Nick Bolton explains why he took Supreme Court action against au Domain Administration Ltd (auDA)
Australian Style CEO, Nick Bolton was wearing his favourite light-grey silk suit in the Supreme Court in Melbourne this week.
His youthful appearance, and fashionably unkempt shoulder-length hairstyle was in stark contrast to the silver grey, conservatively cut locks of his chief protagonist at the au Domain Administration Ltd - Chris Disspain.
The court action stems, of course, from auDA’s decision earlier this year to strip Bolton of the accreditation he has for one of his four domain name registrar businesses – Bottle.
auDA’s action followed advice from the Australian Federal Police that it was investigating a security incident at Bottle which saw a 22 year old Perth man charged with ‘dishonestly dealing in personal financial information.
But surprisingly, auDA cited a previously unknown 2007 security incident as the reason for its decision to strip Bottle of its accreditation. Bottle hadn’t disclosed that incident to auDA at the time, and so had, allegedly, breached its auDA accreditation agreement.
However Bolton is arguing the 2007 incident wasn’t, in fact, a security breach, and so there has been no breach of its auDA agreement.
“Like any popular domain name registrar, we’re often finding people trying to test our security” he told eCommerce Report.
“Back in 2007 there was a separate incident with another Registrar that demonstrated a vulnerability in our system; which we fixed as soon as we were advised about it. The issue at hand, is at the time we did not consider this matter to be a security breach, and subsequently did not notify auDA.”
“Under the Registrar licensing agreement a security breach in itself, is not a breach of agreement with auDA. The agreement just requires you notify them. And that's exactly what we did as soon as we became aware of the reported 2009 breach which the AFP is investigating.”
As we reported last week, the 22 year old man charged with having carried out the 2009 Bottle security breach was recently convicted in the Perth magistrates court.
But his sentence was remarkably light. He wasn’t fined, had to pay only $150 in court costs and was put on a 12 month good behaviour bond.
The light sentence seems odd given the apparent seriousness of the crime, where the entire Bottle customer database of some 60,000 records,
many complete with credit-card details, appeared to have been stolen.
But it isn’t known for certain if the Perth magistrates court was provided with definitive evidence about how the 22 year old programmer,
who had been working for Perth based registrar AustDomains, back in 2007, came into possession of the file.
Nor is it known whether it has been proven that the records he tried to sell on a hacker web-site were, in fact, Bottle’s customer records.
In any event, Bolton’s determination to contest auDA’s action in the Supreme Court has once again put the Australian domain name industry regulator in the hot seat, and facing questions about its practices, policies and people.
Certainly Bolton appears to believe that Disspain has some sort of personal animosity towards him.
The Court was told that Disspain had, in remarks made to a former auDA director, disparaged Boltons suitability to sit on the auDA board.
For the record, nevertheless, Disspain told the Court he had no recollection of the comment or the conversation.
The 4 day trial was due to conclude as this issue went to press with the presiding Justice Hargreaves, expected to reserve his decision until a later date.
For more information go to
www.auda.org.au
www.bottle.com.au
Share this article?
Use these links to share this story with friends via social bookmarking sites.
| 
