Hi Susan, As mentioned to Ade, 15 days aren't up yet. Once 15 days are up and no positive confirmation, then the domain should be suspended. At this time apart from not responding to you, OnlineNic have not done anything wrong on this. Certainly on the 16th day - jump on them for not suspending the domain name. Kind regards, Chris From: "Susan Kawaguchi" <susank@fb.com> To: "Ade Cheek" <ade.cheek@legitscript.com> Cc: "gnso-rds-pdp-wg" <gnso-rds-pdp-wg@icann.org> Sent: Monday, 1 August, 2016 19:58:58 Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name I should have used the term verify as used in the 2013 RAA the following was not done by Onlinenic.com the email address of the Registered Name Holder (and, if different, the Account Holder) by sending an email requiring an affirmative response through a tool-based authentication method such as providing a unique code that must be returned in a manner designated by the Registrar, Susan Kawaguchi Domain Name Manager Facebook Legal Dept. From: Ade Cheek < ade.cheek@legitscript.com > Date: Monday, August 1, 2016 at 11:36 AM To: Susan kawaguchi < susank@fb.com > Cc: " benny@nordreg.se " < benny@nordreg.se >, " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Onlinenic - No comment Anyway, the address is valid, as in actually exists, hence the initial "validation". You don't need me to tell you that a large number of registrars simply automate the address check process and when complaints arise, they can claim that they had conducted validation checks. More often than not (in my experience) the complaint is then dropped by ICANN. As silly as this sounds, if the sender address is not monitored, then the reply that it's not valid will simply not be read. I also see that they ask you to " contact your domain name Service Provider for direct assistance" if you need to correct any information. Again, don't contact us, it's not our problem. On Mon, Aug 1, 2016 at 11:24 AM, Susan Kawaguchi < susank@fb.com > wrote: We received a WDRP notice as you can see below. No way to validate the information and I responded that it is NOT valid… Completely out of compliance in my opinion. From: " No-Reply@onlinenic.com " < No-Reply@onlinenic.com > Date: Thursday, July 28, 2016 at 9:43 PM To: domain < domain@fb.com > Subject: [domain] Whois Data Reminder - login-account.net Dear Domain Registrant, This e-mail is a reminder for you to review and correct any inaccurate Whois information associated with your domain registration on login-account.net . Our records include the following information. [whois info] Domain: login-account.net Registrar Name: ONLINENIC, INC. Registrant: Name: Domain Administrator Address: 1601 Willow Road, City: Menlo Park State/Province: CA Country: US Postal Code: 94025 Administrative Contact: Name: Domain Administrator Address: 1601 Willow Road, City: Menlo Park State/Province: CA Country: US Postal Code: 94025 Phone: +1.6505434800 Fax: +1.6505434800 Email: domain@fb.com Technical Contact: Name: Domain Administrator Address: 1601 Willow Road, City: Menlo Park State/Province: CA Country: US Postal Code: 94025 Phone: +1.6505434800 Fax: +1.6505434800 Email: domain@fb.com Original Creation Date: 07/24/2016 Expiration Date: 07/24/2017 Nameserver Information: Nameserver: ns1.dns-diy.net Nameserver: ns2.dns-diy.net Under ICANN rules at http://www.icann.org/whois/wdrp-registrant-faq.htm , domain name registrants are obligated to review the contact information associated with their domain names and make corrections whenever necessary. The provision of false Whois information can be grounds for cancellation of your domain name registration. If you confirm the current whois information is full and accurate, you could simply ignore this notification. If you need to update whois information, please contact your domain name Service Provider for direct assistance. Regards. Susan Kawaguchi Domain Name Manager Facebook Legal Dept. From: " benny@nordreg.se " < benny@nordreg.se > Date: Monday, August 1, 2016 at 10:30 AM To: Ade Cheek < ade.cheek@legitscript.com >, Susan kawaguchi < susank@fb.com > Cc: " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Please point me to the section where that are in compliance with RAA 2 013 The only occurance occurrance of getting a domain as OK without validation are if the Registrant ID are validated from before and no changes are done. In that case it indicates FB have validated the info -- Med vänliga hälsningar / Kind Regards / Med vennlig hilsen Benny Samuelsen Registry Manager - Domainexpert Nordreg AB - ICANN accredited registrar IANA-ID: 638 Phone: +46.42197080 Direct: +47.32260201 Mobile: +47.40410200 From: Ade Cheek < ade.cheek@legitscript.com > Date: Monday 1 August 2016 at 19:13 To: Susan Kawaguchi < susank@fb.com > Cc: Benny Samuelsen < benny@nordreg.se >, " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Benny, If the information provided ticks the boxes then it's validated. Most checks are retrospective as this takes time and time is money... On Mon, Aug 1, 2016 at 10:11 AM, Ade Cheek < ade.cheek@legitscript.com > wrote: BQ_BEGIN As Susan mentions, all they need is a few days. At least the registrar actually conducted validation checks, many don't. On Mon, Aug 1, 2016 at 10:04 AM, Susan Kawaguchi < susank@fb.com > wrote: BQ_BEGIN The registrar sent an email to Domain@fb.com which I received but I immediately responded it was not a valid registration and asked for transfer. No word yet. All phishers need is a few days to use the domain name. Susan Kawaguchi Domain Name Manager Facebook Legal Dept. From: " benny@nordreg.se " < benny@nordreg.se > Date: Monday, August 1, 2016 at 10:01 AM To: Susan kawaguchi < susank@fb.com >, " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: Re: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Curious, how did it get validated? -- Med vänliga hälsningar / Kind Regards / Med vennlig hilsen Benny Samuelsen Registry Manager - Domainexpert Nordreg AB - ICANN accredited registrar IANA-ID: 638 Phone: +46.42197080 Direct: +47.32260201 Mobile: +47.40410200 From: < gnso-rds-pdp-wg-bounces@icann.org > on behalf of Susan Kawaguchi < susank@fb.com > Date: Monday 1 August 2016 at 17:17 To: " gnso-rds-pdp-wg@icann.org " < gnso-rds-pdp-wg@icann.org > Subject: [gnso-rds-pdp-wg] Use Case - False registration data to appear as Facebook owned domain name Hello All, Attached is a use case we run into frequently, bad actors will use valid Facebook information in the registration data to make the registration to appear authentic. Best regards, Susan Kawaguchi Domain Name Manager Facebook Legal Dept. _______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg -- Adrian Cheek Director of Global Partnerships BQ_END -- Adrian Cheek Director of Global Partnerships BQ_END -- Adrian Cheek Director of Global Partnerships _______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg