Registrants get the heebie-jeebies over ‘.gb.com’
Legal updates: case law analysis and intelligence
Owners of sub-domain name registrations under the unofficial ‘.gb.com’ extension, operated by CentralNic, have recently been shocked to discover that their domain names were suddenly no longer resolving and that the domain name ‘gb.com’ had apparently been taken over by a new company called GB.COM Ltd.
As a result of this, all internet traffic to domain names registered under ‘.gb.com’ began redirecting to a holding page set up by GB.COM Ltd., instead of resolving to domain name registrants' usual websites.
CentralNic, the company responsible for the operation of domain name registrations under ‘.gb.com’, also offers domain name registrations under several other unofficial extensions such as ‘.eu.com’, ‘.uk.com’ and ‘.com.de’. These domain name extensions are not recognised by the Internet Corporation for Assigned Names and Numbers as official country-code top-level domain extensions.
They are in fact second-level domain name registrations which are owned by CentralNic. CentralNic then subsequently ‘registers’ domain names to customers under these unofficial extensions by creating third-level domain names.
Thus, there is an inherent risk with any domain name registrations under these unofficial extensions, as registrants are entirely dependent upon CentralNic ensuring that its domain name registrations are renewed in a timely manner and are secure from third-party interference.
Unfortunately, this does not appear to have been the case with ‘gb.com’, resulting in thousands of domain name registrants having their websites and email services go down at the end of July this year.
The background to this domain name is an interesting tale. The domain name ‘gb.com’ was registered to GB.COM Ltd, but was used by CentralNic as one of their unofficial domain name extensions and was hosted on CentralNic's domain name servers. GB.COM Ltd is owned by a Mr Stephen Dyer, who was one of the founders of CentralNic, but he left CentralNic in 2004 after the business was sold to new investors However, it appears that Dyer retained control of the domain name ‘gb.com’ after he left.
It seems that, without warning to CentralNic or to any of its clients, Dyer changed the domain name servers for ‘gb.com’ on July 31 2011 and pointed the domain name to a temporary holding page. In addition to this, a wildcard DNS record was also set up to re-direct all internet traffic related to the domain name ‘gb.com’ to this holding page.
As a result, anyone seeking to access a website associated with a sub-domain registered under ‘gb.com’ was directed to a GB.COM Ltd holding page informing internet users that they should register with GB.COM Ltd in order to restore access to their websites.
The situation was remedied on August 2 2011, with service restored to domain name registrations under ‘gb.com’ and the domain name servers for ‘gb.com’ were switched back to servers maintained by CentralNic.
A statement issued by CentralNic revealed that ‘gb.com’ had been the subject of an ongoing dispute between CentralNic and GB.COM Ltd since 2004, and the re-delegation of ‘gb.com’ appears to be related to this dispute. As such, some commentators are questioning whether CentralNic should have even been offering domain name registrations under ‘gb.com’ while there were such issues surrounding the ownership of the domain name.
The furore surrounding ‘gb.com’ and the issues experienced by registrants under this unofficial extension is a timely reminder of the perils of using such domain names for business-critical websites and key online functionality, such as email.
Should the domain name being used for the unofficial extension be compromised due to non-renewal or hijacked by a third party, then all domain name registrations associated with it will also be compromised, resulting in the loss of internet traffic, potential loss of email and customer confusion at the very least.
Registrants of domain names under these unofficial extensions should be warned of the perils involved and should secure such domain names for brand protection purposes only. Companies are advised to conduct a review of their online infrastructure to ensure that there are no business critical functions associated with any such domain names within their organisation.
David Taylor, Daniel Madden and Jane Seager, Hogan Lovells LLP, Paris
Copyright © Law Business ResearchCompany Number: 03281866 VAT: GB 160 7529 10