ICANN had no role in seizing torrent domains

Kevin Murphy, November 29, 2010, 20:53:44 (UTC), Domain Policy

Okay, this is getting a bit silly now.

As you may have read, the US government “seized” a bunch of domain names that were hosting sites allegedly involved in piracy and counterfeit goods over the Thanksgiving weekend.

Over 80 domains, all of them in the .com namespace, had their DNS settings reconfigured to point them to a scary-looking notice from the Department of Homeland Security’s ICE division.

Somehow, in several reports over the last few days, this has been pinned on ICANN, and now some pro-piracy advocates are talking about setting up alternate DNS roots as a result.

Claims that ICANN colluded with the DHS on the seizures seem to have first appeared in TorrentFreak, which broke the news on Friday.

The site quoted the owner of torrent-finder.com:

“I firstly had DNS downtime. While I was contacting GoDaddy I noticed the DNS had changed. Godaddy had no idea what was going on and until now they do not understand the situation and they say it was totally from ICANN.”

For anyone involved in the domain name industry and the ICANN community, this allegation screams bogosity, but just to be on the safe side I checked with ICANN.

A spokesperson told me he’s checked with ICANN’s legal, security and compliance departments and they all had this to say:

ICANN had nothing to do with the ICE investigation… nobody knew anything about this and did not take part in the investigation.

All of the seized domains were .coms, and obviously ICANN has no technical authority or control over second-level .com domains. It’s not in the position to do what the reports allege.

If anybody were to ask ICANN to yank a domain, all it could do would be to politely forward the request to the registrar (in the case of torrent-finder.com, apparently Go Daddy) or the registry operator, which in the case of .com is of course VeriSign.

It would make more sense, save more time, and be less likely to create an international political incident, for the DHS to simply go directly to Go Daddy or VeriSign.

Both are US companies, and the DHS did have legal warrants, after all.

That’s almost certainly what happened here. I have requests for comment in with both companies and will provide updates when I have more clarity.

In the meantime, I suggest that any would-be pirates might be better served by switching their web sites to non-US domains, rather than trying to build an alternate root system from the ground up.

UPDATE: Ben Butler, Go Daddy’s director of network abuse, has just provided me with the following statement, via a spokesperson:

It appears the domain names were locked directly by VeriSign. Go Daddy has not received any law enforcement inquiries or court orders concerning the suspension of the domains in question.

Go Daddy has not been contacted by ICE or DHS on the domain names in question.

The statement goes on to say that Go Daddy believes that it should be the registrar’s responsibility to handle such takedown notices.

With regard to the registry taking action against the domain names in question, Go Daddy believes the proper process lies with the registrar and not the registry. This gives the registrar the ability to communicate with their customer about what has happened and why. When the registry acts, Go Daddy is unable to provide any information to our customers regarding the seizure of their domain names.

Go Daddy routinely cooperates with government and law enforcement officials to enforce and comply with the law.

I’ll post any statement I receive from VeriSign when I have it.

UPDATE: VeriSign sent this statement:

VeriSign received sealed court orders directing certain actions to be taken with respect to specific domain names, and took appropriate actions. Because the orders are sealed, further questions should be directed to the U.S. Department of Homeland Security.

Tagged: , , , , , , ,

Comments (39)

  1. Louise says:

    Where does the buck stop? ICANN has control, in the sense it rescinds accreditation to Registrars who do not comply with RAA. Selling trademark goods, and impersonation of 3rd parties is against Registrar / Registrant agreements.

    Finally, they got caught. Registrars do not care, nor invest in a process to determine if Registrants violate their terms. Registrars only out for profits, against the public interest. Illegal profits can well be channeled to terrorist, drug cartel, or other criminal interests.

    Good job, ICE!!! I applaud!

    ICANN, Verisign, eNom, Netsol, GoDaddy, Tucows, and Register are white collar criminals.

    • Kevin Murphy says:

      VeriSign looks after over 100 million domains.

      Go Daddy looks after over 40 million.

      If you have any good ideas how that many domains can be policed, I’m sure they’d love to hear them.

  2. Louise says:

    The process has to start when the complaint is initiated. Quit pitying the Registrars & Verisign! They make $$; they can invest in a process!

    The day after Oprah and Dr. Oz announced their lawsuit against trademark infringers using their names to sell acai berry products, GoDaddy’s acai product websites came down overnight – whoosh!
    If GoDaddy can take down offending websites overnight, they can troubleshoot 3rd party complaints via the same process.

    Ubid’s lawsuit against GoDaddy filed in Illinois, won’t die, either. GoDaddy profits off of parking pages with trademark uBid in the domain name, sending customers to competitors’ sites, so that NOT putting a process in place is going to cost GoDaddy in the long run. But it continues to thumb its nose at government!

    Ref: http://blogs.findlaw.com/celebrity_justice/2010/05/oprah-and-dr-oz-settle-in-acai-lawsuit.html

    http://wislawjournal.com/blog/2010/09/30/godaddy-subject-to-suit-out-of-state

  3. J.B. says:

    Calling ICANN, Registries and Registrars “white-collar criminals” is an amazingly obtuse statement.

    Even casual industry observers (including their harshest critics) acknowledge that each of those parties invests significant resources to combat online abuse.

  4. Michele says:

    I’m glad that Kevin took the time to post this, as the number of misinformed posts and articles I’ve seen about this over the last few days is simply insane

    If Verisign was contacted directly about those domains they should have at least informed the registrar in question what was going on.

    I’d agree with GoDaddy – the registrar should be the point of contact – not the registry

    And as for the comments about “white collar criminals” – that doesn’t even merit a response

    Regards

    Michele

  5. Jorge says:

    Great article, finally some common sense.

    ICANN has no control knobs at the 2nd level and actually registries not registrars are responsible for each piece of the allocated name space. Registrars acts as a distribution channels/retail resellers of the TLDs under administration of each registry.

    My .02

  6. This article demonstrates ICANN’s hypocrisy and also their wish to shift blame to others. In fact, ICANN has routinely approved measures to limit the due process rights of domain name registrants, so they are hardly “innocent” here. And I’d include Michele in that camp, given his position on the ETRP which would deprive domain registrants of due process and allow domain names to be easily “reverse hijacked.”

    Recall that the .info “Abuse Policy” was approved by ICANN:

    http://www.circleid.com/posts/86215_potential_danger_ahead_dot_info_policy/

    which would allow deletion of a domain at the pure discretion of a registry operator. Recall that .org was allowed to do the exact same thing:

    http://www.circleid.com/posts/20090108_pir_anti_abuse_policy_domain_names

    There was *supposed* to be development of a Registrant’s Rights charter, note my harsh comments at:

    http://forum.icann.org/lists/raa-improvements2010/msg00000.html

    but instead of creating one (and “due process” would be one of those fundamental rights that registrants are entitled to), the team gave up! I used the phrase “due process” 6 times in my comments, and of course ICANN ignored the issue.

    The URS, with its very limited notice period/mechanisms is yet another example.

    So, is ICANN guilty? Yes, because they had the opportunity to create protections for domain name registrants, but did not lift a finger to do so. Indeed, they go out of their way to limit the rights of registrants. “Inaction” makes one just as culpable as someone who did a specific “action.”

    • Kevin Murphy says:

      I’m not sure I follow your logic here, George.

      Are you suggesting that ICANN could somehow have created a registrant rights policy that would have taken precedence over US law?

      • Name NOT "required" says:

        ABSOLUTELY. WHEN did the GLOBAL PUBLIC agree to have THEIR INTERNET policed by those crazy amerikins? NEVER. That’s when. FUCK “US law” – MANY (read BILLIONS) DO NOT LIVE IN AMERKIKA AND ARE NOT “SUBJECT” TO US LAW. Go figure.

  7. No, Kevin, that’s not what I am saying. I’m saying that a correct process needs to be followed by registry operators (and registrars), and that ICANN should not be giving them carte blanche to do whatever they want.

    Let’s consider, for example, what happens when a company like Yahoo or an ISP receives a request for the real identity behind a username/email address/IP address. They don’t simply immediately hand them over, but allow the user to challenge the request in court within a certain timeframe. If the user fails to do that, then they’d follow the request.

    In this specific case, we don’t have all the details, but it seems to me that VeriSign should have contacted the registrant (via the registrar, given .com is a thin WHOIS) and given them time to respond in court, before following the order. If a policy existed that defined the rights of registrants (i.e. the Registrants Rights Charter that was supposed to have been developed), ICANN could penalize VeriSign had they not given the registrant the benefit of due process.

    As I noted in my other comments linked to from above, there’s a famous award-winning film, “A Man for All Seasons” from the 1960s, based on the play, that had a memorable scene:

    —- start quote ——–
    “William Roper: So, now you give the Devil the benefit of law!

    Sir Thomas More: Yes! What would you do? Cut a great road through the law to get after the Devil?

    William Roper: Yes, I’d cut down every law in England to do that!

    Sir Thomas More: Oh? And when the last law was down, and the Devil turned ’round on you, where would you hide, Roper, the laws all being flat? This country is planted thick with laws, from coast to coast, Man’s laws, not God’s!

    And if you cut them down, and you’re just the man to do it, do you really think you could stand upright in the winds that would blow then? Yes, I’d give the Devil benefit of law, for my own safety’s sake!”
    —— end of quote ——–

    Even the Devil (real abusers, spammers, etc.) deserves the benefit of law (and due process), in order to protect everyone else from the anarachy that would result without laws and due process.

    Copyright infringement is illegal, but even those alleged to have been infringing copyright deserve their day in court. There was no “emergency” here that warranted immediate takedown without allowing the registrants the ability to challenge the order. The odds are, they wouldn’t have exercised their right to challenge, and the order would have gone through. But, that right should *exist* to protect innocent registrants who are wrongly accused and *would* want to exercise the right to challenge such an order.

    • Kevin Murphy says:

      While that all may be true, the point remains that ICANN is not in a position to create policies binding on the institutions of government in the US or anywhere else.

      If US law allows property to be seized without trial, that’s a matter for Congress, not ICANN.

  8. By the way, the 5th Amendment of the US Constitution has guarantees to “Due Process”, so it’s clear ICANN can create a policy that would be consistent with US law:

    “No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation”

    • Joe Baptista says:

      George:

      The US Constitution is lost. Unless We the People (USA citizens only) rise up and and enact the provisions of the US Constitution and put the tyrants in jail – then it’s over baby.

      George when a President participates in the murder of millions of babies in the Gulf of Mexico – heres one of them:

      http://www.youtube.com/watch?v=jephoyL4o5g

      Then the jigs up. The US Constitution is being destroyed as is the US Nation. And no one in the US has the balls to stand up and say no. Sheep.

      You can repeat constitutional niceties all you want. But it’s over. If the fat lazy American does not defend his or her rights – they never deserved them.

      I still believe in the US Constitution. A document authored by great men today in the hands of a dumbed down society. I pity them.

      And you also know George – here is the risk with ICANN. They control the root keys.

      I warned you all …

      http://www.ntia.doc.gov/DNS/comments/comment034.pdf

      ;)

  9. theo says:

    I am certainly no expert here. I do not live in the USA.

    But it was my understanding that homeland security was involved in this.

    And from my understanding (correct me if i am wrong) they do not need a court order to shut down the mentioned sites.

    So they go right to an usa based registy (Verisign in this case).

    Tho godaddy would have complied given previous track record this would have a different outcome if a non USA based registar would have been involved.

    Again i do not know the details. But if these sites would have been hosted in Europe and Registered thru a registrar in Europe different discussion.

    From what i read (i stand corrected) just linked to the material. In alot of European countries downloading is allowed by law…

    tricky all in all.

    • Kevin Murphy says:

      In this case, it seems that Homeland Security did in fact have a court order.

      The DHS was able to shut these domains down because they were all .com domains, and all .com domains are managed by VeriSign, which is a US-based company.

      It’s my understanding that many of these domains were registered through non-US registrars, which is probably why DHS went to the registry, rather than the registrars.

  10. internauta says:

    Homeland Security is now dirtying its hands with copyright matters?.

    F*cking US of A government sold to the MAFIAAs, it’ll be the end of the net.

  11. Joe Baptista says:

    I don’t believe much of this. ICANN knew. Maybe not the organization but definitely the people in charge.

    ICANN’s top people would know including it’s president and ex-homeland security lad.

    Verisign the top-level domain operator for .com would know. They are the ones who publish the .com zone file. And they are contracted by the US government and run by the spooks.

    There already exists many other roots. The US is not the only one. The Chinese have been running their own roots for years. They have their own domain system of International characters. Some of those are now available on the American root but were originally published only behind the Chinese firewalls.

    There are a few roots run by crooks. I don’t think I trust those (i.e. INAIC and UnifiedRoot). I built those – I know the people behind them.

    The one I trust is operated by the Cesidian root. http://cesidianroot.net/

    The cesidian root can see more of the Internet then any other root. It was the first trusted root to see the Chinese and Arabic Internet.

    OpenNIC is another root experiment I support.

    There are many existing options. Even a domain name system run by pirates. Today you can get domains ending in .pirates.

    The fact people still use the US Internet is clearly a sign some user education is necessary.

    • Karl Reid says:

      I don’t see why ICANN would know. They have nothing to with what happens under the .com domain. VeriSign and the US Dept. of Homeland Security are the “guily parties” in this situation. ICANN have no reason to be involved and the US gov. would have no reason to contact them.

      • Joseph says:

        Verisign is not guilty, as Verisign had a legal obligation to comply with the court order that DHS secured from a judge. They had no choice, quite simply.

        the fault lies with the DHS and the judge.

    • Scary Devil Monastery says:

      When was user education NOT necessary?

      I think what we’re seeing is the matter of a politization of the entire information transfer process. Everyone in a position of public power has far more of a vested interest in governing communication than they have in allowing the communicating parties to govern themselves.

      The roots are after all in essence just lists telling A how to reach B. Set up and maintained by human action, and therefore a human agenda. The Chinese want their root system to primarily serve the goals of the Chinese government. The US root system has now switched from the agenda of “global communication” to “furthering US policy”.

      Now that this shift has occurred, users will begin educating themselves and start using alternatives. If we are to measure a startling bogon background count we should start looking in the office where the decision to start blocking domain names was first taken. Whether ICANN knew of what the Office of Homeland Insecurity was planning or not they will still carry a vast loss of credibility.

      And for the record…yes, most pirates are calling for alternative roots, will set such systems up, or otherwise make themselves independent from any system known to be under political oversight. This is given. And I’d use a pirate root server any day over one where i KNEW a political process bent on blocking “unwanted” communication(whatever that means) was the one drawing the map.

      So will many others. Enough so, i think, that i believe the wheels just fell off the US’s central role in keeping the global DNS root.

  12. Khaled Fattal says:

    Kevin,

    This has the most gravest of implications and consequences vis-a-vis the international community and the current Governance model.

    Another key issue is “transparent due legal process”, which is clearly lacking here.

    Should nations and communities around the world become concerned or alarmed that their Internet will be subject to US laws in their own sovereign jurisdictions?

  13. [...] folks, let’s get this straight: ICANN didn’t have anything to do with seizing the domain names last week. Frankly no one familiar with ICANN would even think that [...]

  14. DASHWORLDS says:

    Re Peter Sunde, Pirate Bay, Alternate DNS and Non-ICANN Domains:

    Non-ICANN Domain names are already available at http://dashworlds.com

    New DASHCOM domains can now be registered totally free (Includes option to create your own TLDs)

    Examples of new domains:

    business-com

    travel-net

    happy-birthday

    thank-you

    (DASHCOM domains also offers ISP link in options)

  15. [...] ICE operation has so far bypassed registrars, going directly to registry operators such as VeriSign. This is [...]

  16. [...] ICE operation has so far bypassed registrars, going directly to registry [...]

  17. [...] plug-in was created in response to the seizure of domain names alleged to be involved in distributing bootleg movies, music and [...]

  18. [...] domains ICE recently seized at the registry level under Operation “In Our Sites” have, as of yesterday, started [...]

  19. [...] Another half-dozen domains reportedly grabbed within the last few days were actually seized last November, as part of ICE’s major Thanksgiving crackdown. [...]

  20. [...] Another half-dozen domains reportedly grabbed within the last few days were actually seized last November, as part of ICE’s major Thanksgiving crackdown. [...]

  21. [...] agency has already started shutting down .com and .net sites by seizing their domains, even if the sites in question had been found legal in their own overseas [...]

  22. [...] agency has already started shutting down .com and .net sites by seizing their domains, even if the sites in question had been found legal in their own overseas [...]

  23. [...] авторских прав в Интернете.Агентство уже начало закрывать сайты торрент-трекеров в зонах .com и.net путем захвата их доменов, даже если [...]

  24. [...] while global DNS coordinator ICANN is US based, it cannot technically force a foreign registrar to do anything. Any international ICE cooperation is going to be done with the [...]

  25. [...] ICANN claims that they have nothing to do with these takedowns, and the takedown orders may likely have been [...]

  26. [...] folks, let’s get this straight: ICANN didn’t have anything to do with seizing the domain names last week. Frankly no one familiar with ICANN would even think that [...]

Add Your Comment