Plug-in works around seized domains

Kevin Murphy, April 15, 2011, Domain Tech

Disgruntled coders have come up with a new Firefox plug-in to help people find piracy web sites after their domain names are seized by the authorities.

MAFIAA-Fire hooks into the browser, checking DNS queries against a list supplied by the developers, to see if the name corresponds to a seized domain.

If it does, the browser is redirected to an approved mirror. If it does not, the DNS query is handled as normal through the browser’s regular resolvers.

The plug-in was created in response to the seizure of domain names alleged to be involved in distributing bootleg movies, music and software.

The US Immigration and Customs Enforcement agency has been sending court-ordered take-down notices to US-based registry operators such as VeriSign for the last several months.

Some sites immediately relocate to top-level domains outside of US jurisdiction. MAFIAA-Fire is designed to make the process of finding these new sites easier.

As the plug-in site acknowledges, if any fraudulent data were to make its way onto its manually-authenticated list of domains, it could cause a security problem for end users.

MAFIAA stands for “Music and Film Industry Association of America”, a corruption of RIAA and MPAA. The “Fire” suffix comes from the fact that fire melts ICE.

The plug-in, which was first reported by TorrentFreak, is hosted at a .com address.

Go Daddy: let registrars seize domain names

Kevin Murphy, April 7, 2011, Domain Policy

Go Daddy has called for domain name registrars, not registries, to be responsible for seizing domain names associated with criminal activity.

In testimony submitted yesterday to the US House Subcommittee on Intellectual Property, Competition and the Internet, general counsel Christine Jones said that instructing registries to turn off domains can sometimes cause more harm than good.

Registrars, she said, often aid law enforcement with investigations into, for example, child pornography, and that registry interference can be dangerous.

In her prepared remarks (pdf), Jones wrote:

The registry in many instances has no knowledge of these highly confidential and sensitive matters, and we have experienced several occasions in which the sudden disabling of a domain name by a registry disrupted weeks or months of work investigating serious criminal activity by the registrant.

We would like to see future government and private industry efforts focused on naming the registrar as the primary contact for courts and law enforcement regarding all criminal and civil matters relating to domain names.

Also testifying was John Morton of US Immigration and Customs Enforcement, the agency responsible for recent controversial domain name seizures under Operation In Our Sites.

The ICE operation has so far bypassed registrars, going directly to registry operators such as VeriSign. This is arguably more efficient, and avoids jurisdictional problems associated with non-US registrars.

Other registrars have previously echoed Jones’ remarks. Registrars have the relationship with the customer, after all. When a domain is seized by a registry, they have to deal with the fallout.

As we saw with the first phase of the ICE seizures last year, the fact that the registrar had no knowledge of the matter led to a misunderstanding and ICANN being blamed in several media reports.

But yesterday’s Congressional hearing, which aimed to gather information for legislation expected to replace the Combatting Online Infringement and Counterfeiting Act (COICA), spent very little time discussing domains.

At one point, Rep. John Conyers took Morton to task for ICE’s accidental seizure of over 80,000 third-level domains as part of a child porn sting.

Jones was also quizzed about the difference between filtering domains at the ISP level (which she said was unworkable and potentially dangerous) and blocking them at the registry-registrar level.

But Google was in the room, in the form of general counsel Kent Walker, and he took most of the flak, with Congressmen lining up to grill him over Google’s apparently happiness to connect users to bootleg digital content and counterfeit physical goods.

US seeks powers to shut down domains

Kevin Murphy, September 20, 2010, Domain Policy

COICA is the new acronym we’ll all soon be talking about — it’s the law that could give the US its very own Great Firewall of China.

A bipartisan group of US senators today introduced the Combating Online Infringement and Counterfeits Act, legislation that would enable the government to quickly turn off domain names involved in piracy.

The bill would enable the Department of Justice to seek a court order against a domain name it believes is involved in piracy or selling counterfeit goods.

If the sponsoring registrar or registry is located in the US, the order would force it to stop the domain from resolving and lock it down.

The likely effect of this would be to force piracy sites out of .com and into offshore registrars. But the bill has thought about that too.

If it’s a non-US registrar and registry, injunctions could be sought to block the domain at the ISP level.

That’s right folks – if this bill passes, the US would get its very own Chinese-style national firewall.

The bill would allow the domain registrant to petition the court to lift the order.

“By cracking down on online piracy of television shows and movies, we hope this bill will encourage copyright owners to develop innovative and competitive new choices for consumers to watch video over the internet,” said Sen. Herb Kohl.

Which is about as disingenuous a statement as it gets, when you think about it, given that it essentially eliminates a major incentive for business model innovation.