.com in particular has also been well proven over the past 5 to 10 years to be vulnerable to federal court orders to seize domains at the registrar level. That's not really anything new. It's a known risk for anyone building a corporate brand/identity around a specific .com domain name. What's new is this is being done from the state court level. (Edit: To be clear, in my opinion, a US State court completely lacks jurisdiction on this matter).
I agree. California has been doing this since 2022 [1][2] and it's equally indefensible.
States should not be allowed to wield their size and influence as a cudgel against other states and jurisdictions.
[1] https://leginfo.legislature.ca.gov/faces/billTextClient.xhtm...
[2] https://oag.ca.gov/news/press-releases/ghost-gun-crackdown-a...
I'm unaware of the Californians attempting to seize anyone's domain name over this issue. But indeed this also seems like an overreach, California doesn't get to regulate what an Internet gun accessory store in Idaho advertises or publishes on the Internet. State to state transfers of serialized items go through a well defined federal government regulated process, such as if a person in Nebraska buys a Zastava M70 online from a dealer in Montana.
Just shows what priorities are.
They may not be attacking the domain but they're attempting to leverage the US Legal system to shut down operations. Arguably that's even worse- they can't just move to another domain/tld.
Of course, once the number of years since you were born reaches exactly 18, your brain automatically shuts off the part of you that is impossibly traumatized by private areas, so it's suddenly completely okay and normal.
Oh, and when you reach exactly 16, somehow you're only impossibly traumatized by private areas on the screen, not in-person. Everyone knows this is true.
(I don't mean to be genuinely insensitive about the real harms that adult content can pose. I just think there's a difference between calling content harmful simply because it's adult and content causing harm because the viewer isn't ready for it)
But he can't buy a handgun in his home state or drink a beer.
Make it make sense.
Similarly to how I'm salty about having to obtain LSD from black markets instead of having a known safe supply from a pharmacy. I trust my vendor, but the skill to not only find the market but to find the vendor and actually execute the ordering process is not easy to come by.
A lot more things could be available if people were properly informed and not just fed propaganda about how they're waay too dangerous. It's completely possible to be responsible about substances, it's called harm reduction. Also prescriptions are a thing -- even if I had to get a prescription from my doctor, I would even be fine with that as long as I'd get to take it at home.
Two things of note regarding this.
First, note the office of origin: Texas Attorney General, which is currently occupied by Ken Paxton who is running for a tightly contested seat in the US Senate.
Second, a state court does not have jurisdiction beyond its borders for entities not operating within same.
> .com in particular has also been well proven over the past 5 to 10 years to be vulnerable to federal court orders to seize domains at the registrar level. ... What's new is this is being done from the state court level.
Which is why any attempt to enforce this ruling would be subject to removal to Federal court.
I wonder what was the value of the domain on the open market, its quite a famous domain and probably had high lead generation..
But I agree with the parent comment.
This is so much state overstepping bounds and irony aside, so much for independence and rights by a state that proclaims personal agency comes first.
> And third, there was a default judgement.
Unenforceable and meant strictly for political theater IMHO.
> This is so much state overstepping bounds and irony aside, so much for independence and rights by a state that proclaims personal agency comes first.
When a political party declares we are in a "post-truth" era and fully embraces nihilistic "the ends justify the means" tactics, the result is inevitable;
Take, hold, and increase power by any means necessary.
For if one does not hold oneself to a standard of ethical behavior, where the actions of others do not affect one's adherence to the rule of law, where the temptation to indulge in vendettas is not renounced, and where there is no accountability for engaging in any of the aforementioned, then there is no motivation for seeing those one disagrees with as anything more than an irritant to be dispatched forthwith.And we then find ourselves with elected officials wildly exceeding their mandate, such as here.
Something like .NL (you do not need to be a Dutch national to register) or .IS would be much more legally resilient.
If I were running a business that had any operations or clients whatsoever in Europe my opinion on this topic would be different (in terms of legal liability to the corporation, and necessity of compliance to ensure ongoing revenue from European customers, etc), but I am not.
I fail to see the difference in principle from the federal government doing this for copyright violations.
There is a difference in kind, because it becomes impossible for the global internet to exist if thousands of local jurisdictions are being given their way, with conflicting local legislation resulting in global takedown when it is impossible to comply with two different jurisdictions. So this is noteworthy as an escalation of an already existing problem into an even worse direction.
---
Rate-limit edit:
> Which is why the Internet hasn't been global in a long time, and looks pretty different in China vs EU vs Russia.
China and Russia aren't part of the global internet because they have national firewalls and segregated themselves. The EU very much is, and with limited exceptions the internet doesn't look much different from the US, the EU, Japan, Canada, Australia, Mexico, Thailand, Brazil, or South Africa. It seems absurd to suggest that the internet isn't global when I'm in all likelihood talking to you from the opposite side of the world and this is the norm. And what is the point you're making? That we should embrace the China/Russia model and give not only every country but also every state/province/city its own Great Firewall?
I actually don't have much of an opinion about what it should be, I was only discussing this from a descriptive legal standpoint. My guess is what will happen is companies will voluntarily target their sites to different regions and different legal regimes (like many big US sites do for their foreign versions, or gambling sites do here). That's kind of what's happening here, Verisign is complying probably so they can still have the TX market.
Whereas this is for the most part not the scenario for major IP transit providers in Europe, the USA, Canada (top 50 by size CAIDA ASRank scale/scope ISPs ranked by ASN which are not Russian or chinese).
GDPR Article 17 expressly requires the removal of things from the global internet
> You're free to not serve your site in the EU
Geoblocking is functionally impossible
And geo blocking may be functionally impossible but the law cares about intent and actions, not if you prevented someone who used a VPN or lied about their location from using your service.
And yet still an attempt at extraterritorial overreach. Regardless, I imagine that the rest of us who don't do business in the EU will continue to disregard its very existence. (Except in principle when we write negative comments about it on the internet that don't in practice matter whatsoever, such as this one that you're reading right now.)
...as part of compliance with GDPR, if you choose to be compliant. Please name one instance of the EU suing and successfully removing an American website from the internet under this article, or any part of the GDPR? Considering we're talking about an actual case of the US seizing the domain of a European website, whataboutting a hypothetical with the GDPR which has never done the reverse despite being in force for 10 years is incredibly disingenuous.
---
Rate-limit edit:
> Are you saying that you don’t think that the GDPR text is written to apply outside of the EU, or that it does say that but it’s not relevant because it’s not viable for anybody to enforce that?
The GDPR is European legislation, written for the territory the EU has legal jurisdiction over. Why would anybody think it's meant to apply outside of the EU? Plenty of businesses choose to operate by two sets of privacy policies, one where they continue fucking over their American users and one where they adhere to the GDPR for European users, and that is perfectly acceptable. There is no "think" about it, the legislation obviously does not apply outside the EU, nor is it intended to.
Because it's clearly worded in such a manner, similar to US financial laws. The key difference is that the EU so far lacks the leverage to throw its weight around outside its own territory to the extent that the US does. (Also presumably politicians won't be willing to burn bridges over PII handling violations to the same extent that they do over financial crimes.)
It does not, as explicitly stated in the court's decision found here[0].
https://www.texasattorneygeneral.gov/sites/default/files/ima...
The court finds that the following domain name is
owned by Defendant ...
Defendant is not a resident of this state and is
a foreign corporation.
> You're going to have give us the "explicit" quotation ...The aforementioned does so. Until and unless you can show how the Defendant has an established presence within the State of Texas, such that its jurisdiction is applicable, it is difficult for me to consider your position considered and/or informed.
To be fair, only some of "us" are unwilling to read a two-page document to be informed about a topic under discussion. The words you're looking for are "Defendant is not a resident of this state and is a foreign corporation."
Again, until and unless you can show how the Defendant has an established presence within the State of Texas, such that its jurisdiction is applicable, it is difficult to consider your position considered and/or informed.
Hosting out of the netherlands. Kick their owners are globally headquarted in Australia, their US operations are out of SFO, CA.
By this same logic if my web server physically located in Canada, the USA or Iceland serves LGBTQ content to people in Uganda I should be held liable or dragged into a Ugandan court under some of Uganda's anti-LGBTQ laws?
https://www.google.com/search?client=firefox-b-d&q=uganda+an...
It's now well-established on the Internet that a court may force anyone in the path to enforce their decision. ISPs are regularly forced to block foreign websites, without any implication of liability on the ISP's part, simply because the ISP has the technical ability to block them and the court has the ability to enforce an order on the ISP. This is the case when Spanish ISPs have to block Cloudflare. The same applies to the DNS, which is based in America. Thanks to Texas for publicizing this DNS vulnerability which must urgently be fixed.
Not sure how this does not violate interstate commerce.
Contact your congress criter: https://www.congress.gov/
BTW: Kick - Melborne, AU. US Operations: SanFran CA. Registar: Verisign - Reston, VA.
otherwise they could just send the texas rangers to canada to go kill the execs in montreal
Back on topic, does the constitutionality matter if the business is destroyed by the process? How long might they be without their domain name even if they prevail in the end? I somehow doubt texas would ever get stuck paying out damages.
Or did you mean, like, morally?
Doing this at the state court level is as nonsensical as an individual state deciding it doesn't like a law or regulation that's part of the jurisdiction of the FAA or FCC, and wants to do its own unique weird local thing.
And why even a “US federal” court should have such arbitrary and sweeping authority that affects other countries’ businesses and people? The world should realise that “.com” is a US domain in technicality and spirit both (like many other domains)
This is one of the extremely broken aspect of “The Internet”. Large part of it is literally controlled by US with zero oversight or shared authority.
PS. Look at how India recently moved all bank domains to https://<bank name>.bank.in. And I usually don’t agree with my Govt (and for good reason) but this is a proper sovereignty move.
(Oh by the way ICANN is “still” in the US)
https://www.google.com/search?client=firefox-b-d&q=US+state+...
I’m Canadian and Texas courts have zero authority over me so they can f*ck off.
I don’t agree with the premise of age verification, but of course a prosecutor would go after the assets they can reach if enforcing local laws. They’ve done this for years when it comes to copyright infringement.
There exists a well defined process, precedent and prior case law in US federal court to seize a .COM domain name by a court order issued to VeriSign. Doing this at the state level is entirely new.
https://www.cnn.com/2026/05/08/europe/porn-site-motherless-t...
https://www.cnet.com/news/privacy/man-behind-xxx-domains-say...
As for the other part, I'd just assume that they wanted to switch to a registrar more used to adult content websites and less likely to be impacted by the Texas govt. Just like pirate sites switch TLDs to the ccTLD of the country least likely to prosecute them all the time.
I was mostly just talking about the fact that registering a domain with a registrar that is about "XXX sites should help empower parents to keep their kids away from adult content" isn't necessarily a bad thing.
Update: yeah https://opencorporates.com/companies/nl/30159632
1. Instigate a completely impractical, rights-violating scheme for age verification that nobody in their right mind wants to implement.
2. Then, enforce it against whatever porn sites land in your jurisdiction at all, knowing that they, like everyone else, don't do the verification.
Am I close?
Suppose the porn site tries to implement it. How many people are going to hand over their personal info to a shady porn site? Most visitors are there anonymously for whatever free stuff they can watch.
Either way, the porn site is ... screwed. Implement age verification: 99% visitors now back-button out and find another porn site. Don't implement it: blocked or shut down.
This is going to be a real problem when states start nuking whole parts of the internet from orbit. A state has a law against conversion therapy and starts to remove sites with that? A state has a law against trans people? Or abortion? Or medical misinformation? Suddenly we just start purging sites back and forth?
Battlegrounds end up as torn up, muddy, desolate places. Turning the domain registry into a battleground is a bad idea. Over the long term, no one wins if we choose to fight there.
But what people do instead is to disable access for people from that specific state.
If someone from the US does something illegal on your site (which is legal in your country), depending on how much they want you will end up in a US prison.
Before the US decided that betting online was OK, betting sites had travel advisories for their employees not to travel to the US.
Multiple conservative SCOTUS justices openly admit to taking bribes from parties with cases before them.
C’mon, people, these issues are trivial to look up the facts about. There’s no excuse for ignorance here. https://firstamendment.mtsu.edu/article/obscenity-and-pornog...
Obscenity is not speech.
Pornhub itself is doing the blocking; it uses geolocation and denies services to IP addresses from jurisdictions with age verification laws. The laws are usually not structured so as to require a third party such as an ISP to block noncompliant sites; instead, the governments of the states with those laws can sue the porn sites and their service providers (Verisign in the case of .com domains).
I used the language of the link.
> The explicit tube site Pornhub is now blocked in 25 U.S. states
I had assumed that the states were blocking Pornhub but reading between the lines in the linked article it does imply it's not the states are not applying technical blocks.
As far as I can tell it would be possible to build an age verification service based on an open source ZKP implementation such as Google's Longfellow [1] that would be acceptable to these laws, but would allow anonymous age verification. It would be similar to the system the EU is now trialing, except not limited to iOS and to Android devices with Google Play. Longfellow should be able to work with those but also most modern smart phones running any OS the supports the phone's secure element, and also desktop computers that have secure elements, and devices like YubiKeys.
You would have to verify your age with the age verification service to set things. The easiest way to make it so that is not a privacy risk is for the age verification service to be offered by some entity that already has your ID documents. In the EU that would be the governments themselves, but I don't think any US state governments are ready to do that.
The age verification service doesn't necessarily need to store copies of whatever ID you present. It just needs to know you are when it issues its ID documents that get bound to your device's secure element. If this service was offered by some entity that has a widespread physical presence (a bank would be perfect) you could go in, show ID in person, and get your device enrolled.
Even better would be for a trusted non-profit to run this, like the EFF or the ACLU. Yes, I know they don't want age verification to happen at all, but they are going to lose that one, and it would be prudent to try to make it so that people have a privacy preserving way to do it that can be used anonymously when that happens.
Anyway, once your device is set up verifying your age to a website would involve a protocol between your device in the website the uses a ZKP (Zero Knowledge Proof) to demonstrate to the website that the identify information the age verification service bound to the secure element on the your devices says your age is acceptable. The ZKP doesn't disclose anything else from your identidy information. (The web server sees your IP address of course, but they would see that without age verification too). Note that the age verification service has no idea when, or were, you age verify at a website.
You're seriously proposing that organizations along the same general lines as the EFF or ACLU would be okay with being the implementing partner of a "papers, please" identify verification regime? I highly doubt their leadership would entertain the idea for even the briefest moment.
It can be done with either 0 or 1 "papers, please" events per device rather than 1 per website or worse 1 per website visit, and without preventing anonymous access, but most of the laws do not require that it be done that. Most age verification services will do the minimum required, which usually will mean they are more intrusive and more leaky.
The best way they could ensure that, if they can't convince governments to write the age verification laws to require it, would be to operate such a service themselves.
This system will likely fail in the same way that almost every new DRM system has failed: someone will implement the "secure element" badly and its keys or secrets will get exfiltrated and cloned.
It's one thing to keep a cryptosystem secure when its users appreciate that system (e.g. hard disk encryption or TOTP 2FA)… but it's very hard to keep cryptosystems secure when millions or billions of people are unwilling and resentful users having those systems imposed on them.
DNS being centralised in the USA was potentially problematic when they weren't abusing their power. Now that they are actually abusing their power, it is actually problematic.
Otherwise the general idea seems absurd that an individual state could freeze a domain impacting for the whole Internet…
(EDIT: I won’t lose any sleep at the loss of such scum but the general principle seems a bit strange.)
So they're using the fact that Verisign is a US company and can therefore be leaned on.
I'm not sure how I feel about this. What do other countries do who don't have Verisign to lean on? US companies really don't like being told what to do by governments of other countries, but when the shoe is on the other foot...
They lean on their ISPs, see Spain and the La Liga controversy.
This appears to basically wipe the site from the entire internet, for all countries.
ccTLDs already exist and their respective countries have sovereignty over those TLDs: the UK can disappear any .uk domain name it wants from the global internet.
The .com TLD is American, and is therefore subject to American legal proceedings.
Ample precedent and prior case law exists that the US Federal government can obtain court orders to seize .COM domains. Going back 15 years now.
State government that's another question entirely. When people say "American legal proceedings", the distinction between state courts and federal courts have two very different regions of responsibility and authority.
This is not an "American" proceeding so much as a Texan one, and it's not clear that the State of Texas should have any jurisdiction over the .com TLD.
This result means that Texas can take various means to block motherless. But more importantly no motherless employees should travel to Texas without risk of arrest. Same for abc/youtube/facebook employess traveling to India.
You should be aware of this and monitor it in your industry.
You know real, friendly, generous humans live in Texas, right?
a reasonable number of those people is 10-15%, not 51%+
I grew up in South Africa during the apartheid era, when black people weren’t allowed to vote or even participate in the economy at much beyond the level of slaves. I didn’t get upset when people criticized South Africa, or boycotted it, because the country’s actions certainly justified that.
The entire US is in much the same situation now: in the process of flushing democratic governance down the toilet, elevating open corruption to the standard way of doing business, and flirting with authoritarianism to a degree virtually unimaginable just a few years ago.
In that context, the #notalltexans whine sounds rather muffled from all that sand you’ve stuck your head in.
And Kick Online Entertainment S.A. appears to be incorporated in Luxembourg. The "S.A." is a mostly European thing, kind of like a "limited" company.
That's generally key in making a precedent. The first case is someone nobody really cares for, but it's built a precedent where the next case must follow suit.
(Under "Controversies".)
> In March 2012, the U.S. government declared that it has the right to seize domains ending in .com, .net, .cc, .tv, .name, and .org if the companies administering the domains are based in the U.S. The U.S. government can seize the domains ending in .com, .net, .cc, .tv, and .name by serving a court-order on Verisign, which manages those domains.
However, applying this for violations of _state_ law seems odd.
Where does it end?
What if a law enacted by a single US city’s city council is violated? Would US as a country seize the domain?
"Sorry Meta, but BFE, Nebraska outlawed Farmville and now some guy named Bob owns facebook.com."
The only thing slightly redeem about about them economic wise is their gas reserves. The way they run their state is very similar to a corrupt nation as well. They still want to break away from the US.
The US court system really needs to do something about this, and overturn Free Speech Coalition v. Paxton in favour of Reno v. American Civil Liberties Union.
I do generally agree that local governments trying to forcefully exert their influence beyond their jurisdiction is deeply problematic. It wouldn't even be possible to host a website on the internet if this becomes normalized, due to being held to thousands of contradicting standards. At most Texas should have the authority to tell Texas ISPs to block traffic.
Thank you for your virtue signaling. You're now registered as a lifetime GOP member.
> Kick Online, which openly describes itself as a “moral free” company, ignored the lawsuit and refused to comply with the court’s order. It continued publishing and distributing harmful sexual material that was accessible to minors in Texas.
This is the same website with a forum with millions of users trading information on how to assault their partner.
https://www.cnn.com/interactive/2026/03/world/expose-rape-as...
FAFO.
Does this mean Texas can shutdown other websites in other states that provide abortion support? I’m sure there are those who would argue such to be harmful to children…(not to mention the fetus)
Leftists and trans activists attempting to shut down Kiwifarms comes to mind.
Supreme Court allows Texas to enforce law requiring age verification and parental consent on apps - https://www.scotusblog.com/2026/07/supreme-court-allows-texa... - July 6th, 2026
Supreme Court allows Texas’ law on age-verification for pornography sites - https://www.scotusblog.com/2025/06/court-allows-texas-law-on... - June 27th, 2025
https://mashable.com/article/all-the-states-and-countries-wi...
https://en.wikipedia.org/wiki/Social_media_age_verification_...
Now, I say this mockingly, my neighbors (yes I live in Texas) say such things with a steadfast belief. Which is really weird to me because they keep electing adulterers and rapists.
What do you mean "serves"? Does that just mean not actively blocking users from Texas? Allowing your web site to be accessible regardless of user location is, and always has been, the default way to run a web site. Your assertion would mean that web site operators are beholden to the laws of all jurisdictions on the planet if they don't actively block those users.
Think about what a bad precedent that would be. Some countries criminalize promotion of pro-LGBT+ content. What if those countries suddenly demand extradition of people who run pro-LGBT+ blogs because the web sites are available there?
Also, keep in mind that geolocation isn't actually part of the Internet - it's an overlay that private companies have cobbled together that usually works. But it's not perfect, especially at the subnational level. Many times I've connected to public Wi-Fi and I get an alert that I've signed into something from across the country, because that's where the Wi-Fi provider's IPs are located. Are you sure that every jurisdiction in the world will accept that if gelocation gets it wrong, you're off the hook? Utah has already claimed that companies are responsible for complying with their laws even if the user masks their location with VPN. https://www.privacyguides.org/news/2026/05/11/utah-targets-v...
Then it's violating the laws of a whole lot of places by serving pornography to adults.
The existence of a web server doesn't feel like enough nexus to seize a domain.
I didn't know that Texas is supporting and promoting the North Korean government: http://naenara.com.kp/main/index/en/first
I wonder why they aren't being called out for anti-American terrorist groups.
Everyone learns this the hard way, it seems.
Waiting for the day when texas court demands deleting .ee LTD (since estonia is currently only country which has fought agaisnt age verification laws)
It was a choice by Motherless and their holding company, Kick Online, to egregiously ignore Texas law; the law has been found sound by the US Supreme Court, and enforceable by Texas. These are the facts of the situation. Everything else to discuss on this is feelings and opinion, unless there are relevant facts not yet shared or discovered.
The other point of view is that they "very reasonably" ignored Texas law because they're not in Texas.
The Supreme Court found that the law was valid, but that ruling doesn't mean it necessarily applies in a situation like this.
under that setup, yes, twxas is illegally breaking US sanctions against north korea
Nonsense.
There is no reliable way to not serve your content to people in Texas. If anything, Texas should compel ISPs to not serve it to their Texas customers.
>Warning: Potential Security Risk Ahead
> Firefox detected a potential security threat and did not continue to www.texasattorneygeneral.gov. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.
This is exactly how we lose all our rights.
Found the case, https://law.justia.com/cases/federal/appellate-courts/ca9/07...
The Ninth Circuit held that the U.S. court had jurisdiction to proceed because VeriSign—the registry for all .com domains—was located in the United States.
I want to see other countries start rejecting the ICANN root and forcing all the US domains under .us, but it will never happen. It would break their vhosts for one thing. Doing it at the browser level could avoid that.