Facebook Wants Namecheap To Reveal Who’s Registering Infringing Domains

Last week Facebook announced it had filed a lawsuit in Arizona against domain name registrar Namecheap as well as its proxy service, Whoisguard, for registering domain names that aim to deceive people by pretending to be affiliated with Facebook apps. These domain names from Facebook’s perspective can trick people into believing they are legitimate and are often used for phishing, fraud and scams.

According to a post on the Facebook blog, Christen Dubois, Director and Associate General Counsel, IP Litigation at Facebook writes “we regularly scan for domain names and apps that infringe our trademarks to protect people from abuse. We found that Namecheap’s proxy service, Whoisguard, registered or used 45 domain names that impersonated Facebook and our services, such as instagrambusinesshelp.com, facebo0k-login.com and whatsappdownload.site. We sent notices to Whoisguard between October 2018 and February 2020, and despite their obligation to provide information about these infringing domain names, they declined to cooperate.”

It’s the second time Facebook has filed such a lawsuit. The first was in October 2019 against OnlineNIC, another domain registrar, and its proxy service. Dubois writes it’s Facebook’s “goal is to create consequences for those who seek to do harm and we will continue to take legal action to protect people from domain name fraud and abuse.”

In a response on the Namecheap blog, the registrar notes they take customer privacy and Internet rights and due process seriously and claim Facebook is attempting to bypass legal protections and our own stringent customer protections.

Namecheap note that because they do not “voluntarily divulge domain registrants’ private details (as protected by our WHOIS proxy Whoisguard) without a court-ordered subpoena, Facebook has filed a lawsuit against us.”

“Namecheap takes every fraud and abuse allegation seriously, and diligently investigates each reported case of abuse,” said Namecheap’s CEO Richard Kirkendall. “We actively remove any evidence-based abuse of our services on a daily basis. Where there is no clear evidence of abuse, or when it is purely a trademark claim, Namecheap will direct complainants, such as Facebook, to follow industry-standard protocol. Outside of said protocol, a legal court order is always required to provide private user information.”

“Facebook may be willing to tread all over their customers’ privacy on their own platform, and in this case, it appears they want other companies to do it for them, with their own customers. This is just another attack on privacy and due process in order to strong-arm companies that have services like WhoisGuard, intended to protect millions of Internet users’ personal private data.”

Namecheap states they believe their “customers have rights just like large corporations, and we stand firm against any company or entity that insists on invading privacy without due process.”