Registry Manipulating Auctions & Exploiting Insider Data—ICANN Refuses to Act

[DomainBanana]

I uncovered troubling practices by a domain registry that’s actively bidding on its own domain names in public auctions. It appears they’re doing this to artificially inflate the perceived value of these domains—a clear manipulation of the market.

Even more concerning, this registry is using insider information (registry-level data) to make investments in other domain names. This gives them an unfair advantage over other domain investors, which is not only unethical but a blatant violation of policies designed to ensure fair competition.

I reported these practices to ICANN, fully expecting them to investigate and protect the integrity of the domain market. To my shock, ICANN refused to take any action, claiming that these practices are “perfectly allowable.”

It’s alarming that ICANN, an organization tasked with maintaining the integrity of the domain name system, is turning a blind eye to such clear violations. These actions undermine trust in the industry and put independent domain investors at a severe disadvantage.

I’m curious—has anyone else experienced or observed similar behavior? How do we, as a community, address this when ICANN refuses to enforce its own policies?

 

[kor]

The burden of proof is on the prosecutor.

Unless you can provide this, none of your views are significant and it is a waste of time to expect anyone to weigh in on your case.

 

[DomainBanana]

The burden of proof is on the prosecutor.

Unless you can provide this, none of your views are significant and it is a waste of time to expect anyone to weigh in on your case.

I can prove it

 

[jberryhill]

Do you see the issues I've reported as problematic? If so, which organization do you believe would be appropriate to prevent this kind of abuse?

Or are you perfectly fine with a domain registry using its privileged data to compete for expired domains on a large scale?

Not sure I see the "either/or" thing here.

Look, I am not "perfectly fine" with people who pick their noses in public and fling boogers on the sidewalk, but I'm not aware of any law against that either.

The world of "things that are legal" and the world of "things that John Berryhill is perfectly fine with" are not the same worlds. What I'm saying is I don't see anything illegal going on. So if you give me a relevant law, or an ICANN contractual provision, we can discuss whether behavior X violates that law or contract.

We can also talk about behaviors of which I personally approve or disapprove. But since my opinions on that topic don't have the force of law or contract, it's pretty much only relevant to whether you think we'd be compatible on a date. I'm already married, so there's not a whole lot of point to that either. People do all kinds of things I think are horrible. What's irritating is that most of it is legal. For example, I'm not okay with scaring children over the idea that God is going to send them to Hell if they touch their private parts the wrong way. Not only is that legal, but it's Constitutionally protected. So much for my opinion, eh? Oh, well.

Conversely, there's a lot of illegal stuff I don't mind. You want to tear the tags off your mattresses? Go for it. I don't care.

So, let's not assume that I personally condone everything that's legal, or that I personally condemn everything that isn't.

In general, ICANN does not care what goes on in the secondary market. If you took a poll at an ICANN meeting, I would bet that anywhere from 30% to 50% of the people there are of the opinion that the domain secondary market, domainers, this forum, etc., should not exist in the first place. I'm not kidding about that. A great deal of folks in the ICANN policy world are not "perfectly fine" with the idea of people buying and selling domain names on the secondary market - period. So, you can get a lot of support for the idea that "registries shouldn't buy and sell domains on the secondary market" since a lot of folks don't think anyone else should either.

I mean, how often does someone pop up on social media somewhere, going on about those awful people who register domain names just to sell them? They have all kinds of ideas about how that should be illegal or against some ICANN policy too. Once in a while, one of them finds their way to Namepros. So, it helps to be specific.

Once you find a violation, then you have to figure out who is responsible for enforcing the relevant law or contract. As I recently pointed out in another thread, whether and when ICANN decides it wants to do something about an alleged contractual violation - and what they want to do about it - is up to ICANN.

That goes for things like crimes too. You can report a crime to the relevant law enforcement authority, and whatever they decide to do about it is up to them. I used to be puzzled by the idea that you have crimes like prostitution and drug dealing, which depend on vendors finding customers. Now, if the customers can find the vendors, why can't the police? The answer is complicated, but it comes down in large part to what they want to spend their limited resources going after. But if I knew what law was being violated here, I could point you in the direction of the appropriate cops.

Going back to the "insider trading" analogy - that involves the use of non-public information to buy securities at a price that would be higher if everyone knew the information. But it is not generally forbidden for, say, a company to buy its own stock. Companies buy back their own stock all of the time.

You say you have observed a behavior of a registry buying domains in auctions. Okay fine. But you then say the registry is "using its privileged access to proprietary data" in order to do that.

I'm still confused by the allegation.

The way insider trading works is that I'm aware of confidential inside information that the company stock, now trading at $10, is really worth $20. So I go buy up stock at $10 and make a profit when the information become known and the stock goes up to $20.

But you are saying that the registry has information that a domain name is really worth $5, so they are bidding it up to $10 and sometimes actually buying it at that price?

The reason we decided insider trading is a "bad thing" is that I have taken advantage of that $10 stock seller. But if I understand you correctly, the problem is the registry is handing out free money?

Like... okay, can I get in on the selling end of this thing?

In my view, a registry using its privileged access to proprietary data to compete for domains in the open market undermines the fundamental principles of fairness, neutrality, and trust in the domain name ecosystem, which relies on transparency and equitable treatment to function effectively.

That's a perfectly fine opinion to have. But whether someone is or is not breaking a rule depends on (a) what the rule says, and (b) what they are doing which the rule forbids (or what they are not doing which the rule requires). So, let's at least start with a rule.

I agree, it would be interesting if we didn't do things on a rule-based approach and we just sort of ad-hoc decided whether people's behavior that "we don't like" was in conflict or not with generally-agreed principles on "how people should behave" and why. But, surprisingly, people have really different ideas on that sort of stuff, so we decided that we'd write stuff down and then figure out based on various combinations of behavior and intent, whether people were or were not violating the stuff we wrote down.

 

[DomainBanana]

I agree, it would be interesting if we didn't do things on a rule-based approach and we just sort of ad-hoc decided whether people's behavior that "we don't like" was in conflict or not with generally-agreed principles on "how people should behave" and why. But, surprisingly, people have really different ideas on that sort of stuff, so we decided that we'd write stuff down and then figure out based on various combinations of behavior and intent, whether people were or were not violating the stuff we wrote down.

I think you may have misunderstood my concern about information asymmetry. I'm not suggesting the registry is overpaying for domains. The issue is that they have access to non-public data (registration patterns, search volumes, market behavior) that could give them an unfair advantage when deciding which domains to acquire and at what price - similar to how insider trading provides unfair advantages through access to non-public information.

I understand that discussing specific violations requires identifying specific rules. However, I hope you can understand why being more specific about rules or examples in a public forum could be problematic for those raising these concerns.

In general, I hope I've put the domain community on notice that there are registry operators leveraging their privileged position and data access to compete in the secondary market. That is a serious offense, in my view, that needs to be stopped.

 

[kor]

why being more specific about rules or examples in a public forum could be problematic for those raising these concerns

So why did you choose to open such a vague and pointless thread in a public forum?

All I hear is:
There is a registry.
They are doing illegal things.
But I can't make any statements.

If you really have solid evidence, my personal suggestion would be to forward it to the fraud departments of the country where the registry company is based. ICANN has no enforcement power at this point regarding auctions and market manipulation.

 

[DomainBanana]

So why did you choose to open such a vague and pointless thread in a public forum?

All I hear is:
There is a registry.
They are doing illegal things.
But I can't make any statements.

If you really have solid evidence, my personal suggestion would be to forward it to the fraud departments of the country where the registry company is based. ICANN has no enforcement power at this point regarding auctions and market manipulation.

ICANN absolutely does have enforcement power over registries through their Registry Agreements.

I've already pursued proper channels. However, putting the domain community on notice about this practice serves a purpose - it raises awareness that this is happening and encourages discussion about whether registry operators should be participating in the secondary market while having access to non-public data that other participants don't have.

 

[jberryhill]

I hope you can understand why being more specific about rules or examples in a public forum could be problematic for those raising these concerns.

Not really, no. I thought Verisign was engaging in monopolistic properties, so I volunteered on the board of an organization that sued them over it. The main thing I found out was that most folks buying .com domains didn't really care anyway - or at least not enough to keep the litigation going, and I was spending a lot of time doing stuff for free to benefit people who didn't care. There's another thread on this forum where some guy has opinions on how I'm supposed to spend my time so other people can make money, but I digress...

If a registry is breaking some kind of rule or law, then I don't see that changing absent something public happening.

I'm not suggesting the registry is overpaying for domains.

Oh, okay. In your first post, you said, "It appears they’re doing this to artificially inflate the perceived value of these domains.." and then you followed up by saying, they "may be artificially inflating the perceived value of domains in their own TLD by running up auction prices."

I guess I'm stuck on thinking those things would involve "overpaying for domains." Because if they are "artificially inflating the perceived value" of domains in that TLD by "running up auction prices", then they would want to be paying MORE than the domains are worth.

But now you are saying that they are in fact using proprietary information to underpay for domains which they know are more valuable than what they are paying?

Because if they are doing that, then I guess the names would sell for lower prices without their involvement, but they are still buying the names for less than they are worth?

Seems like a win-win for the seller and the buyer. The seller (the registrar with the expiring name) gets a higher price than they would have in the first place, and the buyer (the registry) gets a name at less than its actual value.

Although, the problem for the registry is that if the "actual value" of the name is only obvious on the basis of insider knowledge, then when they try to sell it, they already know that everyone else in the market didn't value it as highly as they do.

So, how does the registry end up making money doing this and at whose expense? They now have a domain name they can't sell because the market doesn't know how much it is really worth.

 

[kor]

putting the domain community on notice about this practice serves a purpose

Registry: Unknown
Auction Platforms: Unknown
Illegal Motives: Unknown

What kind of conclusion do you expect us to draw from this and take precautions?

 

[DomainBanana]

So, how does the registry end up making money doing this and at whose expense? They now have a domain name they can't sell because the market doesn't know how much it is really worth.

Let me clarify two points:

1. Regarding public disclosure - there's a difference between being willing to be publicly named in a lawsuit (as you were) versus raising initial concerns about potential misconduct. The risk of retaliation against someone who depends on the registry's services is real, which affects how and when concerns can be raised.
2. On the pricing/value issue - the concern isn't about whether they're overpaying or underpaying for specific domains. The issue is that they have access to non-public data that gives them an unfair advantage in determining which domains to target and what price to pay. For example, they might see spikes in search volume or registration attempts for certain terms before that information is public, allowing them to acquire domains ahead of market demand. Put simply: They can see patterns and trends that others can't, and they're using that privileged information to compete against regular market participants who don't have access to the same data. Whether they ultimately over or underpay for specific domains isn't the core issue - it's about the unfair information advantage they have by virtue of being a registry.

 

[DomainBanana]

What kind of conclusion do you expect us to draw from this and take precautions?

The conclusion is straightforward: Registry operators have access to non-public data that regular market participants don't have. When these same registry operators compete in the secondary market for domains, they can use this privileged information to their advantage.

The domain community should question whether registry operators should be allowed to compete in the secondary market while having access to non-public data that other participants don't have.

 

[kor]

The domain community should question whether registry operators should be allowed to compete in the secondary market while having access to non-public data that other participants don't have.

So how do you expect us to do this without direct access to auction platforms' back-end systems?

This thread is starting to go bananas.

 

[jberryhill]

The domain community should question whether registry operators should be allowed to compete in the secondary market while having access to non-public data that other participants don't have.

That's a fine question.

First off, a word about "non-public data" and the secondary market in domains might be in order.

Pretty much every domain buyer is acting on "non-public information", right? These aren't like shares of stock, but they are unique assets. So, if HugeCorp has decided that their next multi-billion dollar product or service is going to be called "Whatever" and you have "Whatever.com", you certainly don't know what they do about what their plans are. I mean, GoDaddy brokers intentionally don't tell you what the buyer might have in mind, even if they know.

So, a huge imbalance of information in the market for unique stuff is usually the norm, because we are usually looking at "the price of this domain name" which is not very much like "the price of this share of AT&T" versus the price of some other share of AT&T.

In the context of "should HugeCorp have to tell you that your domain is the name of their next billion dollar product", I don't think anyone would believe that to be a workable rule.

Of course, HugeCorp could also be looking to buy that name in an expiration auction, in which case they certainly aren't going to tell anyone why they think it is worth more than the second-highest bidder.

Of course, HugeCorp is then going to develop the name and realize that value.

If the registry is outbidding everyone else to buy the domain name, and their endgame is to resell it, then they are still taking something of a gamble that something like prior availability searches or DNS traffic would translate into a sale above the price they paid. I doubt they have any data which allows them to play that game profitably.

But, sure, it’s a decent question to ask.

 

[DomainBanana]

Pretty much every domain buyer is acting on "non-public information", right?

Your HugeCorp example actually helps highlight why registry access to non-public data is different from normal market information asymmetry.

When HugeCorp wants Whatever.com, they only know their own plans. They have information about one potential use case for one domain.

A registry, on the other hand, can see:

• Every registration attempt for every domain
• Every availability check for every domain
• Registration/search patterns across their entire namespace
• DNS traffic data across their zone
• Other non-public data that helps identify emerging trends

This isn't like one buyer knowing why they want one domain. This is systemic access to market intelligence about ALL domains in their TLD - intelligence that only registries have because of their privileged position as infrastructure operators.

The fact that they might still occasionally overpay or make unprofitable decisions doesn't negate the fundamental imbalance of allowing market participants with privileged access to registry data to compete against participants who don't have that access.

This isn't about whether buyers should disclose their motives. It's about whether entities with privileged access to market-wide data should be allowed to use that advantage to compete in the market they're supposed to be neutrally administering.

 

[Patryx]

The conclusion is straightforward: Registry operators have access to non-public data that regular market participants don't have. When these same registry operators compete in the secondary market for domains, they can use this privileged information to their advantage.

The domain community should question whether registry operators should be allowed to compete in the secondary market while having access to non-public data that other participants don't have.

DomainBanana, I appreciate your courage in supporting your thesis for almost 40 replays on which our community is very skeptical.

Is there a law that prevents Registry operators (which have access to non-public data and privileged information) from operating on secondary market? If there is, you can file a lawsuit. If you are asking the community to pursue this claim with you, I don't think you will get support.

If your request is: "The domain community should question whether registry operators should be allowed to compete in the secondary market while having access to non-public data that other participants don't have."... we could replay "not, they shouldn't".
Said that, without a law, without a lawsuit, normal domain investors will try to do what they can do with the information they have legally.
Is it not enough? Maybe, but this is all.

 

[william]

@DomainBanana The only way this gets any repercussions is if the information becomes public and there is a reaction from its users or it affects someone's bottom line. I say give the evidence away to domain blogs and let them run with it. My bet is that it will be more effective than reporting it to ICANN or the registrar itself. Once they are shamed into oblivion, there is a chance they could start cutting down on these practices.

 

[jberryhill]

intelligence that only registries have because of their privileged position as infrastructure operators.

They are certainly not the only ones. If you are looking at, for example, domain availability searches, then you can add in registrars, their resellers and third-party domain information services. If you are looking at traffic to existing domains, then you can throw in hosting providers, parking providers, etc.. If you are looking at DNS queries, you can add in ISPs or anyone who runs an DNS resolver for enough traffic. It's not as if every DNS query for example.tld reaches the .tld registry servers.

So, there are quite a few folks in the internet ecosystem who have access to traffic data for existing and non-existing domains.

You're going to need a bigger boat.

 

[biggie]

people who pick their noses in public and fling boogers on the sidewalk,

Hi

lol, the imagery of it all

still, the OP is doing something similar, by throwing vague ass against the wall, trying to see what sticks

be real and state facts

imo....

 

[DomainBanana]

So, there are quite a few folks in the internet ecosystem who have access to traffic data for existing and non-existing domains.

Your point about other players having access to data actually raises an interesting question:

Why don't we see major registrars using their extensive data to systematically acquire large domain portfolios in the aftermarket?

Perhaps because they understand such behavior could violate their contractual obligations or invite regulatory scrutiny.

Yet here we have a registry - who should be even more neutral than registrars - using their privileged position as infrastructure operators to compete in the market they're supposed to be neutrally administering.

The issue isn't just about who has what data. It's about entities with privileged access using that advantage to compete against regular market participants. The fact that registrars generally refrain from such systematic exploitation of their data access, despite having the capability, suggests this behavior crosses a line - doubly so when it's a registry doing it.

 

[DomainBanana]

Is there a law that prevents Registry operators (which have access to non-public data and privileged information) from operating on secondary market? If there is, you can file a lawsuit. If you are asking the community to pursue this claim with you, I don't think you will get support.

To clarify: This isn't just about what we think 'should' happen - registry operators do have contractual obligations with ICANN regarding how they can use their position and access to data.

The reason I've raised this publicly, even with some details withheld, is that the domain community should be aware this is happening. When registry operators, who are supposed to be neutral infrastructure providers, start competing in the secondary market using their privileged access to data, it affects market fairness for everyone.

I understand the skepticism about vague claims. However, given the potential for retaliation when raising concerns about a registry operator, some level of discretion is necessary at this stage. My goal isn't to rally support for any specific claim - it's to raise awareness that this practice exists and is problematic for the domain ecosystem as a whole.

 

[jberryhill]

Why don't we see major registrars using their extensive data to systematically acquire large domain portfolios in the aftermarket?

I'm not sure why you believe they haven't.

Obviously, I managed the legal issues concerning Frank Schilling's portfolio before he started a registrar, and then later went retail with it as Uniregistry. Eventually, his remaining domain portfolio, along with other clients of mine such as Yun Ye's (which was sold to Marchex), Mike Berkens', etc. were all scarfed up by GoDaddy under their Namefind brand. GoDaddy's portfolio is still likely to be at least a hundred thousand names, even if that operation has been running a fire sale to pump their numbers short term and survive the management axe.

Likewise, Network Solutions ran its own racket around New Venture Services Corp., and for all I know they still do...

https://www.namepros.com/threads/ne...ntures-services-corp-stole-my-domain.1055044/

Then there was Epik's "your domains are our domains" approach to the business. They're straight-up crooks and never caught any flak from ICANN.

The fact that registrars generally refrain from such systematic exploitation of their data access

I'm not as sure that's a fact. There is a very narrow prohibition on front-running, but, particularly at the registry level, for most large operations it is simpler to make a couple of bucks from a few thousand names than to play some complicated game to maybe make a thousand bucks off of one name. They all, however, participate in the secondary market in various ways, or engage in some kind of premium pricing arrangements for particular names.

You don't see the casino management playing at the tables either. By and large, most players are losers. The house is happy with a 5% take on the roulette wheel, even if they can't get 36 to 1 on a spin.

 

[DomainBanana]

I'm not sure why you believe they haven't.

You're right that registrars have acquired and managed large domain portfolios. However, there's a key distinction:

The examples you've provided (Frank Schilling, GoDaddy/Namefind, etc.) generally involve registrars acquiring existing portfolios or building them through regular market participation. That's different from systematically using non-public registration/search data to make acquisition decisions.

Your casino analogy is interesting, but I'd argue it points to why registry participation in the secondary market is problematic. Casino management doesn't play at the tables precisely because they have inside information about odds and patterns that regular players don't have. Similarly, a registry has access to market-wide data that other participants don't have - and unlike a casino, they're supposed to be a neutral infrastructure operator, not a house taking a percentage.

And to extend your casino analogy further - there are actually strict gaming regulations that specifically prohibit casinos from participating in their own games, precisely because their privileged position and access to information would create an unfair advantage. This regulatory framework recognizes that entities running gaming infrastructure shouldn't also be players.

Similarly, when a registry uses their privileged access to market-wide data to compete in the secondary market, they're effectively playing their own game with an information advantage that other participants can't match. That's why their role as neutral infrastructure operators should be kept separate from market participation.

 

[jberryhill]

To clarify: This isn't just about what we think 'should' happen - registry operators do have contractual obligations with ICANN regarding how they can use their position and access to data.

Again, it helps to be specific.

Specification 9 of the base registry agreement is the "Registry Operator Code of Conduct", and it says that the registry shall not:

"...register names in the TLD or sub-domains of the TLD based upon proprietary access to information about searches or resolution requests by consumers for domain names not yet registered (commonly known as, “front-running”)"

So, that doesn't apply to buying names that are already registered (whether expired or not).

I agree the "general principle" is there, but it doesn't apply to registered names as written. One could quibble over whether the "or" was intended to set the entire remaining phrase apart, but I'm not going deep into contract interpretation today, because...

The next question to ask when you find an arguably-violated contract provision is, "So what?" What, specifically, does the contract say will happen if the registry violates that section?

And, unfortunately, a lot of contracts are written that way. There's some value in having what lawyers call "precatory" clauses in contracts. These are clauses that say "you will not do X" but don't really have any particular consequences assigned to them. Because of the formality and ceremony around writing up a contract and having people sign it, these kinds of thing work like religious rituals, and people can believe that some precatory clause in a contract means something, but at the end of the day there are no real teeth to it.

Plus, there is always the magic of business entity formation and having variously-related business entities do things with an unclear connection to the principal entity - i.e. New Venture Services Corp.. Or, for example, run through the docket in the GoDaddy auction clawback case that was recently dismissed (and re-filed) and you'll notice how hard it is to nail down an entity that turns out to be three kids in a big coat all pointing fingers at each other.

 

[DomainBanana]

So, that doesn't apply to buying names that are already registered (whether expired or not).

To clarify: this involves a registry targeting both expired domains in auctions and dropped domains. While your point about Specification 9's application to registered vs. unregistered domains raises interesting questions for expired domains in auction, the dropped domain acquisitions would fall directly within its scope regarding 'domain names not yet registered.'

In either case - whether competing for expired domains in auctions or acquiring dropped names - the fundamental issue remains: A registry operator is using their privileged access to market-wide data to compete in ways that other market participants cannot match.

 

[jberryhill]

They don’t have to compete for actually dropped names.

If they want, they can reclassify any unregistered name as a premium or registry-reserved name.

If they are bidding in drop auctions for their own tld names, that strikes me as pretty silly.

What’s great about designating dropped names as premiums is that they get around the first word in the quoted clause, since they don’t have to register the name to put a premium price on it.

 

[DomainBanana]

They don’t have to compete for actually dropped names.

If they want, they can reclassify any unregistered name as a premium or registry-reserved name.

It's interesting that you're continuing to raise potential technical loopholes rather than addressing the fundamental issue:

Should registry operators be allowed to use their privileged position and access to non-public data to compete against regular market participants?

The fact that we're debating potential ways to circumvent rules, rather than whether this behavior upholds the principles of fair competition and registry neutrality, is itself concerning.