An open question to the domain name industry about coronavirus
“Don’t worry. We’ve done this before.”
That was pretty much the first sentence out of my grandmother’s mouth when I called to wish her a happy Mother’s Day.
She was talking about World War II and the immediate post-war years. She’s 94, so she saw both.
She’s no Uncle Albert. I don’t think I’ve ever heard her talk about “The War” before. Not once. But when her grandson called her for the first time in embarrassing months, that was where her mind went straight away.
They couldn’t get oranges, for years, back then. If you were diabetic, you couldn’t get sugar, but they gave you extra butter instead. She developed an aversion to canned pineapple chunks that persists to this day. She still has her ration book, a souvenir of trying times, squirreled away somewhere.
She was in generally good spirits. She knows that Covid-19, if it gets through the front door of her granny flat, will very likely be the end of her. Her mind is fully intact, but her body is all kinds of fucked up. But she and the family members who bring her food are taking the proper precautions. And, she said, she’s been self-isolating since November anyway. What’s another 12 weeks?
The WWII comparison was not at all surprising to hear, of course. A lot of us have been thinking similar things. The media is currently resplendent with uplifting examples of what we Brits refer to as the “Blitz spirit” — unity and stoicism in the face of overwhelming adversity.
There are significant differences, of course.
The enemy now is not an identifiable political faction with a skull on its cap, but a remorseless, invisible beastie. The Allies are not a collection of like-minded liberal nations, but literally the entire human species.
The baddies don’t want to shoot you. They want to infiltrate your nasal cavity and make you accidentally kill your parents with a hug. You kill them with soap.
Back then, we required young men to travel overseas to kill and potentially die to serve the greater good. We asked the women they left behind to take to the factory floors and work traditionally male jobs. Now, all we ask of them is that they don’t go down the pub on a Saturday night, and apparently sometimes even that’s too big of an ask.
Society is asking me to work from home during the day and do nothing more than watch TV and play Xbox in the evenings. Fine. I can do that. I was doing that anyway. This, apparently, is how my generation gets to save lives.
It doesn’t feel like much of a sacrifice.
Worldwide, people are sitting alone at home, twiddling their thumbs, watching slightly-less-than-hi-def Netflix, and wondering how they can do more to make a positive difference in this civilizational battle.
In the domain industry, we’ve recently seen the Internet Commerce Association attempt to help out people who are financially struggling due to coronavirus with its #DomainAssist Twitter campaign.
I’m not sure how effective it’s going to be, but ICA members have money, are trying to make a difference, and I’m certainly not going to knock them for it.
But there is one battle that the domain industry is uniquely positioned, and maybe even obligated, to fight.
That’s the fight against misinformation.
The World Health Organization started alerting the world to the Covid-19 “infodemic” in early February.
“We’re not just fighting an epidemic; we’re fighting an infodemic,” WHO director-general Tedros Adhanom said at the Munich Security Conference February 15. “Fake news spreads faster and more easily than this virus, and is just as dangerous.”
Hear that? The world’s top doc says that misinformation is just as dangerous as something that could kill your grandmother.
Just as crime flourished in London during the Blitz, 21st century fraudsters have been quick to take advantage of the coronavirus panic.
The fake news ranges from the harmlessly satirical — a quarantined Tom Hanks being supplied with a volleyball for company — to the life-threatening — tales of how ingesting silver, taking cocaine or drinking bleach can protect your from the virus.
In India, fake news is persuading people to drink cow piss.
Some of these scammers are just conspiracy theorists raging against the Big Pharma machine. Others are actively trying to make money hawking bogus and dangerous fake vaccines and cures. In the era of pandemic, they’re just as bad as each other.
It’s serious stuff. An infected person who thinks they’ve ingested the magic cure is less likely to take the proper precautions and more likely to transmit the virus to others, who will transmit it to others, who will transmit it to others… and then a bunch of people die.
So far, the WHO and other health authorities have rightly been focused largely on the social media platforms where the majority of this bogosity spreads.
The likes of Facebook, Twitter and Google have made changes to their usage policies or content-promotion algorithms in response to the crisis.
Twitter has banned tweets that go against the official guidance on reducing the spread of the virus. Facebook is promoting authoritative news sources and fact-checking misinformation. Google searches for coronavirus return curated, science-based info embedded in the results page, and banned coronavirus-related advertising. YouTube is taking down videos peddling dangerous misinformation.
The social media side of the technology industry certainly seems to be backtracking on its usual “we just a neutral platform” stance.
But it’s not just happening on social media. Many of these posts lead to web sites that are harmful. Some are simple frauds and phishing attacks. Others promote fake cures or urge readers to ignore the official science-based advice.
These web sites use domain names. Thousands have been registered in recent weeks.
NewsGuard has identified dozens of web sites that are promoting coronavirus misinformation. Fact-checking sites such as the AFP and Snopes have identified many more.
So here’s my open question, which I pose to every registry, registrar and reseller reading this:
If you are told about a domain name under your management that is publishing dangerous misinformation, will you take it down?
I’d like to think I know the answer to this question already, but I’m not sure I do.
Registries and registrars are notoriously reluctant to act on complaints about the contents of web sites. Many require a court order before taking action.
During peace time, worthy principles such as free speech, privacy, and legal due process all play a role in this kind of decision-making.
The latest version of the Framework to Address DNS Abuse lists four types of content that its dozens of domain-industry signatories “should” (as opposed to “must”) act on — child sex abuse material, illegal opioid sales, human trafficking, and credible incitements to violence.
The underlying principle leading to this list is “the physical and often irreversible threat to human life”.
I’m reminded of the ethical conundrum faced by EasyDNS and CEO Mark Jeftovic back in 2014, when the company changed its usage policies after a guy died due to fake pharma bought via a domain under its management.
“In one case we have people allegedly pirating Honey Boo Boo reruns and on the other we have people dying. We don’t know where exactly, but the line goes somewhere in between there,” Jeftovic wrote at the time.
I don’t wish to pick on EasyDNS or Jeftovic — changing one’s mind in the face of new evidence is an admirable trait — but I think his quote poses the question quite well.
There’s a line where free speech ends and incitement to virological violence begins.
Figuring out where that line is is something the domain name industry is going to have to get to grips with, fast.
Your version of what happened with the Airmailchemist situation is not entirely the way it went down.
The fatality was not caused by counterfeit drugs, but from an overdose of opiods purchased via AMC.
AMC was on our registrar tag but we were not aware of this, even after the FDA contacted ICANN.
Once we were made aware of it (by a WSJ reporter), we initiated contact with the FDA and took AMC down, then we put in new rules for pharma sites.
That said: it is interesting to note that within a week or so of this happening, the FDA sent us a spreadsheet containing a list of domains they wanted us to take down “as per our new policy”.
There were numerous non-pharma sites including several Canadian sites which were operating with Health Canada approvals.
So we had to decline their request and revert back to our previous policy of requiring a legal due process to takedown a site.
When it comes to coronavirus sites, who is really competent to judge what is “coronavirus misinformation”?
Some of the worst utterances that could possibly have been made about coronavirus have come from official channels. The WHO itself was weeks late to declare it a pandemic when so-called “alternative” outlets correctly identified it as such as much as a month earlier.
Yet many of those alternative outlets face deplatforming headwinds. Zerohedge was suspended from Twitter for asking questions about the virus that were, weeks later, asked again within MSM media and even government officials.
People need to take responsibility for what they read, think and believe. The government can’t do everything for us, nor should they.
By extension, domain registrars should not even pretend to be competent enough to decide “what is truth”.
Unless a coronavirus domain is obviously scamming or injecting malware, something we can reliably identify and action, then we shouldn’t be doing anything absent a legal due process.
Mark has covered it far more succinctly and eloquently than I could.
The constant attempt to both demonize registrars about, and attempt to burden registrars with, content-regulation is neither productive nor feasable.
If regulation of content is required (which is a hugely debatable subject) the domain name is not where the content resides, and is not the place to try and control it.
As Mark says “People need to take responsibility for what they read, think and believe”
Just because something is displayed on a website (even an official one) in no way makes it automatically correct or accurate – individual due-diligence should never be shirked.