ICANN Transfer Dispute Resolution Policy (TDRP): Complete Guide (2025)

Quick Answer

Table of Contents

What is TDRP?

The Transfer Dispute Resolution Policy (TDRP) is a specialized dispute resolution procedure created by ICANN specifically to handle disputes about improper or unauthorized domain name transfers between registrars.

The Purpose of TDRP

TDRP was designed to address a specific problem: domains being transferred between registrars without proper authorization, whether due to hijacking, registrar mistakes, or fraudulent activity.

TDRP provides:

• Specialized focus - Only handles transfer-related disputes
• Registrar accountability - Can sanction registrars for policy violations
• Fast resolution - 30-45 days from complaint to decision
• Lower cost - $750-$1,500 vs $50,000+ for litigation
• Transfer reversal - Can force domain back to original registrar
• International reach - Works across borders like UDRP

TDRP's Legal Authority

TDRP derives its power from:

1. ICANN policy - All ICANN-accredited registrars must comply
2. Registrar agreements - Contractual obligation to participate in TDRP
3. Transfer Policy - Inter-Registrar Transfer Policy (IRTP) requires TDRP compliance
4. Accreditation requirements - Non-compliance can result in loss of ICANN accreditation

When you transfer a domain, both the losing and gaining registrars are bound by TDRP rules.

When TDRP Was Created

TDRP was adopted by ICANN in 2004 as part of broader reforms to the Inter-Registrar Transfer Policy. It was updated significantly in:

• 2004: Original TDRP policy adopted
• 2009: Revisions to strengthen transfer authorization requirements
• 2016: Updates to improve evidence requirements and timelines
• 2018: Clarifications on registrar obligations and sanctions

TDRP Coverage

TDRP applies to:

✓ All generic top-level domains (gTLDs): .com, .net, .org, .info, .biz ✓ New gTLDs: .app, .dev, .blog, .shop, .tech, etc. ✓ Transfers between ICANN-accredited registrars ✓ Sponsored TLDs that adopt TDRP

Not covered by TDRP:

✗ Most country-code TLDs (.uk, .de, .cn, .au) - have own policies ✗ Trademark disputes (use UDRP instead) ✗ Disputes within the same registrar (internal account transfers) ✗ Content disputes or cybersquatting ✗ Expired domain registrations

TDRP vs UDRP: Understanding the Difference

Many people confuse TDRP and UDRP because both are ICANN dispute resolution policies. However, they address completely different types of disputes.

Key Differences

When to Use Which Policy

Use TDRP when:

• Your domain was transferred without your authorization
• A registrar violated transfer procedures
• Transfer authorization codes were stolen
• Email confirmations were bypassed
• You never approved the transfer
• Registrar made an error in processing transfer

Use UDRP when:

• Someone registered a domain confusingly similar to your trademark
• The domain is being used in bad faith
• Cybersquatting or typosquatting occurred
• Domain infringes your trademark rights
• You want to acquire a domain currently held by someone else

Use both when:

• Your trademarked domain was stolen (TDRP to reverse transfer, UDRP to get it back if TDRP fails)

Can You File Both Simultaneously?

Yes, you can file TDRP and UDRP complaints simultaneously if circumstances warrant:

Example scenario:

1. Your trademarked domain was hijacked and transferred
2. File TDRP to reverse the unauthorized transfer
3. File UDRP to recover domain based on trademark rights
4. If TDRP succeeds, you may withdraw UDRP (domain returned)
5. If TDRP fails, UDRP can still recover domain on trademark grounds

This dual approach provides maximum protection but costs $2,250-$6,500 total.

When to Use TDRP

TDRP is the appropriate remedy when a domain transfer violated ICANN's Inter-Registrar Transfer Policy. Understanding when TDRP applies helps you choose the right dispute resolution path.

Primary TDRP Situations

1. Unauthorized Transfers

The domain was transferred without the registrant's authorization:

• Transfer initiated without registrant knowledge
• Authorization (EPP/auth) code stolen or obtained fraudulently
• Email confirmations forged or bypassed
• Registrar account compromised and transfer initiated
• Transfer completed despite transfer lock being enabled

2. Registrar Policy Violations

The gaining or losing registrar violated ICANN transfer procedures:

• Failed to send proper Form of Authorization (FOA)
• Accepted transfer without proper authorization
• Ignored transfer lock status
• Didn't wait required 5-day confirmation period
• Failed to verify registrant identity adequately
• Processed transfer despite registrant objection

3. Technical or Administrative Errors

Registrar mistakes led to improper transfer:

• Domain transferred to wrong account
• Transfer processed for wrong domain name
• System glitch completed unauthorized transfer
• Customer service error approved invalid transfer
• Expired domain transferred instead of deleted

4. Fraudulent Transfers

Transfer involved fraud or deception:

• Forged authorization documents
• Impersonation of domain owner
• Stolen identity used for transfer
• Phishing attack led to unauthorized transfer
• Social engineering of registrar support

5. Timing Violations

Transfer occurred during restricted periods:

• Within 60 days of registration (transfers supposed to be locked)
• Within 60 days of previous transfer (ICANN 60-day lock)
• During redemption grace period
• While domain was locked for non-payment

When TDRP Will NOT Help

TDRP is not the right tool for:

✗ Trademark disputes - Use UDRP ✗ Expired domains - Once domain expires, transfer rules change ✗ Authorized transfers you regret - Can't use TDRP to reverse legitimate transfers ✗ Content disputes - TDRP doesn't address what's hosted on the domain ✗ Price disputes - Disagreements about transfer or renewal fees ✗ Registrar service quality - General complaints about registrar service ✗ Domain parking or monetization - Issues with how domain is used ✗ Transfers within same registrar - Internal account moves aren't inter-registrar transfers

Prerequisites for Filing TDRP

Before filing TDRP, you should:

1. Attempt registrar resolution first - Contact both registrars' abuse teams
2. Have clear evidence - Prove the transfer was unauthorized or improper
3. Act quickly - TDRP is more effective if filed soon after unauthorized transfer
4. Verify TDRP applies - Confirm it's a gTLD covered by TDRP
5. Document everything - Collect all evidence before filing

Common TDRP Scenarios

Understanding real-world TDRP scenarios helps you recognize when this policy applies to your situation.

Scenario 1: Hijacked Domain via Account Compromise

What happened:

• Attacker gained access to registrant's registrar account via phishing
• Disabled transfer lock and obtained authorization code
• Initiated transfer to another registrar
• Gaining registrar sent FOA (Form of Authorization) to compromised email
• Transfer completed because attacker confirmed via compromised email

TDRP application:

• Complaint against: Both losing and gaining registrars
• Violation: Transfer occurred despite security indicators suggesting compromise
• Evidence needed: Proof of account compromise, usual access patterns, IP logs
• Likely outcome: Transfer reversal, possible registrar sanctions if procedures weren't followed

Why TDRP works: While the technical transfer steps were followed, TDRP can examine whether registrars exercised reasonable care when security indicators suggested compromise.

Scenario 2: Social Engineering of Registrar Support

What happened:

• Attacker contacted losing registrar's customer support
• Used social engineering and fake documents to impersonate domain owner
• Support agent disabled transfer lock and provided authorization code
• Transfer initiated and completed to attacker's registrar
• Real owner only discovered when domain went offline

TDRP application:

• Complaint against: Losing registrar primarily
• Violation: Failed to adequately verify identity before making critical account changes
• Evidence needed: Support ticket logs, timeline, proof you didn't authorize contact
• Likely outcome: Transfer reversal, registrar sanctions for inadequate verification

Why TDRP works: Registrars are required to have reasonable identity verification procedures. Failures in verification that lead to unauthorized transfers violate ICANN policy.

Scenario 3: Registrar System Error

What happened:

• Registrant initiated transfer of domainA.com to new registrar
• Due to registrar system glitch, domainB.com also transferred
• domainB.com was not supposed to be transferred and registrant didn't authorize it
• Gaining registrar accepted both domains without separate authorization for domainB.com
• Registrant wants domainB.com returned to original registrar

TDRP application:

• Complaint against: Both registrars
• Violation: Transfer of domainB.com lacked proper authorization
• Evidence needed: Transfer request documents showing only domainA.com, correspondence about error
• Likely outcome: Transfer reversal for domainB.com, no sanctions (honest mistake)

Why TDRP works: Even technical errors that result in unauthorized transfers violate ICANN policy and can be reversed through TDRP.

Scenario 4: Stolen Authorization Code

What happened:

• Registrant's email was compromised but registrar account was not
• Attacker obtained authorization code from email but couldn't access registrar account
• Attacker initiated transfer from outside with stolen auth code
• Gaining registrar sent FOA to compromised email, attacker confirmed
• Transfer completed without registrant's knowledge

TDRP application:

• Complaint against: Primarily gaining registrar
• Violation: Failed to verify transfer authenticity beyond email confirmation
• Evidence needed: Proof email was compromised, that you didn't initiate transfer, access logs
• Likely outcome: Depends on whether registrars followed all required procedures

Why TDRP might work: If the gaining registrar failed to follow proper authorization procedures beyond just email confirmation, TDRP can reverse the transfer.

Scenario 5: Transfer During 60-Day Lock Period

What happened:

• Domain was registered or transferred 45 days ago
• ICANN policy requires 60-day lock after registration or transfer
• New transfer was initiated and completed during lock period
• Losing registrar should have rejected transfer during lock period
• Domain ended up at unintended registrar

TDRP application:

• Complaint against: Losing registrar
• Violation: Allowed transfer during mandatory 60-day lock period
• Evidence needed: Registration/transfer dates showing 60-day window, transfer completion date
• Likely outcome: Transfer reversal, registrar sanctions for clear policy violation

Why TDRP works: The 60-day transfer lock is a clear ICANN requirement. Violations are straightforward TDRP cases.

Scenario 6: Ignored Transfer Lock Status

What happened:

• Domain had registrar lock (clientTransferProhibited) enabled
• Transfer was initiated externally with stolen authorization code
• Losing registrar allowed transfer despite lock status
• Or losing registrar disabled lock without proper authorization
• Domain transferred to gaining registrar

TDRP application:

• Complaint against: Losing registrar
• Violation: Allowed transfer despite transfer lock, or disabled lock without authorization
• Evidence needed: WHOIS history showing lock status, proof you didn't authorize lock removal
• Likely outcome: Transfer reversal, sanctions for ignoring or improperly removing lock

Why TDRP works: Transfer locks exist specifically to prevent unauthorized transfers. Registrars are required to respect lock status.

Scenario 7: Forged Authorization Documents

What happened:

• Attacker created forged documents (ID, authorization letter) claiming to be domain owner
• Contacted registrar with forged documents to initiate transfer
• Registrar accepted forged documents and processed transfer
• Real owner discovered transfer when domain stopped working
• Forged documents can be proven fake (wrong signature, manipulated ID, etc.)

TDRP application:

• Complaint against: Registrar that accepted forged documents
• Violation: Failed to adequately verify authenticity of authorization documents
• Evidence needed: Real documents for comparison, forensic analysis showing forgery
• Likely outcome: Transfer reversal if forgery is clear, possible sanctions

Why TDRP works: While registrars aren't expected to be forensic experts, accepting obviously forged documents can violate reasonable care standards.

Scenario 8: Gaining Registrar Failed to Send FOA

What happened:

• Transfer was initiated (authorization or not)
• Gaining registrar failed to send Form of Authorization (FOA) to registrant
• Or FOA was sent to wrong email address
• Transfer completed without registrant receiving proper notification/confirmation
• Registrant never had opportunity to reject transfer

TDRP application:

• Complaint against: Gaining registrar
• Violation: Failed to send FOA to registrant of record as required by ICANN
• Evidence needed: Email records showing no FOA received, correct registrant email in WHOIS
• Likely outcome: Transfer reversal, registrar sanctions for policy violation

Why TDRP works: Sending FOA to the registrant of record is a mandatory ICANN requirement. Failures to do so are clear policy violations.

TDRP Providers Comparison

TDRP complaints must be filed with an ICANN-approved dispute resolution provider. Currently, two providers handle TDRP cases.

Approved TDRP Providers

1. National Arbitration Forum (NAF) / ADR Forum

Overview:

• Based in Minneapolis, Minnesota, USA
• Largest provider of TDRP cases historically
• Also handles UDRP, URS, and other domain disputes
• Electronic filing and case management system

TDRP Pricing:

• Single-registrar complaint: $750
• Two-registrar complaint: $1,500 (both losing and gaining registrars)
• Payment: Credit card, wire transfer, check
• Refund policy: Administrative fees non-refundable if case proceeds

Process specifics:

• Entirely online filing and case management
• Average decision time: 30-35 days
• Provides interim case status updates
• Panelist assigned within 2-3 business days

Contact:

• Website: www.adrforum.com/domain-dispute/tdrp
• Email: [email protected]
• Phone: +1-877-474-2372
• Hours: Monday-Friday, 8am-5pm Central Time

Panelists:

• Attorneys with domain name and internet law expertise
• Experience with ICANN policies
• Typically 5-10 years of domain dispute experience

Advantages:

• Fast case processing
• User-friendly online system
• Lower cost for single-registrar complaints
• Most experience with TDRP cases

Disadvantages:

• U.S.-based (potential time zone issues for international complainants)
• Less international recognition than WIPO

2. WIPO Arbitration and Mediation Center

Overview:

• Part of World Intellectual Property Organization (UN agency)
• Based in Geneva, Switzerland with offices worldwide
• Handles UDRP, TDRP, ccTLD disputes
• International reputation and reach

TDRP Pricing:

• Single-registrar complaint: $1,000
• Two-registrar complaint: $1,500
• Payment: Wire transfer, credit card
• Additional costs: Translation if complaint in non-English language

Process specifics:

• Online filing through eADR system
• Average decision time: 35-40 days
• International panel of experts
• Multilingual capabilities

Contact:

• Website: www.wipo.int/amc/en/domains/tdrp/
• Email: [email protected]
• Phone: +41 22 338 8247
• Hours: Monday-Friday, 9am-6pm Central European Time

Panelists:

• International experts in intellectual property and domain law
• Attorneys, academics, and former registrar executives
• Multilingual capabilities

Advantages:

• International presence and reputation
• Multilingual support
• Broader geographic expertise
• Can handle complex international cases

Disadvantages:

• Higher cost for single-registrar complaints ($1,000 vs $750)
• Slightly longer processing times
• Less experience specifically with TDRP (more UDRP focused)

Which Provider Should You Choose?

Choose NAF/ADR Forum if:

• You want the lowest cost ($750 for single-registrar)
• You prioritize speed (slightly faster average)
• You're comfortable with U.S.-based provider
• Your case is straightforward

Choose WIPO if:

• International recognition is important
• Your case involves international registrars
• You need multilingual support
• You prefer UN-associated institution
• Your case is complex or high-value

Either provider works well if:

• You're filing two-registrar complaint (same $1,500 price)
• You want established reputation
• You need electronic filing
• Standard timelines are acceptable

Provider Statistics

Note: TDRP case volumes are much lower than UDRP, so statistics are estimates based on available data.

The TDRP Process Step-by-Step

Understanding the TDRP process helps you prepare an effective complaint and know what to expect.

Step 1: Pre-Filing Preparation (1-7 days)

Before filing TDRP, complete these prerequisites:

A. Attempt Registrar Resolution

• Contact losing registrar's abuse/security team
• Contact gaining registrar's abuse/security team
• Request transfer reversal with evidence
• Document all communications
• Allow reasonable time for response (3-5 business days)

B. Gather Evidence

• WHOIS history showing transfer
• Email records (or lack of FOA)
• Account access logs
• Authorization code history
• Transfer lock status history
• Timeline of events
• Proof of ownership
• Correspondence with registrars

C. Verify TDRP Applicability

• Confirm domain is gTLD covered by TDRP
• Confirm transfer was inter-registrar (not intra-registrar)
• Verify transfer occurred (check current WHOIS)
• Confirm you have standing (you're the registrant or authorized representative)

D. Choose Provider

• Select NAF or WIPO based on your needs
• Review provider's supplemental rules
• Prepare payment method
• Create account on provider's filing system

Step 2: File TDRP Complaint (Day 1)

Complaint must include:

1. Complainant information

   • Full legal name
   • Mailing address
   • Email address
   • Phone number
   • Authorized representative (if using attorney)

2. Domain name(s) in dispute

   • Exact domain name(s)
   • Current registrar
   • Previous registrar
   • Transfer date

3. Registrar(s) named as respondents

   • Losing registrar
   • Gaining registrar (if applicable)
   • ICANN registrar ID for each

4. Statement of facts

   • Detailed timeline of events
   • How you discovered the unauthorized transfer
   • Steps taken to resolve with registrars
   • Evidence of unauthorized transfer

5. Legal grounds

   • Specific ICANN policy violations
   • How transfer violated Inter-Registrar Transfer Policy
   • References to specific policy sections

6. Evidence exhibits

   • WHOIS records
   • Email communications
   • Screenshots
   • Authentication logs
   • Any other supporting documentation

7. Remedy requested

   • Transfer reversal
   • Registrar sanctions
   • Any other relief

8. Payment

   • Filing fee ($750-$1,500)
   • Payment confirmation

Step 3: Provider Reviews Complaint (1-3 days)

Provider verifies:

• Complaint is complete
• Fees paid
• Proper respondents named
• TDRP applies to the situation
• Complaint formatted correctly

Possible outcomes:

• Complaint accepted - Proceeds to Step 4
• Deficiency notice - You must correct issues within 3 days
• Complaint rejected - Refund minus administrative fee

Step 4: Registrar(s) Notified (Day 3-5)

Provider sends complaint to:

• Named registrar(s)
• ICANN (for monitoring)
• Complainant (confirmation)

Notification includes:

• Complete complaint with exhibits
• Deadline for response (10 calendar days)
• Provider's supplemental rules
• Case reference number

Step 5: Registrar Response Period (10 calendar days)

Registrar(s) may:

Option A: File response

• Submit detailed response to allegations
• Provide evidence transfer was proper
• Challenge complainant's standing
• Explain their procedures and compliance
• Request dismissal

Option B: Default

• Not respond
• Panel proceeds based on complaint alone
• Generally favorable to complainant

Response must include:

• Point-by-point rebuttal of allegations
• Evidence transfer was authorized or proper
• Documentation of procedures followed
• Explanation of policy compliance
• Evidence exhibits

Step 6: Optional Reply by Complainant (5 calendar days)

After registrar response, complainant may file optional reply:

Reply can:

• Address new evidence in registrar response
• Rebut registrar's explanations
• Provide additional evidence
• Clarify misunderstandings

Reply cannot:

• Introduce completely new claims
• Extend beyond responding to registrar's response
• Exceed provider's word limits

Step 7: Panelist Appointed (1-3 days)

Provider appoints panelist:

• Expert in domain names and ICANN policy
• No conflicts of interest with parties
• Attorney or domain industry expert
• Experience with ICANN dispute resolution

Panelist reviews:

• Complete complaint
• Registrar response (if filed)
• Complainant reply (if filed)
• All evidence exhibits
• ICANN policies and transfer requirements

Step 8: Panelist Decision (14 calendar days from appointment)

Panelist analyzes:

• Whether transfer was authorized
• Whether registrars followed ICANN procedures
• Whether transfer violated Inter-Registrar Transfer Policy
• Whether evidence supports complainant's claims
• What remedy is appropriate

Panel may:

• Request additional information from parties (rare)
• Issue interim questions to clarify issues
• Seek expert opinion on technical matters (very rare)

Decision process:

• Panelist drafts decision with findings and reasoning
• Decision reviewed by provider (administrative check only)
• Decision finalized

Step 9: Decision Issued (Day 30-45)

Decision includes:

• Summary of facts
• Parties' positions
• Analysis of each issue
• Findings on policy violations
• Remedy ordered
• Reasoning for decision

Possible outcomes:

1. Complaint granted - Transfer reversal ordered, possible registrar sanctions
2. Complaint denied - Transfer stands, registrars vindicated
3. Split decision - Some claims granted, some denied

Step 10: Decision Implementation (5-10 business days)

If complaint granted:

Gaining registrar must:

• Return domain to losing registrar within 10 business days
• Unlock domain for transfer
• Provide transfer authorization

Losing registrar must:

• Accept domain back
• Restore to complainant's account
• Apply appropriate status locks

ICANN monitors:

• Compliance with decision
• Timely implementation
• Follow-up sanctions if needed

If complaint denied:

• Domain remains with current registrar
• Complainant may pursue other remedies (court, UDRP)
• Decision is final for TDRP purposes

TDRP Timeline: Filing to Decision

Understanding the TDRP timeline helps you plan and know what to expect.

Standard Timeline (30-45 days total)

Day 0: File Complaint
│
├─ Day 1-3: Provider Administrative Review
│  └─ Deficiency notice if issues (3 days to cure)
│
├─ Day 3-5: Complaint Served on Registrar(s) and ICANN
│
├─ Day 5-15: Registrar Response Period (10 calendar days)
│  ├─ Registrar may file response
│  └─ Or registrar may default (no response)
│
├─ Day 15-20: Optional Complainant Reply (5 calendar days)
│  └─ Only if registrar filed response
│
├─ Day 20-23: Panelist Appointed (1-3 days after responses complete)
│
├─ Day 23-37: Panelist Review and Decision Period (14 calendar days)
│  ├─ Panelist reviews all materials
│  ├─ Optional requests for clarification
│  └─ Decision drafted
│
├─ Day 37-40: Provider Review (administrative only)
│
└─ Day 40-45: Decision Issued and Served
   │
   └─ Day 50-55: Decision Implemented (if transfer reversal ordered)

Timeline Variables

Factors that speed up timeline:

• Registrar defaults (no response) - Saves 10-15 days
• No complainant reply filed - Saves 5 days
• Provider has light case load - Faster administrative processing
• Straightforward case - Panelist decides quickly

Factors that slow down timeline:

• Deficient complaint requiring cure - Adds 5-10 days
• Complex case requiring panelist research - Adds 5-14 days
• Panelist requests additional information - Adds 5-10 days
• Holiday periods - Can add 3-7 days
• High provider case load - Adds 3-7 days

Comparison to Other Dispute Methods

Required Evidence for TDRP Complaints

Strong evidence is critical to TDRP success. Here's what you need to gather and how to present it effectively.

Essential Evidence Categories

1. Proof of Ownership

What to provide:

• Original domain registration confirmation
• Registration agreement with losing registrar
• Payment records for domain registration/renewals
• Historical WHOIS showing you as registrant
• Screenshots of registrar account showing domain ownership
• Domain management history (DNS changes, nameserver updates you made)

Why it matters: Establishes you are the legitimate domain owner with standing to file TDRP.

Best practices:

• Provide earliest possible proof of ownership
• Show continuous ownership leading up to transfer
• Include multiple types of ownership proof
• Redact sensitive financial info (keep last 4 digits only)

2. Transfer Timeline Documentation

What to provide:

• WHOIS history showing pre-transfer and post-transfer registrar
• Exact date and time of transfer (from WHOIS or registrar notification)
• Timeline of events leading to transfer
• When you discovered the unauthorized transfer
• Date of any suspicious account activity

Why it matters: Establishes when transfer occurred and whether it violated timing restrictions (like 60-day locks).

Best practices:

• Use WHOIS history services (DomainTools, ICANN WHOIS history, registrar records)
• Create visual timeline graphic
• Note any timing policy violations (transfers during lock periods)
• Compare transfer date to registration date (60-day rule)

3. Evidence of Lack of Authorization

What to provide:

• Statement under penalty of perjury that you didn't authorize transfer
• Proof you didn't initiate transfer request
• Email records showing no FOA (Form of Authorization) received
• Or proof FOA went to wrong email address
• Registrar account logs showing you didn't request authorization code
• Proof transfer lock was enabled and shouldn't have been disabled

Why it matters: Core of TDRP claim - proving transfer was unauthorized.

Best practices:

• Check all email accounts (including spam/trash folders)
• Request account access logs from registrar
• Screenshot transfer lock status from before transfer (if available)
• Provide detailed statement of your normal domain management practices
• Show you didn't have access to account at time of transfer (if applicable)

4. Evidence of Account Compromise (if applicable)

What to provide:

• Unusual login activity from foreign IPs
• Access logs showing unauthorized logins
• Password reset notifications you didn't initiate
• Security alerts from registrar
• Evidence of phishing emails or malware
• Timeline showing normal activity vs. suspicious activity

Why it matters: Demonstrates transfer occurred due to security breach, not legitimate request.

Best practices:

• Request complete account access logs from registrar
• Use IP geolocation services to show foreign access
• Compare access patterns before and during compromise
• Provide evidence of when you regained account access
• Show security measures you normally used (2FA, strong passwords)

5. Communication with Registrars

What to provide:

• All emails to/from losing registrar about the unauthorized transfer
• All emails to/from gaining registrar disputing transfer
• Support ticket history
• Phone call records (dates, times, representative names)
• Registrar responses (or lack thereof)
• Timeline showing you attempted resolution before filing TDRP

Why it matters: TDRP expects you to attempt registrar resolution first. Shows you acted reasonably.

Best practices:

• Save all emails in original format (with full headers)
• Document all phone calls with dates, times, names
• Be professional in all communications (they become evidence)
• Give registrars reasonable time to respond (3-5 business days)
• Clearly request specific action (transfer reversal)

6. Registrar Policy Violations

What to provide:

• Specific ICANN policy sections violated
• Evidence registrar didn't follow their own procedures
• Proof FOA wasn't sent to registrant of record
• Evidence transfer lock was ignored or improperly removed
• Proof transfer occurred during 60-day lock period
• Documentation of inadequate identity verification

Why it matters: TDRP is about policy violations. Must cite specific violations with evidence.

Best practices:

• Quote exact policy language from ICANN Transfer Policy
• Cross-reference registrar's own stated procedures
• Highlight discrepancies between policy and actual actions
• Use registrar's registration agreement terms
• Cite specific dates/times of violations

7. WHOIS Records

What to provide:

• WHOIS snapshot before transfer (showing your info, losing registrar, transfer lock)
• WHOIS snapshot after transfer (showing gaining registrar, different info)
• WHOIS history showing timeline of changes
• Registrant email address on record (proving where FOA should have been sent)
• Domain status codes (clientTransferProhibited, etc.)

Why it matters: WHOIS is authoritative record of domain ownership and status.

Best practices:

• Use multiple WHOIS sources (registrar, ICANN, third-party services)
• Capture full WHOIS output, not summarized versions
• Show date/time stamps on WHOIS records
• Highlight key fields (registrar, status, contact email)
• Use DomainDetails.com for comprehensive WHOIS history

8. Technical Evidence (when relevant)

What to provide:

• Email headers showing forged FOA messages
• Server logs showing unauthorized access
• DNS change logs showing when nameservers changed
• Website downtime logs showing when domain stopped working
• SSL certificate logs showing domain control
• Browser history showing your access to registrar account

Why it matters: Technical evidence can prove or disprove authorization and access.

Best practices:

• Include technical evidence only if you can explain it clearly
• Use experts if needed (include expert declarations)
• Highlight key technical indicators
• Translate technical jargon for non-technical panelist
• Focus on what technical evidence proves about authorization

Evidence Organization

Best practices for presenting evidence:

1. Number all exhibits - Exhibit A, Exhibit B, etc.
2. Create exhibit index - Brief description of each exhibit
3. Reference exhibits in narrative - "As shown in Exhibit C..."
4. Highlight key portions - Circle or highlight important parts of documents
5. Provide context - Explain what each piece of evidence proves
6. Chronological order - Organize by timeline when possible
7. Clear file names - "Exhibit-A-WHOIS-Before-Transfer.pdf"
8. PDF format - Convert all evidence to PDF for consistency

Evidence Credibility Tips

Make evidence more credible:

• Contemporaneous documentation - Evidence created at the time (not after dispute started)
• Third-party sources - WHOIS, ICANN records more credible than your own statements
• Consistent narrative - All evidence should tell same story
• Detailed timestamps - Precise dates and times strengthen evidence
• Professional presentation - Clean formatting, clear labels, organized structure

Avoid:

• ✗ Evidence created after dispute arose (appears fabricated)
• ✗ Screenshots without context or timestamps
• ✗ Inconsistent statements across documents
• ✗ Speculation or assumptions without evidence
• ✗ Irrelevant information that clutters complaint

TDRP Complaint Structure

A well-structured TDRP complaint significantly improves your chances of success. Here's how to organize your complaint effectively.

Complaint Template Structure

I. HEADER

Before [Provider Name - NAF or WIPO]

TDRP COMPLAINT

Complainant: [Your Name]
[Your Address]
[Your Email]
[Your Phone]

Domain Name(s) at Issue: [domain.com]

Respondent(s):
1. [Losing Registrar Name]
   ICANN Registrar ID: [ID]
   [Address]

2. [Gaining Registrar Name] (if applicable)
   ICANN Registrar ID: [ID]
   [Address]

Case Number: [Leave blank - assigned by provider]

II. INTRODUCTION (1-2 paragraphs)

Briefly summarize:

• Who you are (domain registrant)
• What domain(s) are at issue
• What happened (unauthorized transfer)
• What you're requesting (transfer reversal)

Example:

"Complainant is the legitimate registrant of example.com. On January 15, 2025, the domain was transferred from Registrar A to Registrar B without Complainant's authorization or knowledge. Complainant requests that the panel order reversal of the unauthorized transfer and return of the domain to Registrar A under Complainant's control."

III. JURISDICTION AND STANDING

A. TDRP Applies

• Domain is gTLD covered by TDRP
• Transfer was between ICANN-accredited registrars
• Dispute concerns inter-registrar transfer

B. Complainant Has Standing

• You are registrant of record
• Or authorized representative with power of attorney
• Transfer directly affected your rights

C. Provider Jurisdiction

• Provider is ICANN-approved TDRP provider
• Respondent registrars subject to TDRP
• Proper venue for dispute

IV. STATEMENT OF FACTS

Present chronological narrative with specific dates:

A. Background and Ownership

• When and how you registered domain
• Domain's use and importance
• Security measures in place

B. Discovery of Unauthorized Transfer

• When and how you discovered transfer
• What alerted you (website down, email not working, WHOIS check)
• Immediate actions taken

C. Circumstances of Unauthorized Transfer

• How transfer was initiated (if known)
• Whether FOA was sent/received
• Whether proper authorization was given (no)
• Transfer lock status
• Timeline of transfer events

D. Attempts at Resolution

• Contacted losing registrar on [date]
• Contacted gaining registrar on [date]
• Responses received (or no response)
• Why registrar resolution failed

E. Impact of Unauthorized Transfer

• Business disruption
• Email service loss
• Website downtime
• Financial harm
• Reputational damage

V. LEGAL GROUNDS FOR RELIEF

Cite specific ICANN policy violations with evidence:

A. Violation of Transfer Authorization Requirements

"Inter-Registrar Transfer Policy Section 4.2 requires that transfers be authorized by the registrant. As shown in Exhibit C, Complainant never authorized this transfer."

B. Failure to Send Proper FOA

"Transfer Policy Section 4.3 requires the gaining registrar to send FOA to the registrant's email address on record (shown in Exhibit D). No FOA was sent to Complainant's email address, as shown by Exhibit E (email records)."

C. Transfer Lock Ignored

"Domain had clientTransferProhibited status (Exhibit F - WHOIS), which should have prevented transfer. Losing registrar allowed transfer despite lock status, violating Transfer Policy Section 5.1."

D. Transfer During Restricted Period

"Domain was transferred within 60 days of registration/previous transfer (Exhibit G - registration date of December 1, 2024 vs. transfer date of January 15, 2025), violating the mandatory 60-day lock under Transfer Policy Section 3.2."

VI. EVIDENCE

List and describe each exhibit:

Exhibit A: Domain registration confirmation from [date] Exhibit B: WHOIS record before transfer showing Complainant as registrant, Registrar A, and transfer lock status Exhibit C: WHOIS record after transfer showing Registrar B Exhibit D: Email records showing no FOA received Exhibit E: Communication with Registrar A attempting resolution Exhibit F: Communication with Registrar B disputing transfer Exhibit G: Account access logs showing no authorization code request Exhibit H: Timeline graphic of events Exhibit I: [Any additional evidence]

VII. RELIEF REQUESTED

A. Primary Relief

"Complainant requests that the Panel order reversal of the unauthorized transfer and return of [domain.com] to Registrar A under Complainant's account control."

B. Secondary Relief (if applicable)

"Complainant further requests that the Panel recommend ICANN Compliance investigate Respondent registrar(s) for systematic policy violations and consider appropriate sanctions."

C. Costs

"Complainant requests that Respondent registrar(s) bear the costs of this proceeding."

VIII. CERTIFICATION

Statement under penalty of perjury:

"I certify that the information in this complaint is true and accurate to the best of my knowledge. I understand that willfully providing false information in a TDRP proceeding may result in sanctions. I agree to be bound by the TDRP Policy and Provider's Supplemental Rules."

Signed: ________________ Date: ________________

IX. EXHIBITS

Attach all exhibits referenced in complaint.

Complaint Length Guidelines

Optimal length: 10-20 pages (not including exhibits)

By section:

• Introduction: 0.5-1 page
• Jurisdiction: 0.5-1 page
• Statement of Facts: 3-5 pages
• Legal Grounds: 3-5 pages
• Evidence List: 1-2 pages
• Relief Requested: 0.5-1 page
• Certification: 0.5 page

Tips for effective length:

• Be thorough but concise
• Don't repeat information unnecessarily
• Use clear headings and formatting
• Let exhibits speak for themselves (don't just describe them)
• Focus on facts and policy violations, not emotions
• Remove irrelevant information

Writing Style Tips

Do: ✓ Use clear, professional language ✓ Cite specific policy sections ✓ Reference exhibits frequently ("as shown in Exhibit D") ✓ Use chronological organization ✓ Include specific dates and times ✓ Stay focused on transfer authorization ✓ Be objective and factual

Don't: ✗ Use emotional or inflammatory language ✗ Make personal attacks on registrars ✗ Include irrelevant information ✗ Make legal conclusions without support ✗ Use technical jargon without explanation ✗ Assume panelist knows background facts

Available TDRP Remedies

Understanding what remedies a TDRP panel can order helps you set realistic expectations and request appropriate relief.

Primary Remedy: Transfer Reversal

What it means:

• Panel orders domain transferred back to losing registrar
• Domain returned to your account with losing registrar
• Status quo before unauthorized transfer restored

How it works:

1. Panel issues decision ordering transfer reversal
2. Gaining registrar must unlock domain and provide auth code
3. Losing registrar must accept domain back
4. Domain returned to complainant's account
5. Process completed within 10 business days

When ordered:

• Transfer was clearly unauthorized
• Transfer violated ICANN policy
• Evidence shows complainant is legitimate owner
• Registrar(s) failed to follow proper procedures

Limitations:

• Only reverses the transfer itself
• Doesn't restore DNS settings or website content
• Doesn't recover revenue lost during downtime
• Doesn't compensate for damages

Secondary Remedy: Registrar Sanctions

What panels can recommend:

• ICANN Compliance investigation of registrar
• Registrar training on transfer procedures
• Corrective action plans
• Warning letters
• In severe cases: Loss of ICANN accreditation

How it works:

1. Panel includes sanction recommendation in decision
2. Decision forwarded to ICANN Compliance
3. ICANN investigates independently
4. ICANN determines if sanctions warranted
5. ICANN imposes sanctions (if appropriate)

When recommended:

• Systematic policy violations
• Repeated violations by same registrar
• Egregious disregard for ICANN requirements
• Inadequate security or verification procedures
• Bad faith by registrar

Limitations:

• Panel only recommends, ICANN decides
• Process can take months
• Sanctions don't compensate complainant
• Sanctions are for future prevention, not past remedy

Costs and Fees

Filing fees:

• Generally NOT recoverable
• Each party bears own costs
• Exception: Panel may order registrar to reimburse complainant's fees in egregious cases

When fee reimbursement ordered:

• Registrar acted in clear bad faith
• Egregious policy violations
• Registrar provided false information to panel
• Reverse hijacking (registrar knowingly facilitated unauthorized transfer)

Typical outcome: Complainant pays own filing fee even if successful.

What TDRP Cannot Provide

Monetary damages: ✗ Lost revenue ✗ Business losses ✗ Reputational harm ✗ Attorneys' fees (beyond filing fee) ✗ Punitive damages

Other remedies: ✗ Domain transfer to different registrar (only reversal to losing registrar) ✗ Account access credentials ✗ Restoration of website content or DNS settings ✗ Compensation for time and effort ✗ Injunctive relief beyond transfer reversal

Why these limits exist:

• TDRP is administrative arbitration, not court
• Scope limited to transfer disputes
• Not designed for full legal remedies
• Keeps process fast and affordable

If You Need More Than TDRP Provides

For monetary damages:

• File federal lawsuit under Anti-Cybersquatting Consumer Protection Act (ACPA)
• Sue in state court for conversion, fraud, etc.
• Potential damages: Actual losses, statutory damages ($1,000-$100,000 per domain), attorneys' fees

For criminal prosecution:

• Report to FBI IC3 (Internet Crime Complaint Center)
• Report to local law enforcement if over $5,000 value
• Potential charges: Wire fraud, computer fraud, identity theft

For comprehensive relief:

• TDRP for fast transfer reversal (30-45 days)
• Simultaneously pursue lawsuit for damages (1-2 years)
• Use TDRP decision as evidence in lawsuit
• Potential total recovery: Domain + damages + fees

How Registrars Are Held Accountable

TDRP plays a crucial role in ensuring registrars follow ICANN transfer policies. Understanding registrar accountability helps you craft effective complaints.

Registrar Obligations Under Transfer Policy

Losing registrar must:

1. Verify authorization before processing transfer request
2. Respect transfer locks and not remove without proper authorization
3. Send transfer notifications to registrant when transfer initiated
4. Provide denial reasons if transfer rejected with legitimate grounds
5. Enforce 60-day lock after registration or previous transfer
6. Maintain security of authorization codes
7. Respond to disputes about unauthorized transfers

Gaining registrar must:

1. Send FOA (Form of Authorization) to registrant email on record
2. Wait for confirmation (5-day period) before completing transfer
3. Verify authorization exists before accepting transfer
4. Reject obviously fraudulent transfer requests
5. Respond to transfer disputes from registrant or losing registrar
6. Reverse transfers when clearly unauthorized
7. Maintain transfer logs for dispute resolution

Violations That Lead to TDRP Complaints

Common losing registrar violations:

• Allowing transfer despite active transfer lock
• Removing transfer lock without proper verification
• Processing transfer during 60-day lock period
• Failing to verify identity before making account changes
• Providing authorization code to unauthorized party
• Not sending transfer notification to registrant
• Inadequate security procedures allowing account compromise

Common gaining registrar violations:

• Not sending FOA to registrant of record
• Sending FOA to wrong email address
• Accepting transfer without proper authorization
• Failing to enforce 5-day waiting period
• Not responding to dispute from registrant
• Refusing to reverse obviously unauthorized transfer
• Processing transfer despite red flags

TDRP Decision Impact on Registrars

When panel finds against registrar:

Immediate consequences:

• Must reverse transfer within 10 business days
• Decision published (name of registrar included)
• Case becomes part of public TDRP database
• ICANN Compliance automatically notified

Potential longer-term consequences:

• ICANN Compliance investigation
• Required corrective action plan
• Staff training requirements
• Additional monitoring by ICANN
• Multiple violations can lead to probation
• Severe/repeated violations can lead to accreditation loss

Reputational consequences:

• Public record of policy violation
• Customers may lose trust
• Other providers may scrutinize transfers more
• Industry reputation suffers

ICANN Compliance Role

How ICANN Compliance works with TDRP:

1. Notification: Compliance receives all TDRP decisions
2. Review: Examines decisions finding policy violations
3. Investigation: Opens compliance case if violations found
4. Inquiry: Contacts registrar for explanation and corrective action
5. Monitoring: Tracks compliance with corrective measures
6. Escalation: Increases pressure if violations continue
7. Sanctions: Can impose sanctions up to termination of accreditation

Timeline: ICANN Compliance cases typically take 3-6 months after TDRP decision.

Registrar Best Practices TDRP Encourages

TDRP decisions create incentives for registrars to:

Strengthen security:

• Implement two-factor authentication
• Use additional verification for sensitive changes
• Monitor for suspicious activity patterns
• Lock high-value domains by default

Improve procedures:

• Better staff training on transfer policy
• Documented verification procedures
• Escalation paths for suspicious requests
• Regular policy compliance audits

Better communication:

• Clearer transfer notifications
• Multiple notification methods (email, SMS, phone)
• Easier dispute resolution process
• Faster response to transfer disputes

Enhanced verification:

• Multi-factor verification for auth code requests
• Identity verification for lock removal
• Challenge questions for account changes
• Callback verification for phone requests

Holding Registrars Accountable Through TDRP

Maximizing registrar accountability in your complaint:

1. Cite specific obligations - Reference exact Transfer Policy sections
2. Document violations clearly - Show exactly how registrar failed
3. Highlight pattern if applicable - Show this isn't isolated incident
4. Request sanctions explicitly - Ask panel to recommend ICANN investigation
5. Provide evidence of negligence - Show failure was unreasonable
6. Compare to industry standards - Show other registrars do better

Example language for complaint:

"Respondent Registrar A violated Transfer Policy Section 4.2 by removing the transfer lock without adequate identity verification. Industry best practices require multi-factor authentication for such changes. Respondent's failure to implement reasonable security measures enabled this unauthorized transfer. Complainant requests the Panel recommend ICANN Compliance investigate Registrar A's verification procedures to prevent future unauthorized transfers."

TDRP vs Court: When to Choose Each

Understanding when to use TDRP versus filing a lawsuit helps you choose the most effective path for your situation.

When TDRP Is the Right Choice

Choose TDRP if:

Week 1: File TDRP complaint ($1,500)
Week 2: Consult with litigation attorney, draft lawsuit
Week 3: File lawsuit (preserve statute of limitations)
Week 4-6: TDRP process continues
Week 6: TDRP decision issued - domain recovered
Week 7+: Continue lawsuit for damages
Month 4-12: Discovery, motions, possible settlement
Year 1-2: Trial if no settlement, verdict, damages awarded

Defending Against a TDRP Complaint

If you're a registrar facing a TDRP complaint, or if you legitimately acquired a domain that someone is now claiming was transferred improperly, understanding how to defend yourself is crucial.

If You're a Registrar

Immediate actions upon receiving TDRP complaint:

1. Review complaint thoroughly - Understand all allegations
2. Gather internal records - Pull complete file for the transfer
3. Consult legal counsel - TDRP responses have legal implications
4. Check ICANN policies - Verify your procedures were compliant
5. Assess liability - Determine if you violated policy
6. Consider resolution - If transfer was improper, voluntary reversal may be best

Strong Defenses for Registrars

Defense 1: Full Compliance with Transfer Policy

Argue:

• You followed all ICANN Transfer Policy requirements
• Authorization was properly verified
• FOA was sent to registrant email on record
• Waiting periods were observed
• Transfer locks were respected
• Documentation supports authorization

Evidence to provide:

• Transfer request with authorization
• Email logs showing FOA sent to correct address
• Confirmation received from registrant
• System logs showing policy compliance
• Standard operating procedures documentation
• Staff training records

Defense 2: Transfer Was Authorized

Argue:

• Registrant did authorize transfer
• Authorization came from registrant's email account
• Authorization code was properly provided
• Complainant may have forgotten or changed mind
• Or complainant is not the legitimate registrant

Evidence to provide:

• Authorization request from registrant's email
• Confirmation of transfer from registrant's email
• IP address logs showing access from registrant's location
• Previous interactions with same party
• No security indicators of compromise

Defense 3: Complainant Lacks Standing

Argue:

• Complainant is not the registrant of record
• Or complainant's ownership is disputed
• Or registrant authorized transfer to escape complainant's control
• Domain ownership was already in dispute

Evidence to provide:

• WHOIS showing complainant is not registrant
• Correspondence with actual registrant
• Court orders or agreements affecting ownership
• Evidence of internal ownership dispute

Defense 4: Complainant's Security Failure

Argue:

• Transfer appeared legitimate at the time
• Complainant failed to secure their account
• Complainant didn't use two-factor authentication
• Complainant ignored security warnings
• Complainant's negligence enabled unauthorized access

Evidence to provide:

• Security features available but not used
• Warnings sent to registrant about security
• Transfer appeared normal based on access patterns
• No obvious red flags at time of transfer

Defense 5: Procedural Defenses

Argue:

• Complainant failed to attempt resolution first
• Complaint is incomplete or deficient
• TDRP doesn't apply to this situation
• Wrong provider selected
• Complaint filed too late

Evidence to provide:

• No contact from complainant before TDRP filing
• Timeline showing no attempt at resolution
• Policy provisions showing TDRP doesn't apply

Weak Defenses (Usually Unsuccessful)

Defenses that typically fail:

✗ "We're not responsible for complainant's security" - Registrars still must follow verification procedures

✗ "Transfer was technically possible, so it's allowed" - Just because system allowed it doesn't mean policy was followed

✗ "Complainant should have had better security" - Doesn't excuse registrar policy violations

✗ "We always process transfers this way" - Systematic policy violations are worse, not better

✗ "It's too late to reverse the transfer" - Transfers can be reversed if improperly authorized

✗ "Another registrar is at fault, not us" - Both registrars can be held responsible

Defending as Domain Holder

If you legitimately obtained a domain now subject to TDRP:

Your role in TDRP:

• You may not be a named party (complaint is against registrars)
• But you have interest in outcome
• Consider intervening or submitting amicus brief

How to intervene:

1. Contact provider immediately upon learning of complaint
2. Request permission to intervene or submit brief
3. Explain your legitimate interest
4. Provide evidence you're good faith purchaser
5. Show you paid value and had no notice of problems

Strong defenses:

• You purchased domain legitimately
• You paid fair market value
• You had no knowledge of any dispute
• You're a good faith purchaser
• Original owner authorized transfer
• Original owner sold you the domain

Weak defenses:

• "I got a great deal" - Below-market price suggests knowledge of problems
• "Seller seemed legitimate" - Doesn't prove authorization
• "I already built a website" - Your investment doesn't override improper transfer

Registrar Response Strategy

Structure of effective response:

I. Introduction

• Acknowledge receipt of complaint
• Identify yourself and role (losing vs. gaining registrar)
• State your position (transfer was proper and should stand)

II. Facts from Registrar's Perspective

• Timeline of transfer from your records
• Actions you took to verify authorization
• Procedures followed
• Communications with parties

III. Compliance with ICANN Policy

• Cite specific policy sections
• Show step-by-step compliance
• Provide evidence of each required step
• Explain procedures and training

IV. Rebuttal of Complainant's Claims

• Address each allegation specifically
• Provide counter-evidence
• Explain any discrepancies
• Show complainant's evidence is incomplete or misleading

V. Legal Arguments

• Why transfer should stand
• Why complainant's claims fail
• Procedural defenses if applicable
• Alternative explanations for evidence

VI. Conclusion

• Request complaint be denied
• Domain should remain with current registrar
• No policy violations occurred

VII. Evidence Exhibits

• Transfer request documentation
• Email logs (FOA sending and confirmation)
• System logs
• Policy compliance documentation
• Staff procedures and training materials

Settlement Considerations

When to consider voluntary transfer reversal:

• Evidence clearly shows transfer was improper
• Your procedures were inadequate
• Risk of losing and facing sanctions is high
• Complainant is clearly legitimate owner
• Business relationship with complainant is valuable
• Reputational risk of adverse decision

Benefits of settlement:

• Avoid adverse TDRP decision on record
• Avoid potential ICANN Compliance investigation
• Resolve matter faster
• Maintain better relationship with complainant
• May be able to negotiate terms (timing, account credit, etc.)

How to settle:

1. Contact complainant or their attorney
2. Propose voluntary transfer reversal
3. Negotiate terms and timeline
4. Execute reversal
5. Notify provider to close TDRP case
6. Document settlement terms

TDRP Success Rates and Statistics

Understanding TDRP success rates helps set realistic expectations for outcomes.

Overall Success Rates

Complainant success rate: ~65-70%

Breakdown by outcome:

• Complaint granted (transfer reversed): 65-70%
• Complaint denied: 25-30%
• Complaint withdrawn: 5-10%

Why success rate is lower than UDRP (~85% for UDRP):

• Transfer disputes are more fact-intensive
• "He said, she said" situations more common
• Harder to prove lack of authorization
• Registrars have stronger defenses
• Both sides often have some evidence

Success Rates by Scenario

Factors That Increase Success Rate

Strong evidence:

• WHOIS history showing transfer lock was enabled (+15%)
• Email records showing no FOA received (+10%)
• Account access logs showing compromise (+10%)
• Clear timeline documentation (+5%)
• Expert testimony (+10%)

Clear policy violations:

• Multiple policy violations cited (+15%)
• Violations are undisputed (+20%)
• Registrar admits errors (+25%)

Quick action:

• Filed within 30 days of transfer (+10%)
• Attempted registrar resolution first (+5%)
• Clear, well-organized complaint (+10%)

Factors That Decrease Success Rate

Weak evidence:

• Only complainant's testimony (-20%)
• Contradictory evidence (-15%)
• Evidence of possible authorization (-25%)
• Large time gap before discovery (-10%)

Procedural issues:

• Didn't attempt registrar resolution (-15%)
• Filed very late after transfer (-10%)
• Complaint poorly organized (-10%)

Registrar defenses:

• Strong evidence of authorization (-30%)
• Clear documentation of procedures (-15%)
• Good security practices documented (-10%)

Success Rates by Provider

Difference is not statistically significant given small sample sizes

Registrar Response Impact

If registrar responds:

• Complainant success rate: ~55-60%
• More balanced consideration of both sides
• Higher burden on complainant to prove case

If registrar defaults (no response):

• Complainant success rate: ~85-90%
• Panel relies primarily on complaint
• Registrar's silence hurts their credibility

Lesson: Responding to TDRP complaints significantly improves registrar's odds.

Time to Decision Statistics

Average decision times:

• NAF/ADR Forum: 32 days
• WIPO: 38 days
• Overall average: 35 days

Factors affecting timeline:

• Registrar defaults: Faster (28-30 days)
• Complex cases: Slower (40-50 days)
• Multiple registrars: Slightly slower (+3-5 days)
• Holiday periods: Slower (+5-7 days)

Implementation Compliance

Once transfer reversal ordered:

• Compliance rate: ~95%
• Average implementation time: 5-7 business days
• Non-compliance cases: <5% (handled by ICANN Compliance)

Why compliance is high:

• ICANN enforcement mechanism
• Risk of accreditation loss
• Clear contractual obligation
• Process is straightforward

Appeal/Challenge Rate

Challenges to TDRP decisions: <2%

Why so rare:

• No formal appeal mechanism
• Court challenges very rare (expensive, difficult)
• ICANN review only for procedural issues
• Parties generally accept decisions

After the TDRP Decision

Understanding what happens after the decision helps you plan next steps and ensure implementation.

If Complaint is Granted (You Won)

Immediate next steps:

1. Review decision carefully

• Confirm transfer reversal is ordered
• Note any conditions or timelines
• Check for registrar sanctions recommended
• Save decision in multiple locations

2. Monitor implementation (Days 1-10)

• Decision provides 10 business days for implementation
• Contact gaining registrar if necessary (they should initiate)
• Verify with losing registrar they're ready to receive domain
• Check WHOIS daily for status changes

3. Confirm transfer back (Days 5-7 typically)

• Check WHOIS to confirm domain back with losing registrar
• Log into your registrar account to verify access
• Confirm domain is in your account
• Check domain status codes (should include clientTransferProhibited)

4. Secure domain immediately

• Enable transfer lock if not already enabled
• Change account password
• Enable two-factor authentication
• Update security questions
• Verify contact information
• Consider registry lock for high-value domains

5. Restore domain functionality

• Check and restore DNS settings if changed
• Verify nameservers are correct
• Test website functionality
• Test email functionality
• Restore any custom DNS records
• Verify SSL certificates still work

6. Document everything

• Save transfer reversal confirmation
• Screenshot WHOIS showing domain back with losing registrar
• Save registrar communications
• Document restoration process
• Keep complete file for future reference

What if implementation doesn't happen:

Day 10: If domain not transferred back yet:

1. Contact gaining registrar's compliance team
2. Reference TDRP decision and case number
3. Request immediate implementation
4. Provide 48-hour deadline

Day 12: If still not implemented:

1. Contact ICANN Compliance: [email protected]
2. Attach TDRP decision
3. Explain non-compliance
4. Request urgent intervention

Day 15+: ICANN Compliance will:

• Contact registrar directly
• Demand immediate compliance
• Escalate within ICANN if needed
• Possible sanctions for non-compliance

Registrar non-compliance is rare (<5% of cases) but ICANN takes it seriously.

If Complaint is Denied (You Lost)

Understand why you lost:

• Read decision carefully
• Identify weaknesses in your evidence
• Understand panelist's reasoning
• Determine if any options remain

Remaining options:

Option 1: UDRP (if trademark applies)

• If domain infringes your trademark
• TDRP loss doesn't preclude UDRP
• Different standard of proof
• File UDRP complaint with WIPO or NAF

Option 2: Federal lawsuit

• If substantial damages warrant cost
• TDRP decision doesn't bind courts
• Can re-litigate same issues
• Consider Anti-Cybersquatting Consumer Protection Act (ACPA) claims
• Cost: $50,000-$200,000+

Option 3: ICANN Compliance complaint

• If registrar violated policy despite TDRP outcome
• Separate from TDRP process
• May result in registrar sanctions
• Won't recover domain but may prevent future issues
• File at: www.icann.org/resources/pages/compliance-2012-02-25-en

Option 4: Negotiate with current holder

• Approach domain holder directly
• Offer to purchase domain
• Negotiate reasonable price
• Use domain broker if needed
• May be fastest resolution

Option 5: Accept loss and move on

• Register alternative domain
• Implement 301 redirects if possible
• Update branding if necessary
• Learn from experience to prevent future issues

Do NOT: ✗ Attempt to hack or steal domain back ✗ Harass current registrar or domain holder ✗ File frivolous additional complaints ✗ Violate ICANN policies in retaliation ✗ Make false statements to registrars

If Decision Involves Registrar Sanctions

What ICANN Compliance may do:

Investigation:

• Review TDRP decision
• Contact registrar for explanation
• Request corrective action plan
• Set compliance milestones
• Monitor implementation

Possible sanctions:

• Warning letter (private)
• Notice of Breach (public)
• Registrar Compliance Notice (public)
• Suspension of new registrations
• Probation with compliance monitoring
• Termination of accreditation (extreme cases)

Timeline:

• ICANN Compliance process: 3-6 months typically
• Sanctions: Additional 1-3 months if imposed
• Total: 4-9 months from TDRP decision

What this means for you:

• Your domain is already recovered (if you won)
• Sanctions help prevent future unauthorized transfers
• May improve registrar's procedures
• Provides some accountability
• But doesn't provide additional remedy to you

Public Record of Decision

All TDRP decisions are published:

• Provider's website (searchable database)
• ICANN reports on TDRP activity
• Domain industry publications
• Legal databases

Information published:

• Parties' names (you and registrar)
• Domain name
• Date of decision
• Outcome (granted or denied)
• Full decision text

Privacy considerations:

• Your name will be public
• Facts of case will be public
• No way to keep decision confidential
• Consider this before filing

Benefits of publication:

• Creates precedent for future cases
• Shows registrar's track record
• Helps others with similar situations
• Increases registrar accountability

Learning from the Experience

Prevention for the future:

Regardless of outcome, take steps to prevent recurrence:

1. Implement maximum security:

   • Two-factor authentication on all accounts
   • Transfer locks on all domains
   • Registry lock for valuable domains
   • Separate email for domain management
   • Strong, unique passwords

2. Monitor regularly:

   • Set up domain monitoring
   • Monitor WHOIS changes
   • Check registrar account weekly
   • Review DNS settings regularly
   • Enable all security alerts from registrar

3. Choose registrar carefully:

   • Research registrar's security reputation
   • Review TDRP history
   • Check ICANN Compliance records
   • Read reviews about security practices
   • Consider registrars with strong security focus

4. Document everything:

   • Keep records of all domain management actions
   • Save confirmation emails
   • Screenshot important account settings
   • Maintain backup of domain documentation
   • Keep evidence organized

5. Have recovery plan:

   • Know how to contact registrar abuse team
   • Have backup DNS provider ready
   • Know how to file TDRP if needed
   • Have attorney contact information
   • Have domain valuation documentation

Prevention: Avoiding TDRP Situations

The best TDRP case is the one you never have to file. Implementing strong security and monitoring prevents unauthorized transfers.

Domain Security Fundamentals

1. Enable Transfer Lock

Transfer lock (clientTransferProhibited status) prevents unauthorized transfers:

How to enable:

• Log into your registrar account
• Find domain management section
• Enable "Transfer Lock" or "Registrar Lock"
• Verify status in WHOIS shows clientTransferProhibited

Best practices:

• Enable on ALL domains immediately after registration
• Never disable unless you're actively transferring
• Re-enable immediately after successful transfer
• Verify lock status monthly

See full guide: Understanding Registrar Lock

2. Enable Two-Factor Authentication (2FA)

2FA prevents account compromise even if password is stolen:

Where to enable:

• ✓ Domain registrar account (essential)
• ✓ Email account (critical - used for registrar password reset)
• ✓ Hosting account (if applicable)
• ✓ DNS provider (if separate from registrar)

Best 2FA methods (in order of security):

1. Hardware security keys (YubiKey, Google Titan) - most secure
2. Authenticator apps (Google Authenticator, Authy) - very secure
3. SMS codes - better than nothing, but vulnerable to SIM swapping

See full guide: Two-Factor Authentication for Domain Accounts

3. Protect Authorization Codes

EPP/authorization codes are keys to your domains:

Protection measures:

• Never share auth codes
• Delete auth code emails after use
• Don't store auth codes in email
• Regenerate auth codes before transfers
• Monitor registrar account for auth code requests

Warning signs:

• Email showing auth code you didn't request
• Notification of auth code viewing in account
• Auth code expired (may indicate unauthorized access)

4. Secure Your Email Account

Your domain registrar email is critical:

Email security checklist:

• ✓ Different password from registrar account
• ✓ Two-factor authentication enabled
• ✓ Recovery email/phone number updated
• ✓ Review authorized devices regularly
• ✓ Monitor for unusual login locations
• ✓ Use email provider with strong security (Gmail, ProtonMail)

Consider:

• Separate email specifically for domain management
• Email provider that supports security keys
• Email provider with login alerts
• Backup email address for notifications

5. Use Strong, Unique Passwords

Password requirements:

• Minimum 16 characters (20+ is better)
• Mix of uppercase, lowercase, numbers, symbols
• No dictionary words
• No personal information
• Completely unique (not used elsewhere)

Password management:

• Use password manager (1Password, Bitwarden, LastPass)
• Generate random passwords
• Store securely
• Never write down or share
• Change annually or after security incidents

6. Consider Registry Lock

For high-value domains, registry lock provides maximum protection:

What is registry lock:

• Lock at registry level (not just registrar)
• Requires manual process to remove
• Usually requires phone verification
• Prevents unauthorized transfers, deletions, updates

When to use:

• High-value domains (worth $10,000+)
• Business-critical domains
• Domains that never change
• Domains vulnerable to hijacking

Providers offering registry lock:

• VeriSign Registry Lock (for .com/.net)
• Most registrars offer it (often $100-$500/year)
• Provides highest level of protection

Monitoring and Alerts

7. Set Up Domain Monitoring

Automated monitoring catches unauthorized changes quickly:

What to monitor:

• ✓ WHOIS changes (registrar, contact info, nameservers)
• ✓ DNS changes (IP addresses, MX records, nameservers)
• ✓ Transfer lock status
• ✓ Domain expiration date
• ✓ Registration status

Monitoring options:

• DomainDetails.com Pro monitoring - comprehensive change tracking
• Registrar's built-in monitoring (if available)
• Third-party services (DomainTools, DomainIQ)
• Manual weekly checks (better than nothing)

Alert methods:

• Email alerts (check email daily)
• SMS alerts (for critical changes)
• Webhook integrations (for automated response)

See full guide: Domain Monitoring: Track Changes

8. Enable All Registrar Security Features

Most registrars offer additional security options:

Common features:

• Transfer approval notifications (enable)
• Account login alerts (enable)
• Account change notifications (enable)
• API access restrictions (disable if not using)
• IP address whitelisting (enable if static IP)
• Security questions (set strong answers)

Configuration:

• Review all security settings in registrar account
• Enable maximum security features
• Set notification preferences for real-time alerts
• Configure backup notification methods

Organizational Best Practices

9. Maintain Domain Documentation

Organized documentation speeds recovery if needed:

What to document:

• Domain registration dates and confirmations
• Registrar account credentials (in password manager)
• Historical WHOIS records
• DNS configuration records
• Transfer history
• Domain value/importance assessment

Storage:

• Secure password manager for credentials
• Cloud storage for documentation (encrypted)
• Physical backup (safe or safety deposit box) for critical domains
• Regular backups of domain list

10. Implement Access Controls

For businesses with multiple users:

Access control measures:

• Limit domain access to essential personnel
• Use role-based access (admin vs. technical)
• Require approval for domain changes
• Audit access logs regularly
• Remove access for departed employees immediately
• Use separate accounts (no shared logins)

Policy requirements:

• Written policy on domain management
• Change request procedures
• Approval workflows for transfers
• Emergency contact procedures
• Annual access reviews

11. Choose Registrar Carefully

Some registrars have better security track records:

Registrar selection criteria:

• Strong security features (2FA, locks, monitoring)
• Good abuse response reputation
• Low rate of TDRP complaints against them
• 24/7 security support
• Clear transfer dispute procedures
• ICANN Compliance history

Research registrar:

• Search for "[registrar name] TDRP" to find cases
• Check ICANN Compliance notices
• Read reviews focused on security
• Verify security features before moving domains
• Test support responsiveness

12. Regular Security Audits

Periodic reviews catch vulnerabilities:

Monthly checklist:

• ✓ Verify transfer locks still enabled
• ✓ Check WHOIS for unauthorized changes
• ✓ Review recent account login activity
• ✓ Confirm DNS settings unchanged
• ✓ Verify domain not expired

Annual checklist:

• ✓ Change registrar account password
• ✓ Update contact information
• ✓ Review and update security questions
• ✓ Audit authorized users/access
• ✓ Review security settings
• ✓ Update domain documentation
• ✓ Test recovery procedures

What If Prevention Fails

Even with best practices, unauthorized transfers can occur:

Immediate actions (first 24 hours):

1. Contact registrar abuse team immediately
2. Request transfer lock on domain
3. Document everything
4. Change all passwords
5. Review account for other compromises

Recovery path:

1. Attempt registrar resolution (3-5 days)
2. File TDRP if registrar resolution fails (30-45 days)
3. Pursue legal action if needed (months to years)

See full guide: How to Recover a Hijacked Domain

Best Practices

Filing a TDRP complaint:

• Attempt registrar resolution first - gives you evidence of trying, may resolve faster
• Act quickly after unauthorized transfer - delays weaken your case
• Gather comprehensive evidence - WHOIS history, emails, logs, timelines
• Cite specific ICANN policy violations - show exactly how registrar violated policy
• Organize complaint professionally - clear structure, numbered exhibits, proper formatting
• Choose provider based on your needs - NAF for speed/cost, WIPO for international
• Be factual, not emotional - panelists respond to evidence, not rhetoric

Evidence gathering:

• Collect WHOIS history before and after transfer
• Save all registrar communications
• Document timeline of events with specific dates/times
• Screenshot transfer lock status if available
• Request account access logs from registrar
• Preserve all emails (including full headers)
• Create visual timeline for clarity
• Organize exhibits with clear labels

Preventing unauthorized transfers:

• Enable transfer locks on all domains
• Use two-factor authentication everywhere
• Secure your email account (registrar password reset vector)
• Use strong, unique passwords with password manager
• Monitor domains for changes with automated alerts
• Never share authorization codes
• Choose registrars with strong security track records
• Consider registry lock for high-value domains

For registrars:

• Implement robust identity verification for sensitive changes
• Send FOA to registrant of record, every time
• Respect transfer locks always
• Enforce 60-day transfer locks after registration/transfer
• Train staff on transfer policy compliance
• Respond quickly to transfer disputes
• Maintain detailed transfer logs
• Consider additional verification for high-value domains

Recovery after TDRP:

• Monitor implementation within 10 business days
• Secure domain immediately upon return (locks, 2FA, new password)
• Verify DNS settings and restore if needed
• Document entire experience for future reference
• Implement additional security to prevent recurrence
• Contact ICANN Compliance if registrar doesn't comply
• Consider whether legal action is warranted for damages

Frequently Asked Questions

General TDRP Questions

Q: What's the difference between TDRP and UDRP?

A: TDRP handles unauthorized domain transfer disputes (domain was transferred improperly between registrars), while UDRP handles trademark disputes (domain infringes someone's trademark rights). TDRP is filed against registrars; UDRP is filed against domain registrants. Use TDRP when your domain was hijacked or transferred without authorization. Use UDRP when someone is cybersquatting on your trademark.

Q: How much does TDRP cost?

A: $750 for complaints against a single registrar (NAF) or $1,000 (WIPO). $1,500 for complaints against both losing and gaining registrars (both providers). Filing fees are generally not refundable even if you win, though panels can order fee reimbursement in egregious cases.

Q: How long does TDRP take?

A: 30-45 days from filing to decision. NAF typically 30-35 days, WIPO typically 35-40 days. Implementation (if you win) takes an additional 5-10 business days. Total time to recover your domain: approximately 35-55 days.

Q: Can I file TDRP if my domain expired?

A: It depends. If the transfer occurred while the domain was active and registered to you, yes. If the domain expired and was deleted, then someone else registered it, TDRP doesn't apply (that's a new registration, not a transfer). If transfer occurred during the redemption grace period, TDRP may apply depending on circumstances.

Q: Do I need a lawyer to file TDRP?

A: No, TDRP is designed for self-representation and many complainants file without attorneys. However, an attorney experienced in domain disputes can strengthen your complaint and improve success odds. If the domain is very valuable or the case is complex, hiring an attorney ($2,000-$5,000 for TDRP representation) may be worthwhile.

Filing and Process Questions

Q: Can I file TDRP if the domain has been transferred multiple times?

A: Yes, but it becomes more complex. You'll need to trace the chain of transfers and potentially name multiple registrars. Your complaint should focus on the initial unauthorized transfer. Multiple transfers often strengthen your case (shows transfer wasn't legitimate) but requires more detailed evidence.

Q: What if I can't afford the TDRP filing fee?

A: There's no fee waiver process for TDRP. Options: (1) Focus on resolving directly with registrars (free), (2) File ICANN Compliance complaint (free, but can't order transfer reversal), (3) Pursue small claims court for damages (lower filing fees), or (4) Consult attorney about contingency representation if domain is valuable.

Q: Can I file TDRP and UDRP simultaneously?

A: Yes. If your trademarked domain was hijacked, filing both provides maximum protection: TDRP to reverse the unauthorized transfer based on policy violations, UDRP to recover domain based on trademark rights. If TDRP succeeds, you can withdraw UDRP. If TDRP fails, UDRP can still succeed on different grounds. Total cost: $2,250-$6,500.

Q: What happens if the registrar doesn't respond to the TDRP complaint?

A: The panel proceeds based on your complaint alone (registrar "defaults"). Your success rate increases significantly (~85-90%) when registrar doesn't respond. The panel will verify your evidence is sufficient but generally views non-response negatively for the registrar.

Q: Can I appeal a TDRP decision?

A: Very limited options. There's no formal appeal process within TDRP. You can: (1) Request ICANN review for procedural irregularities only (not factual disputes), (2) File lawsuit in court (expensive, court isn't bound by TDRP decision), or (3) File UDRP if trademark grounds exist. Most TDRP decisions are final.

Evidence and Strategy Questions

Q: What if I don't have evidence because my account was compromised?

A: You can request evidence from registrars. Contact both registrars and request: account access logs, transfer request documentation, FOA sending confirmation, and any verification performed. Under ICANN policy, registrars should maintain these records. If registrars refuse, note this in your complaint—it may be held against them.

Q: How do I prove I didn't authorize a transfer?

A: Combination of evidence: (1) Statement under oath, (2) No FOA received in your email, (3) Account access logs showing you didn't request auth code, (4) Timeline showing you were unable to access account, (5) Unusual access patterns (foreign IPs, different devices), (6) Evidence of phishing or compromise, (7) Proof transfer lock was enabled.

Q: What if the gaining registrar sent FOA but to a compromised email?

A: This is complex. Technically the gaining registrar followed procedure (sent FOA to registrant email on record). However, if there were obvious red flags suggesting compromise (unusual access patterns, rapid changes, security alerts), the registrar may have violated duty to exercise reasonable care. Include evidence of compromise indicators in your complaint.

Q: Can I use TDRP if I gave someone my authorization code but now regret it?

A: No. TDRP is for unauthorized transfers. If you authorized the transfer (even if you now regret it), TDRP doesn't apply. Options: (1) Contact the person and negotiate return, (2) If they're cybersquatting your trademark, file UDRP, (3) If fraud was involved, pursue legal action.

Registrar Questions

Q: Which registrar should I name in my TDRP complaint?

A: Generally name both losing registrar (where domain was before) and gaining registrar (where domain is now). Name losing registrar if they: allowed transfer despite lock, provided auth code without authorization, failed to notify you. Name gaining registrar if they: didn't send FOA properly, ignored dispute, completed transfer improperly. Naming both ($1,500) provides most comprehensive remedy.

Q: What if my registrar was also a victim (their system was hacked)?

A: Registrars are responsible for their security systems. A security breach doesn't excuse policy violations. However, if the registrar acted reasonably and the breach was sophisticated, this may be a defense. Focus your complaint on whether the registrar followed ICANN policies, not on whether they were also harmed.

Q: Can a registrar be sanctioned multiple times for repeated violations?

A: Yes. ICANN Compliance tracks registrar violations. Repeated TDRP findings can lead to escalating sanctions: warnings, notices of breach, suspension of new registrations, probation, and ultimately termination of accreditation. Multiple TDRP losses significantly increase likelihood of serious sanctions.

Outcome Questions

Q: What happens to the domain during the TDRP process?

A: Domain remains with gaining registrar while TDRP proceeds. Gaining registrar should place domain on "hold" or "lock" status to prevent further transfers during dispute, but isn't required to. If you need emergency relief, you may need to pursue court action for temporary restraining order.

Q: If I win TDRP, does the domain automatically come back?

A: No, it's not automatic. The panel orders the gaining registrar to transfer domain back to losing registrar within 10 business days. You need to monitor WHOIS to confirm transfer occurs. If gaining registrar doesn't comply, contact ICANN Compliance immediately for enforcement.

Q: Can I get monetary damages through TDRP?

A: No. TDRP can only order transfer reversal and recommend registrar sanctions. It cannot award damages for lost revenue, business disruption, or other harm. For monetary damages, you must file a lawsuit in court (federal or state).

Q: If I lose TDRP, can I still sue in court?

A: Yes. TDRP decisions don't bind courts. You can file a federal lawsuit raising the same issues, and the court will decide independently. However, the TDRP decision may be used as evidence against you. Courts may view adverse TDRP decision as indication your claims lack merit, though they're not required to follow it.

Prevention Questions

Q: Is transfer lock enough to prevent unauthorized transfers?

A: Transfer lock is essential but not foolproof. It prevents external transfer requests, but doesn't stop someone who compromises your registrar account (they can disable lock). Best security: transfer lock + two-factor authentication + strong password + secure email + monitoring + registry lock for valuable domains.

Q: How often should I check my domains for unauthorized changes?

A: Manual checking: Weekly minimum for critical domains, monthly for others. Better: Use automated monitoring that alerts you immediately when changes occur. DomainDetails.com Pro provides real-time monitoring with instant alerts.

Q: Should I use a separate email for domain management?

A: Yes, recommended for high-value domains. Benefits: (1) Easier to monitor for domain-related alerts, (2) Reduces risk if primary email compromised, (3) Can use more secure email provider, (4) Easier to find domain-related communications. Make sure this email has strong security (2FA, strong password, secure provider).

Q: What's registry lock and do I need it?

A: Registry lock is maximum domain security—requires manual process at registry level (not just registrar) to make changes. Need it if: domain worth $10,000+, business-critical domain, never needs changes, high hijacking risk. Cost: $100-$500/year typically. Provides highest protection but makes legitimate changes slower. Definitely use for most valuable domains.

Key Takeaways

• TDRP handles unauthorized transfer disputes, not trademark disputes (that's UDRP). Use TDRP when a domain was transferred between registrars without proper authorization.

• TDRP costs $750-$1,500 and takes 30-45 days, making it much faster and more affordable than litigation ($50,000+ and 1-2+ years).

• To win TDRP, prove the transfer was unauthorized and violated ICANN policy. Strong evidence includes: WHOIS history, lack of FOA, account access logs, timeline of events, and specific policy violations.

• Two TDRP providers: NAF/ADR Forum (faster, cheaper for single registrar) and WIPO (international reputation, multilingual). Both are effective; choose based on your specific needs.

• Attempt registrar resolution first before filing TDRP. Contact both losing and gaining registrar abuse teams, document their responses, and give reasonable time (3-5 days) to resolve.

• TDRP can only reverse transfers, not award monetary damages. For damages, you'll need to pursue litigation in court. Consider hybrid approach: TDRP for fast recovery, then lawsuit for damages.

• Prevention is key: Enable transfer locks, use two-factor authentication, secure email accounts, monitor domains, and choose registrars with strong security.

• Common TDRP scenarios: hijacked domains via account compromise, social engineering of registrar support, transfers during 60-day lock periods, stolen authorization codes, and registrar system errors.

• Complainant success rate is ~65-70%, higher with strong evidence and clear policy violations. Success rate increases dramatically (~85-90%) when registrars don't respond.

• Registrars face sanctions for violations. TDRP decisions can lead to ICANN Compliance investigations, corrective actions, probation, and in severe cases, loss of accreditation.

Next Steps

If Your Domain Was Transferred Without Authorization

1. Act immediately - Contact both registrars' abuse teams within 24 hours
2. Document everything - Capture WHOIS records, save emails, note timeline
3. Request transfer reversal - Give registrars 3-5 days to resolve voluntarily
4. Gather evidence - Collect all materials needed for TDRP complaint
5. File TDRP if registrars don't resolve - Use NAF or WIPO, $750-$1,500
6. Secure domain when recovered - Enable locks, 2FA, new passwords

See full recovery guide: How to Recover a Hijacked Domain

If You're Considering Filing TDRP

1. Verify TDRP applies - Confirm it's inter-registrar transfer of gTLD
2. Review evidence - Ensure you can prove lack of authorization
3. Attempt resolution - Contact registrars first (strengthens case)
4. Choose provider - NAF ($750 single registrar) or WIPO ($1,000)
5. Prepare complaint - Follow structure in this guide
6. File complaint - Online through provider's website
7. Monitor process - Track case progress and respond to any requests

Need help? Consider consulting domain attorney if domain is valuable or case is complex.

To Prevent Unauthorized Transfers

1. Enable transfer locks - On all domains, verify in WHOIS
2. Set up 2FA - On registrar account and email account
3. Use strong passwords - Unique, 16+ characters, password manager
4. Monitor domains - DomainDetails.com Pro or other monitoring
5. Secure email - Different password, 2FA, secure provider
6. Audit quarterly - Review security settings, access logs, locks
7. Consider registry lock - For high-value domains ($100-$500/year)

See prevention guide: Domain Theft Prevention

Learn More About Domain Security

Related guides:

• Understanding UDRP: Trademark Domain Disputes
• How to Recover a Hijacked Domain
• Domain Theft Prevention Strategies
• How to Transfer a Domain Safely
• Understanding Registrar Lock and Transfer Lock
• Two-Factor Authentication for Domain Accounts

Check your domain security:

• Look up your domain's current status: Check WHOIS records, transfer lock status, registrar info
• Monitor domain changes with Pro: Real-time alerts for WHOIS, DNS, and status changes

Research Sources

This guide is based on official ICANN policies, provider rules, and domain industry best practices:

Official ICANN policies:

• Transfer Policy (IRTP) - Inter-Registrar Transfer Policy
• TDRP Rules - Transfer Dispute Resolution Policy
• Registrar Accreditation Agreement - RAA 2013

TDRP provider resources:

• NAF/ADR Forum TDRP - Rules, fees, filing info
• WIPO TDRP - Rules, fees, case database

Domain security standards:

• ICANN Security and Stability Advisory Committee (SSAC) reports
• Domain registrar security best practices
• Industry security recommendations

Case precedent:

• Published TDRP decisions from NAF and WIPO
• ICANN Compliance enforcement actions
• Domain industry analysis of TDRP trends

Last verified: December 2025