auDA's commitment to policy and compliance - part two

Posted by on 7 October 2016

Following our recently published announcement ‘auDA’s commitment to policy and compliance’ our CEO Cameron Boardman stated “The swift work of our team and the good relationships we have built with our Registrars, mean that these matters can be dealt with quickly and with the least possible negative impact on the .au domain space. We value the security and trust consumers put in .au and work hard to ensure we maintain that. Work continues in this current unauthorised business name audit and we will report back in full, once the process is complete.” We are now able to report on some significant outcomes in what is an ongoing process. The following summary outlines our work to date, but it will continue.

Background
One of auDA’s primary roles as the .au administrator is to ensure the preservation of the policy integrity of the .au namespace.  This is managed in various ways, one of which is conducting audits of domain name registry records; refer paragraph 14 of the Guidelines on the Interpretation of Policy Rules for Open 2LDs (2012-05) at https://www.auda.org.au/policies/index-of-published-policies/2012/2012-05/.

In recent times, auDA has received an increasing number of complaints regarding the unauthorised use of Australian company and business details (classified as Unauthorised Business Use – UBU) in the registration of .au domain names via specific registrars.

As a result of our investigations, auDA have identified a stringent process of assessment in matters of this nature.

As the policy authority of the .au domain name space, auDA initiated an audit of the .au domain names registered by the reseller of an accredited registrar. We acknowledge the registrar of record’s co-operation in identifying a reseller who appears to be behaving in this manner.

The audit involved extracting detailed information about the domain names from the registry and taking screenshots of all the websites. Each domain name and associated screenshot was then manually checked to see if it satisfied our assessment criteria. If the domain name matched all or most of the criteria, it was put on a list for deletion. If it matched some of the criteria, but there was still doubt about the registration, then it was put on a list for a standard investigation. If it matched none of the criteria, it was not considered.

Whilst a number of these registrations appear to be selling goods mainly sourced from China, it is not definitive that all the domain name registrations are occurring from that country alone. In our investigations, we have identified sources from Eastern Europe, North America as well as the Central, Eastern and South-Eastern Asian regions that are behind these UBU domain name registrations.

Definition of terms
Resellers are companies that provide .au domain name services to the public via an accredited registrar. Resellers do not have direct access to the .au registry.

The conduct of resellers is regulated via their registrar.  Resellers operate under an agreement with their registrar; this agreement must include minimum terms and conditions to ensure that the reseller complies with auDA Published Policies and the Code of Practice.

Action
As a result of the proactive work of the auDA complaints team and armed with the information provided by the registrar of record, auDA were able to assess the reseller’s list of .au domain names and determined 1025 names that reflect the common identifiers in upheld UBU registration matters. Following a process of thorough due diligence, auDA requested that the registrar place the domains in policy delete, by a given deadline. Our work continues in this area, for the good of the Australian digital community.