[At-Large] Online sale of fake medicines and products targeted in INTERPOL operation

John Horton john.horton at legitscript.com
Mon Jun 13 16:29:05 UTC 2016


Hi all. I'm not sure whether I'll get bounced back rom the at-large mailing
list, so feel free to forward if so.

LegitScript's experience over the last several years has been that most
registrars now voluntarily suspend domain names that we designate as rogue
Internet pharmacies. The criteria there is that the domain name's sole or
primary purpose is to illegally sell pharmaceuticals, nearly always without
a prescription and also nearly always based on the drugs being falsified,
unapproved or in some other way substandard. Rogues also lack valid
pharmacy licensure as legally required. These are all public health
threats. This includes not only most registrars in the US but worldwide.
LegitScript has expressed our appreciation to the registrar and registry
community -- more accurately, the majority of that community -- for their
commitment to a safer Internet. There's a long list of these registrars,
which includes the larger ones like GoDaddy, eNom/Rightside, Directi,
Name.com and others, as well as smaller ones like Blacknight (huge in
Ireland, though!), Dynadot, AlphaNames and most others. There are others
about which we've expressed concerns in the past that are now very
responsive and take a serious approach to abuse complaints involving rogue
Internet pharmacies, and I think that the anti-abuse community does well to
recognize and appreciate the evolution of those approaches. In direct
answer, I would say that "a lot" means...I don't know. 80%? 90%? Not all
registrars ever have a rogue Internet pharmacy, but there's probably well
over 100 registrars that we have to notify from time to time and who act on
those notifications.

However, most registrars is not all registrars. Criminals are rational
economic actors, and it stands to reason that they will carefully select a
registrar that they believe, rightly or wrongly, will protect them from
LegitScript or law enforcement notifications. There's also an emerging
business model here: charge more for protection. Although this is a small
minority of registrars, in my view, it's a serious problem. In some cases,
we're aware that the registrar has a special financial arrangement with the
rogue Internet pharmacy network. In other cases, the rogue Internet
pharmacy network is the registrar. For example, Nanjing Imperious, a
registrar ostensibly based in China but operated by a German national, is
operated by the rogue Internet pharmacy domain name registrant himself. AB
Systems, now finally deaccredited, was the safe haven
<https://mastermind.atavist.com/> for tens of thousands of rogue Internet
pharmacies that financed arms smuggling, North Korean meth smuggling and
assassinations. LegitScript has testified
<https://judiciary.house.gov/hearing/hearing-stakeholder-perspectives-icann/>
before Congress about our concerns with other registrars like Rebel. My
personal view is that ICANN has abdicated its responsibility to exercise
due diligence in the accreditation and re-accreditation process. However, I
also believe that most registrars do not want companies like these in their
community.

In summary, I think that a balanced view recognizes that the strong
majority of the registrar community is appropriately responsive to abuse
complaints involving criminal activity, specifically rogue Internet
pharmacies. However, the same balanced view requires recognizing that
there's a serious problem with a small number of rogue registrars who (at
best) turn a blind eye to criminal activity or (in some cases) actively
solicit it. We continue to urge the contract parties community and ICANN to
consider what additional steps can be taken to remove these safe havens
from the ecosystem. My personal opinion, which I know that some registrars
may or may not share, is that stronger but fair and balanced enforcement of
Section 3.18 by ICANN would, in the long run, help the legitimate registrar
and registry community, not hurt it.

Thanks for the opportunity to respond. -- JCH

John Horton
President and CEO, LegitScript


*Follow LegitScript*: LinkedIn
<http://www.linkedin.com/company/legitscript-com>  |  Facebook
<https://www.facebook.com/LegitScript>  |  Twitter
<https://twitter.com/legitscript>  |  *Blog <http://blog.legitscript.com>*
 |  Google+ <https://plus.google.com/112436813474708014933/posts>




On Mon, Jun 13, 2016 at 8:23 AM, Michele Neylon - Blacknight <
michele at blacknight.com> wrote:

> Garth
>
> Have a look at the Legitscript blog. Most of the large registrars work
> with Legitscript.
>
> I’m sure John can comment in more detail.
>
> Regards
>
> Michele
>
>
> --
> Mr Michele Neylon
> Blacknight Solutions
> Hosting, Colocation & Domains
> http://www.blacknight.host/
> http://blog.blacknight.com/
> http://ceo.hosting/
> Intl. +353 (0) 59 9183072
> Direct Dial: +353 (0)59 9183090
> -------------------------------
> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
> Road,Graiguecullen,Carlow,R93 X265,
> Ireland  Company No.: 370845
>
> On 13/06/2016, 11:20, "gbruen at knujon.com" <gbruen at knujon.com> wrote:
>
> >Michele,
> >
> >Which registrars and registries are the "a lot" you refer to?
> >
> >-Garth
> >
> >
> >On 6/13/16 11:01 AM, Michele Neylon - Blacknight wrote:
> >> Derek
> >>
> >> Hardly “of note”. They’re mentioned in passing without any details and
> in the same line as payment providers and delivery services. There’s also
> zero explanation as to what constitutes “rogue”.
> >>
> >> As Legitscript has noted multiple times in the past a lot of registrars
> and registries work with them and law enforcement.
> >>
> >> Regards
> >>
> >> Michele
> >>
> >>
> >> --
> >> Mr Michele Neylon
> >> Blacknight Solutions
> >> Hosting, Colocation & Domains
> >> http://www.blacknight.host/
> >> http://blog.blacknight.com/
> >> http://ceo.hosting/
> >> Intl. +353 (0) 59 9183072
> >> Direct Dial: +353 (0)59 9183090
> >> -------------------------------
> >> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business
> Park,Sleaty
> >> Road,Graiguecullen,Carlow,R93 X265,
> >> Ireland  Company No.: 370845
> >>
> >> On 11/06/2016, 17:05, "at-large-bounces at atlarge-lists.icann.org on
> behalf of Derek Smythe" <at-large-bounces at atlarge-lists.icann.org on
> behalf of derek at aa419.org> wrote:
> >>
> >>> http://www.interpol.int/News-and-media/News/2016/N2016-076
> >>>
> >>> Of note: "rogue domain name registrars"
> >>>
> >>>> The operation also targeted the main areas exploited by organized
> crime in the illegal online medicine trade: rogue domain name registrars,
> electronic payment systems and delivery services. A further 700
> investigations have now also been launched by national authorities
> worldwide with at least 40 cases directly linked to organized crime.
> >>>
> >>> Derek Smythe
> >>> Artists Against 419
> >>> http://www.aa419.org
> >>>
> >>> _______________________________________________
> >>> At-Large mailing list
> >>> At-Large at atlarge-lists.icann.org
> >>> https://atlarge-lists.icann.org/mailman/listinfo/at-large
> >>>
> >>> At-Large Official Site: http://atlarge.icann.org
> >> _______________________________________________
> >> At-Large mailing list
> >> At-Large at atlarge-lists.icann.org
> >> https://atlarge-lists.icann.org/mailman/listinfo/at-large
> >>
> >> At-Large Official Site: http://atlarge.icann.org
> >
> >
> >--
> >Garth Bruen
> >gbruen at knujon.com
> >
> >617-947-3805
> >http://www.knujon.com
> >Fisher College, Criminal Justice Division
> >ICANN At-Large Advisory Council
> >Author: WHOIS Running the Internet
> >http://www.wiley.com/WileyCDA/WileyTitle/productCd-1118679555.html
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/at-large/attachments/20160613/f66e7b66/attachment-0001.html>


More information about the At-Large mailing list