Trump’s Tweets Flouting the Cybercrime Treaty Curbs on Racist and Xenophobic Incitement

The existence of the 2001 Cybercrime Convention is generally well known. The treaty has now been ratified/acceded to by 60 countries worldwide, including the United States. Less well known is the existence of the Additional Protocol to the Convention "concerning the criminalization of acts of a racist and xenophobic nature committed through computer systems." more

Comcast Sneaks in Another Billing Line Item and “Earns” an Additional $1 Billion

My Comcast bill arrived today with a sneaky new $2.68 charge, $2.50 for leasing one (and only one) set-top box and $0.18 for the remote. This new billing line item, like the many others Comcast has introduced, adds to its bottom line with no additional capital expenditure. It shows how resisting the obligation to return to accepting set-top box free, "cable ready" sets was a smart strategy. more

It’s About Whois Display And Access

The need for an access model for non-public Whois data has been apparent since GDPR became a major issue before the community well over a year ago. Now is the time to address it seriously, and not with half measures. We urgently need a temporary model for access to non-public Whois data for legitimate uses, while the community undertakes longer-term policy development efforts. more

Why You Must Learn to Love DNSSEC

It's been nearly two months since the high profile BGP hijack attack against MyEtherwallet, where crypto thieves used BGP leaks to hijack MEW's name servers, which were on Amazon's Route53, and inserted their own fake name servers which directed victims to their own fake wallet site, thereby draining some people's wallets. It generated a lot of discussion at the time... What isn't fully appreciated is that attack has, in fact, changed the game somewhat... more

Google Engineer Ben McIlwain on Why HSTS Could Be a Perfect Fit for .Brands Security

The Google-run .app TLD was always destined to draw attention and scrutiny, from the moment it fetched a then-record ICANN auction price of $25 million. Since it reached General Availability in May it has gained more than 250,000 registrations making it one of the world's most successful TLDs. However perhaps more interesting was Google's choice to add the .app TLD and its widely used .google extension to the HTTP Strict Transport Security (HSTS) Top-Level Domain preload list, offering an unprecedented level of security for all domains under .google and .app. more

ICANN vs EPAG: ICANN Seeks Appeal Plus Pushes for ECJ Referral

As I predicted ICANN is pursuing its case against EPAG. They're now not only appealing the case to a higher court in Germany but are also trying to get the entire thing referred to the European Court of Justice. In an announcement late last night ICANN made it very clear what their intentions are. While they're pursuing the appeal in the higher court in the German region, which makes sense at some level, it's also very clear that they're not taking "no" for an answer. more

US Govt Formally Asks Whether It Should Reassert Its Control of Internet, Reversing ICANN Handover

A formal inquiry released by the US National Telecommunications and Information Administration (NTIA) on Tuesday questions whether IANA Stewardship Transition should be "unwound." more

Leveraging Traffic Statistics to Manage Corporate Domain Portfolios

Corporate domain name portfolios often consist of domain names that do not resolve to relevant content. In fact, it's not uncommon for less than half of corporate domains to point to live content. Sure there are domains such as those that point to "sucks" sites or those registered anonymously for future use that purposely do not resolve, but those are the exception to the rule. more

WHOIS Users Facing Serious Challenges Caused by Post-GDPR Fragmentation

On May 25, 2018, the European General Data Protection Regulation (GDPR) came into effect, meaning that European data protection authorities (DPAs) can begin enforcing the regulation against non-compliant parties. In preparation, the ICANN Board passed a Temporary Specification for gTLD Registration Data - essentially a temporary policy amendment to its registrar and registry contracts to facilitate GDPR compliance while also preserving certain aspects of the WHOIS system of domain name registration data. more

What Happens If Two Applications for a New gTLD Are a City and a Family Name?

When applying for a new gTLD, what happens if two applications for the same extension are a city and a family name? Which one wins? Let's imagine that a person whose family name is "Marseille" applied for the .MARSEILLE new gTLD in the next round of the ICANN new gTLD program. What if there was a .MARSEILLE new gTLD too but as the name of the French city? more

DNS Firewall Market Expected to Grow From $90.5 Million in 2018 to $169.7 Million by 2023

DNS firewall market size is expected to grow from USD 90.5 million in 2018 to USD 169.7 million by 2023, at a Compound Annual Growth Rate (CAGR) of 13.4% according to a market research conducted by MarketsandMarkets. more

ICANN vs Epag/Tucows: German Court Rules Against ICANN

German courts seem to be pretty fast, so instead of having to wait weeks or months to see how they'd rule, we've already got the answer. The German court in Bonn has ruled that EPAG (Tucows) is not obliged to collect extra contacts beyond the domain name registrant. The decision, naturally, is in German, but there is a translation into English that we can use to understand how the court arrived at this decision. more

ICANN vs EPAG/Tucows: Tucows Releases Statement on What They’re Doing and Why

As I noted over the weekend, ICANN has instigated legal action against EPAG, an ICANN accredited registrar based in Germany that is part of the Tucows group. ICANN claims that the case is to "preserve WHOIS data", but Tucows asserts in their statement that the ICANN approach is flawed. It's not a frivolous statement, but one they've backed with fairly detailed rationale - and this is just their public statement and not a formal legal filing. more

GDPR PII Time-Bomb? Kill it With Fire!

Hi! My name is spamfighter. I investigate spam and phish in a post-GDPR dystopia. Recently, I invented Fire, to save you millions of €uros. One day, my Boss suggested I automate some of my processes. I, for one, welcome our Robot Overlords (and a happy boss), but I can be exacting about the tools I use. Perhaps not to the degree of the infamous Van Halen 'no brown M&M's' contractual clause but I have no patience for poorly-designed software, and truly dislike typing when... more

ICANN Files Legal Action Against Domain Registrar for Refusal to Collect WHOIS Data

Germany-based ICANN-accredited registrar EPAG owned by Tucows has informed ICANN that it plans to stop collecting Whois contact information from its customers as it violates the GDPR rules. more