Founder of JotForm here. I’d like to thank you all for your sympathy.
JotForm.com has been suspended by Godaddy for more than 24 hours now. They have disabled the DNS without any prior notice or request. They have told us the domain name was suspended as part of an ongoing law enforcement investigation. In order to resolve the issue, they asked us to contact the officer in charge at U. S. Secret Service.
When I contacted the Secret Service, the agent told me she is busy and she asked for my phone number, and told me they will get back to me within this week. I told them we are a web service with hundreds of thousands of users, so this is a matter of urgency, and we are ready to cooperate fully. I was ready to shutdown any form they request and provide any information we have about the user. Unfortunately, she told me she needs to look at the case which she can do in a few days. I called her many times again to check about the case, but she seems to be getting irritated with me. At this point, we are waiting for them to look into our case.
Our guess is that this is probably about a phishing form. We take phishing very seriously. Our Bayesian phishing filter has suspended 65.000 accounts last year. We have been training it for many years, so it can detect phishing forms with great accuracy. We also take any reports about phishing very seriously and quickly suspend the accounts and let the other party know about it. By the way, we are also very serious about false positives. If we suspend an account accidentally, we will quickly resolve the issue, and apologize.
I believe this can happen to anybody who allows users to create content on the web. So, if you have such business, my recommendation would be to make sure that you can contact your most active users quickly if your domain is disabled. Many of our users are shocked and angry at us. But, many also thanked us for quickly letting them know about the issue by email and providing instructions to continue operating their forms. Since DNS propagation takes some time, many active users were able to switch their forms to the new domain before it went down. We still have not contacted all users, we are sending emails most active users first.
What if you give us the phone number of the agent in question?
Personally I think you made a horribly stupid decision to use GoDaddy, but it is what it is. Sounds like you need to launch a PR campaign about this.
Tell your customers to call the agent in charge. Tell your users to call GoDaddy to complain.
Put up a web page with a running ticker of how many people are getting their service interrupted because of this. Tell the world who is sitting on their hands while your business collapses. Call news stations. Put up a youtube video. Shine a light on this, don't just sit there hoping for an agent to give a crap.
Make this shit a bigger deal that the government and GoDaddy have made it. GoDaddy doesn't give a shit about your domain or your business. Make them give a shit. The agent in question couldn't care less about your troubles, their full time work is about making someone (hopefully the right person) miserable. You are just one more such person in the big stack. Make that agent give a shit.
Whats happening to you is an absurd abuse of power. Call the EFF, get a good lawyer, and get in front of a judge as soon as possible. Call your senator, your representative, and the local media. Don't annoy the secret service agent who is destroying your business because it likely won't help.
Yeah, you need an experienced lawyer and you need to go after GoDaddy immediately. They are at fault here. The terms of any user agreement may be invalid.
Next, you need to spend 100% of your time raising hell about this. This story has all of the marks of stuff the tech press loves to eat up.
#1 Godaddy is run by a bunch of assholes who walk all over their customers rights.
#2 The secret service is still full of a bunch of buffoons. These are the same guys that raided a roleplaying game company because they couldn't tell the difference between an imaginary game and a hacker manual. I'm sure the press would like to answer the question, are they still hiring FBI rejects?
You have to turn this story the other way around. You can make jotform a name people remember.
I've used jotform myself for quite some time (2 years or close to it?) It is a great service. Obviously you were doing nothing illegal, and were going to great lengths to stop the bad guys. Thats a news story everyone wants to hear.
I don't know much about your defences, but a good way of making your site less attractive to phishers might be to put an artificial delay inbetween when a form is submitted and when the owner can get access to the submitted data.
If that delay is longer than it usually takes for an abuse report to come in, and for it to be acted on, then it would prevent phishers from getting any data before the page is taken down. Maybe just do this for free users?
Although this might prevent (a bit) that the phishers get the actual data and hence protect the victims, I am pretty sure that it won't cause any drop in phishing attempts. However for the legitimate users it will probably have a huge negative impact.
It's comparable to trying to stop spam in forums/blogs by disabling url's in posts. Usually you'll get the same number of spam posts, but the url's will be plain text.
Uh... I feel sorry for you guys getting abused like this, but.... Godaddy? You had know you were putting your business at risk using this company. Did you save enough money to make it worth going out of business?
This is complete bullcrap! From everything I've read, Jotform polices itself and actively tries to remove illegal material. This is EXACTLY what Google does. However, you don't see Big Brother going after Google just because they did a search on child porn and some hits came up.
We are taught not to bully but this is exactly what the U.S. Gov't is doing. Mixed messages?