Verisign seizes .com domain registered via foreign Registrar on behalf of US Authorities.

Yesterday Forbes broke the news  that Canadian Calvin Ayre and partners who operate the Bodog online gambling empire have been indicted in the U.S., and in a blog post Calvin Ayre confirmed that their bodog.com domain had been seized by homeland security. As reported in Forbes (hat tip to The Domains for the cite),

According to the six-page indictment filed by Rosenstein, Ayre worked with Philip, Ferguson and Maloney to supervise an illegal gambling business from June 2005 to January 2012 in violation of Maryland law. The indictment focuses on the movement of funds from accounts outside the U.S., in Switzerland, England, Malta, and Canada, and the hiring of media resellers and advertisers to promote Internet gambling.

“Sports betting is illegal in Maryland, and federal law prohibits bookmakers from flouting that law simply because they are located outside the country,” Rosenstein said in a statement. “Many of the harms that underlie gambling prohibitions are exacerbated when the enterprises operate over the Internet without regulation.”

That is a truly scary quote but we'll emphasize that: "The indictment focuses on the movement of funds outside the U.S." and that you can't just "flout US law" by not being in the US. What also needs to be understood is that the domain bodog.com was registered to via a non-US Registrar, namely Vancouver's domainclip.

So Here's Where It Get's Scary…

No Bodog.com for you!We all know that with some US-based Registrars (*cough* Godaddy *cough*), all it takes is a badge out of a box of crackerjacks and you have the authority to fax in a takedown request which has a good shot at being honoured. We also know that some non-US registrars, it takes a lot more "due process-iness" to get a domain taken down.

But now, none of that matters, because in this case the State of Maryland simply issued a federal warrant was issued in the State of Maryland[1] to .com operator Verisign, (who is headquartered in California) who then duly updated the rootzone for .com with two new NS records for bodog.com which now redirect the domain to the takedown page.

This is exactly the scenario we were worried about when Verisign originally tabled their very troubling takedown proposal. Said proposal was quickly retracted, but here we have the same situation playing out anyway. Granted, this was an actual court order, to Verisign – not a "request" from a governmental or "quasi-governmental" agency as originally proposed.

But at the end of the day what has happened is that US law (in fact, Maryland state law) as been imposed on a .com domain operating outside the USA, which is the subtext we were very worried about when we commented on SOPA. Even though SOPA is currently in limbo, the reality that US law can now be asserted over all domains registered under .com, .net, org, .biz and maybe .info (Afilias is headquartered in Ireland by operates out of the US).

This is no longer a doom-and-gloom theory by some guy in a tin foil hat. It just happened.

The ramifications of this are no less than chilling and every single organization branded or operating under .com, .net, .org, .biz etc needs to ask themselves about their vulnerability to the whims of US federal and state lawmakers (not exactly known their cluefulness nor even-handedness, especially with regard to matters of the internet).

The larger picture: root monopolies and the need to replace ICANN

The .com root will never be opened to a truly competitive bidding process. Verisign has pretty well ensconced themselves into the .com and .net roots indefinitely with built-in price hikes baked into the cake. I recall a conversation I once had with Tucows CEO Elliot Noss, back when they still owned Liberty RMS (which ran the .info registry and later sold to Afilias) – he lamented that if the .com registry bidding process were truly competitive, you would see a registry operator in there doing it for about $2 per domain. At the time the wholesale cost of a .com domain was $6 and is now $7.85 after their latest annual increase which is hard-coded into their contract.

I mention this because a truly competitive bidding process for the registry operator job would bring out both cost competition and stewardship competition: players who would table proposals on just how they would respect the rights of all their stakeholders, not to mention operators who may operate outside the United States.

Where the fsck is ICANN in all of this?

They are nowhere. They are collecting their fees, pushing their agenda of as many possible new-top-level domains and despite the fact that SOPA, ACTA, PIPA et aim directly at the interests of their core stakeholders, for whom they are supposed to be advocates and stewards.  ICANN is conspicuous in their absence from the debate, save for a smug and trite abdication of involvement (i.e. "ICANN Doesn't Take Down Websites") – translation: "This isn't our problem".

And therein lies the issue. ICANN needs to make this their problem, because it very much is. If ICANN isn't going to stand up, and vigorously campaign for global stakeholder representation in these matters, than they are not only abdicating any responsibility in the ongoing and escalating crackdown on internet freedom, they are also abdicating their right to govern and oversee it.

They need to be visible, they need to be loud and they need to come down on the right side of these issues or they need to be replaced.

Of course, the replacement of ICANN will never happen. At least not by a non-US entity, which means we are once again headed to the unthinkable place that only crackpots and conspiracy theorists think possible: a fractured internet with competing roots. On the bright side, life will go on, and companies like mine will probably become exceedingly wealthy charging every internet user in the world fees to gain and project visibility across all the myriad internet roots that will someday exist because governments will refuse to approach it co-operatively. The only thing that will remain to be seen is whether we'll be deemed "criminals" for doing so.

Further Reading:

Footnote

[1] I originally was under the impression that the State of Maryland issued the warrant, it has been pointed out to me that this is not the case, the warrant is a federal warrant issued in the State of Maryland.

Comments

  1. says

    Re. "the reality that US law can now be asserted over all domains registered under .com, .net, org, .biz and maybe .info ".

    I notice easydns is a .org.

    Are you concerned about the reality that US law can now be asserted over you?

    • Mark Jeftovic says

      The blog is on the .org of our name because we wanted it out-of-band from the main .com URL. In case of a DDoS attack or other catastrophic situation impacting easydns.com, we wanted the blog to be functioning from a different domain TLD. We mix up the nameserver constellations for similar reasons: dns1.easydns.com, dns2.easydns.net, dns3.easydns.org, dns4.easydns.info, etc.

  2. pt ho says

    You misquoted the Forbes article. It doesn't say "movement of funds outside the US", which you interpret as activities that never involve any activity in the US. It says "movement of funds *from* accounts outside the US", which unlike your quote, could easily mean "movement of funds into Maryland *from* accounts outside the US".

    I'm not defending the the seizure, only pointing out the error in your mis-quote and how that might affect the interpretation of the Forbes story.

    • Mark Jeftovic says

      I think it's open to interpretation. The quote doesn't make it clear that this is about moving funds *into* the US either. In any case, this isn't good.

  3. jon says

    > they are also abdicating their right
    > to govern and oversee it.

    More like their "role" to oversee it. They need to participate and be active in order to remain dominantly relevant.

  4. Fulwild says

    What should the process be to takedown a website that, on its face, is engaged in activity that is illegal under US law? Are there analogies in the non digital world? Is taking down a website closer to banning a book or seizing a car registered in Canada that was carrying illegal drugs in Maryland?

  5. Walt French says

    The possibilities are endless:

    Imagine an area in a bar in Baltimore, where a dedicated phone connects an agent to a counterpart at a club in Monte Carlo. Down the street is a 24-hour money-transfer shop. The Maryland bar agent simply notes the receipt from Western Union, and communicates your bet to the club. When you are done for the night, you tell the agent and walk back to the money-transfer place to pick up a check.

    This agent is a third-party contractor, not an employee of the club. His sole job is to handle cash payments and communicate your beliefs about what numbers will come up on a roulette wheel across the world. Because he does not spin the wheel, even doesn't get a commission on your dollars, the gambling is obviously across the ocean somewhere.

    And yet, the Feds could tap the wire to get evidence, shut down and seize the bar for providing the location, seize all the night's funds from the WU guys, merely because the bar allowed free speech about people's beliefs about the state of the universe in the near future. Can you spell “chilling effect” and “outrageous?”

    The injustice, the jeopardy to people who were merely trying to make an honest buck for saying numbers! What a sham, shutting down “telephones” because of some bogus claim about laws on gambling!

  6. Athox says

    What you presented in the article may be bad enough, but also the fact that they take it down BEFORE a trial is just completely fucked up.

  7. says

    What it comes down to is that any domain in a TLD maintained by Verisign or another US company is property located in the US, at least for asset-seizure purposes. This will come as a big surprise to a lot of foreign companies.

    And I'll note that Maryland seems awfully concerned about the negative effects of gambling for a state with a lottery.

  8. says

    I know of a .ro (Romanian) domain that was seized by the same Homeland Security people because of embedding copyrighted videos from YouTube. Its owner hadn't uploaded those videos, he just embedded them. Unbelievable, if you ask me.

  9. agray says

    You may think that it's unusual for punishment to begin before a "trial", but it happens all the time. It doesn't matter what the alleged crime is. You get taken to jail where you may or may not pay an exorbitant sum of money into the justice system so they'll let you out until guilt is determined (Bail). So, to mirror reality, there would have to be a way to unblock the domains similar to the bail process. We like to tout innocent until proven guilty, but there's a whole lot of locking people up before they get that "jury of their peers".

  10. says

    Whoa, this is really scary…

    The Internet is about to die, at least as the worldwide free market we know it… This plus Sopa/pipa and whatever-a is really killing Internet.

    • says

      Well, we certainly hope it won't die, it is our business after all, and as Mark mentioned, it will continue to be a part of the world. The question is what form it will take and what freedoms we will be able to continue to enjoy. Really scary indeed, you're right.

      Arnon (easyDNS person)

  11. Philippe Da Silva says

    Internet and all its structural software, hardware and definition should be a property of human kind and better than what it actually is should be governed and operated by the U.N.

    • says

      That's certainly one option. The UN isn't really a technical organization though, and once again it would all be under the sway of politicians. Definitely something to be looked at.

      Arnon

  12. donblum says

    You raise some very important and legitimate concerns, and I think that your takedown policy is excellent. It would be helpful to read materials more closely so that you don't undermine yourself and lose credibility. You also might want to reach out to US friends to learn American legal terminology.

    The State of Maryland was not involved in the prosecution. This was an action in a federal district court in MD. More importantly, judges sign warrants in the US federal system. As the takedown banner clearly says, the warrant was issued by a federal court. It wasn't some prosecutor's back of the envelope exercise.

  13. says

    Time for organizations to establish their own root DNS servers. Maybe Wikileaks would be interested in doing that; THAT would have some really interesting results.

    Then again, some theorize that the Obama Administration is working with other NWO people to destroy the US power control and shift it to China. A fractured Interned could propagate that.

  14. me from here says

    I find this whole blog post to be disingenuous to say the least.

    Where is the mention of the approximate $100 million dollars in prize money the website is alleged to have paid out to American gamblers – bringing it under US jurisdiction?

    If you carry out ANY transaction in the US (and that includes payments of prize money), that transaction has to abide by the laws of the US. If you're stupid enough to flout US law AND ALSO use a generic TLD which is under the control of a US company – you deserve everything you get!

    BTW, Maryland is just where the FBI have filed the documents to commence legal proceedings for this case – just as they chose New York to prosecute Full Tilt Poker last year.

  15. pdh says

    At least bodog.co.uk and bodog.ca are still up… soon we will all be victims of this – much like richard o'dwyer

  16. davidwr says

    What does the Canadian Government say about this?

    I'd love to see a Canadian court order all ISPs in Canada to check a "Canada root zone override" list as part of their DNS lookups, AND order that any company who wishes to do business in Canada whose name was seized by an authority outside of Canada be allowed to apply for entry onto this list, and that the request be granted if the requester can show that he is not violating Canadian law.

    Yes, it would balkanize the Internet but it would send a message to Washington.

  17. Daniel says

    Verisign is owned by Symantec, a corporation having deep ties with the Government. The former CEO of Symantec, John Thompson, has been a top security adviser for BOTH the Bush and the Obama Administrations. Without a doubt Symantec is sleeping with the government for privileges, and in exchange, they give the government what they want. The marriage of big corporation and government is the very definition of fascism.

  18. donblum says

    I intended to add to my post that the Forbes article states that funds were moved using US-based payment processors.

  19. Kompani says

    America is striving to gain its new empire, the worlds data/information, by passing laws under the pretext of terrorism or copyright. Domination through an electronic back door. Land of the free, rubbish, land of the brain chain.

  20. Mike says

    The seizure of assets (the .com domain) within the US is justified only if the gambling business that has taken place violates 18USC1955, The question is how can a business operating in Canada violate this law? somebody needs to read up on the extent of US jurisdiction, You cannot enforce US gambling laws abroad, where the business is conducted. Hence the seizure IS unlawful.

  21. Peter Nicholls says

    In the UK I was always under the impression that .com was a "global" domain, not a United States domain. What is going on with law enforcement in the US at the moment? Are they just going litigation crazy?

  22. EK says

    I read the Forbes article – and the indictments.

    While I disagree with what the feds are doing, the indictment clearly indicates that the reason for the seizure is that funds have moved in and out of Maryland in an illegal manner. The issue is not that gambling may have taken place in another jurisdiction – it's that gambling took place in Maryland.

    Of concern is not that they want to stop gambling in Maryland, but that they can seize any .com domain based on allegations of wrong-doing and impose US law on the entire world.

  23. QH says

    @Walt French

    " merely because the bar allowed free speech about people's beliefs about the state of the universe in the near future."

    This is a very interesting way to look at things in light of the supreme court's decision on Super PACs where it basically said that money is form of speech and free speech is constitutionally protected, so Super PACs can spend as much money they want on what ever they want.

    So then making a bet for money is stating a belief about the future state of the universe is a form of speech and thus is protected. In other words gambling is free speech.

    I wonder if this argument will be brought to court.

  24. says

    Hmm… I have a few domain names registered, myself. My main domain is listed with a Canadian registrar. I have two other domains listed with American registrars. I split my time between US and Canadian physical locations. All of my web-sites are now hosted in the United States. The billing address for my main domain is in Canada. I have a US-phone number and a Canadian phone number.

    What I am seeing is that US domain registrars are being treated the same as phone companies, in that they operate a defined set of accounts. If I come to the US and conduct illegal business on my Canadian phone, who has jurisdiction to seize my phone? If I am in Canada, taking calls from the US on my Canadian phone, conducting business that is legal in Canada, but illegal in the USA, does the USA have any juridiction? Suppose I switch phones, so I am using my US phone, but still in Canada, does the USA have any jurisdiction?

    I think the notion that US-based domain registrars fall under US jurisdiction, when the domain target exists outside of the country is faulty, but it seems to be the best we have, at the moment.

    In any case, the takeaway seems to be that if you're going to be conducting business in regions where that business is considered illegal, don't register your doman in that region.

    I understand the issue, and see the bigger picture, but it looks like this specific incident was properly executed by the authorities. The business itself has not been charged, just the path from the US to Canada has been blocked. Or, am I missing something?

  25. Hemo_jr says

    Verisign has just abdicated its position as a trusted third party. How can anyone trust it after this fiasco?

  26. Ball ocks says

    The US needs to get a grip, gambling might be. Illegal in the US but in most of the civilised world it is a perfectly acceptable vice. Hell, it's legal in Vegas ! They have no jurisdiction to try to apply their laws in other countries and this sort of heavy handedness shows that the US can't be trusted with net neutrality.

  27. lorraine says

    It's very important that Anonymous, AntiSec, Wikileaks, etc., turn their attention to the illegal actions of Verisign.

    If tyrants are allowed to get away with their brutality, it only emboldens them. Direct action, however, ensures the future will be more free than what we experience today.

  28. mv says

    this is why current DNS needs to go away and we need multiple decentralized DNS servers that do IP redirection based on consensus instead of a definitive registry. don't trust the US? compare US+Canada+India+China, go with what the majority say.

    "You can fool all the people some of the time, and some of the people all the time, but you cannot fool all the people all the time." – Abraham Lincoln

  29. says

    I question that we should be asking is how Homeland Security knew that somebody in Maryland was gambling on a web-site in Canada, isn't it? Did they have a warrant for eavesdropping?

  30. says

    I use .co.uk for my website and also .com, if say my .com domain was seized would the .co.uk one be active still?

    Being in Scotland I expect the US to stay out of my face no matter what I am doing online, my website being legal and in no way related to any illegal activity in the UK I shouldn't have any problems with action from the US such as domain seizure.

    My opinion on anything even remotely similar to this or governments having control of anything on the net (illegal or otherwise) is that it is a massive offence. I wrote a whole rant which had something to do with apple being a new religion…it got away from me for about 6 paragraphs…long story short, anyone seen Equilibrium? The world would be like that because the best and for most only platform for sharing your thoughts and work would be destroyed. US Government long term plan? Remove emotion from the world. Then nuke it. Ta-dah, 21st Dec 2012.

  31. Eric T says

    The same discussion was occurring when it was revealed that the F-root server was relocated to Beijing, yet nothing has been noted of any tampering with public facing DNS records.
    http://bgpmon.net/blog/?p=540, http://www.nanog.org/meetings/nanog53/presentations/Tuesday/Losher.pdf

    Now that the US is actually tampering with DNS records, it seems like the very people that were appalled by hitting servers in China are not even whimpering about the US tampering.

    Maybe it's just me, but this definitely seems like a double standard in the face of the facts presented.

  32. says

    "Of course, the replacement of ICANN will never happen. At least not by a non-US entity, which means we are once again headed to the unthinkable place that only crackpots and conspiracy theorists think possible: a fractured internet with competing roots."

    OpenNIC Project has been running an alt-root for over 10 years. Competing roots only occur if an alt-root decides to run their own .com. OpenNIC Project does not do this. Everyone here who does not like ICANN can easily use OpenNIC without fear of gooberment intervention.

  33. Iume says

    Read the article further, saw this: "Federal prosecutors allege that Ayre conspired to direct at least $100 million in sports gambling winnings by wire and by check to gamblers, working with payment processors located both in the U.S. and elsewhere"

    If he passing money into the US then they are considering him to be operating in the US.

  34. says

    @Mike
    March 1, 2012 at 10:01 am | Permalink
    The seizure of assets (the .com domain) within the US is justified only if the gambling business that has taken place violates 18USC1955, The question is how can a business operating in Canada violate this law? somebody needs to read up on the extent of US jurisdiction, You cannot enforce US gambling laws abroad, where the business is conducted. Hence the seizure IS unlawful.

    I beg to differ. US government folks frequently enforce US laws abroad, where the violations occur. Doesn't matter to US injustice dept goons that such enforcement actions are unlawful.

  35. Hemo_jr says

    Iume sez:
    >If he passing money into the US then they are considering
    >him to be operating in the US.

    This might justify an indictment, but a domain name seizure is still a violation of Canadian sovereignty.

  36. Keenan says

    Does DNSSEC do any help in this situation to at least prevent users from seeing the hijacked content, or can it not help because the 'update' comes from a trusted authority (the TLD root)?

    Also 'tab' from the Name field takes you to the search box way up the page.

    • says

      Hi Keenan, Not sure what you mean by that. DNSSEC wouldn't come into play because the delegation of authoritative nameservers comes from the registrar. In the end, the registrar has control over it.

      Thanks for the catch on the tabbing issue. Can you send that to support@easydns.com with a screenshot of the page so we know which one you're seeing it at?

      Regards,

      Arnon

  37. annonamys says

    The U.S. government does not have a right to do this because they do not own the internet. it belongs to those who activly contribute to it.

  38. Blarghamel says

    So does that mean any trade-partner country could send an official notice to Verisgn and have that domain seized for violating one of their laws?

  39. Scott says

    I'm also concerned about what this could mean for Internet freedom, especially your point about ICANN being a non-entity during the issues arising during the past year…

    BUT your summary of the Bodog case is definitely not the whole truth. If you'd followed the Forbes link to Calvin Ayre's website, they have a more detailed summary there, along with links to the actual seizure warrant. Bodog was not seized because of something it was doing remotely – it was seized because it was providing gambling services to US residents located within Maryland. An agent signed up for Bodog, entered his Maryland address, and placed multiple bets with money transfered to/from him. Plus, Bodog was spending $42 mil to advertise to US consumers. The relevant statutes from the federal & Maryland laws are included within the takedown request, and they clearly only extend to gambling companies that provide services to US residents. (We could get into a separate discussion about free speech, or whether gambling should be illegal — just as we could argue with any law we disagree with, but that's beside the point.)

    Whether the US gov should be seizing domains being run outside their borders is the important question. So let's not cloud the discussion by pretending that Bodog wasn't actively engaging in business with customers located within the US.

    Sources:
    http://calvinayre.com/2012/02/28/legal/calvin-ayre-indicted-by-feds-calvin-ayre-releases-statement/
    http://cdn3.bit2host.com/wp-content/uploads/2012/02/BodogWebsiteSeizureWarrant.pdf

    • says

      It certainly shouldn't. Usually that will show up if you're trying to create an account on a system that doesn't allow it. Can you please send screenshots of what you're seeing (include the URL please) to support@easydns.com and mark it to the attention of Arnon? I'll take a look and see what's up.

  40. The question says

    My primary question is, even if there was activity that was considered illegal in the US, does the US have jurisdiction to bring the entire site down. Why not just block all activity going in and out of the US. That seems to be a more fair approach, if not more technically challenging.

    When France or China challenged Google that it was going against its laws, should it have been able to shut down Google entirely?

  41. says

    OpenNIC it's the future if we want freedom… copyright as well as patents are a problem of the world… we can see the copy of all in the life… nature, trees, animals, planets, stars… even ours cars… the singers won a lot of money in concerts… what will hapenn if we don't know their music? no body will go to their concerts…

    they need of us… as well as censorship could not exist… China do that because they have a society problem…
    but USA do this by economic problems… OpenNIC works for the users not companys.

    • says

      That's not really possible in the US. To do that means you have to have total control over every ISP within a country and be able to block specific sites. China has the means to do this, more or less. It's called The Great Firewall colliquially.

      http://en.wikipedia.org/wiki/Great_Firewall_of_China

      They decided they wanted it down and used the easiest means at their disposal.

  42. says

    What's the difference between the Great Wall of China, and the Information Border Patrol? Only a matter of which victimless activities the Parental State decides you can and can't take part in. Or worse, which sanctioned monopolies they choose to defend.