Versions Compared

Old Version 2

changes.mady.by.user Charla K. Shambley

Saved on

compared with

New Version Current

changes.mady.by.user Charla K. Shambley

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
ALAC:

DNS Abuse

Date IssuedReference IDCurrent Phase 

AL-ALAC-ST-1219-03-00-EN was submitted to the ICANN Board on 24 December 2019.  For complete historical information on the development of this Advice, visit the At-Large workspace: ALAC Advice on DNS Abuse and the At-Large website: https://atlarge.icann.org/advice_statements/13747.


View file

Phase 3 | Evaluate & Consider

Description:

It has become increasingly imperative that the ICANN Community step up to address the challenge of DNS Abuse in its many forms. The implementation of the European Union’s General Data Protection Regulation (GDPR) has driven an increase in the incidences of DNS abuse, as it has become severely problematic to leverage WHOIS
and/or other parts of the DNS for the purpose of identifying bad actors and mitigating abusive behavior. Increases in abuse are well documented, and DNS Abuse has not gone without community notice.

ICANN Org has facilitated at least three separate discussions on DNS Abuse in 2019, and a major cross-community discussion on the topic took place during ICANN66 in Montreal. As the Governmental Advisory Committee (GAC) recently said about the importance of addressing DNS abuse, “Protecting the public from security threats and DNS Abuse is an important public policy issue.”

According to the review of the last round of new TLDs by the Consumer Competition, Choice and Trust Review Team (CCT-RT), the safeguards put in place during the last round were not effective, and the compliance operation within ICANN does not have the necessary mandate nor probably the ideal tools to combat DNS Abuse effectively. Discussions continue about how to define DNS Abuse, but there are also settled consensus definitions that could be employed for immediate reform. Once tools are in place, a change in definition will only change the scope of how these tools are used. An explicit mandate for ICANN Compliance is needed

nameALAC Advice to ICANN Board on DNS Abuse.pdf
height400


RecommendationDescriptionPhase
Recommendation 1

Establish a clear definition of DNS Abuse. The GNSO has already produced consensus definitions of “abuse” and “malicious use of domain names” that are more expansive. According to that definition, “abuse” is an action that: 1) Causes actual and substantial harm, or is a material predicate of such harm; and 2) Is illegal or illegitimate, or is otherwise considered contrary to the intention and design of a stated legitimate purpose, if such a purpose is disclosed. The GNSO also recognized that “malicious use of domain names” include, but are not limited to: 1) spam, 2) malware distribution, 3) online child sexual exploitation and imagery abuse, 4) phishing, 5) botnet command-and-control. ICANN should clarify the purposes and applications of “abuse” before further work is done to define DNS abuse. Once those purposes are identified, ICANN should determine whether abuse definitions used by outside sources can serve as references for the ICANN community, or whether a new, outcomes-based nomenclature could be useful (including impersonation, fraud, or other types of abuse) to accurately describe problems being addressed.

Phase 3 | Evaluate & Consider
Recommendation 2

Cease rate limiting WHOIS (eventually RDAP) or simplify the process of whitelisting, so that it can report on the registration ecosystem. Adopt a uniform and timely access framework for publicly available registrant data.

Phase 3 | Evaluate & Consider
Recommendation 3

Direct ICANN Org to establish low thresholds for identifying bad actors. Direct ICANN Org to publish more actionable Domain Abuse Activity Reporting (DAAR) data: identifying the operators with high concentrations of abuse against whom onward action ought to be contemplated.

Phase 3 | Evaluate & Consider
Recommendation 4

Provide an explicit mandate to ICANN Contractual Compliance to regularly use the audit function to root out “systemic” abuse; not to regulate content, but to

exercise enforceability against DNS Abuse.

proactively exercise enforceability.

Phase 3 | Evaluate & Consider
Recommendation 5

Do not process registrations with “third party” payments, unless they have been approved prior to the request.

Phase 3 | Evaluate & Consider
Recommendation 6

Adopt an “anti-crime, anti-abuse” Acceptable Use Policy (AUP) and include enforcement.

Phase 3 | Evaluate & Consider
Recommendation 7

Compel industry-wide good behavior: for ex. by increasing per domain transaction fees for registrars that continually demonstrate high abuse rates.

Phase 3 | Evaluate & Consider
Recommendation 8

Implement the above in agreements/contracts, with clear enforcement language for ICANN Contractual Compliance to adopt.5 Convene a discussion between the Contracted Parties and ICANN Compliance to finally resolve what additional tools might be needed by Compliance.

Phase 3 | Evaluate & Consider

STATUS UPDATES

DatePhaseProvided ByStatus Updates