Home / Blogs

Compliance Overhaul a Start

Garth Bruen

ICANN is clearly changing with the new CEO making immediate changes to the organizational structure and Compliance announcing a number more effective tools and procedures at Sunday's At-Large Advisory Committee (ALAC) and Regional Leadership Meetings. It seems very ambitious and they will need to be because our year-long research, publicly distributed here for the first time, shows a complete breakdown in ICANN's Compliance functions on every level possible. Our document, in essence, demonstrates that ICANN has been completely ineffective in handling rampant abuse of the Domain Name System. Now, this analysis does not concern a vague responsibility for ICANN to protect the Internet but rather details specific failings which have allowed spam, malware, drug trafficking, and brand abuse to run rampant with absolute impunity. The related impact cannot be understated as rouge pharmacy websites have recently been tied to counterfeit cancer drugs. Some tainted versions were found to contain Streptococcus. It is not believed that ICANN staff wants the DNS to be abused in such ways and has been clearly frustrated by an internal structure which did not appreciate the importance of the department or devote enough resources to it. Regardless, our analysis shows a staff unclear about actual policy, providing contradictory information, and going silent when asked tough questions. This in general has been a disheartening discovery process.

ICANN Compliance acknowledged in Sunday's meeting that it had several non-aligned ticketing systems and that complaint submission interfaces without back-end processing or tracking. It is responding to this problem by centralizing its complaint processes and significantly enhancing its reporting capacity. Compliance is obviously trying to clarify its mission and build resources but is ultimately restricted by the fact that the RAA contract as written is unenforceable on WHOIS inaccuracy. At this time correcting this gaping hole in the contract is not part of the current contract negotiations. Any new contract will be just as useless without a change in section 3.7.8.

The new CEO should be applauded for his agenda and welcomed. Compliance should be encouraged in its mission. But as George Santayana famously said "Those who cannot remember the past are condemned to repeat it." For us not to document these failings, regardless of the current improvements would be irresponsible. Our full research document is here: http://knujon.com/Knujon_ICANN_compliance_eval_09192012.pdf

By Garth Bruen, Internet Fraud Analyst and Policy Developer. More blog posts from Garth Bruen can also be read here.

Related topics: Cybercrime, Domain Names, ICANN, Internet Governance, Law, Malware, Policy & Regulation, Spam, Whois

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Facilitating a Trusted Web Space for Financial Service Professionals

MarkMonitor Partners with CYREN to Deepen Visibility into Global Phishing Attacks

.STORE Grosses Over $1 Million Before the Close of Day 1

News.Markets: A Rising Star in the World of Financial Trading and New TLDs

Verisign Announces .コム Domain Names Are Now Available for Anyone to Register

NBA & NFL Teams Drive .store Sunrise Score to 647

New TLD .STORE Crosses 500+ Sunrise Applications

Meet Boston Ivy, Home to Some of the Most Specialized TLDs in the Financial Services Sector

Move Beyond Defensive Domain Name Registrations, Towards Strategic Thinking

Is Your TLD Threat Mitigation Strategy up to Scratch?

Verisign Launches New gTLDs for the Korean Market, .닷컴 and .닷넷

Verisign Opens Landrush Program Period for .コム Domain Names

Domain Management Handbook from MarkMonitor

i2Coalition to Host First Ever Smarter Internet Forum

Afilias Announces Relaunch of .GREEN TLD

New .PROMO Domain Sunrise Period Begins Today

US Court Grants DCA Trust's Motion for Preliminary Injunction on .Africa gTLD

Minds + Machines Group Announces Outsourcing Agreements, Web Address Change

.STORE Opens its Doors to Brands

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

Sponsored Topics

Afilias - Mobile & Web Services

Mobile

Sponsored by
Afilias - Mobile & Web Services
Verisign

Security

Sponsored by
Verisign
Port25

Email

Sponsored by
Port25
Afilias

DNS Security

Sponsored by
Afilias