FBI and recovering stolen domains

[draqon]

the trustee did not have control of the domain, BUT the company he represents was listed as the registrant. Therefore it is exactly as if his name itself was on the WHOIS.

 

[chatcher]

the trustee did not have control of the domain, BUT the company he represents was listed as the registrant. Therefore it is exactly as if his name itself was on the WHOIS.

Then he needs to contact the former registrar immediately and inform them the domain name was transferred to the new registrar fraudulently. They can get it back.

 

[jberryhill]

I was always under the impression WIPO can be used to recover stolen domains.

The first thing a complainant has to prove in a UDRP dispute is that the domain name is identical or similar to a trade or service mark in which the complainant has rights.

How do you do that with a stolen generic domain name?

 

[Steen]

The first thing a complainant has to prove in a UDRP dispute is that the domain name is identical or similar to a trade or service mark in which the complainant has rights.

How do you do that with a stolen generic domain name?

Show that the previous owner used the domain name in business?

That is, if the previous owner was launching the case, which is not the case (in this instance).

 

[jberryhill]

Show that the previous owner used the domain name in business?

If they did. But you can't bring a UDRP complaint on someone else's behalf.

 

[dvdrip]

UDRP is not for stolen domains. Period.
When someone steals your child you don't do a dna test to prove it's yours!

 

[Dave Zan]

the trustee did not have control of the domain, BUT the company he represents was listed as the registrant. Therefore it is exactly as if his name itself was on the WHOIS.

Not necessarily. Whoever is listed as the registrant is the "legal" owner of the
domain name, in a registrar's point of view.

Worse case scenario (and this does happen a lot), a webmaster registers a
domain name for his client, put it under his name, then brazenly claims it's his
despite his knowledge his client reimbursed him for the payment if they have a
falling out.

How accountable is the trustee towards the company who was listed as the
registrant that time?

Any updates regarding your case?

 

[Theo]

UDRP is not for stolen domains. Period.
When someone steals your child you don't do a dna test to prove it's yours!

:-D best analogy so far

 

[draqon]

Not necessarily. Whoever is listed as the registrant is the "legal" owner of the
domain name, in a registrar's point of view.

Well, this is good for my case. Its one of the facts I'm counting on.

Worse case scenario (and this does happen a lot), a webmaster registers a
domain name for his client, put it under his name, then brazenly claims it's his
despite his knowledge his client reimbursed him for the payment if they have a
falling out.

How accountable is the trustee towards the company who was listed as the
registrant that time?

I'm not sure what you mean. The company who was listed as the registrant is bankrupt, and the trustee is in total legal control of its assets. He is authorized by law to speak on behalf of that company.

Any updates regarding your case?

Unfortunately, none. I've spoken to every employee I know at Godaddy and they all insist that irregardless of whether the domain was blatantly stolen, they have no duty to return it, and that the issue remains a domain name dispute to be resolved by a court order or a wipo UDRP.

 

[Theo]

So do we agree GoDaddy is the wrong choice of a registrar?

 

[jberryhill]

I'm not sure what you mean. The company who was listed as the registrant is bankrupt, and the trustee is in total legal control of its assets. He is authorized by law to speak on behalf of that company.

Yah, so. Has the relevant state ruled on whether a domain name is an asset subject to bankruptcy claims? In VA, the state supreme court says they aren't. If this is a Virginia company, then it doesn't matter if this guy comes from Mount Sinai with engraved rocks.

You will also notice that some registrars have an insolvency provision in the domain registration contract rendering the domain name registration void on a declaration of bankruptcy. Some registrars put that provision in there for the very reason at issue here - they want to deal with domain name registrations, and not deal with figuring out the bankruptcy procedures of a zillion different jurisdictions around the globe.

And if the original registrar was register.com, then things get even weirder, since most folks don't realize that register.com, contrary to the entire rest of the planet, considers the admin. contact to be the "registrant". Really.

 

[draqon]

The trustee and the company that he is representing are based in Virginia. The person who stole the domain from the trustee is also based in virginia. I gotta love the amazing bad luck I have...there are only like two states in the nation that have state supreme courts that have ruled on domain names + property rights, and I happen to buy a domain from a trustee in one of those states.

Nevertheless, I hope the Feds aren't clued up on their supreme court findings and therefore refuse to help me on that basis. Cuz certainly GoDaddy isn't going to be a help in this matter.

Luckily the domain was never at Register.com, it was at Melbourne IT until being transferred to godaddy.

So do we agree GoDaddy is the wrong choice of a registrar?

I agree wholeheartedly.

 

[Dave Zan]

dragon: based on all the details you provided, it'll be really difficult to prove
the domain name was indeed stolen. :disappoin

Correct me if I'm wrong, but I recall you posted that an employee who had
worked for the registrant-company that went bankrupt soon after took control
of the domain name. If you mean that ex-employee had the User login and
made the switcheroo, that makes it even tougher than it already is.

You made the right choice of following your attorney's advice to seek out law
enforcement. But be prepared for the possibility that it could take a loooooong
time before you could get the domain name back.

If you'll be able to get it back, that is. But if you have the time, money, and
sincere belief the domain name is yours, then by all means pursue it with all
your might.

By the way, when you also said the trustee "authorized" you to act on his
behalf, you did put it in writing, right? I hope you did for your sake.

In any case, good luck!

RADiSTAR: I finally got my domain name out of Go Daddy, with just 2 days to
spare before expiration. k:

 

[draqon]

Well, if the FBI actually took an interest in this fairly unimportant matter, I think it wouldn't be very hard at all to prove the domain was stolen. We know who stole it. I have an email from the thief where he claims "I registered this domain while it was expired. I did it because if i hadn't, someone else would have." Godaddy confirms what I already knew - he didn't register the domain while it was expired. So if the FBI phoned him and asked him how he got the domain, he would either have to lie, or concoct a story instantaneously in his head.

Former employees of the company are willing to go on record as confirming he had no right to the domain, and it was the property of the trustee.

 

[dvdrip]

The trustee's lawyer should try to get it back using FBI.
You have no luck. You were never the owner.

 

[draqon]

i really think of that as more of a technicality

if the FBI get involved, i can refer them to the trustee anyway, who will confirm everything im saying.

 

[chatcher]

...I've spoken to every employee I know at Godaddy and they all insist that irregardless of whether the domain was blatantly stolen, they have no duty to return it, and that the issue remains a domain name dispute to be resolved by a court order or a wipo UDRP.

You are talking to the WRONG registrar. GoDaddy has no contract with or obligation to the former registrant. You need to talk to the registrar the domain name was transferred from. (Your only problem will be convincing them you have the authority to act in the name of the previous registrant.)

In every case I am familiar with of domain names stolen by registrar transfer being returned to their rightful owners (and registrars), the action that resolved the problem was taken by the former registrar. I have not personally heard of anyone being successful fixing the problem by dealing with the new registrar. Which makes sense if you think about it, even if it isn't obvious at first.

A lot will depend on exactly what the registration information was before the transfer. If the domain name was registered in a company name, and the trustee has documentation of a bankruptcy judge appointing him as trustee over that company's assets, there may not be too much trouble getting the original registrar to believe it was a fraudulent transfer. On the other hand, if it was registered in an employee's name, or an employee was listed as admin contact, and that employee was the person responsible for causing the transfer, the registrar may decide it was not an improper transfer (even if the act was fraudulent), and the trustee may have to go after that person.

Well, if the FBI actually took an interest in this fairly unimportant matter, I think it wouldn't be very hard at all to prove the domain was stolen. We know who stole it. I have an email from the thief where he claims "I registered this domain while it was expired. I did it because if i hadn't, someone else would have." Godaddy confirms what I already knew - he didn't register the domain while it was expired. So if the FBI phoned him and asked him how he got the domain, he would either have to lie, or concoct a story instantaneously in his head.

Former employees of the company are willing to go on record as confirming he had no right to the domain, and it was the property of the trustee.

As wonderful as the FBI may be, they do not have the authority to transfer a domain name registration, or to order a registrar to do so. IF they investigated this matter, and IF they were convinced a theft had occurred, they MIGHT file criminal charges against the thief, who if eventually convicted MIGHT be fined or jailed. In the end, the guy in jail would probably still possess the domain name, and you'd have to sue to get it back. More likely, the FBI has more important criminals to pursue.

The bottom line is that civil court could get expensive, and unless the domain name is really valuable, I'd try working with Melbourne IT to get it back. Just ask them what documentation they need to satisfy themselves the domain name was in fact stolen. If you can't convince them, you won't be able to convince the FBI, a judge, a jury, or most folks here at DNForum. If you can, they do have the means to get the name back.

 

[draqon]

You are talking to the WRONG registrar. GoDaddy has no contract with or obligation to the former registrant. You need to talk to the registrar the domain name was transferred from. (Your only problem will be convincing them you have the authority to act in the name of the previous registrant.)

Well, normally that would make perfect sense. But GoDaddy has made it clear that nothing, absolutely nothing, will make them return the stolen domain except for a court order or WIPO. The former registrar, Melbourne IT, could acknowledge the theft and approach Godaddy for it. But it still wouldn't get Godaddy to return it.

A lot will depend on exactly what the registration information was before the transfer. If the domain name was registered in a company name, and the trustee has documentation of a bankruptcy judge appointing him as trustee over that company's assets, there may not be too much trouble getting the original registrar to believe it was a fraudulent transfer.

Exactly. The registration was in the company name, and the trustee can certainly prove he was appointed to be in control of the assets. Trustees have all the documentation for that purpose.

On the other hand, if it was registered in an employee's name, or an employee was listed as admin contact, and that employee was the person responsible for causing the transfer, the registrar may decide it was not an improper transfer (even if the act was fraudulent), and the trustee may have to go after that person.

Luckily this is not the case. No employee was listed anywhere on the whois.

As wonderful as the FBI may be, they do not have the authority to transfer a domain name registration, or to order a registrar to do so. IF they investigated this matter, and IF they were convinced a theft had occurred, they MIGHT file criminal charges against the thief, who if eventually convicted MIGHT be fined or jailed. In the end, the guy in jail would probably still possess the domain name, and you'd have to sue to get it back. More likely, the FBI has more important criminals to pursue.

The bottom line is that civil court could get expensive, and unless the domain name is really valuable, I'd try working with Melbourne IT to get it back. Just ask them what documentation they need to satisfy themselves the domain name was in fact stolen. If you can't convince them, you won't be able to convince the FBI, a judge, a jury, or most folks here at DNForum. If you can, they do have the means to get the name back.

Well, this is very interesting and you bring up a lot of good points. But I suspect Godaddy might be more encouraged to grant an exception to their policy when the FBI confirms that the domain is stolen.

The domain isn't valuable enough to justify thousands of dollars in civil court, its a premium generic but its not in the same category as indiana.com etc.

However, I will do what you suggest and talk to Melbourne IT about it, maybe they will be able to assist me.

 

[chatcher]

Well, normally that would make perfect sense. But GoDaddy has made it clear that nothing, absolutely nothing, will make them return the stolen domain except for a court order or WIPO. The former registrar, Melbourne IT, could acknowledge the theft and approach Godaddy for it. But it still wouldn't get Godaddy to return it.

You're missing the point. Godaddy does not have to return it. Melbourne IT can dispute the transfer with the registry. This is not an unusual event. Fraudulent transfers are unfortunately not rare.

 

[draqon]

Isn't NSI the registry? It seems surprising they would return anything or assist with anything.