The Security
and Stability Advisory Committee (SSAC) of ICANN (the Internet
Corporation for Assigned Names and Numbers) has launched a probe
into the practice of what it calls domain name front running.
This is where a person checks if a desired domain name is
available to register, then finds that it has been taken when they
return shortly afterwards to register the name.
ICANN said that there are widespread suspicions that checks for
availability are being monitored and the information used to
register desired addresses in order to sell them back to the user
at a profit.
"When the domain name of interest for which an availability
check is made is registered shortly after such a check, the
individuals making the availability check may reasonably assume
that the organization operating the web site or service they used
to determine the availability of the name pre-emptively registered
the name," said the report by the SSAC.
It said that through there was not yet firm evidence of how or
even if the practice was widespread, it had received
complaints.
"Registrants have filed complaints with ICANN, registrars, and
with intellectual property attorneys that suggest domain name front
running incidents may have occurred," it said. "SSAC does not yet
have any hard data to draw conclusions regarding the frequency (if
any) of the occurrence of domain name front running."
The name 'front running' comes from the world of finance and
refers to stock brokers buying or selling stock in a company after
being instructed to take action by a client that will affect the
price of shares. That name originally came from the wild west and
referred to the purchase of soon-to-be-valuable land when acting on
insider information.
People who want to buy a domain name usually check its
availability first on websites such as whois.net, or through
registrar companies. It is at that point that unscrupulous
operators may be registering names in order to profit from the
demand for them.
The security committee has listed a number of plausible methods
that could be in operation stealing domain ideas. It said that
there could be software installed on users' computers which relays
domain queries secretly back to an operator, who then exploits that
information.
Alternatively, it said that any website could host a whois
application and abuse the information gathered.
The SACC report also said that companies operating DNS systems
or even registrars and registries themselves could be abusing the
query information they receive, or could have staff who do so.
The report said that it is unclear which, if any, of these
methods are being used. It said that there could be other
explanations for users' finding that checked domains were suddenly
registered.
"Alternative explanations have also been suggested. Apparent
instances of domain name front running may be mere coincidence or a
consequence of domain name tasting," said the report. "In any given
month, over a million domain names can be tested for their
potential to be profitable for monetization, and there is a
reasonable chance that some of these names may coincide with names
that have been subject to some form of a domain name availability
check during that month."
The report calls for information about and evidence of domain
front running from users and companies, and suggests that the
internet community formulate a policy of acceptable practices in
relation to domain registration to avoid tarnishing the internet
and domain industry's reputations.
