auDA (au Domain Administration) stated that on Monday the accredited registrar DDNS initiated over 1,600 transfers from other registrars to itself which the administrator had found had not been authorised by the relevant registrants. auDA CEO Chris Disspain told ZDNet Australia that auDA had requested DDNS supply them with copies of the authorisations, and the registrar had been unable to do so.
DDNS told ZDNet Australia they had permission from the registrants, but it wasn't "word perfect" to the form auDA wanted.
"We make it a point to get signed authority from every registrant when we take them on," said Rod Keys, managing director of DDNS. However, DDNS did not have the authorisation in electronic form and refused to manually send the paper copies within the 24 hour time frame stipulated by auDA.
At that point the au domain registry AusRegistry was instructed to transfer each domain name that was transferred by DDNS back to its original registrar of record, and those registrars have been ordered to send an explanatory communication to each affected registrant.
Keys said that DDNS had created an automated script designed to send e-mails to clients of the company asking if they wanted to transfer their domain name to DDNS in words acceptable to auDA, and to initiate the transfer when the reply came in. However, there was a mistake in the script and the transfers were initiated without the e-mail reply.
Keys was further incensed because the customers contacted by DDNS were those the company had signed up as a reseller, and been unable to transfer across when it received its registrar accreditation. He said test-bed registrars were able to transfer their customers during the testing of the new domain registration system in 2002, but when DDNS became a registrar in September it was unable to.
The new domain name transfer policy commenced on Monday, and allows the transfer of domains from one registrar to another without forcing the name to be reregistered. The onus was placed on the gaining registrar to obtain the approval of the registrant of the domain name, rather than the losing registrar.
Although auDA has previously been criticised as unable to regulate their own backyard, the administrator moved fast in this case to rectify an apparent abuse of the system.
DDNS has been directed to post a corrective notice on its web site for a period of 30 days, and prohibited from transferring any domain name from another registrar to itself unless it provides auDA with a copy of the relevant authorisation and receives auDA's consent, for a period of 60 days. auDA also instructed DDNS to review its systems and procedures to ensure it adheres to all of its obligations under the Registrar Agreement.
