X

JotForm says domain suspended by feds

Company that hosts user-generated forms has domain disabled and is told to call the Secret Service.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
See full bio
Elinor Mills
4 min read
JotForm was scrambling to help customers switch their Web forms to a new domain after its domain was disabled at the request of the Secret Service.
JotForm was scrambling to help customers switch their Web forms to a new domain after its domain was disabled yesterday at the request of the Secret Service.

JotForm, a service that lets people create forms on the Web, has been suspended by the U.S. Secret Service as a result of content a user posted online, according to the co-founder of the company that created JotForm.

But by this afternoon there were signs that the matter was being corrected, Aytekin Tank, who co-founded JotForm creator Interlogy Internet Technology, told CNET.

"Although it is still not propagated, our DNS (Domain Name System) for Jotform.com started pointing back to the correct names. They have not notified us but it looks like they might have lifted the suspension," Tank said in an e-mail. "We will probably never find out the reason for the suspension. It has been a very difficult two days for both our users and for us. So, I hope this is the end."

Secret Service spokesman Ed Donovan told CNET that he could not comment beyond providing this statement: "We are aware of the incident and we're reviewing it internally to make sure all the proper procedures and protocols were followed."

Problems started yesterday when Go Daddy, which hosts the company's domain, disabled JotForm.com without warning, citing an ongoing law enforcement investigation. Go Daddy told Tank to contact the U.S. Secret Service, and an agent there told him she would get back to him.

"I told them we are a Web service with hundreds of thousands of users, so this is a matter of urgency, and we are ready to cooperate fully. I was ready to shut down any form they request and provide any information we have about the user. Unfortunately, she told me she needs to look at the case which she can do in a few days," Tank wrote in a post today in a Hacker News forum. "I called her many times again to check about the case, but she seems to be getting irritated with me. At this point, we are waiting for them to look into our case.

"Our guess is that this is probably about a phishing form. We take phishing very seriously. Our Bayesian phishing filter has suspended 65.000 accounts last year," he wrote. "I believe this can happen to anybody who allows users to create content on the Web."

Meanwhile, the JotForm.com name server record has been changed to: "NS1.SUSPENDED-FOR.SPAM-AND-ABUSE.COM," reports Domain Name Wire.

Related stories

A Go Daddy spokesman told CNET that he couldn't comment on the specific case beyond providing a statement from Ben Butler, network abuse director at the company.

"Because of our privacy policy, we can't disclose the specifics of our actions with respect to our customers' accounts. But, we can tell you in general terms, at the specific request of law enforcement, Go Daddy sometimes takes action to prevent further harm being caused by a Web site hosted on our servers. This would include things like sites engaged in phishing, malware installation, securities fraud, and so on," the statement said. "Unless such request is the subject of a criminal investigation that is required, under statute, to be treated confidentially, Go Daddy promptly notifies its customers of any action taken, and provides the contact information of the law enforcement agency involved. This gives customers an opportunity to address their concerns directly with the agency in question. Our standard policy was followed in the case you mentioned."

Tank said he is scrambling to notify customers and help them with workarounds.

Many JotForm users were "shocked and angry," he said, adding that others appreciated being notified quickly. "Since DNS (Domain Name System) propagation takes some time, many active users were able to switch their forms to the new domain before it went down. We still have not contacted all users, we are sending e-mails most active users first."

JotForm notified customers about the problem in an e-mail and recommended they change their domain on their forms from "Jotform.com" to "Jotform.me."

The company also has moved its domains to NameCheap and Hover, Tank wrote in a blog post on the company site.

In an update to that post, Tank writes: "Many people on the comments assumed the content was posted by us. This can happen to any site that allows public to post content. SOPA (Stop Online Piracy Act) may not have passed, but what happened shows that it is already being practiced. All they have to do is to ask Go Daddy to take a site down."

JotForm has 2 million user-generated forms, which makes it impossible for the company to manually review them all, according to Tank.

Under the Digital Millennium Copyright Act, sites like YouTube and Facebook that are service providers are not liable for content their users post that may violate copyright or face other objections. It's unclear why the case of JotForm, which would seem to fit the description of service provider, was handled this way.

Updated 5:06 p.m. PT: with Go Daddy statement to CNET.