Monday, 16 March 2020 13:10

Facebook ‘shifting’ responsibility to domain name registrars with legal action on deceptive web names, claims lawyer Featured


Facebook is trying to shift the responsibility to domain name registrars to take an active policing role, according to a Brisbane-based intellectual property and domain name lawyer Sandy Zhang, commenting on Facebook’s lawsuit against an American name registrar Namecheap and its proxy service Whoisguard.

According to Sandy Zhang, Senior Associate with Brisbane Intellectual Property and Privacy law firm EAGLEGATE Lawyers, the Facebook lawsuit has “shone a light on the whole issue of how web domain names are administered”.

Facebook has announced it is taking legal action against an American Namecheap and Whoisguard for allowing people to register domain names that “deceive people by pretending to be affiliated with Facebook apps.”

According to Sandy Zhang, Senior Associate with Brisbane Intellectual Property and Privacy law firm EAGLEGATE Lawyers, fake domain names are often used in phishing attacks, and the Facebook lawsuit has “shone a light on the whole issue of how web domain names are administered”.

Zhang says faked domain names are frequently used to trick users into thinking a site is connected to a legitimate company.

“According to The Verge Facebook filed a similar lawsuit last October against domain registrar OnlineNIC and its proxy service ID Shield for registering nearly two dozen domain names, including and, some of which were being used for malicious activity,” says Zhang.

“What’s interesting about the recent Facebook lawsuit against Namecheap is that it tries to shift the responsibility to domain name registrars to take an active policing role.

“Facebook does have a point in these circumstances – there simply cannot be a legitimate purpose behind registering a domain name like However, not all cases are necessarily so straightforward.

“You need to remember that registering a domain name does not mean having a website. Many of the domain names in the lawsuit may not have any website attached. Without any web content, it can be difficult to tell if a domain name like is in fact legitimate.

“Even assuming that these domain names are not legitimate, to what extent does a domain name registrar have to monitor its registrations, particularly if it gets thousands of registrations per day at prices of between $1-50 per year?

“It’s not possible for the registrar to conduct a full trade mark / legalities check for every little-known company that decides to register a domain name. If Facebook gets an exception because it is so well-known, then where do you draw the line? How well-known would you have to be?”

And Zhang says by agreement, domain names are administered by a number of bodies around the world, with ICANN being the peak body and country code top level domains like .au being administered by local bodies such as the .au Domain Administration (auDA).

“The administering authority generally licences the right to create new domain names to approved registrars. Registrars can then either directly “sell” (more accurately, licence) domain names to the general public or to wholesalers, or both. Typically, the service just involves allowing a registrant to check if a particular domain name is taken, and if it’s not taken, then allowing the registration for a fee,” he says.

“The domain name registration policies are mandated by the relevant domain authority. These policies will generally include things like good faith use and proper entitlement to use the domain name registered, but it has never been a registrar’s function or responsibility to actively police the registration or use of domain names under its management.

“Instead, registrars generally respond to complaints regarding a domain name being used in contravention of the policies that apply, and adopt a dispute resolution policy like the UDRP (Uniform Dispute Resolution Policy), which allows civil disputes between two persons over a domain name to be resolved.”

According to Zhang, because of the way domain names work, there has long been a practice of people registering domain names similar to or appearing to be connected with famous brands.

“They do so for two key reasons. The less nefarious is cybersquatting – the person simply sits on the domain name and hopes to sell it back to the brand at a significant mark-up. The other, more sinister reason is phishing. This is where a person attempts to impersonate a legitimate company in order to steal personal information, including passwords and credit card details,” he says.

“Complicating the matter and potentially assisting cybersquatters and phishing operators is the existence of domain privacy services. Registration of a domain name requires publication of the registrant’s details on a publicly searchable register. Domain privacy services will register the domain names on the real registrant’s behalf, so that public information does not show the actual owner.

“Many registrars offer this service as part of the domain registration package. In Australia for .au domains, this practice is prohibited due to an auDA policy, but for most other domain names including .com domains, the practice is allowed and widespread.”


As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).



Recent Comments