Home / News

Leading Domain Registries and Registrars Release Joint Document on Addressing ‘DNS Abuse’

A group of leading domain name registries and registrars have joined forces in the fight against abuse in the Domain Name System (DNS), by developing a “Framework to Address Abuse.” Each contributing company has shared its expertise and experience mitigating abusive practices with the goal of submitting the resulting Framework as a foundational document for further discussion in the multistakeholder community. The group includes Public Interest Registry, GoDaddy, Donuts, Tucows, Amazon Registry Services, Inc., Blacknight Solutions, Afilias, Name.com, Amazon Registrar, Inc., Neustar and Nominet UK.

“The registries and registrars participating in this effort recognize that the health and security of the DNS is essential to the trust and safety of the Internet overall and that they have an important, yet often misunderstood, role to play as stewards of this public resource,” a spokesperson for the group told CircleID. The group considers the Framework as a critical first step in the scope of the broader community effort to tackle DNS Abuse.

Noteworthy paragraphs from the released document:

What is DNS abuse? “Before DNS Abuse can be effectively addressed, we recognize the need for a shared understanding as how to define it.” The group has collectively defined DNS Abuse as five broad categories of harmful activity: “malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS Abuse)”

When Should a Domain Name Registrar or Registry Act on Website Content Abuse? “Despite the fact that registrars and registries have only one blunt and disproportionate tool to address Website Content Abuse [i.e. disabling the entire domain name], we believe there are certain forms of Website Content Abuse that are so egregious that the contracted party should act when provided with specific and credible notice. Specifically, even without a court order, we believe a registry or registrar should act to disrupt the following forms of Website Content Abuse: (1) child sexual abuse materials (“CSAM”); (2) illegal distribution of opioids online; (3) human trafficking; and (4) specific and credible incitements to violence.”

Read the full document here.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

The slippery slope begins? Alan Maitland  –  Oct 22, 2019 9:06 PM

This is generally a giant leap forward in combating DNS abuse as defined in the Framework to Address Abuse document and those entities who worked on the document should be congratulated on coming this far.  That said, in the context of WebSite Content Abuse, there may be problems with the document as regards objective vs subjective items.

Facts are objective.  They are or they are not, there is no gray area.  Items requiring interpretation are subjective, subject to interpretation by whosoever is examining a given item.

All though none of the items in the Website Content Abuse items 1-4 are really facts, some of the items easily pass the “any reasonable person” test.  Subjective items, being open to interpretation won’t necessarily pass the reasonable person test for any number of reasons (e.g., cultural, legal, etc).

Website Content Abuse (1) child sexual abuse materials (“CSAM”);:
Objective - Generally passes the reasonable person test.

Website Content Abuse (2) illegal distribution of opioids online;:
Objective - Generally passes the reasonable person test.

Website Content Abuse (3) human trafficking;:
Subjective - While certainly objectionable to any reasonable person, the definition of what constitutes this form of abuse to the degree it is shutdown is vague in the document.  Would a discussion of human trafficking, pointing to examples be adequate cause to bring a domain down?  If so, most newspapers might take issue with the plan, in not, why not?  Adding words to the definition here would go a long way to tighten up the definition.

Website Content Abuse (4) specific and credible incitements to violence.:
Highly subjective as it stands.  Pretty much every site carrying a comment board may fail that test.  In America, we have politicians who almost daily accuse each other of this very thing.  Are there plans to bring down several well known .Gov sites on the horizon?

While we would all like to believe people think things through and use good judgement in determining a course of action, history is replete with examples of that not always being the case.  For example, years ago in the San Francisco bay area during a drought, a local water board employee decided to open a reservoir and dump huge quantities of needed and now scarce drinking water into the bay.  Why?  Perhaps because the operating manual the employee was using, which apparently had limited or no information on the conditions when the dump procedure should be applied, said to do so and so, without thought or an understanding of consequences, the employee acted. 

Believing everyone is on the same page as regards a matter is not the same a knowing everyone is on the same page.  Words applied well can make it possible to be closer to knowing than believing.

In summary, it is precisely because of “the fact that registrars and registries have only one blunt and disproportionate tool to address Website Content Abuse” they all must be extremely precise in their definitions of what exactly constitutes the objectionable behavior most all people do and should want to see shut down, without treading on the rights of those who fall into corner cases who then become “collateral damage” in this initiative. 

Minimally, there should be a formal mechanism provided in the document which allows for near instant restoration of a site brought down by policy, where a subjective standard was used.  Ultimately, such a policy protects the registries and registrars as well as a person or group from being caught up in a subjective decision.

Words have meaning and thus precision in wording goes a long way to ensuring nobody but the bad actors ever get caught up in the laudable blunt tool efforts the registrars are working to achieve.

Would that we didn’t live in a world where a very small number of people do the objectionable things they do for which they richly deserve to be roasted on a spit! (Quick - Did I just pass the incitement to violence test or simply express an opinion through the use of an allegorical device?) In order to protect the rights of most all of us we need to consider such things and never let this Comment’s Title ever be answered “yes”.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign