Interisle Consulting Group today released its fourth annual Phishing Landscape report investigating where and how cybercriminals acquire naming and hosting resources for phishing. Our study shows that cybercriminals evolved their tactics for obtaining attack resources, including sharply increasing their exploitation of subdomain and gateway providers. more
In an era where our lives are increasingly intertwined with digital technologies, a recent development in the realm of digital sovereignty has sparked a pressing concern for nations and individuals alike. The concept of digital self-determination, once hailed as a great equalizer, has become a battleground for power, privacy, and control, with governments and tech giants vying for dominance in the digital realm. more
On July 22, the FCC's open Internet order - which transforms Internet access service from a lightly regulated information service into a heavily regulated telecommunications service - will take effect. This article describes the policies and legal theories underlying the Order and the Order's effect on consumers of Internet services and providers of the service, including a number of entities that had previously escaped FCC regulation. more
Anybody not involved in the telephone business will probably be surprised to find that the old TDM telephone networks are still very much alive and in place. The old technologies were supposed to be phased out and replaced by digital technologies. The FCC started talking about this before 2010. In 2013, Tom Wheeler, the FCC Chairman at the time, announced an effort to force the needed changes, which was dubbed the IP Transition. more
On June 9 CircleID published an insightful article by Thomas Rickert entitled "Demystifying Art 28 NIS2." In that piece Thomas set forth two alternative interpretations of Article 28(6) of NIS2, and argued that TLD registries should not be required to maintain a separate database of the registrant data under NIS2. In my view, Thomas' approach is inconsistent with the remainder of Article 28, and would not achieve the goals of NIS2 to improve cybersecurity across the EU member states. more
On December 14, 2022, the European Parliament adopted the Directive on measures for a high common level of cybersecurity across the Union (Directive (EU) 2022/2555) hereinafter referred to as "NIS2"), which was published in the official journal on December 27, 2022. Being a directive, NIS2 requires transposition into national law. According to Art. 41 of NIS2, the transposition into national law must take place by October 17, 2024 and the measures must be applied as of October 18, 2024. more
In the same way monarchs are proclaimed - by powerful stakeholders attending a coronation and not objecting - the UN's International Telecommunication Union (ITU) took a mandate last week to coordinate AI Safety worldwide, with most industry leaders and relevant UN agencies were present when it did so. more
I recently appeared on the 419 Consulting podcast to discuss the European Union's NIS 2.0 Directive and its impact on the domain name ecosystem. I encourage all TLD registries, domain name registration service providers, and DNS operators to listen to the recording of that session which Andrew Campling has made available. more
As a member of the ROW Planning Committee, I am writing this post on behalf of the Committee and welcome all community members to join us on June 4th. We are celebrating ROW's 10th anniversary! A decade of collaboration and inspiration! Thank you to the incredible community that has fueled this journey! more
What defines a stakeholder in Internet governance? Is it a professional occupation, an ideology, or a specific methodology? One of the key themes emerging in the Netmundial+10 event has been that of stakeholder involvement, participation and representation in different IG mechanisms. The numeric increase in contributors to these processes since the original Netmundial is palpable. However, questions remain about the definition of a stakeholder and the premises under which these actors should engage in policy work together. more
The FCC lawfully fined U.S. facilities-based wireless carriers nearly $200 million for selling highly intrusive location data about subscribers without their "opt-in" consent. In Section 222 of the Communications Act, Congress comprehensively specified how the carriers bore an affirmative duty of care not to disclose clearly defined Customer Proprietary Information ("CPNI"). The Act explicitly required the FCC, and no other agency, to protect telecommunications consumers. more
In today's digital age, the Internet is a ubiquitous presence in our lives, playing a pivotal role in how we communicate, work, learn, and entertain ourselves. However, the convenience and benefits of the Internet come with a hidden cost to the environment, which is often overlooked by end users. This article explores the environmental impact of online activities and highlights the importance of adopting more sustainable digital practices. more
The EU has once again turned its attention to domain name registration data (WHOIS) -- this time reinforcing requirements to collect, maintain, verify, and disclose WHOIS for IP enforcement purposes through its "Commission Recommendation" on measures to combat counterfeiting and enhance the enforcement of IP Rights. Published last month, this regulatory action demonstrates the EU's commitment to restore WHOIS despite... more
During CSG Open Working Session at ICANN79, Members from the ICANN Community were invited to an open meeting to share their experiences with Registration Data Request System (RDRS) from the Requestor side. As President of the Edgemoor Research Institute (ERI), I had the honor to present the keynote address and I am pleased to be able to provide you with ERI's report of the meeting. more
The most contentious issue throughout negotiations was that of scope—whether the Convention would cover the private sector at all, and if so, to what extent. Leaks of the negotiations and commentary by journalists indicate that several states, primarily the United States, were keen to see the Convention not directly applying to private entities. more
Canadian Bill S-210 Sparks Controversy Over Internet Regulations
NSA Admits Purchasing Americans’ Internet Browsing Data Without Warrants
UK Online Safety Act Becomes Law Amid Controversy
Online Safety Bill: UK’s Digital Overhaul
SEC Now Giving Companies a 4-Day Deadline to Reveal Cyberattacks
FCC Chairwoman Wants Broadband Standard Boosted to 100Mbps Across the United StatesA World-Renowned Source for Internet Developments. Serving Since 2002.