Unless you’re a geography buff, you may never have heard of the tiny Pacific territory of Tokelau. It’s no wonder: As Jacob Judah explains in the MIT Technology Review, Tokelau is made up of three small atolls, has only about 1,400 inhabitants, and didn’t even get telephone service until 1997. But a strange thing happened despite that late embrace of technology, or perhaps partly because of it: Little Tokelau would go on to become “an unlikely internet giant,” writes Judah. Unbeknownst to islanders, however, it would do so by becoming a cybercrime hub, all thanks to its .tk domain name. The story unpacks how it happened, going to back to the Wild West days of the early internet in the year 2000 and a Dutch entrepreneur named Joost Zuurbier.
That year, Zuurbier struck a deal with Tokelau to manage its country-code top-level domain, or ccTLD, the string of characters that come after a URL. Tokelau had neither the money nor the knowhow to do that on its own. In fact, until that deal, Tokelau officials hadn’t even known they’d been assigned a ccTLD, writes Judah. In broad strokes, Zuurbier’s plan to was to allow anyone to obtain a .tk website for free, so he (and, theoretically, Tokelau) could make money off ads. The end result is that, until recently, the .tk domain “had more users than any other country’s,” writes Judah. The problem is that virtually all of them were spammers and cybercriminals. It’s a safe bet you (and almost everyone else) have encountered a .tk website, even if you weren’t aware of it. Today, officials in Tokelau, who say the territory did not see a financial windfall, are angry about how it all unfolded and the damage to their reputation. Read the full story. (Or check out other longforms.)