
EasyDNS threatened with criminal complaint if client data not disclosed - StuntPope
https://easydns.com/blog/2019/09/16/fechner-law-of-germany-threatens-to-bring-criminal-complaint-for-shielding-client-privacy/
======
cj
I've been harrassed by law firms in connection with photograph copyright
claims.

In my case it was a law firm in France who also had a presence in the US.

It was a minor claim (they demanded $500). We took the image down immediately,
but they continued to demand their cash "settlement" with multiple letters
over a year (1 letter every 1-2 months, each one with increasingly aggressive
wording).

I eventually got on the phone with the person sending the letters, and turns
out they weren't licensed to practice law (in any jurisdiction). I pointed out
that it's illegal to misrepresent yourself as an attorney. They hung up and I
never received another letter after that.

Good on EasyDNS for refusing to turn over customer data. If they did, I assume
their customer would be harassed in a similar manner.

~~~
ransom1538
Basic company idea.

0) Purchase office in East Texas.

1) Hire a few young lawyers (having difficulty finding work),

2) scan for companies that have 1 round of series A funding,

3) scan their website for any off domain image,

4) scan their website for any SMS sending,

5) if anything is found - send scary overnight letters demanding 4-5k

The worst thing that you can do to THIS business idea is to take the letter
and throw it into the trash. Make them show up in court in East Texas.

~~~
n8henry
Can you elaborate on the SMS sending?

~~~
blackflame7000
It is a TCPA violation to SMS message people without first getting their
permission. Fines are approximately $1500 per text.

------
nickodell
EasyDNS's Plain English Terms of Service make them seem like a really
unprofessional company:

>We are NOT a DDoS Mitigation Service. [...] If you come on this system
knowingly bringing a DDoS on your heels we shut down service (we may also
wildcard your DNS to localhost and set the TTL on your zone out to a year.
You’ve been warned).

or

>Guilt-by-Association: not only do we terminate any domains or websites which
violate our policies, we ferret out every other domain you have on the system
under different names, accounts, etc and we terminate those too (don’t worry,
we can tell). There is no appeal.

I'm not looking for a DNS provider, because I'm perfectly happy with my
current one, but sheesh.

~~~
crusso
It's unprofessional to let prospective customers know that EasyDNS is not a
company that specializes in handling DDOS, so just keep looking for a company
that can help you out? Seems refreshingly honest to me. And as a customer of
theirs, I appreciate that they're looking to protect the infrastructure that I
rely upon.

Regarding that second part; if you do any kind of online service provision
like EasyDNS, you'll quickly realize that the scammers are legion. EasyDNS is
giving fair warning to anyone who thinks that they can just burn domain after
domain on spamming or other disreputable ventures. EasyDNS won't allow its
infrastructure to participate in scams.

These guys are extraordinarily ethical and professional.

~~~
FDSGSG
> we may also wildcard your DNS to localhost and set the TTL on your zone out
> to a year. You’ve been warned

No, this is simply indefensible. There's simply _no way_ you could ever excuse
this.

Suspending a customer domain is OK, this is not.

~~~
wstuartcl
I read it as tongue in cheek (to emphasize DO NOT DROP YOUR ACTIVE DDOS ON OUR
SERVERS) and not something they actually would execute. Has anyone ever seen
them do anything like this?

~~~
smnrchrds
You are much braver than me. I do not dare read a contract (or the explanation
of one) as tongue in cheek.

------
bonjurkes
The letter mentions the client's name as Mr. Niemela, upon some Googling you
can see that he sued Google and some other companies to remove his online
presence and some news about him. So it looks like it's just usual practice
for him & his law firm.

(This info wasn't redacted so I assume it's safe to mention it here)

~~~
deogeo
> (This info wasn't redacted so I assume it's safe to mention it here)

By redacted, I assume you're referring to the EU right to be forgotten? Surely
that's not so broad as to forbid the mention of information suppressed by it?
The BBC even publishes lists of articles removed from Google via that right:
[https://www.bbc.com/news/technology-29658085](https://www.bbc.com/news/technology-29658085)

~~~
bonjurkes
I meant the letter published on the article link shows the client's name,
without any redaction even thou some other info is redacted. That's why I
assumed it's safe to mention client's name here.

------
otterley
Attorney here! (Not legal advice, consult a licensed attorney in your
jurisdiction.)

Don't get me wrong, but easyDNS may be jumping hastily to conclusions. In many
countries, soliciting business there makes you subject to its jurisdiction and
laws, regardless of where your business is based.

I don't know German law, but I hope that easyDNS consulted their own attorneys
on the subject before publishing this post, or they could potentially end up
quite embarrassed.

~~~
manfredo
So any DNS registrar that registers sites accessible in Saudi Arabia is
subject to its blasphemy laws?

Without any presence in foreign countries, the most the foreign country can do
is block the offending website or infrastructure provider. I guess they could
also request extradition, but most countries only extradite citizens if what
they did was also illegal in the home country.

~~~
hyperman1
Well no. There was one case where the USA couldn't reach a company in another
country, so the next time an employee came on holiday to the USA, he was
thrown in jail. Don't remember the details, unfortunately.

~~~
OatMilkLatte
[https://en.wikipedia.org/wiki/United_States_v._Elcom_Ltd](https://en.wikipedia.org/wiki/United_States_v._Elcom_Ltd).

------
giancarlostoro
This is a pretty serious issue if they were to get away with it, although I'm
not sure about how legal precedents work in Germany, but regardless holding a
domain registrar liable for what the domain itself distributes seems absurd.
It's like suing a city for giving land legally to someone who started a drug
smuggling operation under that land as if the city knew the intent.

~~~
ethagnawl
Germany has some surprisingly regressive (IMO) laws about the internet,
copyright, etc. See: [https://teleread.org/2018/03/03/project-gutenberg-
blocks-ger...](https://teleread.org/2018/03/03/project-gutenberg-blocks-
german-users-after-court-rules-in-favor-of-holtzbrinck-subsidiary/)

~~~
GhettoMaestro
Is this a limited case? In general I've heard that Berlin is pretty happening
place for privacy activists these days. Kinda makes me scratch my head to read
this.

~~~
johnnyfaehell
Germany is very privacy positive. Majority of the weird internet laws
generally come around because of the countries privacy laws. That is why it's
got a big privacy activist scene. And that case seems basic Copyright, where
in Germany the work is still copyrighted so the copyright owner went to court
to enforce it. This seems pretty standard and expected.

------
geggam
This is a good reason to host your site in one country, use a registrar from
another, and live in yet another.

The most trivial lawsuit will require an international lawyer creating a
threshold most significant.

~~~
bluejekyll
I'm not a lawyer, but doesn't this potentially open you up to a lawsuit from
any of those countries?

~~~
geggam
Of course, so do your research before choosing countries.

------
HenryBemis
This reminds me the PirateBay letters requesting takedowns. Lawyers bullying
people across national borders. Sheer stupidity.

I have a cousin, musician, when he finds his music on various pirating
websites he emails politely asking them to please help him make a living by
removing the link. No empty threats, no bullying. 99% they remove the links
within 24h.

------
TheSpiceIsLife
Why would EasyDNS even write about this?

I was under the impression that businesses not infrequently receive
threatening letters from legal firms, and that a non-trivial portion of these
can’t be acted upon as they don’t follow establish legal norms.

I was also under the impression that only the public prosecutor can charge
someone with a criminal offence?

~~~
luckylion
> I was also under the impression that only the public prosecutor can charge
> someone with a criminal offence?

Iirc: the way it works in Germany is that they'd file a criminal complaint,
the public prosecutor tries to get the data from the companies / will get a
court order to get the data, and the original lawyer will be able to view the
information as a joint plaintiff. This was very popular when file sharing was
a thing in Germany: the prosecutors would investigate for copyright
infringement to get the customer data for a certain IP from the ISP. The
lawyers would then initiate civil proceedings and claim large damages.

------
crusso
I've used EasyDNS for many years now. They never spam me. They always provide
knowledgeable responses to my inquiries. Their online tools have always been
simple and worked well. I would recommend EasyDNS to anyone who is looking for
no-nonsense DNS hosting.

~~~
jhgorrell
I have been using them for my personal DNS for years - Been happy with them as
well.

------
datenwolf
IANAL, but here's my assessment on this:

First and foremost, as far as I know, a registrar disclosing customer data
without a warrant would violate the law in Germany as well. For `.de`-Domains
the holder information _used_ to be publicly available, at the dismay of
privacy activists; in the same way the ICANN wanted the same. Then GDPR came
and pretty much put a legally binding end to this.

And it comes down to this: Under GDPR such customer information enjoys strong
protection. A lawyer has no more rights to that information than any other
party who's not tasked with enforcing the law.

The intention of this letter is to gain information about the EasyDNS
customer, so that this customer can be sent a cease and desist, which due to
some lack in German C&D law can carry a hefty fee.

Inside Germany a whole range of law firms specialized on actively searching
for unlawful behavior and sending out C&D en masse. A common practice among
these firms is to scrape BitTorrent trackers for peer IPs + timestamps (or to
actually manufacture them), bundling them all up in a criminal complaint so
that ISPs must deliver to the state attorney the names of the customers these
IP addresses were assigned to at the given time. However instead of pressing
charges they will then drop the case, and instead send C&D letters to those
people.

The lawyers who operate that way have become known as "Abmahnanwalt"

The lawyer who send this letter is Robert Fechner. And lo and behold: Robert
Fechner is known to be such an Abmahnanwalt:

[https://www.google.com/search?q=abmahnanwalt+fechner](https://www.google.com/search?q=abmahnanwalt+fechner)

~~~
kardos
Do you have an approximate translation of Abmahnanwalt? Google translate punts
on it

~~~
severine
Internet seems to call it "cease and desist lawyer".

 _(In short an 'Abmahnanwalt' is a lawyer who admonishes you for breaking
certain rules and who can charge you for the service... quite close to
'Abschaum' in German dictionaries, as the basic idea may not really that bad,
but it is heavily misused by some)_

Source:
[https://www.dpreview.com/forums/thread/4060159](https://www.dpreview.com/forums/thread/4060159)

------
z3j4e
@easyDNS: Is that an old ongoing case? Everywhere in the document they're
using 2016.

It seems quite funny that they started that in 2016 and using a judgment from
2017 in 2019...

------
the-dude
What is a _criminal complaint_ ? This looks distinctly like a _civil_ matter
to me.

~~~
sjagoe
It's a complaint that is itself criminal.

------
gumby
> It’s almost as if Herr Fechner doesn’t understand that Canada is a
> completely different country than Germany

Or that Herr Fechner knows that a nastygram like this will please his customer
who can be billed for writing, translating and sending it.

------
1000units
Hopefully Herr Fechner loses his license to practice law in Germany. From what
I see here, he is an unethical and incompetent attorney and a disgrace to the
profession.

RE: Herr Fechner of Fechner Law in Germany

~~~
kd3
His letter almost made me want to sieg heil.

~~~
dang
Please don't do this here.

------
codela49121
Is this the lawyer that made the legal threat? [https://www.fechner-
legal.de/en/robert-fechner/](https://www.fechner-legal.de/en/robert-fechner/)

Looks like copyright harassment cases is one of their specialities.
[https://www.fechner-legal.de/en/copyright-law/](https://www.fechner-
legal.de/en/copyright-law/)

------
Mathnerd314
The response reminds me of some of the Pirate Bay's responses:
[https://beebulletin.com/hilarious-pirate-bay-legal-
responses...](https://beebulletin.com/hilarious-pirate-bay-legal-responses/)
The tone is pretty much inviting a judge to impose a hefty fine for
noncompliance. I'm not saying they're wrong, just that it seems like a risky
stance to take.

~~~
icebraining
Non-compliance with what? Some random lawyer's demand? Wouldn't they have to
get the court to make that demand in the first place?

------
tpmx
Of course it was Germany. The country where a local judge successfully put
de.wikipedia.org offline for a couple of days because of a single article.

[https://en.wikipedia.org/wiki/Internet_censorship_in_Germany](https://en.wikipedia.org/wiki/Internet_censorship_in_Germany)

------
techntoke
This is why domains are one of the biggest issues when it comes to privacy.
Personally I think users should be open to a small client that resolves
domains locally using IPFS or whatever else is more difficult to censor, or
find a DNS provider that adds TLDs without ICANN.

------
merb
uf the linked judgement is not absolute, which means they threadened with
something that might hold up. but does not need to. the judgement mostly
validated the single case.

the letter/mail is just plain threatening. copyright law in germany is in a
bad state so be aware.

------
aasasd
> German law firm

> to transfer €1,481

Treading dangerous water there. I wonder what the transfer fees are.

------
djsumdog
> I appreciate your alleged concern for your users’ privacy.

Person who wrote this is a dick. They're assuming motives and they also didn't
do any due diligence to realize the registrar isn't under the GDPR or located
in the EU.

This irks me. It feels like if someone discloses a security problem in a
city's bus/train ticketing system and the first response is to go to the
sheriff's department and see if that person can be criminally prosecuted
rather than work with the guy or gal who wants to help you fix your broken
system.

~~~
aeorgnoieang
The EU claims that even companies not located in the EU are still subject to
the GDPR. I don't think the GDPR is applicable in this case tho. It seems
likely to pertain to the EU 'right to be forgotten' law(s).

~~~
wolco
If you are not dealing with an EU entity or an entity in a country with an
agreement with the EU you have no right to be forgotten.

~~~
henryfjordan
Maybe you don't care about following EU law because you don't live there, but
don't plan on breaking the GDPR and then vacationing in France or Italy ever
in your life.

~~~
paulie_a
Because you will get a fine you can ignore?

Eu law is not and will not be applicable to most of the planet.

------
Causality1
I'm not offended by many things but the solipsistic thinking that results in
someone trying to enforce their country's laws on people or entities in
another country is one thing that makes my blood boil.

