Can't agree entirely. It's negligent, sure, but the negligent part wasn't letting it expire.
The negligent part was not holding the domain with an error result for 10 years and respond to every request with an email telling them to stop using that domain. And I say 10 years because 10 years of having a broken system is already way too long to not go addressing, no matter how sluggish the service underneath.
You can not be expected to cover your own ass for OTHER people's fuckups into perpetuity. Every system issuing an whois to a supposed dead domain should be considered the actual responsible party for this.
Sure, though if you're a central provider like a registrar/ISP there are very bad things that happen no matter what you do with a domain.
Since the registrar could very easily determine whether or not the domain was in active use in the wild (and still return an error if they wanted), and didn't, I do consider it negligence.
People hard-code them, they end up in configs, all over, specially in forgotten or hard-to-change places.
The negligent part was not holding the domain with an error result for 10 years and respond to every request with an email telling them to stop using that domain. And I say 10 years because 10 years of having a broken system is already way too long to not go addressing, no matter how sluggish the service underneath.
You can not be expected to cover your own ass for OTHER people's fuckups into perpetuity. Every system issuing an whois to a supposed dead domain should be considered the actual responsible party for this.