ICANN 66: Focus on domain abuse

18th November 2019


Nick Wenban-Smith
General Counsel and Head of Stakeholder Relations

For a week in November in chilly Montreal, the circus came to town. No, I am not referring to Cirque du Soleil, who call this Canadian province home, but the ICANN circus of international stakeholders and their marathon schedule of meetings, discussions, presentations and networking events. And while we had a few professional contortionists working the room at the social events, there was also wrangling and wrestling over big policy and governance issues in the sessions, as many minds from across the world worked to find black and white in a sea of grey.

Many different topics are covered at each ICANN meeting, but the noticeably prominent issue from Montreal was DNS abuse. Discussions on this had been requested by the Public-Safety Working Group at the previous meeting in Marrakech, while the time between the two ICANN meetings saw the Registries Stakeholder Group sending out an open letter (to which Nominet was a signatory). The call to action in this letter was that “protecting the public from security threats and DNS Abuse is an important public policy issue” and therefore something ICANN needs to have a role in, or at least consider its role within.

The first challenge is trying to accurately define what we mean by DNS abuse. This can be of a technical nature (botnets, malware, etc.) or content related – is the domain hosting child abuse images or terrorist content? The definition matters because ICANN is governed by bylaws to stay clear of website content and to uphold the security and stability of the internet only. There were suggestions that ICANN could tackle just the technical side of DNS Abuse, while others were calling for a wider remit to ensure ICANN was also considering and acting on content, in some instances.

Some who are keen to see ICANN expand their view of content are seeking to reduce fraud and IP infringement, and suggest that ICANN’s resistance could result in fragmentation of the role they play in internet governance. There are also those who see this differentiation of domain abuse as abstract – how will a victim feel if told, after being de-frauded by a website registered purely for fraudulent purposes, ‘the content isn’t our problem’? (Facebook have faced similar questions following their stance on being platform, not a publisher.)

Yet there is also a resistance to seeing ICANN extend their remit into areas that are not entirely their concern, resulting in more pressures on registries to do more on abusive domain registrations, adding to the already considerable burden of ICANN contracts. We can’t overlook the ongoing challenges of legality varying by jurisdiction; something that may be illegal in one country could be legal in another, so how can an international body govern over different jurisdictions?

That said, there is some content that is unacceptable in any nation on grounds of human decency and should have no place on the internet – child abuse images are one such example. This material is abhorrent and abusive no matter where you live, so shouldn’t ICANN take a role in at least disrupting access to such material, even if they can’t remove it completely?

It is an incredibly complex issue, and one that will continue to be debated for much time to come as the internet community try to find an answer to yet another slippery question of policy and regulation in a vast, borderless, innovative arena. For ICANN, there is always the pressure to be doing the right thing or risk having their toys taken away – the body is validated by the community itself – and this always raises the stakes and inevitably slows down the process of decision making.

That said, there is still much that individual registries can continue to do to monitor and mitigate domain abuse in our own jurisdiction. Nominet works continuously to proactively protect the .UK domain and keep the country’s namespace safe and secure. We run internal projects, such as the anti-phishing initiative Domain Watch, but also work collaboratively with law enforcement agencies to identify and suspend domains being used for criminal activity. There is also ongoing activity with the UK Internet Watch Foundation, working to remove child abuse images and videos from the internet.

This collaborative approach is key to this endeavour. Nominet lacks the competency to make judgements on lawfulness or illegality; however much some people would like us to be, we are not the police force of the internet. In any case, as a DNS operator we are more akin to a directory service and we do not host or provide internet access to any content.

The colourful and complex world of internet governance and policy is an aspect of my role I find very interesting. While some of the ICANN sessions can be lengthy and dense in detail, it is always hugely enjoyable to be a voice in these debates and join the community decision making process that is shaping and protecting the open free internet that has served our society so well for the past decades. Then we can decompress over a cocktail and watch the professional circus performers. All in all, an interesting time in Montreal.

Like this? Try these...