IGF 2022 Open Forum #46 Strengthening MS collaboration on DNS Abuse

Time
Wednesday, 30th November, 2022 (06:30 UTC) - Wednesday, 30th November, 2022 (07:30 UTC)
Room
CR4

Panel - Auditorium - 60 Min

Description

The Domain Name System (DNS) is a naming system that allows users to navigate the internet through the use of human-readable domain names (eg: google.com). The DNS - part of the core of the internet - is an addressing system. It is a neutral, technical layer that is vital for the proper functioning of the internet. Protection of the core of the internet is and should be a key priority. DNS Operators increasingly get more and more requests to address specific types of abuses via the DNS. However, action at the DNS level to address technical abuses or problematic content should be considered carefully. Depending on the type of harm, action at the DNS level may be ineffective, blunt, disproportionate or have unintended collateral damage. There is no universal global standard for how and when operators act at the DNS level, but there is emerging agreement about principles that guide whether intervention at the DNS level is appropriate. Acting at the DNS level should only be considered when it can be reliably determined that the domain itself is used with a clear intent of significant abusive conduct. Furthermore, because the suspension of a domain has by definition a global impact, proportionality requires that only a particularly high level of abuse and/or harm could potentially justify resorting to such a measure. It is important that the impact of a specific action at DNS level is well understood This multistakeholder session will seek to explore three dimensions of addressing abuse through the DNS: What does acting at the DNS layer mean? When is it appropriate to act through the DNS? What is the role of multistakeholderism in DNS abuse? The session will bring together practitioners to share their perspectives on DNS abuse and also introduce initiatives that are working towards strengthening global multi stakeholder collaboration and providing a framework on which responsible action by industry actors may be based.
 

Organizers

DNS Abuse Institute
Rowena Schoo, DNS Abuse Institute and Ajith Francis, Internet & Jurisdiction Policy Network, 

Speakers

Hosts

  • Rowena Schoo, DNS Abuse Institute
  • Online moderation: Ajith Francis, Internet & Jurisdiction Policy Network
  • Onsite moderation: Adam Peake, ICANN (Internet Corporation for Assigned Names and Numbers)

External speakers

  • Sam Demetriou, Verisign and Chair of the Registry Stakeholder Group within ICANN
  • Manal Ismail,  National Telecom Regulatory Authority of Egypt and Chair of the Governmental Advisory Committee (GAC) within ICANN
  • Farzaneh Badii, Founder at Digital Medusa
  • Chris Lewis-Evans, UK National Crime Agency and Public Safety Working Group (PSWG) within ICANN
  • Nick Wenban-Smith, Nominet UK, DNS Abuse Standing Committee (DASC) and country code Name Supporting Organization (ccNSO) within ICANN

 

Onsite Moderator

Ajith Francis, Internet & Jurisdiction Policy Network, Civil Society, Europe

Online Moderator

Ajith Francis, Internet & Jurisdiction Policy Network, Civil Society, Europe

Rapporteur

Ajith Francis, Internet & Jurisdiction Policy Network, Civil Society, Europe

SDGs

9. Industry, Innovation and Infrastructure

Targets: Having a secure, safe global internet that is governed by a multi-stakeholder model and proactively addresses abuse is essential to the global interoperable internet. Access to the global internet underpins and enables essentially all of the SDGs. In particular, this session is related to advancing: SDG 9 Build resilient infrastructure, promote inclusive and sustainable industrialization and foster innovation by ensuring the DNS is resilient, functions seamlessly and innovates to prevent and address abuse.

Key Takeaways (* deadline 2 hours after session)

The multistakeholder model includes a role for users, it is important to reflect this in due process and consider the impact on human rights - for example, through notification and engagement with the user in their domain name is implicated in a form of abuse. Recourse mechanisms also form part of a due-process when prior notification of action is not possible, for example due to severe, well evidenced concerns of harm to the public.

There is growing regulatory pressure on the need to address content related abuses at platform level, and increasingly through the DNS. Given the technical limitations of the DNS in targeted interventions, there is a need for a multistakeholder process on developing principles, criteria and thresholds to demarcate the limited set of situations where the DNS may be used to remediate specific types of content. However, it is important to note that

Call to Action (* deadline 2 hours after session)

Continued multistakeholder dialogue on definitions of when to act at the DNS on what types of abuses and strengthening due-process towards ensuring an open, accessible and safe internet for all

Session Report (* deadline 16 December) - click on the ? symbol for instructions

The DNS Abuse Institute and Internet & Jurisdiction Policy Network Open Forum on Strengthening Multistakeholder collaboration on DNS Abuse, took place on Wednesday, November 30, 2022 from 06:30 to 07:30 UTC. It engaged a multistakeholder panel comprised of industry representatives (both generic Top Level Domains (gTLD) and country code Top Level Domains (ccTLD) Registries), government, law enforcement, and civil society representatives on the question of, “when is it appropriate to act at the level of DNS to address online abuse?”. 

The session was structured around the following key pillars:

  • What does DNS abuse look like? 
  • What does acting at the DNS layer mean? 
  • When do you think it's appropriate to act through the DNS? 
  • What is the role of multistakeholderism in DNS abuse? 

This session focused on the role of the multistakeholder model in relation to when it is appropriate to address online abuses through the Domain Name System (DNS). Domain registries and registrars are part of a centralized system of Internet infrastructure that provides an addressing system for the Internet. 

The Internet Corporation for Assigned Names and Numbers (ICANN) is a multistakeholder organization where consensus policies are developed by the community including the contracted parties (e.g., Registries and Registrars). These contracted parties who operate generic Top Level Domains (gTLDs) can be impacted and ultimately bound by these consensus-driven policies. Country Code Top Level Domains (ccTLDs) also fit into the ICANN ecosystem but have their own systems of policy development which can also include multistakeholder engagement on a national or regional level. 

There are various definitions of ‘DNS Abuse’. Sometimes the term can be used as shorthand to indicate ‘action is appropriate at the DNS level’. However, the conversation benefits from a more granular discussion and the consideration of context for specific types of online abuse.

The DNS is a tool that allows users to connect to specific addresses on the Internet (often websites), but itself is separate from the content on websites– which is not within the control of a registry. Acting at the DNS layer often entails deleting or suspending the entire domain name which can have far reaching, often unintended consequences, for the registrant and website users. For a registry, remedying abuse often means working with registrars or other service providers. 

For governments and law enforcement around the world, it can be challenging jurisdictionally to address harm occurring on the Internet, with its transnational nature, when the actors and intermediaries are distributed globally and laws are not aligned across the world. 

There are more actors involved in the ecosystem beyond registries and registrars, for example, hosting providers, the registrant themselves (the user of the domain name). 

On what DNS abuse looks like, panelists delved into what different operators consider to be appropriate to address at the level of the DNS and the wide distinction between gTLD registries and ccTLD registries. It was identified that ccTLD registries are often much closer to national laws and may be required to follow national procedures. 

When considering action at the DNS level, it is important to differentiate technical abuse from content abuse, assess evidence and consider principles. Is the ‘tool’ available to that operator effective to mitigate the specific harm, precise, proportionate, and has a limited potential for collateral damage? If action is taken in error, it can often be reversed (e.g., a domain name can be restored), but the consequences of the error may not be reversible. Those consequences could come with an unacceptable impact on fundamental human rights, for example, by causing a loss of connectivity for critical health or informational services. The potential to cause more harm than the initial issue detected should be considered seriously. 

It is essential that law enforcement in particular have respect for due process as they investigate and report harm. It is also essential that operators of infrastructure are aware of the potential human rights impacts of potential actions. 

In addition, it was identified that ​​the role of the multistakeholder model is important but is better suited to some tasks than others. There is currently a movement within ICANN by the contracted parties to request changes to their contract. In particular the request is for focused and targeted amendments to take reasonable and appropriate action to mitigate or disrupt malicious registrations when reports are properly evidenced. 

There is also a role for the multistakeholder model within ICANN to undertake further, more detailed work on the topic of DNS Abuse. In addition, there is also a need to engage with actors outside the ICANN DNS Community ecosystem. 

The multistakeholder model includes a role for users, it is important to reflect this in due process and consider the impact on human rights—for example, through notification and engagement with the user that their domain name is implicated in a form of abuse. Recourse mechanisms also form part of a due process when prior notification of action is not possible, for example due to severe, well evidenced concerns of harm to the public. 

There is growing regulatory pressure on the need to address content related abuses at platform level (where the content ‘lives’), and increasingly through the DNS. Given the technical limitations of the DNS in targeted interventions, there is a need for further work through the multistakeholder process to develop principles, criteria, and thresholds to demarcate the limited set of situations where the DNS may be used to remediate specific types of content. However, it is important to note that the purpose is not to legitimize content restrictions through the DNS which is neither technically possible nor recommended.

Session Type
OF