Fog Creek Software
Discussion Board




Is Registering a Domain a Potential Liability?

Recently I observed that a domain that was used by an IT recruiting company as recently as 2001, now displays a web page full of hot, wet, naked, underage teen porn advertisements. No, I don't think the company in question got into the porn business (obvious  comparisons of pimps and recruiters aside, hah hah. :-) )

But one thing did occur to me: I suspect that there are domain name registration companies around that deliberately hijack domain names when they expire without renewal, and squat on them with humiliating images such as porn sites. 

And a couple of years ago I read that there was a plague of such squattings affecting church owned web sites and domains, but at the time it didn't occur to me that this M.O. could be applied to anyone.

So, the pattern would seem to be:

1) Identify domain names owned by stakeholders who would suffer great loss of image and revulsion by clients, members, etc. if the domain were hijacked and repurposed for something seedy.

2) Squat. Hold domain for ransom for several hundred or thousand dollars.

3) Some people will pay. Profit! (underpants gnomes would be proud.)

So it would seem to me that if you have domains registered, you had BETTER plan to keep them registered in perpetuity or until everyone that knows of your business or org through them forgets about them.

Any thoughts? Have any of you folks seen this occur?

Bored Bystander
Saturday, April 19, 2003

So if I start a porn website and give it up at a later date because the real thing isn't leaving me any time for the web, I am in danger of having my domain taken over by some religious group which will put up loads of Godtrash until I cough up thousands towards Tam and Bakkers mobile home?

Frightening!

Stephen Jones
Saturday, April 19, 2003

Actually BB. I rather suspect that if you could get hold of the site stats for these ex-chruch sites turned into porn sites you might realize there is a much simpler commerical explanation.

Stephen Jones
Saturday, April 19, 2003

Here is what I mean: a domain that was once listed on scguild as belonging to an IT recruiter who was based in the western US now displays a teen porn gateway. A WHOIS shows that the domain now belongs to someone in Spain.

As a concrete hypothetical example: you register stephenjones.com. You use it for awhile. Then you forget about the domain.  Through some email changes you never see the notice to renew the domain, and your credit card info on file with the registrar expires.

Then one fine day your proud mum surfs the web and sees that her son's web site now advertises hard core bestiality porn.

You then contact the person(s) now listed as the admin contacts in WHOIS and you find that they want $1000 to release the domain to you.

Oh, and you had the domain name printed on  business cards and resumes out in circulation.

Whoopsie.

Bored Bystander
Saturday, April 19, 2003

The moral of the story: Keep on top of your domains!

There's the famous story of Microsoft forgetting to renew Hotmail.com a while back.. Look it up.

www.marktaw.com
Saturday, April 19, 2003

Of course it's not a liability.

pb
Saturday, April 19, 2003

Sounds like you might need to do some research on this topic.

If a company such as McDonalds allows their domain name to expire then they might have to pay a fee to get it back. I really don't know. However, I remember reading somewhere that the practice of grabbing unused domain names didn't always work out for the people looking to make a profit by selling them to their "rightful" owners.

Perhaps you are right and all the person in Spain needs to do to is demonstrate intent in order to stay within the law?

If you learn anything more about this issue let us know.

One Programmer's Opinion
Sunday, April 20, 2003

A friend of mine accidentally let his domain registration lapse, and the day after it expired, the registrar went to him demanding ~$150 to get the domain back. Not wanting to pay, he gave up and moved to a new domain.

Beware of fake renewal notices from registrars that don't actually own your domain! I get these from Verisign every year. Scum!

For what it's worth, I use EasyDNS and never had a problem with them so far.

Dan Maas
Sunday, April 20, 2003

I believe it is less about sullying someone's name or trying to get them to buy the domain back as it is about free traffic.

If for the price of a domain name a site can add a decent amount of traffic then it is worth it for them, assuming they are the kind who can gain business through undifferentiated volume visitors.

If the poor sap who lost the domain then wants it back, that is simply an added bonus to their swooping.

Matt
Monday, April 21, 2003

This would be a much less significant problem if expired domains were not available to anybody other than the original owner for a significant "cooling off" period. It's yet another failing of the domain registration system caused by the concerns of self-interested registrars overriding the interests of the wider community.

Adam Fitzpatrick
Monday, April 21, 2003

I'm just contemplating which would be worse for the cache maintainers here to find out - that I had visited a recruitment website or that it had mutated into a porn website. It is tempting to find out...


Tuesday, April 22, 2003

*  Recent Topics

*  Fog Creek Home