Summary:
A registrant using [will provide the name of the registrar upon request] received a single form notice disabling 73 domains across their account and locking the account entirely. This is some part of the communication they received: "Following a thorough review of your domain portfolio and the associated abuse reports, we have assessed that your account poses a high risk."
The notice cited one internal reference number and stated the domains "appear to have been recently registered for the purpose of abuse," with no domain-specific evidence, no explanation of the alleged abuse type, and no appeal path, the email explicitly stated the decision was "final and will not be reversed."
I'm not including the domain list here but can share it, along with the original notice, upon request.
Here we are dealing with a case that we are actually making policy about:
Honestly, I don't think a specific example should be necessary to establish that this is a problem because the incentive structure alone makes the outcome predictable. Registrars bear real compliance and reputational costs for under-responding abuse reports, and essentially no cost for over-suspending. (I have mentioned this before in numerous DNS abuse meetings we had, at least since 2019)
Bulk, automated, low-specificity suspension is simply the cheapest way to comply. Absent a requirement for individualized evidence and a mandatory appeal/correction path, this outcome, broad account-level action, misattributed domains, no recourse is the rational result of the incentives registrars face.
Happy to provide further documentation on request.