Worried about governments seizing .com domains? Too late
Language proposed for Verisign’s .net registry contract that some say would give governments the ability to arbitrarily seize domains is already present in the company’s .com contract.
As I reported earlier this month, the .net Registry Agreement is up for renewal and ICANN has opened up some largely uncontroversial proposed changes for public comment.
ICANN has received two comments so far, both of which refer to what one commenter called the “outrageous and dangerous” proposed changes to Verisign’s .net Registry-Registrar Agreement.
The RRA is the contract all accredited registrars must agree to when they sign up to sell domains in a given TLD. For ICANN, it’s a way to vicariously enforce policy on registrants via registrars via registries.
Unsimply put, the RA instructs Verisign to have an RRA with its registrars that tells them what rules their registrants have to agree to when they buy a domain name.
The new language causing the consternation is:
Verisign reserves the right to deny, cancel, redirect or transfer any registration or transaction, or place any domain name(s) on registry lock, hold or similar status, as it deems necessary, in its unlimited and sole discretion:
…
to ensure compliance with applicable law, government rules or regulations, or pursuant to any legal order or subpoena of any government, administrative or governmental authority, or court of competent jurisdiction
One commenter states “this proposed agreement would allow any government in the world to cancel, redirect or transfer to their control applicable domain names”, adding “presumably ICANN staff and Verisign would want to also apply it to other extensions like .COM as those contracts come up for renewal”.
In fact, it’s the other way around. The exact same language has been present in Verisign’s .com contract for over three years, a change to Appendix 8a (pdf) that went largely unnoticed when thousands of commenters were instead complaining about the removal of price caps and fretting about the rise of Covid-19 around the world.
For those worried about the new .net language making it into the .com contract one day — worry not! It’s already there.
Content police? ICANN mulls bylaws change
ICANN could change its bylaws to allow it to police internet content to an extent, it emerged this week with the publication of the Operational Design Assessment for the next stage of the new gTLD program.
Currently, ICANN’s bylaws state that the Org may not “regulate (i.e., impose rules and restrictions on) services that use the Internet’s unique identifiers or the content that such services carry or provide”, and it’s been adamant that it is not the “content police”.
But the community has recommended that future new gTLD applicants should be able to agree to so-called Registry Voluntary Commitments, statements of registry policy that ICANN would be able to enforce via contract.
RVCs would be much like the Public Interest Commitments many registries agree to in the 2012 application round, implemented before ICANN’s current bylaws were in effect.
As an example I’ve used before, Vox Populi Registry has PICs that ban cyberbullying and porn in its .sucks gTLD, and in theory could lose its contract if it breaks that rule by allowing .sucks sites to host porn (like this NSFW one, for example).
ICANN’s board of directors expressed concern two years ago that its bylaws may prevent it from approving the RVC recommendation.
But Org staff have now raised, in writing and on a webinar today, the prospect that the board could change the bylaws to permit RVCs to go ahead. The ODA published on Monday states:
The Board may wish to consider how and whether it can accept the recommendations related to PICs and RVCs. One option may be to amend the Bylaws with a narrowly tailored amendment to ensure that there are no ambiguities around ICANN’s ability to agree to and enforce PICs and RVCs as envisioned
How worrying this could be would depend on the wording, of course, but even the chance of ICANN meddling in content is usually enough to raise eyebrows at the likes of the Electronic Frontier Foundation, not to mention supporters of blockchain alt-roots, many of whom seem to think ICANN is already censoring the internet.
It’s not clear whether the change is something the board is actively considering, or just an idea being floated by staff.
Taliban seizing domains to silence journalists
The Taliban is attempting to close down independent media outlets in Afghanistan by deleting their .af domain names.
The Ministry of Communications and Information Technology tweeted that the sites of Hasht-e Subh Daily and Zawia News were “taken down” for publishing “unbalanced reports and fake news”.
د هشت صبح او زاویه نیوز خبري شبکو وېبسايټونه د مخابراتو او معلوماتي ټکنالوجۍ وزارت له لوري وټړل شول.
هشت صبح او زاویه نیوز خبري شبکې چې د افغانستان اسلامي امارت مشرانو پورې یې دروغجن تورونه تړل، بې توازنه راپورونه او کاذب خبرونه یې خپرول د یوې فیصلې پر بنسټ یې وبسایټونه ؤتړل شول pic.twitter.com/cexPduvMjT— Anayatullah Alokozay (@Anayatalokozay) October 3, 2022
.af’s registry is government-run.
According to the Committee to Protect Journalists, the two sites have been reporting by Afghans in exile since the Taliban retook the country over a year ago.
Both outlets have now switched domains to TLDs based in the US — Verisign and Identity Digital, where presumably they’re pretty safe from the Taliban’s reach. They’re now using zawiamedia.com and 8am.media instead of the original .af names.
Gun nut site crashes at Epik after GoDaddy shoots it down
A site for American gun enthusiasts has switched registrars, moving its domain to Epik — apparently with the consent of CEO Rob Monster — after GoDaddy turfed it out for allegedly inciting violence.
According to a GoDaddy statement at the weekend, the registrar had received complaints about content on AR15.com — that’s the name of a gun popular with spree killers — and determined it “incited violence”.
It informed the domain’s owner the same day, January 8, two days after the Capitol Hill riots, giving him 24 hours to remove the offending content.
It’s not clear what the content in question was, but given the timing and the fact that the site is a scarily popular forum with largely user-generated content, it’s not difficult to imagine.
AR15.com’s owner, identified in a video as GoatBoy, claims that by the time he received the email from GoDaddy, the forum’s moderators had already removed the posts on the grounds that the site also has a policy against incitement to violence.
But GoDaddy disagrees, saying the content could still be found after its supposed removal. It took down the domain on January 11. It said in a statement:
We do not take action on complaints that would constitute censorship of content that represents the exercise of freedom of speech and expression on the Internet. In instances where a site goes beyond the mere exercise of these freedoms, however, and crosses over to promoting, encouraging, or otherwise engaging in violence, as was the case with AR15.com, we will take action.
The AR15.com domain is now hosted by Epik, which has in recent years made a name for itself as a refuge for sites frequented by those with far-right views, such as 8chan, Gab and Parler.
GoatBoy says in the video embedded below: “I had the privilege of speaking with some of the guys on the executive staff, including the owner of Epik. Their views really align well with ours. They’re very pro First Amendment and very pro Second Amendment.”
Nominet shuts down “hostile” discussion forum
Nominet has angered members by unilaterally shutting down a discussion forum that has been for many years the main place for discussions about .uk policy.
The forum, which Nominet hosted on its web site, went dark abruptly during the company’s annual general meeting yesterday.
Speaking to members tuning in to the live webcast, CEO Russell Haworth said that the forum was “dominated by a handful of posters, and has increasingly become aggressive and hostile, not least towards our staff”.
And then it was gone.
Haworth said he expected criticism over the move, which was “fine”, adding that posters have plenty of other venues to air their grievances.
He also suggested periodic Zoom calls to communicate with members.
The decision to close the forum is being greeted poorly by affected members (presumably the ones who most actively used it) on social media and seen as a way for power to be further consolidated among Nominet’s biggest revenue-generators.
Nominet recently came in for criticism for its efforts to grab a slice of the drop-catching pie by charging registrars an extra £600 a year (now, members note, up to £1,000) for additional EPP tunnels.
It also recently admitted privately to members that it last year miscalculated how many votes members they should get in directorship elections, but insisted the error did not have an effect on the outcome of the most recent poll.
The move is not entirely without precedent. Those of you with as many grey hairs as me may recall the old Domain-Policy mailing list, once the central hub for community discussions, going dark back in 2001.
But Verisign, which hosted the list and its archives, explained that move as a measure to reduce redundancy, rather than straight-up admitting that it was a PR move to silence its legion of critics.
Web.com is kicking out a racist web site. How long before it winds up at Epik?
An American news site for white nationalists says it’s been given its goose-stepping orders by Web.com unit Network Solutions, and it’s looking for a new registrar.
VDare, named after Virginia Dare, a semi-mythological American folk hero, has been publishing anti-immigration material on vdare.com under NetSol’s wing for 20 years, but the site claims the registrar has given it 10 days, until June 25, to GTFO.
According to the site, NetSol told VDare that it was in violation of its acceptable use policy and “we consider your continued use of our services a serious issue and risk to our business and corporate reputation”.
That seems plausible, given how corporate America is currently bending over backwards to prove that they support the Black Lives Matter movement.
The move seems to have come due to pressure from the Lawyers’ Committee for Civil Rights Under Law, a campaigning group that persuaded NetSol to dump racist forum Stormfront as a customer a few years ago (it found its new home at Tucows).
The Committee has reportedly written to NetSol twice recently, urging the company to cut Vdare loose.
Vdare says it’s looking for a new registrar, but has also obtained a .onion domain in case it needs to retreat to the “Dark Web”. The .onion space is only accessible to users of the Tor browser.
Anyone care to place a bet on how long it will be before vdare.com winds up at Epik?
Ethos clarifies .org price rises, promises to reveal number of censored domains
Public Interest Registry and would-be owner Ethos Capital have slightly revised the set of promises they hope to keep if ICANN approves the $1.13 billion acquisition.
Notably, in updating their proposed Public Interest Commitments (pdf), they’ve set out in plain dollar terms for the first time the maximum annual price PIR would charge for a .org domain over the coming seven years.
[table id=59 /]
Previous versions of the PICs just included a formula and invited the reader to do the math(s).
The two companies are proposing to scrap price caps altogether after June 2027.
If ICANN rejects the deal, under its current contract PIR would be free to raise its prices willy-nilly from day one, though some believe it would be less likely to do so under its current ownership by the non-profit Internet Society.
The new PICs also include a nod to those who believe that PIR would become less sensitive to issues like free speech and censorship — perhaps because China may lean on Ethos’ shadowy billionaire backers. The document now states:
Registry Operator will produce and publish annually a report… This report will also include a transparency report setting forth the number of .ORG domain name registrations that have been suspended or terminated by Registry Operator during the preceding year under Registry Operator’s Anti-Abuse Policy or pursuant to court order.
A few other tweaks clarify the launch date and composition of its proposed Stewardship Council, a body made up of expert outsiders that would offer policy guidance and have a veto on issues such as changes to .org censorship and privacy policy.
The PICs now ban family members of people working for PIR from sitting on the council, and clarify that it would have to be up and running six months after the acquisition closes.
Because .org is not a gTLD applied for in 2012, the PICs do not appear to be open for public comment, but post-acquisition changes to the document would be.
ICANN currently plans to approve or deny the acquisition request by April 20, just 11 days from now.
Ethos promises to keep .org for many many many many years
Ethos Capital doesn’t plan to flip .org manager Public Interest Registry any time soon, according to its CEO.
Erik Brooks said that private equity firm Ethos, which intends to buy PIR from the Internet Society for over a billion dollars, plans to keep hold of the company for “many, many, many, many years”.
He was talking last night during a public conference call organized by NTEN, which also included the CEOs of ISOC and PIR, as well as critics from the Electronic Frontier Foundation, the the National Council of Nonprofits and the Irish chapter of ISOC.
The call was set up because many believe .org’s transition back into for-profit hands, coupled with its recently gained ability to raise prices arbitrarily, means .org’s non-profit registrants are in for a hard time as Ethos profit-takes.
While Brooks and chief purpose officer Nora Abusitta made all the right noises to settle such concerns, promising to not unreasonably raise prices and to stick with PIR’s commitment to non-profits, some participants remained skeptical.
Brooks said that his vision for Ethos, which he founded earlier this year, is “fundamentally broader and more expansive than traditional investing” where “success is defined as success for all participants, success for customers, employees, vendors, the community impacted by the company”.
PIR CEO Jon Nevett said he was initially concerned about the deal — which was negotiated between ISOC and Ethos without PIR’s participation — he is now “convinced that they’re here to do the right thing”.
He said that rather than funneling all of PIR’s spare .org reg cash to ISOC as happens currently, it will now be able to invest some of it in improving .org instead.
Brooks said he understand the community concerns about price increase.
“We are absolutely committed to staying within the spirit of how PIR has operated with the price system they have operated with before,” he said. That means 10% a year on average, as Ethos has stated before.
He added that “working on some mechanisms and some ideas that will give registrants more assurance” that this is just not PR spin, and that these will be communicated publicly over the coming weeks.
The fact that ICANN lifted the previous 10% contractual price cap just a few months before the deal was sealed did not factor into Ethos’ thinking, he said.
While what Ethos is describing is all well and good, there’s no telling what a future owner of PIR would do, should Ethos sell it or float it on the public markets.
That looked like a possibility, especially given that some say that Ethos is under-paying by a considerable margin for the registry.
But Brooks, asked what Ethos’ exit runway for PIR looked like, said that the company was committed to owning the registry “for an extraordinarily long period of time… dramatically outside the normal window of somebody owning a business… many, many, many, many years”.
Ethos’ own backers — which apparently include investment vehicles linked to Mitt Romney and the late Ross Perot — are on board with this long-term plan, he said.
So, assuming Brooks is a man of his word, .org registrants only have to look forward to price increases of no more than 10% a year for some time to come, which is kinda the situation they were in at the start of the year.
But not everyone is as trusting/gullible as me.
The EFF’s Mitch Stoltz, who was on the call, later published a blog post that seemed to shift gears somewhat away from pricing concerns towards the potential for future censorship of .org domains.
“Ethos Capital has a financial incentive to engage in censorship—and, of course, in price increases,” he wrote.
He alluded to that PIR had briefly toyed with the idea of a “UDRP for copyright” a few years ago, but had backed down under community pressure, something that he doesn’t believe Ethos would necessarily do.
Asked about the censorship issue by Stotlz during the call, Brooks said he had not given the issue a great deal of consideration but that he expected PIR’s practices on this kind of thing to continue on as they are today.
Registrars could be held liable for US gun violence
A US presidential candidate has come out in support of amending the law to make domain name companies liable when customers use their services to incite violence.
Beto O’Rourke, a former member of Congress, stated last week that he wants to amend the Communications Decency Act to hold providers of “domain name servers” liable “where they are found to knowingly promote content that incites violence”.
He’s believed to be the first among the swarm of 2020 Democratic presidential hopefuls to lay out a plan to combat online hate speech.
The proposed amendments to Section 230 of the CDA are part of a sweeping package of reforms O’Rourke is proposing in order to tackle gun violence and domestic terrorism in the US.
He comes from El Paso, Texas, which was the target of a race-based terrorist attack a couple of weeks ago.
He’s also pushing for stricter gun controls, such as compulsory licensing and training.
But I’m not going to get into that stuff here. This is a blog about domain names. I’m British, so you can probably guess what my opinion on guns is.
In terms of online content, O’Rourke’s plan seems primarily aimed at getting the big social media platforms to more heavily moderate the content produced by their users.
But it specifically calls out domain name companies also:
Beto would require large internet platforms to adopt terms of service to ban hateful activities, defined as those that incite or engage in violence, intimidation, harassment, threats, or defamation targeting an individual or group based on their actual or perceived race, color, religion, national origin, ethnicity, immigration status, gender, gender identity, sexual orientation or disability. These companies also would be required to put in place systems designed to identify and act on content violating the terms of service. Platforms must be transparent when they block content and provide for an appeal process in order to guard against abuse.
…
Beto supports amending Section 230 of the CDA to remove legal immunity from lawsuits for large social media platforms that fail to change their terms of service and put in place systems as described above. Informational service providers of all sizes, including domain name servers and social media platforms, also would be held liable where they are found to knowingly promote content that incites violence.
Should registrars be worried about this?
If the legal test was that registrars “knowingly promote content that incites violence”, that seems like a pretty high bar.
I’m not convinced even Epik, which has come under fire for providing domain services to the likes of Stormfront and 8chan — both of which O’Rourke cites in his policy — “knowingly promotes” incitements to violence.
That’s not to say that registrars couldn’t find themselves prosecuted or sued anyway, of course.
O’Rourke is not a current front-runner in the Democrat presidential pack. While still in the race, he’s towards the bottom of the top 10, polls suggest.
What O’Rourke’s policy statement does suggest is that the regulation of online speech could become a significant issue in the 2020 election, and that the domain name industry in the US could find itself a political football in an extremely divisive game.
After more racist shootings, take one guess which registrar 8chan just switched to
Controversial web forum 8chan has moved its domain name to a new registrar after it was linked to at least one of the two mass shootings that occurred in the US over the weekend.
According to Whois records, it’s just jumped to racist-friendly Epik, having been registered at Tucows since 2003.
The switch appears to have happened in the last few hours. At time of writing, you’re going to get different results depending which Whois server you ping.
Some servers continue to report Tucows as the registrar of record, perhaps using cached data, but Epik’s result looks like this:
8chan is an image/discussion board that describes itself as “the Darkest Reaches of the Internet”. It’s reportedly heavily used by racists, extremists and those with an interest in child pornography.
It was widely linked by the media to the shooting in the border town of El Paso, Texas on Saturday, which claimed the lives of 20 people and left 26 more injured.
The suspect in the case reportedly posted to 8chan a 2,300-word racist “manifesto”, in which he ranted against Latino immigration, just 20 minutes before launching the attack.
This morning, Cloudflare announced that it would no longer provide denial-of-service attack protection for the web site, saying:
The rationale is simple: they have proven themselves to be lawless and that lawlessness has caused multiple tragic deaths. Even if 8chan may not have violated the letter of the law in refusing to moderate their hate-filled community, they have created an environment that revels in violating its spirit.
Google removed the site from its index a few years ago, due to allegations about child abuse material.
At this point, it’s not clear whether Tucows also ejected 8chan, or whether its owners decided to jump ship, perhaps sensing which way the wind is blowing.
Its new home, Epik, calls itself the “Swiss bank” of domain registrars, and has actively courted sites that enable far-right political views.
The registrar openly sought the business of Gab.com, the Twitter clone used largely by those who have been banned by Twitter, after GoDaddy suspended the site’s domain last November.
In March this year, Epik CEO Rob Monster came under fire for publicly doubting the veracity of the video of the mosque shootings in Christchurch, New Zealand, which killed 50 people.
8chan was also frequented by the perpetrator of that attack, among others.
Epik is described as “cornering the market on websites where hate speech is thriving”, according to the Southern Poverty Law Center, an anti-racist group.
Monster has said that he does not support the views of extremists, but merely wants to provide a platform where registrants can exercise their rights to free speech.
Recent Comments