On 29 July 2021, human rights organisation Chagos Refugees Group United Kingdom (UK), supported by consumer group Crypto Currency Resolution Trust (Bahamas), filed a complaint at the Irish NCP against Afilias Ltd. and two of its subsidiaries, 101 Domains GRS Limited (Ireland) and Internet Computer Bureau Limited (UK). The filing marks the first time a complaint related to cryptocurrency has been made to an NCP.

The Chagos refugees are descendants of former residents of the Chagos Archipelago in the Indian Ocean. A generation ago, Britain forcibly deported Chagos islanders from the archipelago. The United Nations General Assembly, African Union, and International Court of Justice have all found that Britain’s forcible deportation and continued colonial occupation of the Chagos Archipelago is a serious violation of international law. In 2019, Ireland voted along with 115 other UN members in condemning the United Kingdom’s continued occupation of the Chagos Archipelago.

Renamed the British Indian Ocean Territory, the archipelago is best known for the secretive US naval base on Diego Garcia Island and the “.IO” internet domain. .IO is the country level domain code created in 1997 for the British Indian Ocean Territory. The domain .IO was a relatively low-key alternative domain until about 2016 when its popularity exploded in connection with the rise of cryptocurrency.

The domain .IO has now made the Chagos Archipelago one of the world’s least known but largest offshore financial centres by daily volume. While .IO is utilised by legitimate companies such as crypto asset platforms and technology companies including top ten cryptocurrency USD Coin and cryptocurrency exchange, it is also linked to crypto asset based criminal operations such as Ponzi schemes, money laundering fronts, cryptocurrency gambling and fraudulent Initial Coin and Token offerings. Crypto Currency Resolution Trust, which represents victims with losses and claims against .IO crypto criminals for more than €100 million, asserts that tens of billions of dollars a day in unregulated crypto asset transactions take place in .IO involving hacking, tax evasion, money laundering, fraudulent investment schemes, gambling, and organized crime. Fraud complaints involving .IO have been rising steadily each year with 671 reported to UK’s Action Fraud system in 2020. Yet since British Indian Ocean Territory lacks a Financial Crimes Unit and relevant laws, criminals using cloaked identities, cryptocurrency, and .IO websites are rarely if ever apprehended or prosecuted.

In the years since it deported Chagos islanders from the archipelago, Britain has continued to ban the islanders from the island chain with allegedly apartheid-like laws, preventing their participation in the island chain’s booming Internet- and defence-oriented economy.

Irish internet giant Afilias Ltd., recently acquired by Donuts Inc., the world’s largest domain name registry., bought .IO for $70 million in 2017. In this complaint, the Chagos islanders allege that Afilias acquired .IO knowing its sordid past, connection to human rights abuses, and ongoing criminality, and by failing to address those concerns, has breached OECD Guidelines provisions on due diligence, human rights, and consumer interests. The islanders are seeking restitution and return of .IO. The islanders want due royalties and payments for use of .IO which is also marketed as “Chagosian Domains” by Afilias.

Relevant OECD Guidelines


On 2 March 2023, NCP Ireland published its initial assessment, in which it accepted the complaint for further consideration. The NCP will formally ask the parties whether they wish to engage in mediation with the aim of resolving certain issues in the complaint. Prior to to the initial assessment being published, 101domain GRS refused to engage with the specific instance process.

On 27 September 2023, NCP Ireland published its final statement. All of the companies declined the NCP’s offer of good offices (although the NCP noted Afilias and ICB’s written submissions explaining its position and trying to engage with the complaint).

The NCP made several recommendations to the companies, including for all business activities that bring a company into contact with a contentious and well-documented issue touching on human rights, the company should be able to demonstrate that it has conducted human rights due diligence and has a human rights policy. The NCP drew attention to the OECD Due Diligence Guidance for Responsible Business Conduct, which calls on companies to identify both actual and potential adverse impacts associated with business activity.

The NCP also recommended that companies’ dealing with consumers should have an appropriate non-judicial dispute resolution and redress mechanism and actively engage with public authorities to help prevent and address deceptive marketing practices, and also consider other practices that could be effective and take the necessary steps to reduce e-commerce risks in line with Chapter VIII of the Guidelines. The NCP also recommended that when a company is subject to an NCP complaint, it should engage with the complaint process, including making written submissions addressing the claims and responding to the NCP.

The NCP decided not to follow-up on the complaint due to the scale of the disagreement between the parties.

More details

Company in violation
Other companies involved
Affected people
Other NCP's where the complaint was filed
Date rejected / concluded
27 September 2023

Related complaints