JotForm.com has been suspended by Godaddy for more than 24 hours now. They have disabled the DNS without any prior notice or request. They have told us the domain name was suspended as part of an ongoing law enforcement investigation. In order to resolve the issue, they asked us to contact the officer in charge at U. S. Secret Service.
When I contacted the Secret Service, the agent told me she is busy and she asked for my phone number, and told me they will get back to me within this week. I told them we are a web service with hundreds of thousands of users, so this is a matter of urgency, and we are ready to cooperate fully. I was ready to shutdown any form they request and provide any information we have about the user. Unfortunately, she told me she needs to look at the case which she can do in a few days. I called her many times again to check about the case, but she seems to be getting irritated with me. At this point, we are waiting for them to look into our case.
Our guess is that this is probably about a phishing form. We take phishing very seriously. Our Bayesian phishing filter has suspended 65.000 accounts last year. We have been training it for many years, so it can detect phishing forms with great accuracy. We also take any reports about phishing very seriously and quickly suspend the accounts and let the other party know about it. By the way, we are also very serious about false positives. If we suspend an account accidentally, we will quickly resolve the issue, and apologize.
I believe this can happen to anybody who allows users to create content on the web. So, if you have such business, my recommendation would be to make sure that you can contact your most active users quickly if your domain is disabled. Many of our users are shocked and angry at us. But, many also thanked us for quickly letting them know about the issue by email and providing instructions to continue operating their forms. Since DNS propagation takes some time, many active users were able to switch their forms to the new domain before it went down. We still have not contacted all users, we are sending emails most active users first.
Next, you need to spend 100% of your time raising hell about this. This story has all of the marks of stuff the tech press loves to eat up.
#1 Godaddy is run by a bunch of assholes who walk all over their customers rights.
#2 The secret service is still full of a bunch of buffoons. These are the same guys that raided a roleplaying game company because they couldn't tell the difference between an imaginary game and a hacker manual. I'm sure the press would like to answer the question, are they still hiring FBI rejects?
You have to turn this story the other way around. You can make jotform a name people remember.
I've used jotform myself for quite some time (2 years or close to it?) It is a great service. Obviously you were doing nothing illegal, and were going to great lengths to stop the bad guys. Thats a news story everyone wants to hear.
Personally I think you made a horribly stupid decision to use GoDaddy, but it is what it is. Sounds like you need to launch a PR campaign about this.
Tell your customers to call the agent in charge. Tell your users to call GoDaddy to complain.
Put up a web page with a running ticker of how many people are getting their service interrupted because of this. Tell the world who is sitting on their hands while your business collapses. Call news stations. Put up a youtube video. Shine a light on this, don't just sit there hoping for an agent to give a crap.
Make this shit a bigger deal that the government and GoDaddy have made it. GoDaddy doesn't give a shit about your domain or your business. Make them give a shit. The agent in question couldn't care less about your troubles, their full time work is about making someone (hopefully the right person) miserable. You are just one more such person in the big stack. Make that agent give a shit.
Solution (2) - get a lawyer and prepare to sue for lack of due process.
If that delay is longer than it usually takes for an abuse report to come in, and for it to be acted on, then it would prevent phishers from getting any data before the page is taken down. Maybe just do this for free users?
It's comparable to trying to stop spam in forums/blogs by disabling url's in posts. Usually you'll get the same number of spam posts, but the url's will be plain text.
You provide an excellent service. Keep up the good work!
We are taught not to bully but this is exactly what the U.S. Gov't is doing. Mixed messages?
Oh.. and don't register the domains at Godaddy.
The registry of .me, doMEn, is a joint venture between Godaddy and two other companies.
I'm just glad I haven't done business with you.