Latest news of the domain name industry

Recent Posts

Now new gTLDs are being scapegoated for child abuse material (rant)

The guy responsible for getting the string “rape” closely restricted for no reason in .uk domain names is now gunning for ICANN and new gTLDs with a very similar playbook.

Campaigner John Carr, secretary of the little-known Children’s Charities’ Coalition on Internet Safety, wants ICANN to bring in strict controls to prevent convicted pedophiles registering domains in child-oriented domains such as .kids.

He’s written to the UK prime minister, the two other ministers with the relevant brief, the US federal government and the California attorney general to make these demands.

That’s despite the fact that he freely acknowledges that he does not have any evidence of a problem in existing kid-oriented TLDs and that he does not expect there to be a problem with .kids, should it be delegated, in future.

Regardless, ICANN comes in for a bit of a battering in the letter (pdf), with Carr insinuating that it and the domain industry are quite happy to throw child safety under the bus in order to make a quick buck. He writes:

ICANN has definitely not been keeping the internet secure for children. On the contrary ICANN shows complete indifference towards children’s safety. This has led to real dangers that ICANN could have prevented or mitigated.

ICANN, the Registries and the Registrars have an obvious financial interest in increasing the number of domain names being sold. Their interest in maximising or securing their revenues appears sometimes to blind them to a larger obligation to protect the weak and vulnerable e.g. in this instance children.

Despite this worrying premise, Carr admits in an accompanying paper (pdf) that the Russian version of .kids (.дети), which has been live for three years and only has about 1,000 registrations, does not seem to have experienced a deluge of sex offenders.

Nevertheless, he says ICANN should have forced the .дети registry to do criminal background checks on all registrants to make sure they did not have a record of sexual offences.

While at the time of writing we have no information which suggests anything untoward has happened with any Russian .kids websites, and we understand the volume of sales has been low so far, the matter should never have been left open in that way. When ICANN let the contract it could have included clauses which would have made it a contractual obligation to carry out the sort of checks mentioned. The fact that ICANN did not do this illustrates a degree of carelessness about children’s well-being which is tantamount to gross negligence.

Quite how a domain registry would go about running criminal records checks on all of its customers globally, and what the costs and the benefits would be, Carr does not say.

The letter goes on to state incorrectly that Amazon and Google are in contention for .kids.

In fact, Google applied for the singular .kid. While the two strings are in contention due to an adverse String Confusion Objection, there’s also a second applicant for .kids, the DotKids Foundation, which proposes to keep .kids highly restricted and which Carr is either unaware of or deliberately omits from his letter.

Based on his assumption that .kids is a two-horse race between Amazon and Google, he says:

while I am sure both Google and Amazon will choose to do the right thing, whichever one is the eventual winner of the contract, the point is matters of this kind should never have been left as an option

So not only does Carr not have any evidence that extant “.kids” domains are currently being abused years after delegation, he’s also sure that .kids won’t be in future.

But he wants Draconian background checks implemented on all registrants anyway.

His letter coincides with the release of and heavily cites the 2016 annual report (pdf) of the Internet Watch Foundation — the organization that coordinates the takedown of child abuse material in the UK and elsewhere.

That report found that new gTLD domains are being increasingly used to distribute such material, but that Verisign-run TLDs such as .com are still by far the most abused for this purpose.

The number of takedowns against new gTLD domains in 2016 was 272 (226 of which were “dedicated to distributing child sexual abuse content”) the IWF reported, a 258% increase on 2015.

That’s 272 domains too many, but averages out at about a quarter of a domain per new gTLD.

There were 2,416 domains being used to distribute this material in 2016, IWF said. That means new gTLDs accounted for about 11% of the total child abuse domains — higher than the 7.8% market share that new gTLDs command (according to Verisign’s Q4 industry brief).

But the IWF report states that 80% of the total abuse domains are concentrated in just five TLDs — .com, .net, .se, .io, and .cc. Even child abusers are not fans of new gTLDs, it seems.

Despite the fact that two of these domains are operated under ICANN contract, and the fact that .io is operated by a British company representing a British overseas territory, Carr focuses his calls for action instead on new gTLDs exclusively.

And his calls are receiving attention.

A The Times article this week cries “New internet domain is magnet for paedophiles, charities warn”, while tabloid stable sister The Sun reported on “fears predators are exploiting new website addresses to hide indecent material”.

This is how it started with Carr’s campaign to get “rape” domains banned in the UK.

Back in 2013, he wrote a blog post complaining that it was possible to register “rapeher.co.uk” — not that it had been registered, only that it could be registered — and managed to place a couple of stories in the right-leaning press calling for Nominet to do more to prevent the registration of “depraved and disgusting” domains such as the one he thought up.

This led to a government minister calling for an independent policy review, an actual review, and a subsequent policy that sees some poor bastard at Nominet having to pore over every .uk registration containing rapey strings to see if they’re potentially advocating or promoting actual rape.

Implementation of that policy has so far confirmed that Carr’s worries were, as I said in my 2013 rant, baseless.

In 2016, there were 2,407 registrations of domains containing the string “rape”, but just one of them was found to be using it in the context of sexual assault and was suspended, according to Nominet stats.

In 2015, the number of suspensions was the same. One.

The same story is playing out now — a single Don Quixote with a tenuous grasp of the systems he’s criticizing calling for ludicrous policies to prevent a problem that he freely admits does not exist and probably won’t exist in future.

Still, at least he gets to wave some headlines in front of his employers to pretend he’s actually earning his salary.

Government forces Nominet into ludicrous porn review

Kevin Murphy, September 9, 2013, Domain Policy

Should Nominet ban dirty words from the .uk namespace?

Obviously not, but that’s nevertheless the subject of a formal policy review announced by Nominet today, forced by pressure from the British government and the Murdoch press.

Nominet said it has hired Ken MacDonald, former director of public prosecutions, to carry out the review.

He’s tasked with recommending whether certain “offensive” words and phrases should be banned from the .uk zone.

According to Nominet, MacDonald’s qualifications include his role as a trustee of the pro-free-speech Index on Censorship and a human rights audit he carried out for the Internet Watch Foundation, the UK’s child abuse material watchdog.

Nominet said:

Lord Macdonald will work with Nominet’s policy team to conduct a series of meetings with key stakeholders, and to review and assess wider contributions from the internet community, which should be received by 4 November 2013. The goal is to deliver a report to Nominet’s board in December of this year, which will be published shortly thereafter.

You can contribute here.

The review was promised by Nominet in early August following an article in the Sunday Times, subsequently cribbed quite shamelessly by the Daily Mail, which highlighted the fact that Nominet’s policies do not ban strings suggesting extreme or illegal pornography.

You may recall a rant-and-a-half DI published at the time.

While my rant was written without the benefit of any input from Nominet — I didn’t speak to anyone there before publishing it — it appears that Nominet already had exactly the same concerns as me.

The company has published a set of lightly redacted correspondence (pdf) between itself and the Department of Culture, Media and Sport which makes for extremely illuminating reading.

In a July 23 letter to DCMS minister Ed Vaizey, Nominet CEO Lesley Cowley uses many of the same arguments — even giving the same examples — as I did a week later. She was much more polite, of course.

She points out that as a matter of principle it probably should not be left to a private company such as Nominet to determine what is and isn’t acceptable content, and that it’s difficult to tell what the content of a site will be at the point the domain is registered anyway.

In relation to the questions of practicality, the permutations of offensive words and phrases that can be created in the 63 characters of a domain name are almost limitless, so the creation of some kind of exclusion list would ultimately not prevent offensive phrases being registered as domain names. Were we to have a set of words or phrases that could not be registered, we would likely end up restricting many legitimate registrations. A good example is Scunthorpe.co.uk, which contains an offensive term within the domain name, or therapist.co.uk which could be read in more than one way.

She also points out that domains such as “childabuse.co.uk”, which may on the face of it cause concern, actually just redirect to the NSPCC, the UK’s main child abuse prevention charity.

The real eye-opening correspondence discusses the Sunday Times article that first compelled Vaizey to lean on Nominet.

As I discussed in my rant, it was based on the musings of just one guy, a purported expert in internet safety called John Carr, who once worked for the IWF and now apparently advises the government.

The examples of “offensive” domains he had supplied the Sunday Times with, I discovered, were either unregistered or contained no illegal content whatsoever.

Nominet’s correspondence contains several more .uk domains that Carr had given the newspaper, and they’re even less “offensive” than the “rape”-oriented ones it eventually published.

The domains are teens‐adult‐sex‐chat.co.uk, teendirtychat.co.uk, teens.demandadult.co.uk, teenfuckbook.co.uk and ukteencamgirls.co.uk, all of which Nominet found contained legal over-18s pornography.

One of them is even owned by Playboy.

Carr, it seems, didn’t even provide the Sunday Times or Nominet privately with any domains that suggest illegal content in the string and actually contain it in the site.

Judging by the emails between Nominet’s PR people (which, admittedly, may not be the best place to obtain an objective viewpoint) the Sunday Times reporter was “not interested in the complexity of the issue” and:

has taken a very hostile stance and is broadly of the view that the internet industry is not doing enough to stop offensive (legal) content.

The Sunday Times’ downmarket sister publication, The Sun, is famous primarily for printing topless photographs of 18-year-old women (in the 1980s it was 16-year-old girls) on Page 3 every day.

The Sun, the UK’s best-selling daily, is currently resisting a valiant effort by British feminists, which I wholeheartedly support, to have Page 3 scrapped.

In other words, the level of media hypocrisy, government idiocy and registry cowardice that came together to create the MacDonald review is quite outstanding.

Still, Nominet in recent years has proven itself pretty good at making sure its independent reviews turn out the way it wants them to, so it’s looking fairly promising that this one is likely to conclude that banning rude words would be impractical and pointless.