question Any update on Nissan.com theft?

[Gabriel360]

Does anyone know what's going with Nissan.com?

Last I read, it was stolen after the death of Uzi Nissan. The man who never gave in to the intimidation of Nissan Motors.

I truly hope the domain translates to meaningful wealth for his surviving family members.

Currently, Nissan.com redirects to a parking page at forexssignals.com. If anyone knows what's going on, please share.

 

[jberryhill]

How does a court verify a business owner or person?

Who cares. You are the registrar in this scenario.

In fact, there has been a domain court case where a party was lying about who they were, and the same thing has happened with at least one UDRP, but that's not relevant to your point.

A court has the summary power to lock people up. Registrars don't. But that's all beside the point. If a court issues an order, the registrar implements the order. Same with the UDRP.

You said no court was needed, and this could all be sorted out by the registrar.

I've already granted you a magic wand to confirm that the person in question is who they say they are. So, the former registrant is telling you that the name was stolen. Do you transfer the name back?

 

[jberryhill]

Can we work through one thing you said before throwing up a lot of other stuff?

Your point was that a registrar should be able to confirm a name was stolen without getting involved with courts, etc., so let's stick to your point. I'll be happy to address situations where people have impersonated others in court proceedings. (the fake TM assignment scenario is pretty simple to unwind because that will fall apart in discovery)

 

[jberryhill]

Okay, well, in any event, it doesn't look like we're going to get to the next step - where [email protected] says he bought the domain name from the previous registrant, and he comes up with a signed contract and a bank statement showing payment of the money. NewGuy says that the previous registrant is just having seller's remorse and wants to unwind the sale.

The former registrant then says that NewGuy is lying and his documents are all fake.

So, all you've done is verified that the person talking to you is the former registrant of the domain name. You have not confirmed the name is stolen, since the parties have two different stories about that.

And, that is exactly the sort of situation that comes up repeatedly in these scenarios.

The point is that even if you can confirm that someone is the former registrant of a domain name, and that they are who they say they are, you cannot confirm that the domain name was stolen. You can look at a lot of circumstantial evidence, such as access logs, but we've seen on this forum how that can fall apart.

In this instance, someone is dead. Let's dig into that for a minute. Because now you have a much more complicated problem. There were multiple family members. Did he leave a will? Are you supposed to do what any family member tells you to do, or just pick one? If the domain name was registered to a company, then just because someone associated with that company is dead does not tell you who now speaks for the company. Was the company owned with someone outside of the family, for example? If you own run a business with a partner, and that partner dies, then it's not as if that partner's family now owns the entire company or speaks for that company.

How do you even know the relationship between the deceased registrant and the person claiming to be a member of the family entitled to speak on behalf of the estate?

So, now, on top of running an identity verification service, you are running an international probate court in every jurisdiction in the world, along with a corporate transaction court. It's just not workable. It's why - unless the registrar feels like taking chances on what "looks like" strong evidence - registrars will tell you to go to court, get an order, and come back. And, no, the registrar does not care how the courts verify who people are.

Bottom line - you can run a registrar or you can run a domain name court. Unlike a real court, nobody has the power to compel the production of documents or testimony from third parties or to lock people up for submitting false sworn testimony.

 

[jberryhill]

You'll like this one:


https://www.wipo.int/amc/en/domains/decisions/html/2006/d2006-0706.html

In October 2005, Respondent “hijacked” the disputed domain name. Again this is supported with Complainant’s sworn statements in an affidavit. Complainant says that he was suddenly unable to receive email through the disputed domain name. He immediately tracked the disputed domain name through various registrars’ databases and discovered that the registration for the disputed domain name had been altered “without [Complainant’s] approval or knowledge.” Complainant contacted Network Solutions, Inc., the registrar with which he had most recently registered the disputed domain name, but was advised that Network Solutions, Inc. would not intervene in the matter. Complainant alleges, without evidentiary support, that “I believe that since transfer requests and approvals are sent via email that in some way my email or account was redirected or hacked in order for the current owner to authorize a fraudulent transfer request and steal my domain name.”

According to Respondent:

Respondent, in a sworn declaration, presents a completely different story. Respondent first spoke with Complainant in September 2005, asking if the disputed domain name was for sale. After an initial refusal, Respondent said he was prepared to offer substantial cash consideration for the domain name. Complainant replied that he would “check with family members” and revert later. “A man who said he was [Complainant’s] father” later called Respondent and said that Complainant and his family would sell the domain name for $150,000 to $170,000. When Respondent offered $120,000, this person agreed. This representative of Complainant sent Respondent a signed Domain Name Purchase Agreement, which Respondent signed and returned. Respondent then wired payment of $120,000 in accordance with the wiring instructions in the Purchase Agreement. Respondent attaches signed copies of this Purchase Agreement and a wire confirmation to the account set forth in the Purchase Agreement.

The Parties’ Supplemental Submissions

Upon receipt of the Response, Complainant immediately filed his request to submit a reply, stating as his principal ground for seeking an extraordinary filing was his contention that the Respondent’s story and supporting evidence were fabricated. Because Respondent’s evidence raised some questions on its face, and because the possibility of forged evidence constituted a circumstance that the Panel believed Complainant could not reasonably have anticipated, the Panel allowed most of Complainant’s proffered Reply.

With the Reply Complainant submitted an affidavit of a handwriting expert, who gave his opinion that the purported signature on the Purchase Agreement was manufactured and in fact copied and pasted from the signature on the affidavit that Complainant submitted in support of the Complaint; an affidavit of an expert in international banking, who opined that the purported wire transfer confirmation was incomplete in a number of specific respects; Complainant’s sworn statement that his father died in 1982 and a copy of his father’s death certificate; Complainant’s sworn statement that neither he nor any company in which he had an interest had ever maintained a bank account at the bank or branch specified in Respondent’s purported wire transfer; and Complainant’s sworn statement that he had never had any contact (by email or by telephone) with Respondent.

Respondent replied to Complainant’s supplemental submission with a further affidavit, reiterating that his original statements were true and correct and documentary evidence genuine.

...

Complainant has provided documentary evidence that the person Respondent claimed to speak with died more than twenty years before the supposed conversation. He has also provided evidence that the documents on which Respondent bases his sworn statements, are manufactured, and that the supposed signature from Complainant or his “father” was crudely forged.

 

[MadAboutDomains]

You said no court was needed, and this could all be sorted out by the registrar.

I suggested it as a possibility, twice. Once with the word probably, and secondly with a preamble that I thought most people would interpret as ponderings.

Okay, well, in any event, it doesn't look like we're going to get to the next step - where [email protected] says he bought the domain name from the previous registrant, and he comes up with a signed contract and a bank statement showing payment of the money. NewGuy says that the previous registrant is just having seller's remorse and wants to unwind the sale.

The former registrant then says that NewGuy is lying and his documents are all fake.

Talk about throwing other stuff up. That scenario is obviously not something that a registrar can sort out. That isn't a scenario we're talking about here, or at least no proof that it is the case from what I can see. We're talking about a stolen domain that is still in the name of the original owner at the original registrar.

See https://domainnamewire.com/2023/06/28/estate-of-uzi-nissan-says-nissan-com-is-stolen/#:~:text=In a lawsuit (pdf) filed this week, the estate says the domain names were stolen from the account and moved to another account at his registrar. The Whois records still show his name and the suit does not say when the theft occurred.

We're talking about a registrar that already has an established relationship with a customer for many years. They have records about them - their address, their email contact details, their credit card details, multiple records on the domain that direct you to different types of contacts. You're telling me that if a domain name gets poached out of someone's account and stays at the same registrar that it is IMPOSSIBLE in EVERY WAY IMAGINABLE for them to reconcile the details and return the name back into the account of the original owner without extreme peril to their business?

A lawyer will always look at ways to increase the surface area that they have to conduct their trade.

Why does the lawyering have to be before the point of moving a digital asset within an account that can be changed at will, why can't it be up to the owner who has no history of owning the domain to prove that they bought the name instead?

What is the point in the multiple details on the domain name registration if they cannot be taken as read that whatever's on there that that's the person in control of the domain? Seems like pointless madness to me.

But again, I iterate in a similar vein as before - if the details aren't correct, or they didn't bother to secure the domain, then they (the original owners) should know better after millions spent and will learn a great lesson from this.

 

[jberryhill]

We're talking about a stolen domain that is still in the name of the original owner at the original registrar.

The problem is that the original owner is dead.

Nobody talking to the registrar is the original owner.

And, as often happens in these situations, nobody talking to the registrar can verify passwords, personal identification numbers, and so on. As also happens in these situations, nobody in the family had the passwords to dad's email accounts etc.. So there's no way you can send a verification email to the contact data on file if the family didn't have dad's passwords.

So none of the stuff you mentioned about data exchanged by the previous registrant with the registrar is relevant to the fact that none of the people who might be claiming to be the rightful owner of the domain name are the previous registrant.

For example, if I died, and you were my registrar, then if a woman contacted you, and showed you a marriage certificate proving that she had married me in the 1980's, would you believe that (a) she was my wife, and (b) she was entitled to my domain names?

Because if you did that, then you would have just given my domain names to someone to whom I haven't been married since 1999!

They have taken the matter to court, they have subpoenaed relevant information from various service providers, and there is no doubt they are going to get to the bottom of it.

And, stay tuned, because within the next two weeks, another dead person is going to be filing a suit over a stolen domain name.

 

[jberryhill]

But again, I iterate in a similar vein as before - if the details aren't correct, or they didn't bother to secure the domain, then they (the original owners) should know better after millions spent and will learn a great lesson from this.

Uzi Nissan did a fine job of securing his domains. I don't know what you mean by the "details not being correct". His details were fine. He didn't leave behind his passwords or lists of answers to verification questions. So his family was locked out and their estate lawyer was hostile to suggestions on how to deal with that.

I can tell you from direct personal experience that so did Igal Lichtman and Roy Flanders. Their wives and kids, not so much.

However, just because you do a good job managing your domain names does not mean that your wife or children have the first clue how to manage your domains, access your accounts, etc.. Family relationships can be complicated. But what kind of "lesson" do you expect Uzi to learn here?

 

[jberryhill]

I had to deal with another dead registrant a couple of months ago. Very sad situation. The registrant had died and left behind an extremely valuable domain name and his sole living relation was his sister. Someone wanted to buy the domain name from the sister, and had tracked down the lawyer who had dealt with other property matters. The sister had no way of accessing her dead brother's accounts. On top of that, the sister had some psychological issues which had made dealing with other aspects of probate challenging for the estate lawyer. Ultimately, we decided that it was going to be too difficult to deal with the situation, because while the sister was not incapacitated, it was hard for her to make decisions and stick with those decisions.

These things go on every single day during the course of conducting business as a registrar. While, yeah, sure, it's popular to sneer at "lawyers making everything complicated and requiring lawyers" the real world is a lot messier than a lot of folks assume it to be. While most registrars do make good faith efforts to bring clarity to situations where things are very, very clear, I can assure you that every registrar has found themselves in many situations where that clarity was just not there. Consequently, the default position is that they will comply with any ICANN requirement or relevant court order. How courts make those decisions is not something for which the registrars are responsible.

 

[MadAboutDomains]

Uzi Nissan did a fine job of securing his domains.

Sounds like he left his family with the inability to protect and or/recover an asset he spent his life defending and defending for a dear price.

I'm not sure what your standard is for secure when it comes to assets, but mine is a higher bar than nobody that I trust has the first clue about looking after my valuable stuff after I'm gone. Not least something that millions was spent on and has the potential of earning millions in the future.

I suppose I could have just pointed to your post to explain instead of explaining myself...

And, as often happens in these situations, nobody talking to the registrar can verify passwords, personal identification numbers, and so on. As also happens in these situations, nobody in the family had the passwords to dad's email accounts etc.. So there's no way you can send a verification email to the contact data on file if the family didn't have dad's passwords.

By the sound of what you've just described it sounds worse than I thought given I didn't have any of that information before now. You were basically making out that nothing that the registrar could do would allow them to recover the name and verify the person - so are the current registrant details usable or not for recovery of the domain? If not, that brings me back to the point I was making about what is the point in having the details on the domain if they can't be used to recover a domain, they may as well be blank if they aren't useful for the registrar or registry to determine whoever controls the name without being sued for taking action based on info they send to those details.

But what kind of "lesson" do you expect Uzi to learn here?

I mean a lesson for "Nissan Computer Corp. (Licensee)" to learn. That IS the current registrant from what I can see and is the entity that should have had the protocols in place for this eventuality.

There's not really much point in trying to make it out like I'm trying to stir emotions about it, or that I think he did a BAD job or that he should "learn a lesson". I'm stating the fact that the rightful entity doesn't have control of it's asset anymore and lessons will be learnt.

 

[jberryhill]

You were basically making out that nothing that the registrar could do would allow them to recover the name and verify the person - so are the current registrant details usable or not for recovery of the domain?

Many registrars do make good faith efforts to try to sort these things out. Yes, the details are important - as are things that are not so obvious like historical access logs and patterns, other activity in the registrant's account, other activity in the transferee's account, and so on. That's why a lot of stolen names get sorted out on an informal basis without legal action of any kind, as @bhartzer will attest.

So, sure, a lot of these do get sorted out through the application of common sense and existing data.

But here, you have a registrant that is a corporation. Corporations have lives which are separate from their owners. This can be helpful in some circumstances and not so helpful in other circumstances.

It's worth pointing out that, other than the specialty corporate registrars like Safenames, Markmonitor, CSC and so on, ordinary retail registrars do not do a good job of distinguishing between "a domain name registered by an individual" and "a domain name registered by a corporation".

In fact, in ICANN policy discussions, GoDaddy objected to a proposal that registrars expressly require registrants to state whether the domain name is owned by an individual human, or by a business entity of some kind.

That ambiguity causes huge issues, and was a major headache in running, for example, a domain marketplace. Somebody buys a domain name for their employer, and their employment ends prior to the domain transfer or payment plan being completed. Was the buyer that individual, or was the buyer the company?

The Nissan situation is the worst combination of facts. You have a domain name owned by a company. You don't know who might or might not be all of the shareholders of the company in relation to the person who was the authorized contact, but the authorized contact is now deceased. So, you have the estate saying the domain name belongs to them, but to whom does the company actually belong, since it may not have been 100% owned by the person who was the authorized contact.

The guys who run gkg.net - which is not the most sophisticated registrar on earth - have a lot of battle scars they've accumulated over the years, but they also have the good sense not to wade in as judge, jury, and executioner with a domain name that has been the subject of prolonged legal disputes over the years. They are unlikely to get involved in deciding who is the "rightful owner" of a domain name that has been fought over for ages.

Personally, there are some things that I've never quite understood about Uzi Nissan making that litigation the central focus of his life, never seeing a dime from it, and leaving it a mess for his estate to clean up. They now have the privilege of spending money to recover it, unless there is a contingent fee arrangement of some kind. But, if there IS a contingent fee arrangement of some kind, then the simplest route is to simply sell the car company the right to recover the domain name. Although, there may be an underlying arrangement of some kind through which this piece of litigation is being conducted. Whatever the actual underlying arrangement might be, it goes without saying that obtaining a court-ordered transfer of the domain name to its rightful owner provides an unassailable title to it.

 

[Jv1999]

Honestly now I'm thinking if I hit age 60 or beyond, I'll transfer all my digital assets (bitcoin/domains/hosting) to an account I create, under my child's name, but still claim taxes under myself.

That way it's just easier for them when they need to quickly take over after death.

Also, tbh Nissan.com is worthless as there are really only two entities in the world who could use it -- Nissan and the family of uzi.

Anyone else will just be violating TM, and so an unusable domain is useless whether it's a 1L.com or what not

And it's unlikely Nissan will try to buy it so there's that too

 

[jberryhill]

And it's unlikely Nissan will try to buy it so there's that too

I don't know why you say that. While I don't know about claims of having spent "millions" on defending the domain name, I do know that a lot of lawyers had worked on this matter for Mr. Nissan on an unpaid basis over the years. There may have been, at one point, a contingent fee arrangement, but the problem with those sorts of things is that the client has to have some fixed threshold at which they would proceed with settlement of the claim. I had been consulted on the case back in around 2004 or thereabouts, and was told by lawyers burning up their own time that Mr. Nissan had turned down considerable offers at that time.

There are, in the domain community, quite a few individuals who make elaborate boasts about turning down offers and holding out for "top dollar". To hear one popular story re-told occasionally by one such individual is entertaining, since the numbers get bigger every time he tells it. More often than not, the other side eventually decides they've had enough, walks away, and doesn't come back. That's fine if your idea of "winning" is simply irritating others until they want nothing to do with you.

 

[MadAboutDomains]

Also, tbh Nissan.com is worthless as there are really only two entities in the world who could use it -- Nissan and the family of uzi.

Or another person with the name Nissan, surname or forename or existing IP.

 

[Jv1999]

Or another person with the name Nissan, surname or forename or existing IP.

Why? So they can spend millions on another Nissan lawsuit?

A new registrant triggers Nissan's ability to fight again.

It's a liability rather than an asset. If u know you'll likely be sued if you get this asset for your business, why even do it?

Surely the marketing benefits can't outweigh a super lawsuit + media coverage that's potentially detrimental

 

[jberryhill]

Why? So they can spend millions on another Nissan lawsuit?

A lot of people don't know what the actual outcome of the litigation was. Uzi Nissan was enjoined against using the domain name for a variety of purposes.

A new registrant triggers Nissan's ability to fight again.

Actually, any new use of the domain name can trigger that as well. That's why nobody talks about what the domain name actually did for all of the years after the auto company walked away and didn't come back. It had a token page purporting to sell an outdated DOS computer system, and most of the rest of the content was about the legal fight itself. Certainly, the only thing the domain name ever did for Uzi Nissan was cost a lot of money. The auto company made 221.9 billion yen in 2022.

It turns out that a lot of folks don't buy cars from manufacturer websites. They buy them from local dealers. A website provides useful advertising and information, but it's not as if people buy BMWs at BMW.com. It's not an ecommerce business.

But, I get it. Domainers are forever going to be in awe of the fact that he (a) had a fortuitous surname and (b) held onto a domain name that cost him a pile of money to defend. Neither of those accomplishments are generally useful for domainers, but it's always refreshing to see someone willing to burn money.

 

[bmugford]

I just noticed that GKG.net (the registrar) has a recent ICANN breach notice.

It is possible that they could be de-accredited. I wonder how that might effect the ongoing court case.


22 September 2023: ICANN Sends Notice of Breach to Registrar (GKG․NET, INC․ (IANA #93))

Please be advised that as of 22 September 2023, GKG.NET, INC. (“GKG.NET” or “Registrar”) is in breach of its 2013 Registrar Accreditation Agreement with the Internet Corporation for Assigned Names and Numbers (“ICANN”) dated 28 July 2020 (“RAA”).

This breach results from:

1. GKG.NET’s failure to comply with the Uniform Domain-Name Dispute-Resolution Policy(“UDRP”) and the Rules for Uniform Domain-Name Dispute-Resolution Policy (the “Rules”), as required by Section 3.8 of the RAA;

2. GKG.NET’s failure to, upon reasonable notice, provide to ICANN records related to the receipt of and response to abuse reports, as required by Section 3.18.3 of the RAA; and

3. GKG.GET’s failure to pay past due accreditation fees, as required by Section 3.9 of the RAA. Please refer to the attachment for details regarding this Notice of Breach

Additional Concerns ICANN notes that during the complaint process:

a) GKG.NET routinely does not respond to ICANN inquiries and notices, or if GKG.NET responds, its responses are often untimely and incomplete;

b) ICANN Contractual Compliance is not able to contact GKG.NET via telephone during the Registrar’s business hours. Further, the telelephone number of the Primary Contact on file with ICANN appears to be inaccurate.

2GKG.NET has additionally failed to respond to ICANN’s multiple requests in the compliance case 01141415. Due to GKG.NET’s failure to provide the information, data and records ICANN requested under 3.4.3 of the RAA for these cases, ICANN has been able to assess GKG.NET’s compliance with the applicable requirements in the RAA and the Expired Domain Deletion Policy (“EDDP”).

 

[MadAboutDomains]

a) GKG.NET routinely does not respond to ICANN inquiries and notices, or if GKG.NET responds, its responses are often untimely and incomplete;

I contacted ICANN once. They didn't get back to me. I'm sure they're working on it...

 

[namegulf]

Atleast the domain is now renewed until 2029, it's not resolving to any site, WHOIS pointing to GKG as registrar!

 

[Qc4]

Uzi Nissan also owned Digest.com. The court document makes a brief mention that Digest.com was stolen as well. However, it is now listed for sale by Brent Oxley. Did the thief sell it to him? Does he know it was stolen?

 

[Samer]

You can always check the docket for the most recent filings.

https://www.courtlistener.com/docket/67529655/estate-of-uzi-nissan-v-nissancom/

Bookmarked! Somebody needs to write a book about it.

 

[namegulf]

Bookmarked! Somebody needs to write a book about it.

and then a movie?