This is my first domain-related post since October 2009 and no, I'm not going to regularly blog about domain names again in future. However, this particular issue is quite interesting in that it illustrates how domain investors are taking on a technological risk when buying domain names.
ICANN is investigating whether domain registrars and other companies that have access to domain search data are using these insider information to register desired domains before the individual or business that originally looked the available domain up can buy it. The security committee of ICANN refers to this practice as "domain name front running".
The person or company buying the domain first can then offer it to the originally interested party to make a profit. It has not been proven that domain name front running is actually taking place, but this assumption lets the domain business and especially domain registrars appear in a bad light.
Excerpt from an ICANN Security and Stability Advisory Committee document (PDF) on domain name front running:
This Advisory considers the opportunity for a party with some form of insider information to track an Internet user’s preference for registering a domain name and preemptively register that name. SSAC likens this activity to front running in stock and commodities markets and calls this behavior domain name front running. In the domain name industry, insider information would be information gathered from the monitoring of one or more attempts by an Internet user to check the availability of a domain name.
SSAC does not yet have any hard data to draw conclusions regarding the frequency (if any) of the occurrence of domain name front running. We do know that Internet users have filed complaints of suspected domain name front running incidents with registrars and ICANN. Some complainants offer (pre- and post-incident) WHOIS query results to support their claim. These data alone are often insufficient to determine whether the domain name was preemptively registered, how the data used to preemptively register this particular domain name were acquired, or whether this was an intentional or coincidental act.
SSAC also lists possible methods of identifying domains of interest, such as third-party whois client applications, third-party whois services, unauthorized executables (trojans, viruses, etc.) and DNS operators. Domain registrars and registries also have access to domain search data, because they perform domain availability checks on behalf of registrants.
Personally, I haven't experienced any incidences of domain name front running, but I find it quite disturbing that insider domain registration might be taking place. In fact, I believe it is likely that there are domain front runners profiting from other people's domain availability checks, because it is well-known that domains have become valuable assets that can be resold for a quick profit and domain front running is a quite unknown practice that is difficult to monitor.
On the other hand, in many cases it might just have been a coincidence that a checked domain was registered by another person shortly after the availability check. There are thousands of people searching for available domains every day and it is quite possible that there are people looking up the same domain name.
I don't believe domain registrars and registries are performing domain front running. But to play it safe it should be a good idea to not use whois services operated by people or companies you don't know, small domain registrars or software from untrusted parties for your domain availability checks.