a screen capture of my domains list and photo ID so they can act on my behalf to do the transfers anyway. I can only hope this will work or it will comprise any future plans for my company has set in motion.

Howard McGinnis 04.26.07 at 8:39 am

This isn’t going anywhere and it’s frustrating. I pity those with hundreds of domains through RegisterFly.

It’s not just RegisterFly, it’s also I’ve had domains expire, then switched to this outfit, some form of RegisterFly offshoot. I’ve got other domains expiring, can’t transfer them and soon will lose them too.

You, ICANN.ORG, as well as RegisterFly, are costing me money. I’ve lost the domain for my coop producing Hawaiian honey, I’m about to lose my domain for my honey company, and all that happens is talk.

RegisterFly failed to live up to the agreement and your inaction is compounding it.

It’s time for ICANN to act. Not just talk.

1. Allow the transfer, bulk or otherwise, of domains from RegisterFly.
2. Allow the transfer of domains switched from RegisterFly to any other RegisterFly holding.

If you fail to act, you not only are complicit in the criminal activities of RegisterFly, you are causing the ruin of many companies. Perhaps ICANN should be named as a codefendant in any class action suits?

redblue 04.27.07 at 11:08 pm

I am a current victim. I can sense the frustration and bitterness in a lot of postings here because I feel the same.

However, I think it is unfair to blame ICANN for the fiasco too much. As someone who has been through the US legal process, I can vouch for the fact that bad faith actions by villains can trump the most elaborate failsafe mechanisms you can think of. ICANN’s dilemma is that it can’t be too powerful (otherwise it can be used for censorship and what not) and it can’t be too weak (or worse disasters than Registerfly will unfold).

From what I can tell, a ICANN is doing all it can. And it appears that sooner or later things will get fixed, more or less. There will be some collateral damage ( and I think I am going to be one of the victims here with my primary domain getting hijacked). But from the responses I have seen from ICANN staff, I am just grateful they are on top of it. And they appear to be doing the most they are able to do legally and ethically.

So please try to put the heat on Registerfly and Kevin. Not ICANN. At least not for the this issue.

hsingh 05.03.07 at 4:19 pm

Two months later, and over a dozen emails with ICANN copied to each, I have had not a single response from RegisterFly. They have my seven domains that they refuse to unlock, nor do they provide auth codes. I was completely unaware of the incompetence of this registrar until I happened to register three domain names critical to my business. Registerfly charged my credit card $29.97 and the online form informed my that my domain name registration was in progress. When I checked back a week later, no new domains had been added to my control panel. To my dismay, someone else had purchased one of the domains–exactly seven days after I had registered it. I complained to RegisterFly but I was told that nothing could be done. I asked for a refund and I received no response. Thanks to PayPal’s claim service, I got the refund through PayPal given that the promised service was not provided to me. As retribution, RegisterFly deleted my account, even though 7 of my domain names are registered with RegisterFly. Now I lost complete control of everything. I have attempted to transfer my domains by initiating a transfer to, but RegisterFly has been uncooperative. They refuse to even acknowledge my emails–I have copied ICANN to each one of them for the past eight weeks.

Greg 05.07.07 at 11:50 am

I had a dozen+ domains with RF and long story short, 2 of them expired during this whole mess. Of course RF does not answer support tickets, emails, phone calls (disconnected) and so the domains are sitting there locked (clientTransferProhibited clientUpdateProhibited) with the RF “ProtectFly” (privatization service) info. With no way to either renew the domains with RF and therefore gain access to change the status to unlocked these domains are in hostage status.

There must be hundreds if not thousands of people in the same situation – is there anything we can do at this point to remedy this situation other than sit on our hands and watch ICANN apply, up until now, entirely ineffective measures against what has become a rogue entity?

Tim 05.07.07 at 8:16 pm

I design web pages for local businesses and I had to explain to my second customer (did it today in person)

-their website was down
-their email is being lost
-I have tried everything I could think of
-I don’t know when it is going to be back up.


Gary 05.09.07 at 2:42 pm

Dear Icann

Registerfly is horible but right now I cannot say that Icann is really any better. Registerfly is prohibited from renewing my domains (already lost a few and losing more daily), yet Icann will not allow the bulk transfer away from Registerfly.

Icann could prevent a lot of problems by getting off their thunbs and moving forward with the bulk transfer… or at the very least setting a date that a bulk transfer will be allowed. To continue with no information to the very people Icann is supposed to support makes them as bad as Registerfly …maybe worse as Icann has the ability to solve the issue but apparently refuses to do so.

So Icann… Please do one of 2 thing s and do it FAST:

1. Allow Registerfly to renew my domains.

2. Allow GoDaddy etc. to complete the bulk transfers.

Not allowing either of these two things to happen makes Icann just as guilty as Registerfly.

Samson 05.09.07 at 8:08 pm

I’m having the same problem. I just want to get my domains off RegisterFly. I’m losing names as the expire and there is nothing that I can do about it…

Greg 05.10.07 at 8:42 am

Agreed. I have funds in my RF account from multiple failed renewals that RF is unable to process and transfers are being denied. All we keep hearing from ICANN is that resolution of the problem is forthcoming. This is cold comfort to someone that is watching domains they have owned for 10+ years expire without being able to do something about it.

msu 05.14.07 at 4:16 pm

I have domains which are in pending delete period.
What will be the process for me to renew my domains?
I think they will be given under management of some registrar.
What will happen then?

Manex 05.17.07 at 8:35 am

Please update your site with recent information. At this point, I can’t do anything with my domains and my business is going to crash as a result. I can’t renew them, I can’t update them, and – of course – I can’t transfer them (and I’ve tried all the tricks).

It’s very obvious that Registerfly is being maliceous at this point. Can this organization do nothing to speed up this process?

I must say that prior to the actions by there was at least SOME reaction and functionality by registerfly. After the actions is when it shut down – but the actions did not go far enough. I do wish that before acting at all, was prepared to go the full 10 yards.

We need a resolution to this ASAP – everyday it’s getting worse.

JBurdman7 05.17.07 at 9:10 pm

This worked for me 5-18-2007. Now I will try to transfer!

Instructions to retrieve Auth Code
Does not always work when selecting a particular domain. Sometimes a screen comes up that does not include the auth code. Try other doamins. When one works, use the drop down box and select ‘go’ to get the others.

Cancelling ProtectFly
Clicking the green ProtectFly on your main page will not allow you to turn it off. If you click on the individual domain and scroll to last option “Whois Privacy Protection”. Then select disable form the drop down, and ‘continue’. That changes the setting.

Unlocking Domain
From main page, manage domains, select domain. On next page, Click ‘locked’. Click box to change ‘registry lock status’. Click ‘update’.

Aint I an angel?? :-)

Manex 05.18.07 at 3:17 pm

JBurdman7 – the key is the transfer. I’ve been able to make it seem like I’ve changed things, but I can never-ever get that protectfly off the account – and THAT is what is stopping every domain. It seems that some of the domain have also now re-locked themselves.

We need somone to just step in and bulk transfer all of the domains to a registrar who doesn’t, frankly, suck and isn’t acting in what feels like a criminal manner.

mel 05.18.07 at 5:28 pm

I just finished transfering my domain names out of Registerfly. It was one of the most horrible experiences I ever had with anyone. Unfortunately first time when I went through such a thing was an australian sub-registrar registerweb and I thought I could resolve it directly with them..It so happened that the subregistrar quickly changed the registraton of the one domain name i had with them to themselves. I went around and around in circles with their main registrar I ended up loosing the domain name. So, what I will suggest is that don’t hang your hand on that registerfly email you have. All their customer service phones have been disconnected. Along with that compliance email, Keep starting a trouble ticket every 24 hours and keep a copy of it…hopefully they will release your domain names the way as they finally did in my case…Don’t make any payment to them for anything…No knowing the problem with them, I tried to renew one of the domain names and they accepted the payment but didn’t renew the domain name. well..!! I hope you are able to get your resolution

calling cards

David Coble 05.20.07 at 6:55 pm

I absolutely agree. All that need happen for evil to flourish is for good men to do nothing. It’s time for ICANN to do something. I have not been able to log in to my RF account since late February, so all the advice about how to unlock domains and acquire auth codes feels like mockery to me.

I have called and emailed RF many times.

When are we going to see something from the good guys?

Shirl Rose 06.01.07 at 10:47 pm

Now that our domain names have moved from Registerfly to Godaddy it has come to our attention that Godaddy is imposing a 60 prohibition on transferring them out to registrars. All requests for such transfers are automatically rejected by Godaddy and will continue to be so for 60 days.

This seems improper since the automatic transfer from Registerfly to Godaddy does not constitute a customary transfer (payment to Godaddy, acceptance of their TOS, extension of expiration date, an explicit and willful action by the registrant to use Godaddy, etc.)

While the registry requirement for transferring out are met (lock status can be removed and the AuthCode obtained from Godaddy) Godaddy is unilaterally and automatically rejecting transfer out requests. I maintain Godaddy does not have such authority – whether based on its agreements with ICANN (which has not been posted at ICANN’s website) or based on a user agreement (which has never been established with the registrant due to the ICANN sanctioned automatic transfers).

On its website Godaddy states: “ICANN named the new custodian of the .COM, .NET, .ORG, .INFO, .BIZ, and .NAME domain names that were previously registered at RegisterFly. ”

If Godaddy is the “custodian” of these transferred domain names it should not have the authority to place constraints on the domain names over and above that what existed while the domain names were at Registerfly. This would not include an additional 60 day prohibition on transferring out and imposing mandatory renewals on expiring domain names.

If Godaddy is allowed to forcefully place this 60 day hold not only will expired registrations have to be renewed at Godaddy and no other registrar but also those registrations that will expire in the next 60 days will have to be registered at Godaddy!

In effect Godaddy will not be the “custodian” of these domain names but rather the new registrar imposed for an additional year – under its own terms and conditions and its own fee structure – without such authority by the current registrant.

One would hope ICANN’s agreement with Godaddy was not supposed to impose such a huge windfall for Godaddy by forcing a long term relationship by the Registerfly registrants with Godaddy.

According to Godaddy’s website “more than 850,000 domain names will have been moved.” Assuming 2/12 of these expired during the past two months at Registerfly due to the acknowledged problems and 2/12 will expire in the next two months a total of 1/3 of the automatically transferred domain names (280,000) will be forced to be renewed at Godaddy for an additional year – without any such consent currently existing by the registrant. This constitutes a windfall of some $2,800,000 in sales for Godaddy simply for entering into the agreement with ICANN, and a sizable profit based on its $9.17 price. Adding insult to injury Godaddy will charge these domain names at its renewal fee of $9.17 instead of its transfer fee of $7.17.

If Godaddy is allowed to enforce this 60 day hold policy this arrangement would not by definition constitute a “custodial” and interim relationship with Godaddy but rather a forceful acceptance of a third party registrar with its own TOS (which we never agreed to) and an ICANN sanctioned unilateral and coerced acceptance of Godaddy as our registrar for one more year.

Orson 06.02.07 at 1:43 am

I had several domain names registered at And now I learn that this registrar’s accreditation has been removed by your organization. In due time some of my domains have expired and been registered by someone else. I didn’t receive any email regarding this situation neither by or by ICANN.

And now I learn by chance that all domains under will going to be transferred to But when I go this new registrar’s site, I need to complete a bunch of complex procedures in order to access my domain accounts.

I think ICANN is liable of making this transfer as smooth as possible in order keep up the satisfaction of previous customers of And I am asking from you to retrieve all of the rights of my domains regisgtered in since you accredited this firm beforehand and you are liable of keeping the security of the customers.

THus I declare that I won’t take any action or procedure to collect all my domains into (or some other site). THis is YOUR TASK!

If I don’t find all of my domains control in order and working smoothly in two weeks time, or if any of my domains registered before in has been captivated by someone else, I will use my international rights to sue you in international courts and demand my financial loss.


Mehdi Alidoost 06.03.07 at 4:02 pm

There is a big problem after moving domain names to , becuase this site block Iranina IP Address and limit access from this country , we can not reach ( update or transfer ) our domains at all now.

Before,When I had registered domain by Godaddy from Iranian IP address or domain owner address , they inform me thet I have 48 hours to transfer domain to another registrant.

now What can we do? from here we can not access godaddy and all domains move to this , and until now we dont receive any information about our account on Godaddy ?

Tim 06.12.07 at 9:34 am

1) One of my customer’s domain names have been taken over by an ad company. I though that we weren’t going to loose domain names?

2) Also- godaddy isn’t allowing me to transfer out… holding me hostage to renewing with them because they hold for a 60 day period.

Tim 06.12.07 at 9:47 am

Godaddy isn’t honoring the domain expiration dates that Registerfly had. Registerfly still shows 2008 on the domain name expiration and godaddy won’t honor it:

“Thank you for contacting Online Support.

Unfortunately, we are unable to assist you with your issue. When your domain names were migrated from Registerfly, we received them exactly as they were including all of your original account information. If you renewed your domain name through Registerfly and it was not showing the correct expiration date before your recent renewal with our company, you will need to contact Registerfly or ICANN for assistance. We apologize for any inconvenience regarding this issue.”

jackee 07.18.07 at 6:26 pm

i also have to disagree. ICANN’s lack of of imagination and not having in place mechanisms for dealing with a Registerfly type scenario is glaring. i just want to say it there is waste of time so i go and take few glasess of wine and sleep.

Kieren McCarthy 07.19.07 at 3:15 am

Hindsight is a wonderful thing, Jackee.

And it can be very easily demonstrated why this apparent lack of “imagination” is a red herring.

At some point in the next five to ten years, there will be another issue just like RegisterFly – where domain owners are up in arms and ICANN finds its current policies are not sufficient and it will have to deal with it and then change the policies to fix the problem for the future. And when that happens someone else will complain that ICANN should have foreseen the problem.

So, here’s the question: what changes does ICANN make now for that not to happen? We don’t want it to happen, no one wants it to happen, so come up with the changes now and we’ll do it.

As a quick indication of where the problem is going to come from, bear in mind these following changes to the domain name system that will happen in the next few years:

* A range – potentially a very large range – of new top-level domains will be approved and appear on the Internet. It will no longer be dotcom domains but dot-coffee, dot-hotel, dot-tree, dot-whatever.

* With a larger number of TLDs, it is inevitable that at some point an entire registry will fail, rather that just a single registrar. That will mean that all domains under that registry will be at risk – and they will have been bought through dozens of different registrars. Could you draw up the rules for this scenario please – and make sure there are no loopholes?

* It will not only be English TLDs. Very soon, there will hundreds perhaps thousands of new top-level domains in a range of scripts so people all over the world will be able to represent their language. This in turn will mean new registrars situated all over the world. Registrars operating in different countries, under different laws, who may never sell a dotcom in their life but only Chinese scripts or Arabic scripts. Do you think the rules are currently sufficient to cover companies right across the world? If not, could you please provide the wording – and then accurate translations of those rules in 25 languages?

* Are the rules in place sufficient to allow someone based in the US, who registered a domain in the Arabic script to get it back off a registrar based in Russia? If not, could you please provide the watertight wording that will mean ICANN can protect the registrant? And not just that registrant but the hundreds of millions of new registrants all over the world that will buy domains for the first time – very few of whom will understand how the system actually works?

* How many staff do you think ICANN would need to adequately protect 100 million people? Has there ever been an organisation in the world that has been able to protect that number of people? So if ICANN can’t do that, how can registrants be protected? Would people be willing to pay an extra $5 right across the world for every domain because of the one-in-a-million chance that they might lose their domain? Or should it be left to market forces? Allow companies to offer protection services and promote their stability? What if people buy a domain from an unscrupulous registrar in Taiwan anyway just because it’s 30 cents cheaper? How does ICANN decide what is a good and what is a bad registrar? What if a previously good registrar turns bad?

* What if a new registry sues a new registrar and the domains are put in limbo?

* What if a new registrar sues its own customers, pointing out an obscure clause in its Indian contract, and takes control over thousands of valuable domains? Do you have the wording for this scenario?

* What if a registrar declares bankruptcy but starts the next day with all its previous domains under a different company name with a different contract – which is then enforces to get everyone to pay an extra $30 or lose the domain?

I would say that was a fairly imaginative set of scenarios. Now all we need to do in produce the rules and guidelines that mean there will never be another problem like RegisterFly.

Incidentally, if you *do* have some ideas that you think have been overlooked or would make matters easier, please do get involved and put them in front of either ALAC or the GNSO. If they solve a problem they *will* get through – that’s how the ICANN model works.

Kieren McCarthy
General manager of public participation, ICANN

Scott Reese 09.20.07 at 2:33 pm

I’ve lost at least 75 domains due to this registerfly fiasco. I wll not recount my story because because it’s similar to what everyone else went through. It was absolutely impossible to renew domain names. It was slow and painful deaths as you would see the domain expire and someone else (usually an unknown protected person) buy the domains. Other domains are still being held hostage by enom because I am unable to pay their outrageously high fees. A few very valuable domains were in enom’s possession when I pleaded with them not to sell/drop them (I have it in print through the “help” tickets) telling them that I would pay any price, but they still let them drop and they were snached up by others.

I am still trying to get the domains back that I legally bought and were illegally dropped & purchased by others and also figure out which ones still in enom’s system I can afford to get back.

Anyway, as I attempt to do this is there a page on ICANN’s site that is designed for the purpose of helping us get our domains back.
I.E. a brief description of the registerfly debacle, that ICANN is committed to getting the affected domains to the rightful owners, and that the ethical and legal course of action is to return the domains to the rightful owners at a fair compensation level. This would also be helpful when I deal with a foriegn registra when I try to get back.

Thank you,
Scott Reese

Scott Reese 09.20.07 at 3:11 pm

ICANN does have it’s work cut out for it, these are complex issues and every scenario can’t be thought of and protected from in advance of it actually happening. Also rules can’t prevent crime, but systems can be put in place to protect the end user I think similar to how the banking industry is regulated. It is also important to keep to the forefront that the value of a domain is not it’s purchase price… as an example my father has invested $15,000 in advertising on a product whose domain is currently in enom’s no man’s land.

As this process proceeds I feel it is important to keep in mind two simple truths:

1) Whatever “rules or regulations” ICANN comes up with must be enforceable – everyone goes into the agreement knowing this.

2) When the rules are broken, aggressively carry out the consequences. I know ICANN is not staffed to chase down every complaint, but when hundreds of thousands of people are affected decisive action is needed.

I do wish you guys the best and that it is easy for people with no knowledge of International laws to give advice. I hope though that this “REGISTERFLY MESS” won’t be swept under the table so quickly that the affected parties aren’t properly helped…

Comments on this entry are closed.