Back

28 Abuse Prevention and Mitigation

gTLDFull Legal NameE-mail suffixDetail
.INCDot Registry LLChotmail.comView
General Statement of Policy

Abuse within the registry will not be tolerated. DOT Registry will implement very strict policies and procedures to minimize abusive registrations and other activities that have a negative impact on Internet users. DOT Registry’s homepages will provide clear contact information for its Abuse Team, and in accordance with ICANN policy DOT Registry shall host NIC.INC, providing access to .INC’s WhoIs services, the Abuse Policy, and contact information for the Abuse Team.

Anti-Abuse Policy

DOT Registry will implement in its internal policies and its Registry-Registrar Agreements (RRAs) that all registered domain names in the TLD will be subject to a Domain Name Anti-Abuse Policy (“Abuse Policy”).

The Abuse Policy will provide DOT Registry with broad power to suspend, cancel, or transfer domain names that violate the Abuse Policy. DOT Registry will publish the Abuse Policy on its home website at NIC.INC and clearly provide DOT Registry’s Point of Contact (“Abuse Contact”) and its contact information. This information shall consist of, at a minimum, a valid e-mail address dedicated solely to the handling of abuse complaints, and a telephone number and mailing address for the primary contact. DOT Registry will ensure that this information will be kept accurate and up to date and will be provided to ICANN if and when changes are made.

In addition, with respect to inquiries from ICANN-Accredited registrars, the Abuse Contact shall handle requests related to abusive domain name practices.

Inquiries addressed to the Abuse Contact will be routed to DOT Registry’s Legal Team who will review and if applicable remedy any Complaint regarding an alleged violation of the Abuse Policy as described in more detail below. DOT Registry will catalog all abuse communications in its CRM software using a ticketing system that maintains records of all abuse complaints indefinitely. Moreover, DOT Registry shall only provide access to these records to third parties under limited circumstances, such as in response to a subpoena or other such court order or demonstrated official need by law enforcement.

The Abuse Policy will state, at a minimum, that DOT Registry reserves the right to deny, cancel, or transfer any registration or transaction, or place any domain name(s) on registry lock, hold, or similar status, that it deems necessary to ; (1) to protect the integrity and stability of the registry; (2) to comply with applicable laws, government rules or requirements, or court orders; (3) to avoid any liability, civil or criminal, on the part of DOT Registry, as well as its affiliates, subsidiaries, officers, directors, and employees; (4) to correct mistakes made by the DOT Registry, registry services provider, or any registrar in connection with a domain name registration; (5) during resolution of any dispute regarding the domain; and (6) if a Registrant’s pre-authorization or payment fails; or (7) to prevent the bad faith use of a domain name that is identical to a registered trademark and being used to confuse users.

The Abuse Policy will define the abusive use of domain names to include, but not be limited to, the following activities:

• Illegal or fraudulent actions: use of the DOT Registry’s or Registrarʹs services to violate the laws or regulations of any country, state, or infringe upon the laws of any other jurisdiction, or in a manner that adversely affects the legal rights of any other person;
• Spam: use of electronic messaging systems from email addresses from domains in the TLD to send unsolicited bulk messages. The term applies to e-mail spam and similar abuses such as instant messaging spam, mobile messaging spam, and the spamming of Web sites and Internet forums;
• Trademark and Copyright Infringement: DOT Registry will take great care to ensure that trademark and copyright infringement does not occur within the .INC TLD. DOT Registry will employ notice and takedown procedures based on the provisions of the Digital Millennium Copyright Act (DMCA) ;
• Phishing: use of counterfeit Web pages within the TLD that are designed to trick recipients into divulging sensitive data such as usernames, passwords, or financial data;
• Pharming: redirecting of unknowing users to fraudulent Web sites or services, typically through DNS hijacking or poisoning;
• Willful distribution of malware: dissemination of software designed to infiltrate or damage a computer system without the ownerʹs informed consent. Examples include, without limitation, computer viruses, worms, keyloggers, and trojan horses.
• Fast flux hosting: use of fast-flux techniques to disguise the location of Web sites or other Internet services, or to avoid detection and mitigation efforts, or to host illegal activities. Fast-flux techniques use DNS to frequently change the location on the Internet to which the domain name of an Internet host or name server resolves. Fast flux hosting may be used only with prior permission of DOT Registry;
• Botnet command and control: services run on a domain name that are used to control a collection of compromised computers or ʺzombies,ʺ or to direct denial-of-service attacks (DDoS attacks);
• Distribution of pornography;
• Illegal Access to Other Computers or Networks: illegally accessing computers, accounts, or networks belonging to another party, or attempting to penetrate security measures of another individualʹs system (often known as ʺhackingʺ). Also, any activity that might be used as a precursor to an attempted system penetration (e.g., port scan, stealth scan, or other information gathering activity);
• Domain Kiting⁄Tasting: registration of domain names to test their commercial viability before returning them during a Grace Period;
• High Volume Registrations⁄Surveying: registration of multiple domain names in order to warehouse them for sale or pay-per-click websites in a way that can impede DOT Registry from offering them to legitimate users or timely services to other subscribers;
• Geographic Name: registering a domain name that is identical to a Geographic Name, as defined by Specification 5 of the Registry Agreement;
• Inadequate Security: registering and using a domain name to host a website that collects third-party information but does not employ adequate security measures to protect third-party information in accordance with that geographic area’s data and financial privacy laws;
• Front Running: registrars mining their own web and WhoIs traffic to obtain insider information with regard to high-value second-level domains, which the registrar will then register to itself or an affiliated third party for sale or to generate advertising revenue;
• WhoIs Accuracy: Intentionally inserting false or misleading Registrant information into the TLD’s WhoIs database in connection with the bad faith registration and use of the domain in question;
• WhoIs Misuse: abusing access to the WhoIs database by using Registrant information for data mining purposes or other malicious purposes;
• Fake Renewal Notices; misusing WhoIs Registrant information to send bogus renewal notices to Registrants on file with the aim of causing the Registrant to spend unnecessary money or steal or redirect the domain at issue.

Domain Anti-Abuse Procedure

DOT Registry will provide a domain name anti-abuse procedure modeled after the DMCA’s notice-and-takedown procedure.

At all times, DOT Registry will publish on its home website at NIC.INC the Abuse Policy and the contact information for the Abuse Contact. Inquiries addressed to the Point of Contact will be addressed to and received by DOT Registry’s Legal Time who will review and if applicable remedy any Complaint regarding an alleged violation of the Abuse Policy. DOT Registry will catalog all abuse communications and provide them to third parties only under limited circumstances, such as in response to a subpoena or other such court order or demonstrated official need by law enforcement.

Any correspondence (“Complaint”) from a complaining party (“Complainant”) to the Abuse Contact will be ticketed in DOT Registry’s CRM software and relayed to DOT Registry’s Abuse Team. A member of DOT Registry’s Abuse Team will then send an email to the Complainant within forty-eight (48) hours of receiving the Complaint confirming receipt of the email and that DOT Registry will notify the Complainant of the results of the Complaint within ten (10) days of receiving the Complaint.

DOT Registry’s Abuse Team will review the Complaint and give it a “quick look” to see if the Complaint reasonably falls within an abusive use as defined by the Abuse Policy. If not, the Contact will write an email to the Complainant within thirty-six (36) hours of sending the confirmation email that the subject of the complaint clearly does not fall within one of the delineated abusive uses as defined by the Abuse Policy and that DOT Registry considers the matter closed.

If the quick look does not resolve the matter, DOT Registry’s Abuse Team will give the Complaint a full review. Any Registrant that has been determined to be in violation of DOT Registry policies shall be notified of the violation of such policy and their options to cure the violation.
Such notification shall state:
1) the nature of the violation;
2) the proposed remedy to the violation;
3) the time frame to cure the violation; and
4) the Registry’s options to take subsequent action if the Registrant does not cure the violation.
If an abusive use is determined DOT Registry’s Abuse Team will alert it’s Registry services team to immediately cancel the resolution of the domain name. DOT Registry’s Abuse Team will immediately notify the Registrant of the suspension of the domain name, the nature of the complaint, and provide the Registrant with the option to respond within ten (10) days or the domain will be canceled.
If the Registrant responds within ten (10) business days, it’[s response will be reviewed by the DOT Registry’s Abuse Team for further review. If DOT Registry’s Abuse Team is satisfied by the Registrant’s response that the use is not abusive, DOT Registry’s Abuse Team will submit a request by the registry services provider to reactivate the domain name. DOT Registry’s Abuse Team will then notify the Complainant that its complaint was ultimately denied and provide the reasons for the denial. If the Registrant does not respond within ten (10) business days, DOT Registry will notify the registry services team to cancel the abusive domain name.

This Anti-Abuse Procedure will not prejudice either party’s election to pursue another dispute mechanism, such as URS or UDRP.

With the resources of DOT Registry’s registry services personnel, DOT Registry can meet its obligations under Section 2.8 of the Registry Agreement where required to take reasonable steps to investigate and respond to reports from law enforcement and governmental and quasi-governmental agencies of illegal conduct in connection with the use of its TLD. The Registry will respond to legitimate law enforcement inquiries within one (1) business day from receiving the request. Such response shall include, at a minimum, an acknowledgement of receipt of the request, questions, or comments concerning the request, and an outline of the next steps to be taken by Application for rapid resolution of the request.

In the event such request involves any of the activities which can be validated by DOT Registry and involves the type of activity set forth in the Abuse Policy, the sponsoring registrar is then given forty-eight (48) hours to investigate the activity further and either take down the domain name by placing the domain name on hold or by deleting the domain name in its entirety or providing a compelling argument to the registry to keep the name in the zone. If the registrar has not taken the requested action after the 48-hour period (i.e., is unresponsive to the request or refuses to take action), DOT Registry will place the domain on “serverHold”.

Maintenance of Registration Criteria

If a Registrant previously awarded the “.INC” domain ceases to be registered with a Secretary of State or legally applicable jurisdiction, such Registrant will be required to forfeit the assigned “.INC” domain at their designated renewal date.
If DOT Registry discovers that a Registrant wrongfully applied for and was awarded a “.INC” domain, then such “.INC” will be immediately forfeited to DOT Registry.
If a Registrant previously awarded a “.INC” domain is dissolved and⁄or forfeited for any reason, then such “.INC” domain will be forfeited to DOT Registry at their designated renewal time; unless such Registrant takes all reasonable steps to become reinstated and such Registrant is reinstated within six months of being dissolved and⁄or forfeited.
If a Registrant previously awarded the “.INC” domain is administratively dissolved by the Secretary of State or legally applicable jurisdiction, then such “.INC” will be forfeited to DOT Registry at their designated renewal time, unless such Registrant is reinstated within six months of being administratively dissolved.
A Registrant’s “Active” Status will be verified annually. Any Registrant not considered “Active” by the definition listed above in question 18 will be given a probationary warning, allowing time for the Registrant to restore itself to “Active” Status. If the Registrant is unable to restore itself to “Active” status within the defined probationary period, their previously assigned “.INC” will be forfeited. In addition, DOT Registry’s definition of “Active” may change in accordance with the policies of the Secretaries of State.
Orphan Glue Removal

As the Security and Stability Advisory Committee of ICANN (SSAC) rightly acknowledges, although orphaned glue records may be used for abusive or malicious purposes, the “dominant use of orphaned glue supports the correct and ordinary operation of the DNS.” See http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf.

While orphan glue often supports correct and ordinary operation of the DNS, we understand that such glue records can be used maliciously to point to name servers that host domains used in illegal phishing, bot-nets, malware, and other abusive behaviors. Problems occur when the parent domain of the glue record is deleted but its children glue records still remain in the DNS. Therefore, when DOT Registry has written evidence of actual abuse of orphaned glue, DOT Registry will take action to remove those records from the zone to mitigate such malicious conduct.

DOT Registry’s registry service operator will run a daily audit of entries in its DNS systems and compare those with its provisioning system. This serves as an umbrella protection to make sure that items in the DNS zone are valid. Any DNS record that shows up in the DNS zone but not in the provisioning system will be flagged for investigation and removed if necessary. This daily DNS audit serves to not only prevent orphaned hosts but also other records that should not be in the zone.

In addition, if either DOT Registry or its registry services operator becomes aware of actual abuse on orphaned glue after receiving written notification by a third party through its Abuse Contact or through its customer support, such glue records will be removed from the zone.

WhoIs Accuracy

DOT Registry will provide WhoIs accessibility in a reliable, consistent, and predictable fashion in order to promote Whois accuracy. The Registry will adhere to port 43 WhoIs Service Level Agreements (SLAs), which require that port 43 WHOIS service be highly accessible and fast.

DOT Registry will offer thick WhoIs services, in which all authoritative WhoIs data—including contact data—is maintained at the registry. DOT Registry will maintain timely, unrestricted, and public access to accurate and complete WhoIs information, including all data objects as specified in Specification 4. Moreover, prior to the release of any domain names, DOT Registry’s registrar will provide DOT Registry with an authorization code to verify eligible Registrants provide accurate Registrant contact information.

In order to further promote WhoIs accuracy, DOT Registry will offer a mechanism whereby third parties can submit complaints directly to the DOT Registry (as opposed to ICANN or the sponsoring Registrar) about inaccurate or incomplete WhoIs data. Such information shall be forwarded to the registrar, who shall be required to address those complaints with their Registrants. Thirty days after forwarding the complaint to the registrar, DOT Registry will examine the current WhoIs data for names that were alleged to be inaccurate to determine if the information was corrected, the domain name was deleted, or there was some other disposition. If the registrar has failed to take any action, or it is clear that the Registrant was either unwilling or unable to correct the inaccuracies, DOT Registry reserves the right to cancel or suspend the applicable domain name(s) should DOT Registry determine that the domains are being used in a manner contrary to DOT Registry’s abuse policy.

DOT Registry shall also require authentication and verification of all Registrant data. DOT Registry shall verify the certificates of incorporation, whether a corporation is in active status, contact information, e-mail address, and, to the best of its abilities, determine whether address information supplied is accurate. Second-level domains in the TLD shall not be operational unless two (2) out of three (3) of the above authentication methods have been satisfied.

With regard to registrars, DOT Registry shall provide financial incentives for pre-authentication of Registrant data prior to such data being passed to the registry. DOT Registry will provide for lower renewal and bulk registration fees in its RRAs for registrations which have been pre-authenticated and which DOT Registry can rely on as accurate data to be entered into its WhoIs database.

DOT Registry will also maintain historical databases of Registrants and associated information which have provided inaccurate WhoIs information. DOT Registry will endeavor to use this database to uncover patterns of suspicious registrations which DOT Registry shall then flag for further authentication or for review of the Registrant’s use of the domain in question to ensure Registrant’s use is consonant with DOT Registry’s abuse policy.

In addition, DOT Registry’s Abuse Team shall on its own initiative, no less than twice per year, perform a manual review of a random sampling of domain names within the applied-for TLD to test the accuracy of the WhoIs information. Although this will not include verifying the actual information in the WHOIS record, DOT Registry will be examining the WHOIS data for prima facie evidence of inaccuracies. In the event that such evidence exists, it shall be forwarded to the registrar, who shall be required to address those complaints with their Registrants. Thirty days after forwarding the complaint to the registrar, the DOT Registry will examine the current WhoIs data for names that were alleged to be inaccurate to determine if the information was corrected, the domain name was deleted, or there was some other disposition. If the registrar has failed to take any action, or it is clear that the Registrant was either unwilling or unable to correct the inaccuracies, DOT Registry reserves the right to suspend the applicable domain name(s) should DOT Registry determine that the Registrant is using the domain in question in a manner contrary to DOT Registry’s abuse policy. DOT Registry shall also reserve the right to report such recalcitrant registrar activities directly to ICANN.

Abuse Prevention and Mitigation – Domain Name Access

All domain name Registrants will have adequate controls to ensure proper access to domain functions.

In addition to the above, all domain name Registrants in the applied-for TLD will be required to name at least two (2) unique points of contact who are authorized to request and⁄or approve update, transfer, and deletion requests. The points of contact must establish strong passwords with the registrar that must be authenticated before a point of contact will be allowed to process updates, transfer, and deletion requests. Once a process update, transfer, or deletion request is entered, the points of contact will automatically be notified when a domain has been updated, transferred, or deleted through an automated system run by DOT Registry’s registrar. Authentication of modified Registrant information shall be accomplished 48 Hours.


gTLDFull Legal NameE-mail suffixDetail
.LLCDot Registry LLChotmail.comView
General Statement of Policy

Abuse within the registry will not be tolerated. DOT Registry will implement very strict policies and procedures to minimize abusive registrations and other activities that have a negative impact on Internet users. DOT Registry’s homepages will provide clear contact information for its Abuse Team, and in accordance with ICANN policy DOT Registry shall host NIC.LLC, providing access to .LLC’s WhoIs services, the Abuse Policy, and contact information for the Abuse Team.

Anti-Abuse Policy

DOT Registry will implement in its internal policies and its Registry-Registrar Agreements (RRAs) that all registered domain names in the TLD will be subject to a Domain Name Anti-Abuse Policy (“Abuse Policy”).

The Abuse Policy will provide DOT Registry with broad power to suspend, cancel, or transfer domain names that violate the Abuse Policy. DOT Registry will publish the Abuse Policy on its home website at NIC.LLC and clearly provide DOT Registry’s Point of Contact (“Abuse Contact”) and its contact information. This information shall consist of, at a minimum, a valid e-mail address dedicated solely to the handling of abuse complaints, and a telephone number and mailing address for the primary contact. DOT Registry will ensure that this information will be kept accurate and up to date and will be provided to ICANN if and when changes are made.

In addition, with respect to inquiries from ICANN-Accredited registrars, the Abuse Contact shall handle requests related to abusive domain name practices.

Inquiries addressed to the Abuse Contact will be routed to DOT Registry’s Legal Team who will review and if applicable remedy any Complaint regarding an alleged violation of the Abuse Policy as described in more detail below. DOT Registry will catalog all abuse communications in its CRM software using a ticketing system that maintains records of all abuse complaints indefinitely. Moreover, DOT Registry shall only provide access to these records to third parties under limited circumstances, such as in response to a subpoena or other such court order or demonstrated official need by law enforcement.

The Abuse Policy will state, at a minimum, that DOT Registry reserves the right to deny, cancel, or transfer any registration or transaction, or place any domain name(s) on registry lock, hold, or similar status, that it deems necessary to ; (1) to protect the integrity and stability of the registry; (2) to comply with applicable laws, government rules or requirements, or court orders; (3) to avoid any liability, civil or criminal, on the part of DOT Registry, as well as its affiliates, subsidiaries, officers, directors, and employees; (4) to correct mistakes made by the DOT Registry, registry services provider, or any registrar in connection with a domain name registration; (5) during resolution of any dispute regarding the domain; and (6) if a Registrant’s pre-authorization or payment fails; or (7) to prevent the bad faith use of a domain name that is identical to a registered trademark and being used to confuse users.

The Abuse Policy will define the abusive use of domain names to include, but not be limited to, the following activities:

• Illegal or fraudulent actions: use of the DOT Registry’s or Registrarʹs services to violate the laws or regulations of any country, state, or infringe upon the laws of any other jurisdiction, or in a manner that adversely affects the legal rights of any other person;
• Spam: use of electronic messaging systems from email addresses from domains in the TLD to send unsolicited bulk messages. The term applies to e-mail spam and similar abuses such as instant messaging spam, mobile messaging spam, and the spamming of Web sites and Internet forums;
• Trademark and Copyright Infringement: DOT Registry will take great care to ensure that trademark and copyright infringement does not occur within the .LLC TLD. DOT Registry will employ notice and takedown procedures based on the provisions of the Digital Millennium Copyright Act (DMCA) ;
• Phishing: use of counterfeit Web pages within the TLD that are designed to trick recipients into divulging sensitive data such as usernames, passwords, or financial data;
• Pharming: redirecting of unknowing users to fraudulent Web sites or services, typically through DNS hijacking or poisoning;
• Willful distribution of malware: dissemination of software designed to infiltrate or damage a computer system without the ownerʹs informed consent. Examples include, without limitation, computer viruses, worms, keyloggers, and trojan horses.
• Fast flux hosting: use of fast-flux techniques to disguise the location of Web sites or other Internet services, or to avoid detection and mitigation efforts, or to host illegal activities. Fast-flux techniques use DNS to frequently change the location on the Internet to which the domain name of an Internet host or name server resolves. Fast flux hosting may be used only with prior permission of DOT Registry;
• Botnet command and control: services run on a domain name that are used to control a collection of compromised computers or ʺzombies,ʺ or to direct denial-of-service attacks (DDoS attacks);
• Distribution of pornography;
• Illegal Access to Other Computers or Networks: illegally accessing computers, accounts, or networks belonging to another party, or attempting to penetrate security measures of another individualʹs system (often known as ʺhackingʺ). Also, any activity that might be used as a precursor to an attempted system penetration (e.g., port scan, stealth scan, or other information gathering activity);
• Domain Kiting⁄Tasting: registration of domain names to test their commercial viability before returning them during a Grace Period;
• High Volume Registrations⁄Surveying: registration of multiple domain names in order to warehouse them for sale or pay-per-click websites in a way that can impede DOT Registry from offering them to legitimate users or timely services to other subscribers;
• Geographic Name: registering a domain name that is identical to a Geographic Name, as defined by Specification 5 of the Registry Agreement;
• Inadequate Security: registering and using a domain name to host a website that collects third-party information but does not employ adequate security measures to protect third-party information in accordance with that geographic area’s data and financial privacy laws;
• Front Running: registrars mining their own web and WhoIs traffic to obtain insider information with regard to high-value second-level domains, which the registrar will then register to itself or an affiliated third party for sale or to generate advertising revenue;
• WhoIs Accuracy: Intentionally inserting false or misleading Registrant information into the TLD’s WhoIs database in connection with the bad faith registration and use of the domain in question;
• WhoIs Misuse: abusing access to the WhoIs database by using Registrant information for data mining purposes or other malicious purposes;
• Fake Renewal Notices; misusing WhoIs Registrant information to send bogus renewal notices to Registrants on file with the aim of causing the Registrant to spend unnecessary money or steal or redirect the domain at issue.

Domain Anti-Abuse Procedure

DOT Registry will provide a domain name anti-abuse procedure modeled after the DMCA’s notice-and-takedown procedure.

At all times, DOT Registry will publish on its home website at NIC.LLC the Abuse Policy and the contact information for the Abuse Contact. Inquiries addressed to the Point of Contact will be addressed to and received by DOT Registry’s Legal Team, who will review and if applicable remedy any Complaint regarding an alleged violation of the Abuse Policy. DOT Registry will catalog all abuse communications and provide them to third parties only under limited circumstances, such as in response to a subpoena or other such court order or demonstrated official need by law enforcement.

Any correspondence (“Complaint”) from a complaining party (“Complainant”) to the Abuse Contact will be ticketed in DOT Registry’s CRM software and relayed to DOT Registry’s Abuse Team. A member of DOT Registry’s Abuse Team will then send an email to the Complainant within forty-eight (48) hours of receiving the Complaint confirming receipt of the email and that DOT Registry will notify the Complainant of the results of the Complaint within ten (10) days of receiving the Complaint.

DOT Registry’s Abuse Team will review the Complaint and give it a “quick look” to see if the Complaint reasonably falls within an abusive use as defined by the Abuse Policy. If not, the Contact will write an email to the Complainant within thirty-six (36) hours of sending the confirmation email that the subject of the complaint clearly does not fall within one of the delineated abusive uses as defined by the Abuse Policy and that DOT Registry considers the matter closed.

If the quick look does not resolve the matter, DOT Registry’s Abuse Team will give the Complaint a full review. Any Registrant that has been determined to be in violation of DOT Registry policies shall be notified of the violation of such policy and their options to cure the violation.
Such notification shall state:
1) the nature of the violation;
2) the proposed remedy to the violation;
3) the time frame to cure the violation; and
4) the Registry’s options to take subsequent action if the Registrant does not cure the violation.
If an abusive use is determined DOT Registry’s Abuse Team will alert it’s Registry services team to immediately cancel the resolution of the domain name. DOT Registry’s Abuse Team will immediately notify the Registrant of the suspension of the domain name, the nature of the complaint, and provide the Registrant with the option to respond within ten (10) days or the domain will be canceled.
If the Registrant responds within ten (10) business days, it’s response will be reviewed by the DOT Registry’s Abuse Team for further review. If DOT Registry’s Abuse Team is satisfied by the Registrant’s response that the use is not abusive, DOT Registry’s Abuse Team will submit a request by the registry services provider to reactivate the domain name. DOT Registry’s Abuse Team will then notify the Complainant that its complaint was ultimately denied and provide the reasons for the denial. If the Registrant does not respond within ten (10) business days, DOT Registry will notify the registry services team to cancel the abusive domain name.

This Anti-Abuse Procedure will not prejudice either party’s election to pursue another dispute mechanism, such as URS or UDRP.

With the resources of DOT Registry’s registry services personnel, DOT Registry can meet its obligations under Section 2.8 of the Registry Agreement where required to take reasonable steps to investigate and respond to reports from law enforcement and governmental and quasi-governmental agencies of illegal conduct in connection with the use of its TLD. The Registry will respond to legitimate law enforcement inquiries within one (1) business day from receiving the request. Such response shall include, at a minimum, an acknowledgement of receipt of the request, questions, or comments concerning the request, and an outline of the next steps to be taken by Application for rapid resolution of the request.

In the event such request involves any of the activities which can be validated by DOT Registry and involves the type of activity set forth in the Abuse Policy, the sponsoring registrar is then given forty-eight (48) hours to investigate the activity further and either take down the domain name by placing the domain name on hold or by deleting the domain name in its entirety or providing a compelling argument to the registry to keep the name in the zone. If the registrar has not taken the requested action after the 48-hour period (i.e., is unresponsive to the request or refuses to take action), DOT Registry will place the domain on “serverHold”.

Maintenance of Registration Criteria

If a Registrant previously awarded the “.LLC” domain ceases to be registered with a Secretary of State or legally applicable jurisdiction, such Registrant will be required to forfeit the assigned “.LLC” domain at their designated renewal date.
If DOT Registry discovers that a Registrant wrongfully applied for and was awarded a “.LLC” domain, then such “.LLC” will be immediately forfeited to DOT Registry.
If a Registrant previously awarded a “.LLC” domain is dissolved and⁄or forfeited for any reason, then such “.LLC” domain will be forfeited to DOT Registry at their designated renewal time; unless such Registrant takes all reasonable steps to become reinstated and such Registrant is reinstated within six months of being dissolved and⁄or forfeited.
If a Registrant previously awarded the “.LLC” domain is administratively dissolved by the Secretary of State or legally applicable jurisdiction, then such “.LLC” will be forfeited to DOT Registry at their designated renewal time, unless such Registrant is reinstated within six months of being administratively dissolved.
A Registrant’s “Active” Status will be verified annually. Any Registrant not considered “Active” by the definition listed above in question 18 will be given a probationary warning, allowing time for the Registrant to restore itself to “Active” Status. If the Registrant is unable to restore itself to “Active” status within the defined probationary period, their previously assigned “.LLC” will be forfeited. In addition, DOT Registry’s definition of “Active” may change in accordance with the policies of the Secretaries of State.
Orphan Glue Removal

As the Security and Stability Advisory Committee of ICANN (SSAC) rightly acknowledges, although orphaned glue records may be used for abusive or malicious purposes, the “dominant use of orphaned glue supports the correct and ordinary operation of the DNS.” See http:⁄⁄www.icann.org⁄en⁄committees⁄security⁄sac048.pdf.

While orphan glue often supports correct and ordinary operation of the DNS, we understand that such glue records can be used maliciously to point to name servers that host domains used in illegal phishing, bot-nets, malware, and other abusive behaviors. Problems occur when the parent domain of the glue record is deleted but its children glue records still remain in the DNS. Therefore, when DOT Registry has written evidence of actual abuse of orphaned glue, DOT Registry will take action to remove those records from the zone to mitigate such malicious conduct.

DOT Registry’s registry service operator will run a daily audit of entries in its DNS systems and compare those with its provisioning system. This serves as an umbrella protection to make sure that items in the DNS zone are valid. Any DNS record that shows up in the DNS zone but not in the provisioning system will be flagged for investigation and removed if necessary. This daily DNS audit serves to not only prevent orphaned hosts but also other records that should not be in the zone.

In addition, if either DOT Registry or its registry services operator becomes aware of actual abuse on orphaned glue after receiving written notification by a third party through its Abuse Contact or through its customer support, such glue records will be removed from the zone.

WhoIs Accuracy

DOT Registry will provide WhoIs accessibility in a reliable, consistent, and predictable fashion in order to promote Whois accuracy. The Registry will adhere to port 43 WhoIs Service Level Agreements (SLAs), which require that port 43 WHOIS service be highly accessible and fast.

DOT Registry will offer thick WhoIs services, in which all authoritative WhoIs data—including contact data—is maintained at the registry. DOT Registry will maintain timely, unrestricted, and public access to accurate and complete WhoIs information, including all data objects as specified in Specification 4. Moreover, prior to the release of any domain names, DOT Registry’s registrar will provide DOT Registry with an authorization code to verify eligible Registrants provide accurate Registrant contact information.

In order to further promote WhoIs accuracy, DOT Registry will offer a mechanism whereby third parties can submit complaints directly to the DOT Registry (as opposed to ICANN or the sponsoring Registrar) about inaccurate or incomplete WhoIs data. Such information shall be forwarded to the registrar, who shall be required to address those complaints with their Registrants. Thirty days after forwarding the complaint to the registrar, DOT Registry will examine the current WhoIs data for names that were alleged to be inaccurate to determine if the information was corrected, the domain name was deleted, or there was some other disposition. If the registrar has failed to take any action, or it is clear that the Registrant was either unwilling or unable to correct the inaccuracies, DOT Registry reserves the right to cancel or suspend the applicable domain name(s) should DOT Registry determine that the domains are being used in a manner contrary to DOT Registry’s abuse policy.

DOT Registry shall also require authentication and verification of all Registrant data. DOT Registry shall verify the certificates of incorporation, whether a Limited Liability Company is in active status, contact information, e-mail address, and, to the best of its abilities, determine whether address information supplied is accurate. Second-level domains in the TLD shall not be operational unless two (2) out of three (3) of the above authentication methods have been satisfied.

With regard to registrars, DOT Registry shall provide financial incentives for pre-authentication of Registrant data prior to such data being passed to the registry. DOT Registry will provide for lower renewal and bulk registration fees in its RRAs for registrations which have been pre-authenticated and which DOT Registry can rely on as accurate data to be entered into its WhoIs database.

DOT Registry will also maintain historical databases of Registrants and associated information which have provided inaccurate WhoIs information. DOT Registry will endeavor to use this database to uncover patterns of suspicious registrations which DOT Registry shall then flag for further authentication or for review of the Registrant’s use of the domain in question to ensure Registrant’s use is consonant with DOT Registry’s abuse policy.

In addition, DOT Registry’s Abuse Team shall on its own initiative, no less than twice per year, perform a manual review of a random sampling of domain names within the applied-for TLD to test the accuracy of the WhoIs information. Although this will not include verifying the actual information in the WHOIS record, DOT Registry will be examining the WHOIS data for prima facie evidence of inaccuracies. In the event that such evidence exists, it shall be forwarded to the registrar, who shall be required to address those complaints with their Registrants. Thirty days after forwarding the complaint to the registrar, the DOT Registry will examine the current WhoIs data for names that were alleged to be inaccurate to determine if the information was corrected, the domain name was deleted, or there was some other disposition. If the registrar has failed to take any action, or it is clear that the Registrant was either unwilling or unable to correct the inaccuracies, DOT Registry reserves the right to suspend the applicable domain name(s) should DOT Registry determine that the Registrant is using the domain in question in a manner contrary to DOT Registry’s abuse policy. DOT Registry shall also reserve the right to report such recalcitrant registrar activities directly to ICANN.

Abuse Prevention and Mitigation – Domain Name Access

All domain name Registrants will have adequate controls to ensure proper access to domain functions.

In addition to the above, all domain name Registrants in the applied-for TLD will be required to name at least two (2) unique points of contact who are authorized to request and⁄or approve update, transfer, and deletion requests. The points of contact must establish strong passwords with the registrar that must be authenticated before a point of contact will be allowed to process updates, transfer, and deletion requests. Once a process update, transfer, or deletion request is entered, the points of contact will automatically be notified when a domain has been updated, transferred, or deleted through an automated system run by DOT Registry’s registrar. Authentication of modified Registrant information shall be accomplished (48) hours.