Shares of VeriSign ( VRSN) crumbled Wednesday following a report that the domain-name registrar is being investigated by the Federal Trade Commission. Shares of VeriSign declined 87 cents, or 13.7%, to $5.51 in recent trading. The New York Times reported Wednesday morning that the FTC is investigating the marketing practices of VeriSign, which already are the subject of lawsuits filed by rivals against the Mountain View, Calif., company. "We are confirming the FTC's investigation into the marketing practices of VeriSign," FTC spokesman Derrick Rill said Wednesday. Rill refused to comment further. VeriSign said it is cooperating with the investigation. "We've been asked by the FTC not to comment on their request for information regarding our marketing activities in the domain-name business," said company spokesman Brian O'Shaughnessy. Michael Palage, chairman of the Icann Registrar Constituency, said the marketing practices that are the subject of the VeriSign suits as well as a similar suit involving Tucows and Domain Registry of Canada/Domain Registry of America are just the tip of the iceberg of larger problems with how customer information is acquired and the Whois directory, which provides such domain-name customer information. "The question that people need to ask is, where are the registrars getting the data?" Palage said. "
The Whois directory is not working and it's failing to meet the needs of the many people involved." That includes the registration community, law enforcement, intellectual property owners, and consumer and privacy advocates. "Nobody is happy." Virtually anyone can use a Whois directory to find out the registrar attached to a particular domain name and the domain-name owner's name, physical and email address, and phone number. Using that information for spamming is prohibited, but registrars are required to sell that information to competitors, who are allowed to use it for marketing purposes, said Tom D'Alleva, vice president of marketing at BulkRegister.com, which is one of the companies that has sued VeriSign. In its suit, BulkRegister.com charged that VeriSign targeted its customers with deceptive marketing, using solicitations that looked like expiration notices. Since filing the suit, D'Alleva said BulkRegister has been contacted by the attorneys general of Florida, Minnesota and California, as well as the FTC. In addition to buying customer information, D'Alleva noted that registrars also have the ability to mine customer information and use it without paying because they must share it in order to transfer names among each other. In its suit against VeriSign, rival Go Daddy goes a step further than BulkRegister in charging that VeriSign improperly and illegally obtained customer contact information. Giving competitors widespread access to customer information is laced with problems, industry insiders say. But there is a balancing act because law enforcement also wants such information readily available so it can address problems of fraud. Congress held hearings on the matter earlier this year and registrars will be meeting with the FTC next month to talk more about fixing the Whois directory.