I'm waiting for the check to clear.
While I frequently comment on a variety of legal matters in my spare time, I'm not on call to comment on all or most legal disputes in the industry. Most of these things hinge on "facts" which may or may not be as reported, and usually involve a review of various terms of service, etc.. Additionally, someone might have a dispute in which they might ultimately decide to contact or hire an attorney, so why should I invest the time to disqualify myself by making comments on everything that comes down the pike?
Some general principles applicable here are:
1. Like it or not, "mistake" can be a defense to a contract action. Unilateral mistake is a disfavored defense in contract disputes, but that does not mean that it does not work on sufficient evidence. It looks like the domain name was supposed to be maintained pursuant to another agreement, someone dropped the ball, the domain went into the sales pipeline, and nobody noticed until it was sold to someone else. But, keep a pin on that thought for a moment.
2. The measure of damages in something like this is typically what you paid, not what it is "worth". As with anything, there are exceptions to that, and there is objective evidence of value - in the form of the subsequent sale.
3. This is the interesting one to me - let's talk about who has "owned" this domain name. Since someone mentioned something about ICANN, it is worth reviewing how ICANN sees a domain registration...
The things that a registrar is supposed to do, as far as ICANN is concerned, are defined by the Registrar Accreditation Agreement RAA, which was last revised in 2013. The ICANN RAA is here:
https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en
ICANN views the registrar as registering domain names at the behest of the "Registered Name Holder". As far as an "account holder" goes, the account holder might, or might not, be the Registered Name Holder. So, merely having a name in one's account, and being the registrant of the domain name can be two different things. This is actually pretty normal when you think about technical, legal, business or other service providers who hold their customer's names, registered to their customer, but in their accounts as administrators.
Looking at the WHOIS history of the domain name, the registrant has been:
Registrant Name: REDACTED FOR PRIVACY (DT)
Registrant Organization: Legal Brand Domains
Registrant Street: 26565 Agoura Road Suite 200
Registrant City: Calabasas
Registrant State/Province: CA
Registrant Postal Code: 91302
Registrant Country: us
Registrant Phone: 18188848075
...and then changed on 6/17/2022, just after expiration, to:
Registrant Name: Privacy Administrator
Registrant Organization: Anonymize, Inc.
Registrant Street: 1100 Bellevue Way NE, Ste 8A-601
Registrant City: Bellevue
Registrant State/Province: WA
Registrant Postal Code: 98004
Registrant Country: US
Registrant Phone: +1.4253668810
Now, to be clear, Anonymize Inc. is, as I understand it, a separate company from Epik the registrar. So, to Epik, the registrant is the entity listed above. That WHOIS information remains consistent since June.
The 2013 RAA includes a "Specification on Privacy and Proxy Registrations". That specification was supposed to expire in 2017 until the conclusion of an ICANN policy group to come up with a privacy/proxy accreditation standard. With the entire policy mess around registrant information generally, the 2013 specification periodically is extended (and was recently given an additional year beyond the extension noted on the page linked above).
But, one of the takeaways is that the registrant of the domain name has been whomever Anonymize Inc. might say it is. In a situation like this, a typical registrar response to someone complaining to ICANN about "my domain name" is that the registrant of the domain name has been (in this instance) Anonymize Inc., so the person submitting the complaint is not and has not been the registrant of the domain name. Certainly, it was never in the registrar's WHOIS data that the name was registered to whomever is making the complaint.
This sort of problem is one of the long list of reasons why privacy services are crap. If you want privacy, form your own corporation, register your names to that corporation (LLC or whatever), and use that. But, no, we have this industry where people take million dollar assets, hand them to a stranger to hold, and say "don't tell anyone its mine." How often do you do that in real life? If something goes wrong, you are complicating the process of saying "it's mine" in the first place.
"Who is the registrant of a domain name" can be something of a slippery question when there is a privacy service involved, and particularly if the privacy service purports to be a different entity than the registrar.
4. At long last, we come to Epik's terms concerning aftermarket transactions. Nameliquidate's "terms" link apparently forwards to the Epik.com general terms, which include such gems as...
"We reserve the right to reject or cancel your After Market Domain Name registration for any reason including, but not limited to, any pricing errors. In the event your After Market Domain Name registration is rejected or cancelled by us, for any reason, we will refund in full the amount of the purchase price for the After Market Domain Name as your sole remedy."
Epik is claiming the reason is there was a mistake. That's well within "any reason". They don't have to explain it in detail to you, but you can spend a lot of money litigating to find out whether they really made one or not. Then we come to:
"IN NO EVENT SHALL EPIK, ITS AFFILIATES, SUBSIDIARIES, OFFICERS, DIRECTORS, EMPLOYEES, OR SUPPLIERS BE LIABLE FOR LOST PROFITS OR ANY SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR IN CONNECTION WITH THE SITE, THE SERVICES, OR THIS AGREEMENT (HOWEVER ARISING, INCLUDING NEGLIGENCE). EPIK`S LIABILITY, AND THE LIABILITY OF ITS AFFILIATES, SUBSIDIARIES, OFFICERS, DIRECTORS, EMPLOYEES, AND SUPPLIERS, TO YOU OR ANY THIRD PARTIES IN ANY CIRCUMSTANCE IS LIMITED TO THE GREATER OF (A) THE AMOUNT OF FEES YOU HAVE PAID TO US IN THE 12 MONTHS PRIOR TO THE ACTION GIVING RISE TO LIABILITY, AND (B) $100."
So, the first question is, "Are you shooting for the fees or going for the $100?"
Now, of course, whenever these things come up, someone is sure to throw around things like "contract of adhesion", "unconscionable terms", "illusory contract" and so on. But those things are easier said than actually litigated successfully. The last one - saying that it is not a "contract" because there is no real obligation - is easily addressed by the fact that they indeed are obligated to do various things at the risk of your fees or $100.
But let's take unconscionability. You'd be surprised what kinds of awful contracts are held not to be "unconscionable" legally. Is it "unconscionable" for a registrar to limit their liability to $100 when they are dealing with assets that could be worth millions. Well, one answer to that question is to consider that if you are in a business that is essential to the internet, and you are dealing with a million customers at a profit margin of a couple of dollars a piece, to how much potential liability should you reasonably be expected to expose yourself? At $100 a pop, your million customers represent a potential liability of $100 million dollars. That limit looks a lot more reasonable if you are simply looking at both sides of the table.
Now, normally, if you as an individual are concerned about loss of assets, you can find appropriate insurance from a duly-licensed and regulated insurance provider. One of the surprising finds in this thread is that, although you had a domain name and you don't have it any more, registrar revocations are apparently not a domain loss scenario that DNProtect would get excited about. Given that pretty much any and every registrar has similar "we can do what we want with little recourse" policies - and which time and time again we see them do - then it's good to know there is at least one protection vendor who will not cover this sort of scenario.
That's for starters. Can all that be argued against? Sure. But those points are baggage that you have at the starting line of this sort of dispute. The ball does not start mid-field in these kinds of situations, but deep in your own territory. That's all.
There's another thread here in legal issues where someone is going to sue so many people that he wants suggestions on who to include. The probability of an actual lawsuit is very low, and these sorts of registrar disputes - in their infinite variety - is why registrars have very protective terms in the first place. It's a big world and new problems come up all of the time.
But, Keith, in general, I'm much more interested in IP and trademark issues, some transactional issues, and civil procedure issues (how does one file, serve, and move forward with a suit) for recreational kibitzing, because the "I'm upset at some registrar and I'm going to sue them for (whatever)" threads are a dime a dozen. Since I spend my own time commenting on these things, then I pick the ones I find interesting or worthwhile on my own. If I've been tagged once and don't comment, it's probably because (a) I'm on one of my months-long forum diets, or (b) it's just not interesting to me.
The class of "I did X at a registrar and didn't get what I expected/wanted" stuff is more about how a registrar chooses to deal with their customer service issues and does not usually present any fact patterns that change the basic dynamic of "screw you" registration and service contracts.
Definitely sucks. I'd be angry too. As mentioned a couple of times above, sometimes the best thing you can do is make some noise. But as a legal matter, these things aren't usually worth pursuing.
One practical thing I have observed about these kind of "we corrected our mistake" registrar actions is that they wouldn't happen if the domain name were moved to a different registrar. I'm not going back to check the timeline on this one, but one thing to think about as a practical safeguard is that when you purchase a domain name at a registrar-affiliated service of some kind, then move that domain name to another registrar just as soon as you can. Whether that applies here, I don't know. But it is worth keeping in mind, and not just at this registrar. You might think "all sales are final" but the terms are pretty open-ended on that subject.
An example of this sort of thing crossed my desk a while back. My client bought a name at a registrar-affiliated drop auction. As soon as was possible, my client transferred the name to another registrar. The first transfer request was denied by the losing registrar. My client complained to them about the failure, submitted a second transfer request, and it went through. Sometimes, you can simply ask to have a lock removed. After the transfer, the gaining registrar locked the name and said there had been an inquiry about the transfer. Shortly after that, the gaining registrar said everything was fine and removed the lock. Finally, my client received an email from the legal department of the original registrar saying they wanted to "talk about the domain name before pursuing legal action." My client sent me that email and I replied by saying that they could certainly write to me and explain the legal claim to me. The registrar never did and went silent. I eventually got the impression that they were trying fix some customer service snafu at their end - and they would have done so if they were still the registrar.