UKDNF post mortem

[ben]

I do think as much of the offending post should be restored here highlighting the data breach in full and let them bring it on if they want to try their luck.

Probably not a good idea. The problem is not going to go away for him, but highlighting it here, and mentioning it further, could attract more legal attention for libel etc. notwithstanding the fact, we probably don't want to associate such a prosperous new venture with people who are trying to cause it harm. They have obvious paid interests in Acorn. They know that without the OG members, the content won't be the same. Acorn now feels much like the spammy NamePro forums etc.

 

[Jack Bean]

What, this office?

 

[GreyWing]

What, this office?

View attachment 5

I think it was that thread yes , I don't know what was on the other two pages, but I do remember there being some pretty forensic stuff from people.

 

[Murray]

Maybe Jeff of brandable will join and clarify things? I've always found him to be a very nice guy

 

[GreyWing]

Maybe Jeff of brandable will join and clarify things? I've always found him to be a very nice guy

I personally wouldn't like to taint either of the two others involved. I've seen no evidence whatsoever that either of the other two had any knowledge of what I had seen. In fact I doubt they would have known anything about what's gone on over the weekend.

They are both very good friends and have done me enormous favours in the past. I even took down that post on Saturday night because I didn't want to drag them into it. I only changed my mind when I seen that the forum wasn't coming back and the individual was likely to walk away from what he had caused.

I regard both of them as having the highest integrity of anyone I've traded with in domaining, and I still do.

 

[DJ]

There is a fair amount of speculation going around and people will form their own opinion on the evidence in front of them. The only thing I can assure people is the information that has been posted and spread has not been provided by Aaron, he would have preferred the situation went away quietly, which is why he chose to close the forum.

What would be great is if Ryan or Brandable.uk could respond to these allegations, and if true, explain why it ended like this when the feedback in the post was of genuine gratitude that the leak had been found.

I actually feel the post delving into the personal finances went a bit far, I voiced this on the other forum, but I also understand that if you put yourself out there, you are likely to attract negative comments.

 

[GreyWing]

The only thing I can assure people is the information that has been posted and spread has not been provided by Aaron

100% true

 

[Cav]

UKDNF was the shot in the arm the UK domain name community desperately needed, posting on The Other became pointless, discussions swamped by garbage, so big heartfelt thanks to Aaron for defibrillating this community. Come and join us when the time is right.

 

[seemly]

I actually feel the post delving into the personal finances went a bit far, I voiced this on the other forum, but I also understand that if you put yourself out there, you are likely to attract negative comments.

There are a few historic posts on Acorn that question Ryan Ewen (or Robert Smith's) history, how he goes about publicising questionable big numbers amongst other things, which can be found here:

"robert smith" site:acorndomains.co.uk

 

[Hook]

Wow if you go on Archive.org, all the information is still on there. How on earth does he have time to send legal threats to the forum owner, but clean up his own mess?

 

[Hook]

Probably not a good idea. The problem is not going to go away for him, but highlighting it here, and mentioning it further, could attract more legal attention for libel etc. notwithstanding the fact, we probably don't want to associate such a prosperous new venture with people who are trying to cause it harm. They have obvious paid interests in Acorn. They know that without the OG members, the content won't be the same. Acorn now feels much like the spammy NamePro forums etc.

How can it be libel when it happened and their is evidence backing it up? right now you can go on archive.org, click on the domains with an archive on June 30th and still see all the private info of those unlucky enough to have those pages archived. ELIFE details are all still up there, I literally just looked at them.

 

[Bluerock]

Agree, everyone is grateful to Aaron for re-uniting all under a new roof and I can understand why he decided not to pick a fight.

What I can not understand, is his decision to kill it all completely, instead of transferring the ownership to someone willing to take a stand (and I betcha there would be many willing) or at least allow members to export their data. That felt like a stab in the back and for me it's hard to fathom why.

I think it depends on the level of threat that was made to him and the potential consequences. Reprehensible behaviour in my opinion and one of many reasons why I will never use B.uk

 

[dn]

How can it be libel when it happened and their is evidence backing it up? right now you can go on archive.org, click on the domains with an archive on June 30th and still see all the private info of those unlucky enough to have those pages archived. ELIFE details are all still up there, I literally just looked at them.

Exactly. Nothing to do with libel.

Any legal threats due to that incident would have been completely groundless and easily repelled even by a mediocre solicitor (let alone, a lawyer).
It was a data leak, open to anyone to see with the naked eye, not a result of hacking or vulnerability scanning. It was vile to suppress the messenger for the only reason of trying to save the face of the over-hyped launch.

'atlas' on UKDNF, whom I think is Jeff, has actually shown an exemplary reaction to the incident and treated it professionally and well. (Don't know what might have been happening behind the scenes.. as PR is PR).

So it's very sad that Ryan's legal bluff has worked so well.

 

[ben]

My point wasn't about whether he had said anything that was true, and members were just echoing it, I meant that if we invited more discussion about it, it may digress into libel, which could be something that he could get legal about. It's just a shit idea. He's a prick in business and we all know it now, so I guess we move on.

 

[Jack Bean]

Where there has been the suggestion of civil lawsuit (Libel), perhaps it's worth examining whether Mr. Ewen could be held accountable for the criminal implications under the Consumer Protection from Unfair Trading Regulations 2008 (CPRs),

Section 5

Misleading actions

5.—(1) A commercial practice is a misleading action if it satisfies the conditions in either paragraph (2) or paragraph (3).

(2) A commercial practice satisfies the conditions of this paragraph—

(a)if it contains false information and is therefore untruthful in relation to any of the matters in paragraph (4) or if it or its overall presentation in any way deceives or is likely to deceive the average consumer in relation to any of the matters in that paragraph, even if the information is factually correct; and
(b)it causes or is likely to cause the average consumer to take a transactional decision he would not have taken otherwise.

(3) A commercial practice satisfies the conditions of this paragraph if—

(a)it concerns any marketing of a product (including comparative advertising) which creates confusion with any products, trade marks, trade names or other distinguishing marks of a competitor; or
(b)it concerns any failure by a trader to comply with a commitment contained in a code of conduct which the trader has undertaken to comply with, if—
(i)the trader indicates in a commercial practice that he is bound by that code of conduct, and
(ii)the commitment is firm and capable of being verified and is not aspirational,
and it causes or is likely to cause the average consumer to take a transactional decision he would not have taken otherwise, taking account of its factual context and of all its features and circumstances. (Code of Conduct under the FCA)

Now, below is the really interesting section for what we're discussing;-

Section 6

Misleading Omissions

6.—(1) A commercial practice is a misleading omission if, in its factual context, taking account of the matters in paragraph (2)—

(a)the commercial practice omits material information,
(b)the commercial practice hides material information,
(c)the commercial practice provides material information in a manner which is unclear, unintelligible, ambiguous or untimely, or
(d)the commercial practice fails to identify its commercial intent unless this is already apparent from the context,
and as a result it causes or is likely to cause the average consumer to take a transactional decision he would not have taken otherwise.

Section 6 prohibits companies from omitting or hiding material information that consumers need to make an informed decision.

By not disclosing the data breach and trying to hide the discussed material, couldn't Mr. Ewen be potentially seen as misleading consumers about the security of their data, thus affecting their ability to make a fair and informed choice about transacting with them?

Transparency is not only the best policy but also a legal requirement.

 

[ben]

Presumably Falbros Media Group Ltd. has disclosed the leak to the ICO, as they are registered. As a Tier 1 payee. This also means that, according to the ICO fee guidelines:

Tier 1 – micro organisations

You have a maximum turnover of £632,000 for your financial year or no more than 10 members of staff. The fee for tier 1 is £40.

 

[cm]

Presumably Falbros Media Group Ltd. has disclosed the leak to the ICO, as they are registered. As a Tier 1 payee. This also means that, according to the ICO fee guidelines:

I thought Brandable dot UK Limited was -> Dot UK Group LTD?

How deep does the rabbit hole go?

(Neither appear to be registered with ICO)

 

[GreyWing]

I see that there has been a statement on the other forum;

We wanted to take a moment to address some of the recent developments and clear up any confusion.

I am sure most of you are aware of the data leak on brandable.uk which was reported on UKDNF. The site was taken down within 30 minutes, issue was fixed an hour later, we sought advice from a senior legal representative from London city firm the very same evening and devised an action plan. All affected users were notified within 6 hours of us becoming aware of the issue and detailed report was filed with ICO before the 72 hour deadline. We also commissioned a full audit by an independent CREST accredited security company.

There’s been some speculation about the recent shutdown of the UKDNF forum, with rumours suggesting that Brandable.uk might have been involved. The report to the ICO included details regarding how the leak was discovered. Therefore we wanted to make Aaron aware that it may make sense to edit any posts that include personal details that were accidentally exposed.

We want to clarify that the shutdown has nothing to do with the data leak, and we did not threaten any legal action to shut down the forum. I had in fact made a number of posts in the thread providing updates on the situation.

There may have been concerns raised about other threads on the forum but the discussion ended with: we will resolve things amicably and move on with our respective lives next week.

We understand that this situation is unsettling, but please rest assured that we are committed to improving and safeguarding our platform as well as promoting the UK domain industry.

I was personally told I "needed" (not asked by Ryan) to remove my blog post immediately, not just to edit out parts that may have contained personal details. Needed to, sounds like there would be consequences if I didn't, otherwise, by the very definition, there is no need.

It's worth noting that there were never any personal details on UKDNF's original post, the user redacted them before they were ever published on UKDNF. There was a possible scenario where my post could have led to someone going on to get details. I edited my GreyWing post immediately when I became aware of it. That scenario would have diminished the next time Google visited one of those landing pages, but regardless I took it out.

I was then told "It falls under ICO and FCA.", and that my acknowledgement was needed, as though I was being put on some kind of vague legal notice for some legal fallout from somewhere.

I was told that I was getting the old owner of UKDNF in a lot of trouble by posting what I had on Saturday night. If that wasn't legal trouble, what kind of trouble was I assume that meant? Trouble from whom? For what? With what I have seen elsewhere, I do think it is reasonable and objective to state that the old Owner was threatened with Legal consequences (direct or indirect) had things not been removed.

This is just what was said to me directly. The rest that I witnessed seems to confirm a more direct type of communication.

Now, whether it was Ryan personally or Brandable that said the old owner would face legal consequences is a fair question, I haven't seen enough to be able to say whether Brandable threatened "Brandable v UKDNF" in Court, so the statement maybe accurate there, or would it have been "Ryan v UKDNF". If Brandable got him in the door, and then Ryan went on his own take down mission, where they switched and whether Ryan overtly declared that he switched entities is for them to deal with.

But what I have seen is enough to say that it was Ryan's (or Brandable's) direct decision whether that forum would be up or down, he felt he was in charge. Therefore, I can reasonably assume that either Ryan or Brandable was threatening something, not the ICO or FCA. Otherwise it would be the FCA or ICO that decided whether the forum was live or not.

"There may have been concerns raised about other threads on the forum but the discussion ended with: we will resolve things amicably and move on with our respective lives next week."

I think I mentioned earlier, I always felt like the Brandable incident was just a way for Ryan to get his presence through the door. The real target was the other thread, this part of the statement seems to suggest that was correct.

--

 

[ben]

The guy is a snake

 

[Jack Bean]

I was personally told I "needed" (not asked by Ryan) to remove my blog post immediately, not just to edit out parts that may have contained personal details. Needed to, sounds like there would be consequences if I didn't, otherwise, by the very definition, there is no need.

It's worth noting that there were never any personal details on UKDNF's original post, the user redacted them before they were ever published on UKDNF. There was a possible scenario where my post could have led to someone going on to get details. I edited my GreyWing post immediately when I became aware of it. That scenario would have diminished the next time Google visited one of those landing pages, but regardless I took it out.

My understanding is this; if you are acting in the best interests (legitimate interests) of others and the information you share is accurate, necessary and proportionate to your objectives/intentions - there's not a legal leg to stand on as far as he's concerned.

I was then told "It falls under ICO and FCA.", and that my acknowledgement was needed, as though I was being put on some kind of vague legal notice for some legal fallout from somewhere.

How does what you wrote fall under ICO or FCA, especially FCA?

If this person is going to throw out ICO & FCA, at least cite the sections which you have breached,

Mentioning the FCA is ridiculous and an unbelievably idiotic move considering his actions past & present,

I was told that I was getting the old owner of UKDNF in a lot of trouble by posting what I had on Saturday night. If that wasn't legal trouble, what kind of trouble was I assume that meant? Trouble from whom? For what? With what I have seen elsewhere, I do think it is reasonable and objective to state that the old Owner was threatened with Legal consequences (direct or indirect) had things not been removed.

'the old owner of UKDNF in a lot of trouble' -
Disgusting; it is reasonable and it is beyond reasonable doubt that if this person is responding to you in this manner they have taken an equal tone, if not worse, with UKDNF's owner who has the red button capability on the thread(s).

Now, whether it was Ryan personally or Brandable that said the old owner would face legal consequences is a fair question, I haven't seen enough to be able to say whether Brandable threatened "Brandable v UKDNF" in Court, so the statement maybe accurate there, or would it have been "Ryan v UKDNF". If Brandable got him in the door, and then Ryan went on his own take down mission, where they switched and whether Ryan overtly declared that he switched entities is for them to deal with.

But what I have seen is enough to say that it was Ryan's (or Brandable's) direct decision whether that forum would be up or down, he felt he was in charge. Therefore, I can reasonably assume that either Ryan or Brandable was threatening something, not the ICO or FCA. Otherwise it would be the FCA or ICO that decided whether the forum was live or not.

With the greatest respect to Aaron, it would have made logical sense for Mr. Ewen/whoever to approach it as an entity rather than an individual, far more impactful - bully-boy tactics.

I think I mentioned earlier, I always felt like the Brandable incident was just a way for Ryan to get his presence through the door. The real target was the other thread, this part of the statement seems to suggest that was correct.

--

Agreed.

Before he throws his weight around again, especially regarding the other threads that were on UKDNF.

He needs to ask himself...

Has he been deceitful in his presentation of his company/companies and their 'successes' whereas a person/consumer would transact with him based on what they are reading/seeing?

He needs to remain mindful of the information he has disclosed on previous podcasts.

He needs to remain mindful that, by impression, the level of investment/monies he's handling/intending to handle is a far cry from petty cash.

He needs to remain mindful of his legal obligations under the Consumer Protection from Unfair Trading Regulations 2008 (CPRs),
(in particular Sections 5 & 6 as above)

'Misleading Actions' & 'Misleading Omissions'

Otherwise morning chaps, Jack.