Itch.io Taken Down by Funko

Original Article ↗ Hacker News Discussion ↗

Incident and Immediate Cause

  • A fan-made page for a licensed Funko video game on itch.io triggered automated “fraud/phishing” reports from BrandShield, a brand‑protection service used by Funko.
  • Reports went to both host (Linode) and registrar (iwantmyname).
  • itch.io removed the page and disabled the account; Linode accepted this and closed the case.
  • iwantmyname did not respond, and after several days the domain was placed on hold, taking itch.io offline.
  • There is some ambiguity whether the .io registry or the registrar set the hold status; a registrar operator in the thread says “serverHold” indicates registry-level action.
  • After public outcry, the domain was restored; the registrar later claimed they had not seen the earlier response.

Registrar Behavior and Alternatives

  • Many commenters mark iwantmyname as “do not use,” noting it was acquired by Team Internet and has reportedly declined (higher prices, worse support).
  • Several registrars are recommended (Porkbun, Cloudflare, Route 53, OVH, INWX, easyDNS, Hover, NameSilo, Netim, etc.), but nearly all big names attract both praise and horror stories.
  • Gandi is frequently cited as a cautionary tale: acquired by private equity, prices spiked, support and transfers worsened.
  • Some argue for small, local or co‑op‑like registrars, but others point out acquisitions are hard to predict.

Legal Liability and Remedies

  • Multiple commenters see a plausible case for tortious interference or similar civil claims against BrandShield, Funko, and the registrar; others are skeptical.
  • Skeptics argue: contracts typically allow registrars wide discretion; proving “actual malice” or intent is hard; and jurisdiction is messy (US, Israel, New Zealand, UK).
  • There is debate over whether false phishing complaints should be treated as fraud or perjury; consensus is that in practice such abuse is rarely punished.
  • Some suggest complaints to regulators (e.g., FTC) and industry pressure, but cost of litigation is seen as prohibitive for most companies.

DNS Centralization and TLD Issues

  • Discussion emphasizes registrars and registries as central points of failure, despite DNS’s distributed design.
  • Some argue DNS is “as decentralized as you can get”; others distinguish between federated and truly decentralized systems and suggest alternatives like blockchain-based naming.
  • .io is viewed as risky: stories of arbitrary suspensions and concerns about the territory’s political future and ccTLD retirement policies.

AI / Automation in Abuse Handling

  • BrandShield’s marketing around “AI” is criticized; many see this as generic automated keyword scanning misapplied to high‑stakes enforcement.
  • Commenters worry about a pattern: automated systems generating spurious complaints, and risk‑averse intermediaries acting without human review.
  • Some call for legal rules or strict liability for companies deploying such tools, treating “the AI did it” as no defense; others think existing negligence standards should already cover this.

Fan Content, Copyright, and Platform Policy

  • The triggering page was a non‑commercial fan page linking to official material, but many note fan works are always vulnerable to trademark/copyright enforcement.
  • Some think itch.io removing the page mirrors the registrar’s behavior—punishing a user to appease a rights‑holder—but others say sacrificing one page to keep the whole site online is unavoidable.
  • Broader resentment toward aggressive IP enforcement (e.g., Nintendo/Disney examples) and the “corpo hellscape” atmosphere is evident.

Wider Lessons

  • Many see this as another example of “enshittification” post‑acquisition: once‑good infrastructure companies degrading under new owners.
  • Commenters stress the importance of registrar choice, spreading risk (separate registrar and DNS), and having contingency plans (backup domains, alternative hosts).
  • Several note that a single false automated complaint now has the power to erase years of online work overnight, reinforcing fears about platform and registrar dependence.