Go Daddy Deemed Safe Haven for Cybercrime
Domain Name Registrar Accused of Harboring Cyberstalkers
Support for this report is provided by individuals who subscribe to the proposition that it is impractical and irresponsible to distinguish between cyberstalkers and companies whose policies or employees harbor cyberstalkers.
Go Daddy Software, Inc. advertises being the # 1 ICANN-accredited domain name registrar, but it has yet to be determined whether the software behemoth can avoid accusations that it is providing safe haven for cyberstalkers. Investigating a case of cyberstalking, social psychologist Wyatt Ehrenfels initiated discussion with ICANN officials over the company's track record of failing to respond to complaints of abuse through abuse@godaddy.com. The investigation was triggered by a complainant who discovered that a Google search on his name turned up a number of domains bearing his name and disseminating false and unflattering information about him. The complainant, who wished to remain nameless to avoid compromising his legal case, sent numerous e-mails through abuse@godaddy.com to alert Go Daddy staffers to the Web sites, which listed Go Daddy as the registrar and subsidiary Domains by Proxy as the domain owner. Domains by Proxy provides privacy services to domain registrants by allowing its own company name and contact information to substitute for the identity and address of the registrant. After complying with Domains by Proxy instructions to deliver the complaint certified mail, the complainant initiated discussion with the Office of the General Manager, and the registrant of the .COM domain was informed that he had a week to respond to the complainant. A few days after the deadline expired, Domains by Proxy rescinded privacy services to the .COM domain. The complainant was informed that Domains by Proxy had no further business with the .COM domain, withholding critical information that could have helped the complainant attend to the next stage of action. After all, the domain remained operational and continued to rank # 3 in the results of a Google search on the complainant's name. More importantly, although the domain data is now publicly accessible, the name and address of the abusive domain registrant is fraudulent. The Domains by Proxy General Manager failed to reply to assertions that the .COM registar is located in another division of the same Go Daddy company. The complainant was simply and repeatedly urged to "contact the registrar directly for more information on this matter."
A few days after Domains by Proxy canceled its privacy service to the .COM domain, the .COM domain registrant registered .INFO and .NET domains bearing the complainant's name. Again the domains were registered through Go Daddy and privacy services were briefly provided by Domains by Proxy. (Domains by Proxy quickly rescinded these services). The screen capture below presents the fraudulent data as revealed through WHOIS registries outside GoDaddy.com.
Contacting the registar was no small feat. Numerous e-mails to abuse@godaddy.com from both the complainant and an investigator failed to elicit a single reply (not even an automated message signifying that the complaints were received and being processed). A phone call to Go Daddy's Scottsdale, Arizona headquarters (480-505-8899) revealed no menu items pertaining to the issue of abuse or general correspondence. The menu items consisted only of "existing customers" and "sales." A customer service representative identifying herself only as Karen (she confirmed that customer service representatives are not assigned identification numbers) confirmed that e-mailing abuse@godaddy.com is the only procedure recognized by the company for dealing with abusive domains. Karen, who appeared dismayed by reports of nonresponsiveness, was at a loss to explain how the investigator should proceed.
The investigator e-mailed multiple ICANN Board Members and staffers to discuss the matter of Go Daddy's nonresponsiveness and advertised ICANN accreditation. The invstigator received the following reply from ICANN Chief Registrar Liaison Tim Cole:
"I have been forwarded several copies of this inquiry that you have sent to numerous people at ICANN and will take this opportunity to respond. Please understand that ICANN's role is limited. ICANN is a non-profit corporation that has responsibility for Internet Protocol (IP) address space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD) Top-Level Domain name system management, and root server system management functions to preserve the operational stability of the Internet. It does not have responsibility or the authority to investigate uses of the Internet or content of specific websites. ICANN's authority with regard to registrars is limited to a contractual relationship governing the registration of domain names - not their use.
Based on the information you have provided, it does not appear that there has been any violation of ICANN policy that would qualify as a violation of the registrar contract with ICANN. While we are not suggesting that your concerns are unfounded, they just do not fit within our scope of authority. We will contact GoDaddy and share your concerns, but beyond that we have no authority to intervene. You may wish to contact an attorney for legal advice or the appropriate law enforcement agency if you believe that illegal activity is taking place."
The Government Accountability Office (GAO) had a different interpretation of ICANN's authority. The following is an excerpt from a GAO investigation into the alarming prevalence of fraudulent domain data:
Individuals or organizations seeking to register the names of their Web sites may provide inaccurate contact information to registrars in order to hide their identities or to prevent members of the public from contacting them. Contact information is made publicly available on the Internet through a service known as Whois. Data accuracy in the Whois service can help law enforcement officials to investigate intellectual property misuse and online fraud, or identify the source of spam e-mail, and can help Internet operators to resolve technical network issues. GAO was asked, among other things, to (1) determine the prevalence of patently false or incomplete contact data in the Whois service for the .com, .org, and .net domains; (2) determine the extent to which patently false data are corrected within 1 month of being reported to ICANN; and (3) describe steps the Department of Commerce (Commerce) and ICANN have taken to ensure the accuracy of contact data in the Whois database.
Based on test results, GAO estimates that 2.31 million domain names (5.14 percent) have been registered with patently false data--data that appeared obviously and intentionally false without verification against any reference data--in one or more of the required contact information fields. GAO also found that 1.64 million (3.65 percent) have been registered with incomplete data in one or more of the required fields. In total, GAO estimates that 3.89 million domain names (8.65 percent) had at least one instance of patently false or incomplete data in the required Whois contact information fields. Of the 45 error reports that GAO submitted to the Internet Corporation for Assigned Names and Numbers (ICANN) for further investigation--one for each domain name with patently false contact data that GAO found in a random sample of 900--11 domain name holders provided updated contact information that was not patently false within 30 days after GAO submitted the error reports to ICANN. One domain name, which had been pending deletion before submission to ICANN, was terminated after GAO submitted the error report. The remaining 33 were not corrected. Commerce and ICANN have taken steps to ensure the accuracy of contact data in the Whois database. In addition to implementing a Registrar Accreditation Agreement that requires registrars to investigate and correct any reported inaccuracies in the contact information, they have amended their memorandum of understanding to require ICANN to continue assessing the operation of the Whois service and to implement measures to secure improved accuracy of data. Commerce and ICANN officials generally agreed with a draft of this report."
Generic Names Supporting Organization Chair Bruce Tonkin (a member of ICANN's Security and Stability Advisory Committee (SSAC) also replied to the investigator:
"I will take it up with my senior contact at GoDaddy. I will note however that I doubt that the abuse is a result of any direct involvement of GoDaddy.
It would be more correct to say that the "abuser" is using the services of GoDaddy, just as people making abusive phone calls make use fo the services of a tellecommunications company.
I do recognise however that GoDaddy may not have addressed your abuse complaint appropriately."
The next day the complainant placed his own phone call to Go Daddy. He was instructed to review Go Daddy's WHOIS registry and to provide proof that the domain data was false. Go Daddy neglected the matter of the domain's abusive content and the fact the domain bears the name of the individual being abused. Evidence has been mailed to Go Daddy that the person who identifies himself as "Taylor Jimenez" is an alias for a person who will remain unnamed in this report. But the investigation became more intriguing when the complainant followed instructions and immediately examined the domain data available through Go Daddy's own WHOIS registry. The complainant discovered that the domain data had been altered within the past 24 hours. The domain owner's name remains the same fraudulent character who disseminates links to these domains in Usenet under the alias "Taylor Jimenez" (AKA "Just Taylor"). However, if we examine the new Go Daddy data, we will plainly see that the post office box address was moved from Tampa, Florida to nearby Grover Beach, California (significantly closer to the residence of the individual betrayed by evidence as the true author of the .COM, .NET, and .INFO domains. Furthermore, it is also worth noting that this individual maintains a number of other abusive domains through Go Daddy which were not listed here because the domain names do not include the name of the victim.
A number of factors have spurred speculation that these abusive domains are safeguarded by the registrant's employment or strategic partnership with Go Daddy. Old messages from the registrant in Usenet contained references to "meeting with the suits in Scottsdale, Arizona" (Go Daddy is headquartered in Scottsdale). One piece of information that would go a long way toward helping investigators settle this question is whether abuse@godaddy.com reserves radio silence for the victim of this one network of abusive domains or whether Go Daddy tosses all its abuse complaints in the wastebacket.
Go Daddy may have risen to the rank of #1 domain registrar on the strength of a reputation it developed as a refuge for abusive domains or individuals who simply want to avoid having to answer for the content of their web sites. Google directs all complainants about Usenet flames showing up in Web Search content to the administrators of the Web-based news readers that provide access to news groups via the Web (and thus Web records of each news group message for availability to the search engines). There are hundreds of such news readers polluting the search engines with flames and libel from Usenet. Remarkably, the investigator uncovered a spike in the number of news readers registered through Go Daddy and concealed through the privacy services of Domains by Proxy.
Just how many certified letters can you afford?
This is all we need. A boastfully hip domain registrar with claims to a fan base. Go Daddy's grunge fashionista image carries on an Internet company tradition of building a clientele of civically challenged youth with Balco-enhanced attention deficits and nagging gonads (historical note: it was far more difficult to meet deadlines for sexual gratification with any regularity in the '80s). And Go Daddy enthusiasts or employees found in Wikipedia's pop trash encyclopedia a perfect medium to match its message. What in the name of Terrell Owens's agent is this thing I screen captured below? It's from a Wikipedia "encyclopedia" article that doubles as a Go Daddy advertisement. It is also worth noting that Go Daddy is the current registrar of all of the Wikimedia Foundation domain names. Just how did I come into that tidbit of information, you ask? I found it in an old draft of the Go Daddy article in Wikipedia. "Old", you say? Why, yes. Curiously, all references to the business relationship between Wikipedia and Go Daddy have been edited out, that is, as indicated by the edit history tab and an archived copy of the old draft itself. But I don't understand why this factual, verifiable information could be deemed unsuitable by Wikipedia admins. I've been told by a number of Wikipedia administrators never to question the journalistic integrity and objectivity of ... Wikipedia administrators. But I've digressed. The point I've been lumbering toward for some admittedly awkward time now is that if I ever need a corporate sponsor for a wet T-shirt contest (and Hooters becomes unavailable), I'll contact Go Daddy.
Got to love this entry. Especially the statement which effectively says "in-your-face" to the millions of viewers who lacked the cool dry wit to appreciate Go Daddy's Super Bowl commercial. (Honestly, this had to be written by an employee). Surely you remember the commercial that revisited in the most unimaginative way possible the one subject that dried up at every water cooler in corporate America. I can't thank Go Daddy enough for taking the time to remind me of the anatomical tidbit of which I had wearied and forgotten by end February. What a public service! And speaking of public service, before Go Daddy wraps itself in symbols of American sexual iconography, it could stand to pay closer attention to the malfunctions within its own walls. Particularly the glitch that prevents its staff from responding to complaints of abuse. Particularly to the complaints which call its attention to Go Daddy registered domains that put on its own brand of exhibitionism.
