The Registrar Privacy/Trust Issue…Who Has Access to That Info & What They Can Do With It??

Morning Folks!!


This is no way to end a year nor way to start a new one. But not my choice. It has been lingering for 2 weeks now and this is very difficult as I know everyone involved.


As I stated in the earlier post, this does not directly involve me but if Privacy and Trust is something important to you, than you might want to pay attention. These are the facts as I know them.


This is an unfortunate event that cannot be swept under the rug and ignored even though it should have been told 2 weeks ago when it happened by the company involved and not me. I agreed to hold this until December 31 which was against my better judgement and I am truly disappointed this is now in my lap.


If you don’t want to know the facts or want to shoot the messenger, just don’t read any further because there is nothing pleasurable ahead and no matter which side you may eventually come down on, you will have a sick feeling in the pit of your stomach.


I wish the folks at Moniker/Oversee were writing this and not me. I was under the impression they would and do it before today. I urged them in the strongest way I know. But they knew if they did not step up, others would and the story would be made public. This is the story they have failed to tell you and of course I only know some of the details. As a customer from the earliest days, I am not happy to see this.


This involves a domain under privacy, the customer that owned that domain, and the employee that works for the registrar that misused that info by contacting the employer of this customer. Got that?


Then we have an employee of Moniker who not only looked at protected info, but took it a step or two further as you will read below.


Now none of this would have come out had an email not been sent to the domainer's employer from this employee of Moniker about this person I know VERY well who owned a certain domain name under privacy. The motivation is the name of this Moniker Employee with “Sucks.com” on the end.


It gets more complicated because the email sent from the info the Moniker employee obtained was less than flattering towards this person. It brings up all types of issues, legal and otherwise whether we want to bring them up or not. You can stop reading whenever you like.


I know about it because this domainer called me very upset on Saturday December 18th wanting to know what I thought. I was pretty shocked to hear the details and could understand why he would be so upset. One question would lead to another and another. That was before I even knew who was involved. It was a jaw dropping conversation and in all the years I have known this domainer, I have never even seen him aggravated. 2 weeks later he is still angry.


On the 18th I got a copy of the email this domainer sent to Craig Snyder and Jeff Kupietsky. In part:


'A Moniker employee was in my account, saw a name that they had an issue with (which was on Moniker Privacy). The employee then decided to email a major player in the industry, who is a Moniker client, and who is also my current employer. The email the Moniker employee sent was malicious, attacking me and my character for owning this name.'


On Wednesday morning December 22nd I get a call from the domainers employer and he conferences me into a call with Craig Snyder of Moniker. The new GM now that Monte had left earlier in the month. That was the first time I became officially involved.


There is no need to go into details of that 45 minute call other than to say that both the employer and I were surprised and then some to learn the employee still had access to the company and information pending an investigation to find out the facts.


I told Craig that they had an obligation to understand the gravity of what I would term a “Breach” to their customers of which I am one. I was under the impression that he fully understood. But there were deals in the works and he did not want to upset them. I was pretty surprised to learn the employee still had access to Moniker. I told Craig that you would figure the minimum would be to not have that employee have access pending a further investigation of the facts. Facts that were not even in dispute.


To make a long story short, we agreed not to tell the story until the 31st and that they really need to get out in front of it because it should have been made public that day. But it was Christmas week etc. etc. etc. Deals pending. They needed some time. But if there was no statement from them by then we would be compelled to state the facts as we have them and I have not heard them disputed whatsoever. I told Craig it would look much better coming from them and not us. Day after day passed. Not a word.


So this domainer will provide me a time line of the facts that I will be posting. I am sorry to be involved in this, but it is like a hot potato that nobody wants to touch and sweeping it under the rug is not an option. I would have much rather Moniker put out the statement. Their breach, their responsibility. I don’t know what is so difficult about just doing the right thing and doing it timely instead of this? How many meetings do you need and how many days just to do the right thing? Whatever right turns out to be. So here we are. Not even so much as a statement. The burden on others to either make it public or join them in sweeping it under the rug.


This is not good from the look of things and you’ll have to come to your own conclusions. Who has access to what and how can they use and abuse the information?? This question needs to be asked no matter who you are doing business with. In this case they made the fatal mistake of involving several other parties. Then letting it fester for 2 weeks and forcing an uninvolved 3rd party to make it public. More will surely come now that it is in the light of day. So if you don't want to know, then just forget you read this and anything else that may come out.


It is not my job to put out any names. These are the FACTS as I know them. I still would urge Moniker/Oversee to make this 100% transparent because it will come out with them or without them in time.


Regretfully


Rick Schwartz


Here is an email update I just received and verification just received 25 minutes AFTER this post:



Date:

Fri, Dec 31, 2010 11:25 am


'Moniker has learned that one of its employees violated company policy by gaining unauthorized access to customer data for a single domain name registration. The employee has been placed on administrative leave while the company further reviews the matter.


Only one employee and one customer registration were involved. However, unauthorized data access of any kind, no matter how large or small, is an issue taken very seriously by Moniker and by its parent company, Oversee.net, and is being addressed directly.'


Regards,


Mason Cole
Mason Cole

VP Communications & Industry Relations

-----