Home / Blogs

Standing Up for a Safe Internet

Michael Young

Back when I started working in this industry in 2001, ICANN was small, the industry was tight, and things moved slowly as interest groups negotiated a balance amongst the impacts of change. Change often meant added overhead and, at the very least, a one-time cost effort to implement on the commercial side. Registries and registrars preferred to be hands-off when it came to how their domains were being used. But e-crime became big business during the 2000s. We all became aware of the dangers posed by malware, phishing, scams, and of the billions of spam e-mails spewed by criminal-controlled botnets. The costs of the criminal use of the DNS began hitting everyone — Internet users, big and small businesses, and governments too.

Answering GAC requests, the ICANN Board has now inserted two significant new contractual requirements about domains abuse into the nTLD Registry Agreement. The first is pretty non-controversial, and most TLD applicants had already pledged to do it:

"Registry Operator will include a provision in its Registry-Registrar Agreement that requires Registrars to include in their Registration Agreements a provision prohibiting Registered Name Holders from distributing malware, abusively operating botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law, and providing (consistent with applicable law and any related procedures) consequences for such activities including suspension of the domain name."

But the second new requirement is more substantial and difficult:

"Registry Operator will periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats, such as pharming, phishing, malware, and botnets. Registry Operator will maintain statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks. Registry Operator will maintain these reports for the term of the Agreement unless a shorter period is required by law or approved by ICANN, and will provide them to ICANN upon request."

ICANN calls this a "public interest commitment," and the Board committee must have seen it as an affirmation that all parties have a role in keeping the Internet a safe place, and should manage the resources they control in a responsible way. (And who can disagree with that sentiment?) But it's not an easy thing to implement. It takes specialized knowledge and data to understand when your domains are being used for no good, much less what to do about it.

If you are a current registry operator, it's about understanding the extent of the problem you have, and if you are a new operator, it's about understanding the extent of the problem you face. Then, most importantly, it's about having tools in place to manage the abuse. Unchecked abuse can (and has) operationally impaired domain registries by steady reputational poisoning, and has hurt registrars through payment fraud and complaint-handling costs.

Finally, ICANN's new analysis and reporting requirement will receive some refinement. There will be additional public discussion and policy-making to flesh it out. We at Architelos will be watching these developments closely. But it's clear that registries will be required to know what's going on in their zones, must be able to quantify and categorize it, and must be able to report what they did about it.

I've watched the domain space grow to almost ten times the size it was when I started in 2001. Growth of a successful medium is inevitable, but continued success depends on maintaining the value proposition — in this case, keeping the domain space safe for everyone's use. It's time to fight for what's valuable to us.

I think Bob Dylan put it well when he said:

Come gather 'round people
Wherever you roam
And admit that the waters
Around you have grown
And accept it that soon
You'll be drenched to the bone
If your time to you
Is worth savin'
Then you better start swimmin'
Or you'll sink like a stone
For the times they are a-changin'.

By Michael Young, Chief Technology Officer at Architelos. He built the first modern EPP Top Level Domain registry in 2001 (.info) and subsequently built and operated the backend systems for numerous gTLDs, ccTLDs, IDN enabled registries and sponsored TLDs such as .org, .mobi, .in, .me and others. Architelos provides new gTLD application guidance and registry management services for clients in the DNS and IP industry. Mr. Young can be reached directly at myoung@architelos.com.

Related topics: Cybercrime, Domain Names, ICANN, Internet Governance, Security, Top-Level Domains

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

.film to Provide New Home Online for the Film Industry

.VOTE Solves Presidential Candidate Ted Cruz's Domain Name Problem

.green Now in General Availability

ICANN's Registry Audits Begin Next Week. Are You Prepared?

.study & .courses to Launch with Support of ARI Registry Services

We Know This .Sucks

DotConnectAfrica on "CONNECTing the Dots: Options for Future Action" at UNESCO, Paris

ARI Registry Services Expands Middle East & Africa Operations

Radix Assumes Full Ownership of .online

IBCA Presentation to ICANN GAC on Protection of Geographic Names in New gTLDs

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

NSW Government Launches .sydney Domain

New .VOTE and .VOTO Domains Now Available

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Verisign iDefense 2015 Cyber-Threats and Trends

Verisign Launches New Monthly Blog Series: Top 10 Keywords Registered in .COM and .NET

.LGBT Public Launch Begins Today

.POKER Domain Sunrise Period Begins

Verisign Celebrates .com's 30th Anniversary, Launches Domain Name Contest

Sponsored Topics

Verisign

Security

Sponsored by
Verisign
dotMobi

Mobile

Sponsored by
dotMobi
Afilias

DNS Security

Sponsored by
Afilias
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines