The Food and Drug Administration announced today that it sent warning letters out regarding about 136 rogue Internet pharmacies. So far, over half of them have been shut down by the domain name registrars.
LegitScript’s review of these websites indicated that most or all are part of a network that goes by the name Rx-Commission. That network, as LegitScript told the Washington Post today, is illegal in several respects: it imports prescription drugs from outside of the United States; it sells prescription drugs without a prescription (including controlled substances, like Xanax and Ambien); and it sells unapproved generic versions of prescription drugs that are patent protected. The drugs are likely, in at least some cases, potential counterfeits.
So what’s the real news story here? It isn’t that the FDA is notifying website registrants; they’ve done that before. It also isn’t in the FDA’s notification of hosting providers (ISP), which is not new. Rather, the interesting thing is this: the FDA chose to notify domain name registrars, which, by our analysis, have shut down over half of the websites in question.
This is important precedent: historically, domain name registrars have encouraged Internet security advocates to look to the ISPs, not the registrars. But it’s the registrars, not the ISPs, that can “freeze” a domain name in the long-term. The principle here is that once registrars are put on notice, they are bound to act; if they do not, they are arguably facilitating illegal activity.