Back

28 Abuse Prevention and Mitigation

gTLDFull Legal NameE-mail suffixDetail
.godaddyGo Daddy East, LLCgodaddy.comView
All abuse involving domain names registered with or through Go Daddy may be reported to abuse@godaddy.com, or via Go Daddy’s 24x7 Abuse hotline at 1-480-624-2505. Go Daddy companies have a long-standing policy of investigating every complaint Go Daddy receives (already hundreds of thousands per year) and responding appropriately and taking necessary action to mitigate the reported abuse. Go Daddy will abide by its contractual obligations to registrants, resellers, registries and other registrars to set requirements and procedures, as detailed herein, to handle all types of abuse.

Go Daddy defines abuse as:

1. Misuse of the TLD or domain name infrastructure, which may include but is not limited to: (a) domain name hijacking; (b) fast flux DNS (rapidly changing the Domain Name Service (DNS) so that it can’t be taken down by the host provider; (c) intellectual property infringement (trademark); (d) invalid WHOIS information; or (e) mining of WHOIS data.

2. Violation of the acceptable use policies of the registry and⁄or registrar, which may include but is not limited to, use of a domain name in association with spam, phishing, illegal content, hacking, malware, illegal pharmacies, child abuse content, intellectual property (trademark or copyright).

POLICIES FOR HANDLING COMPLAINTS REGARDING ABUSE

Go Daddy’s Abuse and Domain Services teams will have a robust library of public policies and internal procedures for investigating and responding to abuse complaints. Every Go Daddy action will get logged via an internal activity-reporting tool that is used to compile metrics. These reports will be used to identify trends and areas of focus.

Go Daddy’s policies for handling complaints regarding abuse will include:

1. Immediately responding to claims regarding domain name abuse, such as hijacking (Go Daddy will provide a 24⁄7 hijacking hotline).

2. Encouraging registrars to communicate and work together to coordinate the recovery of domain names. Go Daddy will reserve formal and⁄or lengthy processes for incidents requiring escalation, using: (a) the Inter-Registrar Transfer Policy (IRTP); (b) the Transfer Dispute Resolution Policy (TDRP); and (c) the Transfer Undo Request Forms (TURF), a document which has been jointly adopted by select registrars for handling hijacking.

3. Promoting awareness of hijacking risks and providing information to customers about how to prevent hijackings, including the presentation of relevant information in online help articles and through customer service representatives.

4. Rapid response to Form of Authorization (FOA) requests.

5. Requiring registrars to adopt “undo” measures and to investigate the possibility of returning a hijacked name before it transfers to another registrar.

6. Sharing Go Daddy’s best practices with registrars to help successfully ward off potential hijackings. For example, Go Daddy hosts an annual Registrar Summit, bringing registries and registrars together to discuss domain name, abuse, and legal issues.

7. Educating registrars on how they can use the IRTP and the TDRP to guide them through hijacking events.

8. Requiring registrars to alert both registrants and administrative contacts when information changes on a domain name.

9. Requiring registrars to invoke a lock if the registrant’s first name, last name, and⁄or the company name information are changed on a domain name, preventing the name from transferring for 60 days.

10. Proactively monitoring Go Daddy’s DNS for excessive changes to domain names by imposing limitations on “Time to live” (TTL) values to discourage fast flux abuse.

11. Referring customers with intellectual property disputes to the Uniform Domain Name Dispute Resolution Policy (UDRP); and facilitating and abiding by those proceedings.

The removal of orphan glue records is not an existing abuse mitigation process at Go Daddy. However, Go Daddy would work with Go Daddy’s DNS and internal-tools teams to develop an interface that would allow Go Daddy to quickly identify any glue records for a given domain, and give the Abuse team the ability to remove reported orphaned glue records when Go Daddy receives such a report from the above mentioned abuse@godaddy.com email address, or from the general dns@jomax.net email address.

Resourcing will come from current staff throughout the parent organization. Go Daddy will incorporate all new gTLDs added to the Go Daddy registry into Go Daddy’s existing workflow to obtain immediate workability. Go Daddy will commit to maintaining sufficiently staffed departments to effectively deal with abuse issues as described in this document. Go Daddy anticipates additional headcount in the coming year in both its Abuse and Domain Services departments to allow for complaint volume increase, and for the potential need to communicate with multiple registrars regarding the gTLD.

WHOIS ABUSE

Go Daddy will support measures that help promote and maintain WHOIS accuracy. Go Daddy companies have proven experience in addressing complex WHOIS accuracy issues and has developed standard operating procedures, including quick response time on all claims and consistency in remedial action when the WHOIS is not verified or updated, the Registry will utilize the same SOPs.

Go Daddy will be committed to maintaining the highest level of WHOIS accuracy that is technically and economically achievable. Go Daddy will establish Invalid WHOIS investigation procedures that will mirror those used throughout the Go Daddy companies, which recently received positive attention from ICANN due to their practicality, exceptional promotion of WHOIS accuracy, and compliance and facilitation with the following policies:

1. ICANN’s Registrar Advisory Concerning WHOIS Data Accuracy

2. ICANN’s WDPRS (WHOIS Data Problem Report)

3. ICANN’s WDRP (WHOIS Data Reminder Policy)

In addition to the existing consensus policies, Go Daddy will have both proactive and reactive approaches in place that will exceed its legal obligations to maintain WHOIS accuracy.

The following proactive measures would be taken before the name was activated in the DNS:

1. Go Daddy would continue to educate registrars and end-users regarding WHOIS accuracy and consequences. As part of the registration processes, customers must agree to maintain valid WHOIS contact information. Go Daddy will provide instruction through Help articles and through customer service regarding updating WHOIS contact information and keeping that information up to date. In the Help articles, for instance, Go Daddy will emphasize the importance of valid contact information to prevent domain name loss and unauthorized transfers and changes to domain names. Likewise, Go Daddy will provide simple and accessible forms on its site that allow third parties to complain of invalid WHOIS information. Go Daddy will also have a specialized 24⁄7 team that helps customers and third party complainants understand the WHOIS accuracy process. Go Daddy will require registrars to provide the same level of education to customers as well as the same easily-accessible forms on their sites.

2. Go Daddy will develop a standardized format for registration data for the gTLD and will provide the format to registrars. Go Daddy will require that registrars submit data compliant with Go Daddy’s standardized format. The format will include the fields that are currently required in the WHOIS database.

Go Daddy will investigate each abuse complaint based on its own merit. Go Daddy will then apply the most appropriate established procedure developed by the Go Daddy companies over the past 10 years of successful abuse mitigation efforts.

The following reactive measures would be used to investigate each abuse complaint after a name is activated in the Domain Name System (DNS):

1. Go Daddy will require that all accredited registrars notify Go Daddy upon receipt of an Invalid WHOIS claim from ICANN, and copy Go Daddy on their response to ICANN. Additionally, Go Daddy would reserve the right to take action on the claim if it appeared that the registrar’s actions were insufficient or inappropriate.

2. Go Daddy will inspect data upon submission and ensure that it conforms to the proper format. Go Daddy will periodically inspect random samplings of WHOIS data for active registrations. Go Daddy will then examine those samples for inaccuracies and report inaccuracies to registrars, requiring them to take action.

3. Go Daddy will quickly and efficiently respond to requests from verified law enforcement officers to suspend websites or services that are officially declared to be part of an investigation. These issues will be handled on an escalated basis and answered within a matter of 2-3 hours on average. Go Daddy will have similar service level requirements for first response and investigation of general abuse complaints. Go Daddy aims for a 6-24 hour response time depending on the severity of the type of abuse being reported.

4. Issues likely to have higher urgency will be triaged by Go Daddy’s Abuse department staff and handled on an expedited basis. High priority issues will include, but are not limited to, child abuse⁄exploitation, phishing, malware, hacking, and other issues that negatively impact multiple customers⁄users, or where there is a clear threat of the imminent danger of such.

CONTROLS TO ENSURE PROPER ACCESS TO DOMAIN FUNCTIONS

Go Daddy will have measures in place that require Go Daddy’s customers to select strong passwords. Passwords determined to be too weak (by automated process) will not be permitted to be created in many of Go Daddy’s product and application environments.

Customers who contact Go Daddyʹs telephonic support department will be required to provide 2-factor authentication information, such as a PIN and the last six digits of their on-file credit card number, to process certain sensitive operations.

Go Daddy will also use Port 43 WHOIS access to discourage WHOIS data mining. See the response to Question 26, herein.

In order for a transfer of a domain name to take effect, validation will be required in a response to a notification email.
gTLDFull Legal NameE-mail suffixDetail
.homeGo Daddy East, LLCgodaddy.comView
All abuse involving domain names registered with or through Go Daddy may be reported to abuse@godaddy.com, or via Go Daddy’s 24x7 Abuse hotline at 1-480-624-2505. Go Daddy companies have a long-standing policy of investigating every complaint Go Daddy receives (already hundreds of thousands per year) and responding appropriately and taking necessary action to mitigate the reported abuse. Go Daddy will abide by its contractual obligations to registrants, resellers, registries and other registrars to set requirements and procedures, as detailed herein, to handle all types of abuse.

Go Daddy defines abuse as:

1. Misuse of the TLD or domain name infrastructure, which may include but is not limited to: (a) domain name hijacking; (b) fast flux DNS (rapidly changing the Domain Name Service (DNS) so that it can’t be taken down by the host provider; (c) intellectual property infringement (trademark); (d) invalid WHOIS information; or (e) mining of WHOIS data.

2. Violation of the acceptable use policies of the registry and⁄or registrar, which may include but is not limited to, use of a domain name in association with spam, phishing, illegal content, hacking, malware, illegal pharmacies, child abuse content, intellectual property (trademark or copyright).

POLICIES FOR HANDLING COMPLAINTS REGARDING ABUSE

Go Daddy’s Abuse and Domain Services teams will have a robust library of public policies and internal procedures for investigating and responding to abuse complaints. Every Go Daddy action will get logged via an internal activity-reporting tool that is used to compile metrics. These reports will be used to identify trends and areas of focus.

Go Daddy’s policies for handling complaints regarding abuse will include:

1. Immediately responding to claims regarding domain name abuse, such as hijacking (Go Daddy will provide a 24⁄7 hijacking hotline).

2. Encouraging registrars to communicate and work together to coordinate the recovery of domain names. Go Daddy will reserve formal and⁄or lengthy processes for incidents requiring escalation, using: (a) the Inter-Registrar Transfer Policy (IRTP); (b) the Transfer Dispute Resolution Policy (TDRP); and (c) the Transfer Undo Request Forms (TURF), a document which has been jointly adopted by select registrars for handling hijacking.

3. Promoting awareness of hijacking risks and providing information to customers about how to prevent hijackings, including the presentation of relevant information in online help articles and through customer service representatives.

4. Rapid response to Form of Authorization (FOA) requests.

5. Requiring registrars to adopt “undo” measures and to investigate the possibility of returning a hijacked name before it transfers to another registrar.

6. Sharing Go Daddy’s best practices with registrars to help successfully ward off potential hijackings. For example, Go Daddy hosts an annual Registrar Summit, bringing registries and registrars together to discuss domain name, abuse, and legal issues.

7. Educating registrars on how they can use the IRTP and the TDRP to guide them through hijacking events.

8. Requiring registrars to alert both registrants and administrative contacts when information changes on a domain name.

9. Requiring registrars to invoke a lock if the registrant’s first name, last name, and⁄or the company name information are changed on a domain name, preventing the name from transferring for 60 days.

10. Proactively monitoring Go Daddy’s DNS for excessive changes to domain names by imposing limitations on “Time to live” (TTL) values to discourage fast flux abuse.

11. Referring customers with intellectual property disputes to the Uniform Domain Name Dispute Resolution Policy (UDRP); and facilitating and abiding by those proceedings.

The removal of orphan glue records is not an existing abuse mitigation process at Go Daddy. However, Go Daddy would work with Go Daddy’s DNS and internal-tools teams to develop an interface that would allow Go Daddy to quickly identify any glue records for a given domain, and give the Abuse team the ability to remove reported orphaned glue records when Go Daddy receives such a report from the above mentioned abuse@godaddy.com email address, or from the general dns@jomax.net email address.

Resourcing will come from current staff throughout the parent organization. Go Daddy will incorporate all new gTLDs added to the Go Daddy registry into Go Daddy’s existing workflow to obtain immediate workability. Go Daddy will commit to maintaining sufficiently staffed departments to effectively deal with abuse issues as described in this document. Go Daddy anticipates additional headcount in the coming year in both its Abuse and Domain Services departments to allow for complaint volume increase, and for the potential need to communicate with multiple registrars regarding the gTLD.

WHOIS ABUSE

Go Daddy will support measures that help promote and maintain WHOIS accuracy. Go Daddy companies have proven experience in addressing complex WHOIS accuracy issues and has developed standard operating procedures, including quick response time on all claims and consistency in remedial action when the WHOIS is not verified or updated, the Registry will utilize the same SOPs.

Go Daddy will be committed to maintaining the highest level of WHOIS accuracy that is technically and economically achievable. Go Daddy will establish Invalid WHOIS investigation procedures that will mirror those used throughout the Go Daddy companies, which recently received positive attention from ICANN due to their practicality, exceptional promotion of WHOIS accuracy, and compliance and facilitation with the following policies:

1. ICANN’s Registrar Advisory Concerning WHOIS Data Accuracy

2. ICANN’s WDPRS (WHOIS Data Problem Report)

3. ICANN’s WDRP (WHOIS Data Reminder Policy)

In addition to the existing consensus policies, Go Daddy will have both proactive and reactive approaches in place that will exceed its legal obligations to maintain WHOIS accuracy.

The following proactive measures would be taken before the name was activated in the DNS:

1. Go Daddy would continue to educate registrars and end-users regarding WHOIS accuracy and consequences. As part of the registration processes, customers must agree to maintain valid WHOIS contact information. Go Daddy will provide instruction through Help articles and through customer service regarding updating WHOIS contact information and keeping that information up to date. In the Help articles, for instance, Go Daddy will emphasize the importance of valid contact information to prevent domain name loss and unauthorized transfers and changes to domain names. Likewise, Go Daddy will provide simple and accessible forms on its site that allow third parties to complain of invalid WHOIS information. Go Daddy will also have a specialized 24⁄7 team that helps customers and third party complainants understand the WHOIS accuracy process. Go Daddy will require registrars to provide the same level of education to customers as well as the same easily-accessible forms on their sites.

2. Go Daddy will develop a standardized format for registration data for the gTLD and will provide the format to registrars. Go Daddy will require that registrars submit data compliant with Go Daddy’s standardized format. The format will include the fields that are currently required in the WHOIS database.

Go Daddy will investigate each abuse complaint based on its own merit. Go Daddy will then apply the most appropriate established procedure developed by the Go Daddy companies over the past 10 years of successful abuse mitigation efforts.

The following reactive measures would be used to investigate each abuse complaint after a name is activated in the Domain Name System (DNS):

1. Go Daddy will require that all accredited registrars notify Go Daddy upon receipt of an Invalid WHOIS claim from ICANN, and copy Go Daddy on their response to ICANN. Additionally, Go Daddy would reserve the right to take action on the claim if it appeared that the registrar’s actions were insufficient or inappropriate.

2. Go Daddy will inspect data upon submission and ensure that it conforms to the proper format. Go Daddy will periodically inspect random samplings of WHOIS data for active registrations. Go Daddy will then examine those samples for inaccuracies and report inaccuracies to registrars, requiring them to take action.

3. Go Daddy will quickly and efficiently respond to requests from verified law enforcement officers to suspend websites or services that are officially declared to be part of an investigation. These issues will be handled on an escalated basis and answered within a matter of 2-3 hours on average. Go Daddy will have similar service level requirements for first response and investigation of general abuse complaints. Go Daddy aims for a 6-24 hour response time depending on the severity of the type of abuse being reported.

4. Issues likely to have higher urgency will be triaged by Go Daddy’s Abuse department staff and handled on an expedited basis. High priority issues will include, but are not limited to, child abuse⁄exploitation, phishing, malware, hacking, and other issues that negatively impact multiple customers⁄users, or where there is a clear threat of the imminent danger of such.

CONTROLS TO ENSURE PROPER ACCESS TO DOMAIN FUNCTIONS

Go Daddy will have measures in place that require Go Daddy’s customers to select strong passwords. Passwords determined to be too weak (by automated process) will not be permitted to be created in many of Go Daddy’s product and application environments.

Customers who contact Go Daddyʹs telephonic support department will be required to provide 2-factor authentication information, such as a PIN and the last six digits of their on-file credit card number, to process certain sensitive operations.

Go Daddy will also use Port 43 WHOIS access to discourage WHOIS data mining. See the response to Question 26, herein.

In order for a transfer of a domain name to take effect, validation will be required in a response to a notification email.