Ari Goldberger over at the Direct Navigation Blog picked up on a story on DomainState.com and on DomainNameNews.com that once again suggests that people searching for domain availability at certain registrars are being registered by the registrar. The registrar thereby prevents a registrant from purchasing it at any other registrar other than the Registrar whose web site was used to check domain availability. This, from our point of view, amounts to fraud and domain theft at the registrar level and has earned the term domain "Front Running" a term picked up from illegal stock broker practices using the same model. Domain Name Front Running (DNFR) is believed to be caused when registrars or ISPs sell domain availability search traffic that runs through their network to front runners, who register the domain before the consumer is able to complete registration. The DNFR then tries to sell the domain to the original availability searcher, or to another third party.
Frank Schilling posted an excellent article on the history of domain tasting, a related practice, titled The Closing Window: A Historical Analysis of Domain Tasting which is an excellent overview of these types of problems and how they occur.
Network Solutions (NSI) has now been accused of front running domains, a shocking accusation given NSI's domain industry leader status.
No one has challenged domain Front Running by registrars in the courts, likely because the practice is new and since the loss of a single domain would not typically generate a level of damages to support litigation. But litigation over this fraudulent domain practice by registrars is both viable and likely inevitable as noted below. While NSI's explanation -- below -- may be legitimate, there is little doubt that some registrars are engaging in front running practices.
Litigation will find those registrars engaging in the practice. Every US state has a Consumer Protection Act which would make this practice illegal. It amounts to outright fraud. The registrar deceives the consumer into using its domain availability or Whois search so they can presumably have the option of registering the domain. The search feature is really a search tool for the registrar to see whether there is interest in the domain name. The registrar runs software which instantly registers the domain for itself and either offers it for sale or, at a minimum, makes it impossible for the consumer to register the domain through another register. Registrars continue to deny the practice but litigation subpoenas offer the advantage of obtaining real data and documents from registrars concerning the inner workings of domain front running.
Because penalty damages and attorney fees are available under state Consumer Protection laws, we believe it is just a matter of time before litigation exposes this fraudulent practice. It is certainly clear that ICANN has no intention of acting quickly to curb this domain registration abuse.
While the focus on NSI may prove inappropriate, an analysis provided by the DomainNameNews, the following commentary explains the basics of domain Front Running:
The domains are likely being purchased and held in NSI ownership until the potential registrant comes back to purchase the name through NSI. If the purchase is not made at NSI within 5 days, NSI uses the same 5 day grace period that domain tasting operations use and they delete the domain. Once a search for a domain is conducted at NSI the domain name is registered and only available to be purchased by a registrant at NSI. It is not clear if NSI has increased prices on domains that have received multiple whois searches and that they are front running.
NSI also apparently has no problem taking over control of trademark domains using this practice as well. Searches for names such as microsoft-dell.com and ibm-microsoft-dell.com all appear as registered now by NSI and only available for purchase at NSI.
Front running domain names is a bold move by any registrar as it breaks a certain level of trust that the general public places in using a whois search. ICANN SSAC has conducted a “study” on front running recently in which they wrote “ICANN’s Registrar Accreditation Agreement and Registry Agreements do not expressly prohibit registrars and registries from monitoring and collecting WHOIS query of domain name availability query data and either selling this information or using it directly,” Warehousing domains in order to sell them to “potentially interested parties” isn’t specifically forbidden in the registrar contract with ICANN but is addressed in points 3.7.9 and 4.2.5 of the contract in which they leave room for new rules or revisions to the contract. In a quick look search it appears that other registries have addressed this issue. As an example, the SGNIC for example has a contract that expressly addresses this issue.
Network Solutions has responded to the accusations through a statement by Jonathon Nevett, Vice President of Policy at Network Solutions.
“I’d like to clarify what we are doing. In response to customer concerns about Domain Name Front Running (domains being registered by someone else just after they have conducted a domain name search), we have implemented a security measure to protect our customers. The measure will kick in when a customer searches for an available domain name at our website, but decides not to purchase the name immediately after conducting the search.
After the search ends, we will put the domain name on reserve. During this reservation period, the name is not active and we do not monetize the traffic on these domains. If a customer searches for the domain again during the next 4 days at networksolutions.com, the domain will be available to register. If the domain name is not purchased within 4 days, it will be released back to the registry and will be generally available for registration.
This protection measure provides our customers the opportunity to register domains they have previously searched without the fear that the name will be already taken through Front Running.
You are correct that we are trying to take an arrow out of the quiver of the tasters. As you know, domain tasters are the largest Front Runners. Due to no fault of registrars, Front Runners purchase search data from Internet Service Providers and/or registries and then taste those names. Some folks may not agree with our approach, but we are trying to prevent this malicious activity from impacting our customers.”
NSI is admitting that it registers / holds the domain, but suggests that this is a security measure to protect consumers. Of course, this supposed measure precludes the registrant from registering the domain with any other registrar at a cheaper price.
Here is a comprehensive list of links to blog posts and stories about DNFR and NSI:
- Original Domain State BBS Post advising of the issue.
- Conceptualist Blog Post Early In the story
- DotSauce Post with Response From NSI Employee
- http://www.circleid.com/posts/81082_network_solutions_front_running/
- InfoWorld Article
- Nominet Position Paper on Front Running, Circle ID Post by Michele Neylon
- Domain Registrar Network Solutions Front Running On Whois Searches, Domain Name News
- Network Solutions Faces PR Nightmare Over Domain FrontRunning, Domain News Wire
- Larry Seltzer Post 18 Months Ago on Whois Hijacking aka DNFR
- ICANN Watch Post
As an IT manager for a large manufacturing company, I have used NetSol for the past several years for our registrar. I found out yesterday about their new practice as my wife was trying to find an available domain name for their company. She was using NetSol to do the searches. She came home frustrated because the names they wanted were already taken and she was being pushed to come up with one. When she gave me the name they wanted, I found it hard to believe such an odd name was already taken. I did a whois using my personal registrar and found that NetSol had, in my opinion, stolen her company's name and registered it themselves shortly after she searched it. However, we did determine it could be bought through NetSol at an inflated price.
What a bunch of BULL! I could not believe what I once considered a reputable company would stoop to such business practices. I plan to take steps today to move my companies domains to another registrar because I refuse to do business with someone like this. This is unacceptable practice regardless what they think it is. I breezed through the ICANN agreement that registrars much follow to try and find where this was acceptable. I found more clauses that made it unacceptable than acceptable. 3.7.4, I think it was, states that they can not register a domain until they have secured payment. Doesn't this break the agreement? Not to mention a couple more that it may fall under. Then we have the fact that this simply has to be breaking so business laws. Not a lawyer myself, so I guess we need to leave it up to them to find the criminal acts. ICANN certainly doesn't seem to be moving very fast to fix it. My complaint to them did get a response and they were aware of the practice of NetSol. They stated they were investigating it.
NetSol, if you are listening. You really need to cease this practice. Users of NetSol, I think it time for a class action law suit and lets put them out of business!
Posted by: Wayne | 01/24/2008 at 10:31
To gain more of a perspective on the issue, I spoke with Larry Kutscher, CEO of Register.com, a leading domain name registrar, about his views on the matter. Here is what he had to say:
3. Recently, Network Solutions has started registering names that were searched on their website but not purchased. What is your opinion of their actions?
Register.com has serious concern over Network Solutions' recent practice of registering searched but not purchased names via their website. As a registrar, Register.com takes very seriously the need to protect the ideas and domain searches of our customers. If it were to become standard practice that anytime you search for a domain name, the registrar purchases it, the customer loses.
You can be sure that if you search for a domain name on Register.com, we won't use any information that you provide us to take it away from you. In addition, Register.com offers Domain Hold, a service customers can opt into to protect their idea by reserving a domain name for free for up to four days and then only they can come back to us to buy it.
It is a betrayal of the customers trust for Network Solutions to continue this practice. We hope we can put an end to this and focus as an industry on the ways we can help our customers.
4. What is your opinion about the explanation offered for this practice by Network Solutions?
The explanation Network Solutions has offered doesn't ring true. They are not solving any customer problems with their new policy - in fact they are actually creating problems in the industry and ultimately for the customer.
5. In your opinion, does this action by Network Solutions violate any ICANN rules?
The bottom line is this is just not a good business practice and has the potential to hurt the industry and all of our customers. Due to this potential damage and the fact that this practice restricts competition among registrars, we believe that ICANN should immediately review this practice and Register.com has asked ICANN to do so in a formal letter.
6. Do you expect other registrars to do this as well?
I sincerely hope that other registrars will not adopt similar policies. As I commented previously, if it were to become standard practice that anytime you search for a domain name, the registrar purchases it, the customer loses.
Posted by: Interview of Larry Kutscher, CEO of Register.com | 01/17/2008 at 18:37
Can one really blame them for someone freeloading a service they're paying the costs for? And that might be a good choice since at least it'll lessen potential headaches you both can bring to one another. :)
Posted by: Dave Zan | 01/13/2008 at 09:37
Use every trick in the book, use every loop hole till you are found out. A lot of people don't even know what domain names and hosting means. It is quite easy to fool them. That's what is happening here.
Posted by: Windows Registry Cleaner | 01/13/2008 at 07:07
http://domainnamewire.com/2008/01/11/tucows-ceo-on-network-solutions-front-running/
Tucows President and CEO Elliot Noss today, and he’s not shy about his position.
“For me this is analogous to the approaches that a couple registrars have taken, such as Godaddy and Network Solutions, for transfer policy,” said Noss, referring to registrars taking initiatives to protect their customers that also benefit their business. Specifically, Noss is referring to those registrars’ practice of blocking transfers of domains within 60 days of changes to whois information. These registrars say they are blocking transfers to protect customers from domain theft, much like Network Solutions claims its new reservation policy protects customers from front running. Front running involves someone intercepting a domain name query and preemptively registering the domain.
“It’s violating the stated policy and then putting the burden on ICANN or other parties to prove that they’re wrong,” continues Noss. Tucows has also blogged about the topic on its official site.
Noss doesn’t believe that Network Solutions’ program is a solution to front running.
Noss said the basic driver to front running is internet service providers (ISPs) selling internet data. Using any site to check for a domain — be it Network Solutions, Tucows, etc. — exposes you to the potential of that query being stolen. When someone visits a web site or sends a request over the internet, that data can be captured by the ISP.
Surprisingly, it’s not just rogue ISPs that sell this data. “The larger [ISPs] are more likely to have this behavior,” says Noss. He points to Verizon capturing error traffic and serving ads on them as an example.
Registrar Register.com offers a service that lets users reserve domains for later registration using the 5 day grace period afforded to registrars. Noss says this may be fair as long as the company is explicit with its customers, and that’s part of the problem with Network Solutions’ practice.
“All of this stuff makes sense to you and me and doesn’t make sense to 99% of the population,” Noss told me. This is a valid point; registrars such as GoDaddy and Network Solutions deal with customers who don’t even know what “drop catching” and “parked page” mean.
Posted by: TuCows Weighs In | 01/12/2008 at 18:24
I believe what NetSol is doing is purely a response to an internal study that they did to determine the number of domains that were being searched for using their search tool and then registered elsewhere. Not by front runners however, but by everyday users knowing where AND WHERE NOT to register a domain name. I suspect the percentage of defectors was very high.
If Netsol actually gave a *$#@ about customers, instead of choosing to lock up the domains that were searched for in the hopes that people would be confused into registering with them, if they REALLY were focused on customer service, they would have made the temporary lock feature an opt-in feature for customers that are already customers of Network Solutions and wanted to continue to be. Then people could choose.
The percentage of searches that result in domains being registered elsewhere is high simply because:
1. NetSol is an offensively expensive place to buy a domain name
2. NetSol site and admin panel makes it difficult for people to do what they want, quickly and get out feeling that they weren't ripped off
3. NetSol charges extra for features (such as forwarding) that are free at other, less expensive registrars.
Front running is not Network Solutions' concern. PLAIN AND SIMPLE NETSOL IS IRRITATED that people like me use their search tool and then go to GoDaddy to pay much less for the exact same thing. I for one will transfer all/any of my domains from Netsol that I can to another registrar.
Posted by: Rob | 01/11/2008 at 19:42
A violation of some statutes, as opposed to a claim of damages, may be established solely by proof that an act or practice was capable of being interpreted in a misleading manner or had a tendency to deceive consumers.78 Other statutes require a plaintiff to prove only that there is a likelihood of damage.79 Under these statutes, the plaintiff need not allege that the consumer actually was deceived.80 Finally, under Georgia's Fair Business Practices Act, the plaintiff must prove that the defendant's actions have the potential to harm the public.
Posted by: Virginia Consumer Protection Act | 01/10/2008 at 12:38
There is nothing in the Privacy Policy which puts anyone on notice or authorizes NSI to register domains that are searched through its tools. In fact, their practice appears to be in direct violation of their privacy statement.
Posted by: Privacy Policy | 01/10/2008 at 11:26
It is very difficult to even find the AUP on the NSI web site. There is no direct link off the man pages. You need to navigate deep withing the site map, to legal notices to find the AUP.
http://www.networksolutions.com/legal/legal-notice.jsp
Nothing in the UIP authorizes NSI's actions to lock or register the domains searched through its availability tool.
Posted by: Acceptable Use Policy | 01/10/2008 at 11:21
There has been quite a huff about this over the past couple of days. I have done some research and I too believe frontrunning starts somewhere between a registrar query/dns query and the underlying registry.
Now for what network solutions is doing:
As a business in the mind of protecting their OWN customers, not anybody else this is a great practice. Many of NSI's cx have been with them for years due to great service. If they login to their account and search a domain name netsol is ensuring if they wanted it they CAN get it because NO ONE ELSE is worried about THEIR CX's.
All of the people who are complaining and whining are essentially saying I go to network solutions to use their resources but I will not work with them! Why don't they use their registrar's search tool? Most often it is because sucks!
Thanks for reading,
Nick
http://www.routermods.com
Posted by: artee | 01/09/2008 at 23:40
"the advertising dollars generated through their parked page program"
Enrico, they've never input their commercial parking pages on those domain names. Currently they've switched from their "register domain at NS" page to their non-commercial parking page, and their rep stated somewhere they'll soon resolve to nowhere.
Generally registrars really have no idea what's causing this, save for a few speculations with little to no degree of proof to back them up.
Posted by: Dave Zan | 01/09/2008 at 22:26
Hi,
I am Shashi Bellamkonda from Network Solutions .We have been listening to comments here as well as those on other sites regarding our customer
protection measure. Throughout the launch of this effort we have made, and continue to make, improvements to our protection measure. I want to update you on some of the improvements we are implementing in the near term:
1) We have changed the current webpage to which reserved domain names resolve to a general under construction page. Additionally, all new reserved names after tonight will not resolve to any page at all.
2) This week, we will be making enhancements that will address the concerns related to disclosure of zone file and DNS server information of the reserved names. This should address some of the concerns recently raised.
3) Very soon we will remove our customer protection measure from our WHOIS search page, so that no domains searched on this page will be reserved. We
will continue to reserve, however, domains searched from our homepage.
Thanks for all the feedback and viewpoints.
Shashi
Posted by: Shashi Bellamkonda | 01/09/2008 at 21:05
Network Solutions believes the frontrunning problem is occuring somewhere between when domains are searched at a registrar and when the registry VeriSign (NASDAQ: VRSN) is pinged. Someone is selling the data, she says, and Network Solutions has implemented this solution to stop it. Network Solutions will not release the domain if you request, and anyone who visits the domain or Network Solutions can register it.
This creates a new opportunity for frontrunners and domain tasters: just monitor NetSol’s reserve domain DNS for new domains and register anything its customers are searching for.
Posted by: Domain Name News Wire | 01/09/2008 at 15:17
Where does the data of a registrant availability search which allows for front running get intercepted? Is it at the NSI web site level? The end-user computer level?
According to NSI, they don't know either (hard to believe) but suggest it is further upstream, at the ISP or registry level. NSI says that's because Network Solutions then must check availability at other sites when a customer searches.
"1. It is trying to stop “domain frontrunning”, whereby people steal domain queries. NSI believes this is happening somewhere along the chain between when someone searches for a domain at NetSol.com and the registry. It could be ISPs or it could be people at the registries themselves."
Also, by picking the domains up as a registrant they are cybersquatting on hundreds, if not thousands, of trademark domains. Anytime someone searches for a trademarked domain, Network Solutions is registering it and putting up its domain parking billboard with paid advertising links on it! Many of these parked sites have targeted advertising competing against the trademark holder.
Given their commercial interest in forcing registration through NSI and the advertising dollars generated through their parked page program, it is hard to buy the consumer protection explanation. Regardless, consumer protection does not legitimize cybersquatting under the ACPA or UDRP.
Posted by: NSI Is Cybersquatting | 01/09/2008 at 15:13
Remember, the worst features at the registrar level are all supposedly in the name of consumer protection. The 5 day grace period which spawned domain tasting is the best example.
Posted by: Domain Front Running | 01/09/2008 at 13:27
Network Solutions provides the following language on its WHOIS search webpage found at http://www.networksolutions.com/whois/index.jsp :
NOTICE AND TERMS OF USE: You are not authorized to access or query our WHOIS database through the use of high-volume, automated, electronic processes or for the purpose or purposes of using the data in any manner that violates these terms of use. The Data in Network Solutions' WHOIS database is provided by Network Solutions for information purposes only, and to assist persons in obtaining information about or related to a domain name registration record. Network Solutions does not guarantee its accuracy. By submitting a WHOIS query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, e-mail, telephone, or facsimile; or (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its computer systems). The compilation, repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of Network Solutions. You agree not to use high-volume, automated, electronic processes to access or query the WHOIS database. Network Solutions reserves all rights and remedies it now has or may have in the future, including, but not limited to, the right to terminate your access to the WHOIS database in its sole discretion, for any violations by you of these terms of use, including without limitation, for excessive querying of the WHOIS database or for failure to otherwise abide by these terms of use. Network Solutions reserves the right to modify these terms at any time.
Nowhere in this language does it say that an Internet user’s search of the WHOIS database will result in NSI registering the domain name searched for a five day period wherein the Internet user can only purchase the domain name through NSI (at a much higher cost that with another registrar). To the contrary, the Terms of Use states, “The Data in Network Solutions’ WHOIS database is provided by Network Solutions for information purposes only…” While we shouldn’t expect NSI to say that it participates in domain front running, there should be notice to the Internet user that this is not a free, public, no-strings-attached domain name availability search. Users have undoubtedly lost out on domains because of this practice.
So now what? Well, the most common means of getting a domain name to which you have rights is the UDRP. However, ICANN’s Uniform Domain Dispute Resolution Policy (found at http://www.icann.org/udrp/udrp-policy-24oct99.htm) specifically exempts accredited registrars, like NSI, from liability under the UDRP. Specifically, the Policy “sets forth the terms and conditions in connection with a dispute between you and any party other than us (the registrar) over the registration and use of an Internet domain name…” Therefore, the cost-effective and efficient UDRP option is not available. However, there may be another option, which many may not consider.
In particular, the federal and state governments have enacted legislation that essentially codifies the common law definitions of fraud and misrepresentation. In fact, Virginia (the state where NSI is located) has enacted the Consumer Protection Act (Va. Code Ann. § 59.1-196 (2007), which is patterned after the Federal Trade Commission Act. The goal of this legislation is to prohibit “unfair or deceptive acts or practices.” Based upon the allegations made against NSI thus far, it appears that the Consumer Protection Act does provide a way for Internet users who have been damaged by what appears to be domain front running to seek damages.
While this may be the way to damages, it is yet to be determined if the actual domain name can be retrieved. Think about this scenario…you use NSI’s WHOIS database to perform a domain name availability search for the name of your new company. You decide to wait to register the domain name until you compare registrar prices and learn more about domain name registration. Ultimately, you decide to register, but learn that you must register with NSI, or even worse, someone else has registered the domain name. While you may be able to get damages against NSI, getting the domain back may be impossible.
Regardless, we can only hope that NSI, and possibly other entities, stop the alleged domain front running and similar misleading practices. Consumers need to feel comfortable and know that searching a free, public database does not commit them to one registrar.
Posted by: Brian Hall | 01/09/2008 at 11:56