Will New ICANN Rules Fight Domain Transfer Fraud?

Opinion: Transfer requests will default to approval if holding registrar doesn't object. But will the new procedures help prevent theft of domain by transfer fraud?

Some observers are concerned that new rules governing the transfer of Internet domains between domain registrars that went into effect on Nov. 12 will facilitate theft of those domains and "slamming" by registrars.

The new rules, originally announced by ICANN (the Internet Corporation for Assigned Names and Numbers) on July 12, were "approved unanimously by both ICANNs Generic Names Supporting Organization [GNSO] and its Board of Directors."

About a year ago I wrote about problems with domain registration transfers that made it all too easy to steal someone elses domain. I got a shocking amount of mail from victims of domain theft at the time and developed a low opinion of registrars. It was clear they all wanted to just bury the matter, and they dont get the benefit of the doubt from me anymore. (Register.coms Web site is scrupulously lacking in any information for press to use for contacts. There was a time when they had a contact and just moved slow on it, but they lack even this now.)

So I was ready to assume the worst when I read about the new rules. They streamline certain procedures so as to facilitate transfers in cases where the registrar previously holding the domain—the "registrar of record"—drags its feet. It seems the real problem, as ICANN puts it, was not registrars being too easy with transfers, but those not proceeding with a timely transfer when a legitimate request came in. And more specifically, Network Solutions has a lousy reputation in this regard. (Am I now accusing them of conflicting offenses, being too lax with transfer security and not willing enough to proceed with the transfer? Let them call me up and explain it to me.)

It seems that the sorts of problems I was observing have less to do with the transfers between registrars than with other security policies of the registrar, specifically changing the administrative contact information. The new ICANN policies shouldnt make the problems any worse because they still require that the registrar of record contact the owner. If the owner information is incorrect, its really a separate issue. And if there is a real dispute over a domain transfer, there is a set and orderly policy for dispute resolution.

Next Page: Incorrect owner information.