Donuts Inc. Makes $57 Million Bid for Domains, Inciting Fears of Spam, Fraud

donut_shopsYou may want to have a muffin with your morning cup of java today. Donuts, as delicious as they are, can be bad for you, and according to some industry watchdogs and Internet groups, it’s not the sweet doughy treat that you need to worry about right now. Donuts, Inc., a group of investors with experience in the domain name space, has made a bid – a huge one – for a barrel of new generic top level domains (gTLDs), and according to the Washington Post and other media outlets, it has some people worried that the play could lead to the abuses normally associated with spam and fraudulent activities.

It’s no secret that the Internet is about to explode into a whole new universe of gTLDs, dismissing with the modest 22 (not including countries and regional TLDs) TLDs that have made life so ridiculously simple these past twenty years. In fact, the Internet Corporation for Assigned Names and Numbers (ICANN) is sitting on about 2,000 applications for new gTLDs, and as one might have expected, sitting at the top of the hill of applicants are the likes of Amazon, looking to sew up all TLDs with the mere mention of .books, Google, which wants you to .buy, .buy, .buy, and yes, the insurance companies want a piece too, with AllState bidding for everything that ends with .carinsurance.

But when an unknown company which appears to do nothing makes a bid for 307 gTLDs at the bargain basement price of $57 million, there’s a skeptical side to the Internet that might wonder at the end game of a group of self-described “industry veterans with extensive experience in registry and registrar operations and industry governance.” That statement came from Chris Pacetti, general partner at Austin Ventures, in what seems to be a press-release article in theDomains.com, and if you surf on over to the Investors page at Donuts, Inc., it doesn’t take long to notice that the first investor listed at Donuts, Inc. is Austin Ventures.

Fair enough, though. The Internet is unashamedly a great place to get wealthy. Just ask the Gates’, Bezos’, and Zuckerbergs of the world. There’s absolutely nothing wrong with free market capitalism and the mating of dollars with other dollars to make little baby dollars. But, according to the Washington Post, Internet advocates have thrown the red flag on Donuts, Inc., which they warn has “close ties to a company with a well-documented history of providing services to spammers and other perpetrators of Internet abuses.” The fallout, the watchdogs warn, could be a new era of abuses using the newly-acquired gTLDs. “Should Donuts come to control hundreds of new domains, including ‘.doctor,’ ‘.financial’ and ‘.school,’” the critics say, “consumers could see a spike in online misbehavior.”

David E. Weslow, a Washington, D.C.-based lawyer who represents major corporations, was quoted in the Post article, warning that “If the allegations concerning [Donuts, Inc.] turn out to be true, these 300 top-level domains could be the Wild West for fraud and abuse.”

Remembering that these are just allegations at this point, there’s a bigger issue at play here, and Donuts, Inc. is merely one of the…ehm…players. The World Wide Web has been comfortably coexisting with the world for twenty years or so, and it’s been a nice quiet place, for the most part, with its 22 TLDs. This time next year, however, there could be more than 1,500 TLDs. Donuts, Inc.’s significant and baffling investment only underscores what security professionals have been warning of for years.

According to the Post, “Donuts, Inc. was quick to respond to the criticism, stating that they are qualified to use the new domains responsibly. “We and our very smart investors would not have spent almost $57 million if we had any concerns that we were not eligible,” said Jonathon Nevett, a Rockville-based lawyer who is one of four co-founders of Donuts.””

New domains – and not just a few, now – exploding on the spam filters and mostly uneducated users of the world could have disastrous effects. Phishing could take on a whole new dimension. Remember that there was a time not long ago that a .COM or .ORG TLD suggested to many a user that the domain was legitimate, when we all know that wasn’t the case at all. Regardless of its intent, Donuts, Inc.’s $57 million bid wasn’t hard to miss. But what about organizations – the ones we don’t know of – that have become part of those 2,000 or so applications to ICANN?

You can’t unring the bell, once it’s been rung.

Leave a Reply