Policy & Regulation

Policy & Regulation / Recently Commented

The Road Less Traveled: Time Is Running Out for NTIA-Verisign Cooperative Agreement

It is remarkable  -  for all the wrong reasons  -  that only two months remain before the National Telecommunications and Information Administration (NTIA) must make a fateful decision on how it will address its' long-standing Cooperative Agreement with Verisign  -  the private-sector corporation that edits the authoritative address book of the Internet's Domain Name System (DNS), maintains two of the DNS root servers, and operates the .com and .net registries of the Internet, undoubtedly one of the most lucrative concessions ever granted. more

Enough With Blacklisting Online Pharmacies, Isn’t It Time to Consider White Lists?

Before I go back to the beginning, let me make clear that what follows are my personal observations vis-a-vis how National Association of Boards of Pharmacy (NABP) is managing the .Pharmacy Registry relative to personal experience as founder, President and CEO of Tralliance Corporation, the original manager of the .Travel Registry. My analysis may be a little long, but I promise that if you stay with me, you will be enlightened. more

M3AAWG and APWG Do the Best Survey Yet on WHOIS Redaction

M3AAWG, the Messaging, Malware, and Mobile, Anti-Abuse Working Group and APWG, the Anti-Phishing Working Group, surveyed their members about recent WHOIS changes. With over 300 results from security researchers, it's the broadest report yet on WHOIS use. The survey results confirm our concerns that WHOIS was a vital resource for security research, and its loss is a serious and ongoing problem. more

Addressing Infringement: Developments in Content Regulation in the US and the DNS

Over the course of the last decade, in response to significant pressure from the US government and other governments, service providers have assumed private obligations to regulate online content that have no basis in public law. For US tech companies, a robust regime of "voluntary agreements" to resolve content-related disputes has grown up on the margins of the Digital Millennium Copyright Act (DMCA) and the Communications Decency Act (CDA). more

KSK Rollover, Elliptical Curve Vulnerabilities, Surveillance and Privacy. Are We Building Trust?

ICANN just recently performed a Root Zone DNS Security Extensions (DNSSEC) Key Signing Key (KSK) Rollover. The recent KSK Rollover that took place on the 11th October 2018. The KSK Rollover has been successful and congratulations are in order. The Root Zone DNSSEC Key Signing Key "KSK" is the top most cryptographic key in the DNSSEC hierarchy. The KSK is a cryptographic public-private key pair. more

Traceability

At a recent workshop on cybersecurity at Ditchley House sponsored by the Ditchley Foundation in the U.K., a primary topic of consideration was how to preserve the freedom and openness of the Internet while protecting against the harmful behaviors that have emerged in this global medium. That this is a significant challenge cannot be overstated... That these harmful behaviors can and do cross international boundaries only makes it more difficult to fashion effective responses. more

Spare a Thought for Venezuela

Please spare a thought for Venezuela. This, the 33rd largest country in the world and with about 34 million people, the largest proven reserves of oil, the cheapest price of gasoline in the world, and was in 1950 richer than Germany, has fallen on times so hard in this once Latin America's richest country that 75% of the population lost an average of 11 Kg (24 pounds) in weight in one year because of food scarcity. And you might ask: "Why should I care?" more

New Zealand's Domain Name Commission Wins Injunction in a Lawsuit Against DomainTools

New Zealand's Domain Name Commission today won a motion for preliminary injunction in a US lawsuit against the company DomainTools. more

GDPR Didn't Affect Spam? Not So Fast

I have recently become aware of a blog post from Recorded Future that attempts to analyze the effects of the GDPR on online security. Unfortunately, it starts by asking an irrelevant question and then goes on to use irrelevant metrics to come to a meaningless answer. The premise of Recorded Future's article - that spammers would send more spam and register more domains because GDPR came into effect - tells us nothing useful about how GDPR affects anything. It's the wrong question... more

Trump's Outrageous ITU Elections Gambit

Every four years, the 168-year-old, Geneva-based treaty organization that provides the legal basis for worldwide network communications, radio spectrum management, and satellite placements holds a "plenipotentiary" conference among its 193 sovereign nation members. The next plenipotentiary begins on 29 October for three weeks. In addition to potentially altering treaty provisions and resolutions, and constituting its Council as an interim governing body, it elects 17 individuals to its five permanent bodies... more

Special Interests Circulating Draft Legislation to Cut Short ICANN's Whois Policy Process

Special interests who oppose privacy are circulating draft legislation to cut short ICANN's Whois policy process, warns Milton Mueller in a post published today in Internet Governance Project. more

Taking a Multi-Stakeholder Look at Cyber Norms

Recently we've seen several examples of likely state sponsored security incidents of which the appropriateness was later strongly debated. Incidents such as states impacting commercial enterprises during cyber attacks; purported sabotage of critical infrastructure, and attacks on civilian activists have all, to a greater or lesser degree, led to concerns being raised by both civilian watchdog groups, academics, technologists and governments. more

The Internet's Gilded Age

The rise of the Internet has heralded rapid changes in our society. The opportunities presented by a capable and ubiquitous communications system and a global transportation network have taken some corporations from the multinational to the status of truly global mega-corporation. Good examples of these new corporations include Google, Apple, Amazon, Microsoft and Facebook. There are a handful of large-scale winners in this space and many losers. But this is not the first time we've witnessed a period of rapid technological and social change. more

ICANN's ePDP - An Insider's Perspective

Amazingly enough, summer is rapidly ending as kids head back to school, the temperatures in the mornings are just slightly cooler, and soon enough jeans and sweatshirts will be upon us. It also means that the important work on ICANN's temporary specification regarding WHOIS relative to GDPR has already aged a few months. The ICANN Board adopted the temporary specification in May 2018 and it became effective on the 25th of the month. more

IPv4 Historical Imbalances and the Threat to IPv6

It is an open secret that the current state of IPv4 allocation contains many accidental historical imbalances and in particular developing countries who wish to use IPv4 are disadvantaged by the lack of addresses available through ordinary allocation and are forced into purchasing addresses on the open market. As most of the addresses for sale are held by organisations based in the developed world, this amounts to a transfer of wealth from the developing world to the developed world, on terms set by the developed world. more