GoDaddy gives away blogger's personal information — and things get really creepy

Three years ago, a writer reported a spam website to GoDaddy. It responded in the worst way possible

Published April 16, 2014 5:38PM (EDT)

A recent GoDaddy advertisement, featuring Jean-Claude Van Damme. (YouTube)
A recent GoDaddy advertisement, featuring Jean-Claude Van Damme. (YouTube)

Why is no surprise that the creepiest Internet story so far this week involves GoDaddy, the domain name registrar notorious for sexist Super Bowl commercials and a general miasma of sleaze and slime?

The headline of Jamie Bernstein's blog post, "GoDaddy Released My Personal Information to a Spammer Troll," barely captures the full repugnance of this incident.

Three years ago, Bernstein, a contributor to the skeptic website Skepchick, received a spammy email with the set-off-the-alarm-bell subject header "Transcendental Argument for the existence of God (17:36).” She responded by taking a step that most of us are too lazy to do: She noticed that the email included a link to a GoDaddy registered domain, so she reported the spam to GoDaddy.

On Monday, Bernstein's friends started receiving emails directing them to a website that included a picture of Bernstein along with some nasty harassment.

For anyone considering dating this person I would recommend that you first Google the mating habits of the praying mantis...

Bernstein investigated. According to GoDaddy, when a complaint about spam is made, GoDaddy contacts the alleged spammer and provides them with the email address of the complainer, in order to determine whether the complainer had "opted in" to receiving email from the alleged spammer.

In other words, he sent out a spam email that clearly violated the rules of his server. Then, he turned around and retaliated against the person who reported him.

Except, there is a missing step here. You see, he would never have been able to retaliate had he not known who had reported him. The email in question went to a lot of people and there was no way for him to have known that I was the one who reported the email if GoDaddy had not released personally identifiable information about me to my spammer.

Now, I have an angry spammer who blames me for receiving a $200 fine and is retaliating by posting my name and photo on his website with gendered insults and then (ironically) sending out spam emails with the link to friends of mine that he has tracked down and who knows who else.

GoDaddy has put my personal privacy and safety at risk.

At Hacker News, the geeks are discussing the technical challenges faced by a domain name registrar in determining whether complaints about spam are valid. (Although not everyone there seems to be as creeped out by Bernstein's experience as the general population might be -- as one commenter noted, "if you don't want your photo to be posted online, don't post your photo online.") But even if you acknowledge that there are some ambiguities involved in determining what is spam and what isn't, it seems utterly inappropriate to be handing over personally identifiable information to people who have been accused of unethical behavior.

Oh -- one more takeaway. Creepy online evangelists who respond to complaints with sexist harassment use GoDaddy to host their websites. That can't be an accident.

By Andrew Leonard

Andrew Leonard is a staff writer at Salon. On Twitter, @koxinga21.

MORE FROM Andrew Leonard

Related Topics ------------------------------------------

Domain Name System Godaddy Harassment Privacy Sexism Sexist Super Bowl Ads Spam Troll