The Internet Watch Foundation said it found child abuse imagery on new gTLD domain names for the first time in 2015.
The UK-based organization, tasked with identifying and blocking child abuse imagery online, today released its 2015 annual report.
The report says that it found 68,092 unique URLs with this illegal content in the year, spread over 1,991 domains. It says:
Five top level domains (.com .net .ru .org .se) accounted for 91 per cent of all webpages identified as containing child sexual abuse images and videos.
However, it also says that child abuse was found on new gTLDs for the first time.
While the report doesn’t make much of this trend, it should be worrying.
The IWF said it took action on 436 new gTLD domains in 2015, many of which “appeared to have been registered specifically for that purpose”.
While new gTLD names appear to be responsible for a very small percentage of flagged URLs, they seem to be 21% of the total number of domains on which child abuse imagery was found.
This discrepancy may be explained by the fact that 78% of the total abuse URLs were found on free-to-use image hosting sites, probably concentrated in .com.
The IWF added that 138 of the new gTLD domains hosted “disguised” abuse sites. These are sites where illegal content is only shown when visitors arrive from a specific referrer link.
The IWF offers a “Domain Alerts” service to its members, which allows registries and registrars to quickly take down domains confirmed as containing illegal material.
Judging by its member list, not many domain name companies are members.
Members include Go Daddy, ICM Registry, .London Domains, Rightside, Afilias and Nominet.
A group of would-be .hotel gTLD registries have called on ICANN to reject the winning applicant’s bid or be complicit in “criminal acts”.
The group, which includes Travel Reservations, Famous Four Media, Radix, Minds + Machines, Donuts and Fegistry is threatening to file a second Independent Review Process complaint unless ICANN complies with its demands.
Six applicants, represented by Flip Petillion of Crowell & Moring, claim that Hotel Top Level Domain Sarl should forfeit its application because one of its representatives gained unauthorized access to their trade secrets.
That’s a reference to a story we covered extensively last year, where an ICANN audit found that DotBerlin CEO Dirk Krischenowski, or at least somebody using his credentials, had accessed hundreds of supposedly confidential gTLD application documents on ICANN’s web site.
Krischenowski, who has denied any wrongdoing, is also involved with HTLD, though in what capacity appears to be a matter of dispute between ICANN and the rival .hotel applicants.
In a month-old letter (pdf) to ICANN, only published at the weekend, Petillion doesn’t pull many punches.
The letter alleges:
Allowing HTLD’s application to proceed would go agaist everthing that ICANN stands for. It would amount to an acquiescence in criminal acts that were committed with the obvious intent to obtain an unfair advantage over direct competitors.
ICANN caught a representative of HTLD stealing trade secrets of competing applicants via the use of computers and the internet. The situation is even more critical as the crime was committed with the obvious intent of obtaining sensitive business information concerning a competing applicant.
It points out that ICANN’s Applicant Guidebook disqualifies people from applying for a new gTLD if they’ve been convicted of a computer crime.
To the best of my knowledge Krischenowski has not been convicted of, or even charged with, any computer crime.
What ICANN says he did was use its new gTLD applicants’ customer service portal to search for documents which, due to a dumb misconfiguration by ICANN, were visible to users other than their owners.
Krischenowski told DI in an emailed statement today:
According to ICANN, the failure in ICANN’s CSC and GDD portals was the result of a misconfiguration by ICANN of the software used (as mentioned at https://www.icann.org/news/announcement-2-2015-11-19-en). As a user, I relied on the proper functioning of ICANN’s technical infrastructure while working with ICANN’s CSC portal.
HTLD’s application for .hotel is currently “On Hold”, though it is technically the winner of the seven-application contention set.
It prevailed after winning a controversial Community Priority Evaluation in 2014, which was then challenged in an Independent Review Process case by the applicants Petillion represents.
They lost the IRP, but the IRP panelists said that ICANN’s failure to be transparent about its investigation into Krischenowski could amount to a breach of its bylaws.
In its February ruling, the IRP panel wrote:
It is not clear if ICANN has properly investigated the allegation of association between HTLD and D. Krischenowski and, if it has, what conclusions it has reached. Openness and transparency, in the light of such serious allegations, require that it should, and that it should make public the fact of the investigation and the result thereof.
The ruling seems to envisage the possibility of a follow-up IRP.
ICANN had told the panel that its investigation was not complete, so its failure to act to date could not be considered inaction.
The ICANN board resolved in March, two days after Petillion’s letter was sent, to “complete the investigation” and “provide a report to the Board for consideration”.
While the complaining applicants want information about this investigation, their clear preference appears to be that the HTLD application be thrown out.
Australia’s ccTLD manager has confirmed that local registrants will be able to register .au domains at the second level, eschewing the usual .com.
auDA said yesterday that its board has approved a plan that will let people register names such as example.au, rather than example.com.au or example.org.au.
The country follows the example of New Zealand and the UK, which have also started to permit second-level registrations in recent years.
auDA agreed with its policy committee that direct .au registrations would:
– make available domain names which are shorter, more appealing and more memorable
– give Australians more choice in deciding what domain name to register
– respond to market demand
– be more attractive to natural individuals than the current option, id.au
– strengthen the “.au brand” in a globally competitive market
– add value to all three main categories of users – registrars and resellers, registrants and ultimate users of the .au domain name system.
There’s no timeline yet on when 2LDs will become available, much less a policy on how potential conflicts will be handled, but auDA said it will provide updates later in the year.
Vox Populi, the .sucks registry, has had controversial changes to its registrar contract approved after it softened language some had compared to a “gag order”.
ICANN approved changes to the .suck Registry-Registrar Agreement last week, after receiving no further complaints from registrar stakeholders.
The purpose of this Agreement is to permit and promote the registration of domain names in the Vox Populi TLDs and to allow Registrar to offer the registration of the Vox Populi TLDs in partnership with Vox Populi. Neither party shall take action to frustrate or impair the purpose of this Agreement.
But Vox has now “clarified” the language to remove the requirement that registrars “promote” .sucks names. The new RRA will say “offer” instead.
Registrars had also complained that the new RRA would have allowed Vox to unilaterally impose new contractual terms with only 15 days notice.
Vox has amended that proposal too, to clarify that changes would come into effect 15 days after ICANN has given its approval.
Vox CEO John Berard told ICANN in a March 18 letter:
VoxPop’s intent was never to alter any material aspect of the Registry Registrar Agreement. Our intent was to clarify legal obligations that already exist in the Agreement, and conform the timeframes for any future amendments with those specified in our ICANN registry contract.
It’s not quite cyberflight, but Facebook has transferred threatened domain name instagram.com to its newly acquired in-house registrar.
Whois records show that the domain, used for the popular photo-sharing social network, was moved from MarkMonitor to RegistrarSEC yesterday.
It emerged on Friday that Facebook had recently acquired RegistrarSEC.
So why the transfer?
It does not appear that the move is part of a wholesale transfer of domains — facebook.com, whatsapp.com, fb.com and all the other Facebook domains I checked are still with MarkMonitor.
Instead, I would speculate that it’s related to the lawsuit in China in which the family of a deceased cybersquatter are fighting for the return of the domain to their ownership.
Instagram acquired the name for $100,000 from the Guangdong-based Zhou family in January 2011, just a couple of months after Zhou Weiming, the now deceased patriarch, bought it from an American domainer.
According to a lawsuit (pdf) filed against the family in California by Instagram this January, Zhou’s widow and two daughters are suing the third daughter in a Chinese court for selling the domain without the proper authority.
They want the domain returned to them.
By transferring instagram.com to a registrar completely controlled by Facebook, the company has removed one huge risk factor from the Chinese lawsuit.
If MarkMonitor were to be served with a Chinese court order ordering the transfer of the domain to the Zhous, and it were to comply, the Instagram service used by millions could be held hostage by a group of known cybersquatters.
Now that the domain is at RegistrarSEC, Facebook gets the ability to refuse to comply with any such order.
This all begs the question of whether the deep-pocketed social network would go to the trouble of acquiring a registrar (with only 11 names to its accreditation) purely to provide a layer of insurance.
A fresh ICANN accreditation would be cheaper, but would take longer, and transferring to a different third-party registrar wouldn’t really solve the problem.
Instagram is predicted by one analyst to provide Facebook with $5.8 billion in annual revenue by the end of the decade.