Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
No excuses! PIR to pay for ALL registries to tackle child abuse
Public Interest Registry has announced that it will pay for all domain registries to receive alerts when child sexual abuse material shows up in their TLDs.
The non-profit .org operator said today that it will sponsor any registry — gTLD or ccTLD — that wants to sign up to receive the Domain Alerts service from the Internet Watch Foundation, the UK-based charity that tracks CSAM on the internet.
According to the IWF, only a dozen registries currently receive the service, PIR said.
“Our sponsorship will extend access to Domain Alerts to over a thousand TLDs at no cost enabling any interested registry to help prevent the display of criminal, abusive content on their domains,” the company said.
PIR didn’t say how much this is likely to cost it. IWF doesn’t publish its prices, but it seems only paying members usually receive the service. Its membership fees range from £1,000 ($1,259) to £90,000 ($113,372) a year, based on company size.
The partnership also means all registries will have free access to the IWF TLD Hopping List, which tracks CSAM “brands” as they move between TLDs whenever they are taken down by registries in a given jurisdiction.
IWF says that in 2022 it found 255,000 web pages hosting CSAM, spread across 5,416 domains. PIR says it has removed 5,700 instances of CSAM across its portfolio of TLDs over the last five years.
Identity Digital publishes treasure trove of abuse data
Identity Digital, the old Donuts, has started publishing quarterly reports containing a wealth of data on reported abuse and the actions it takes in response.
The data for the second quarter, released (pdf) at the weekend, shows that the registry receives thousands of reports and suspends hundreds of domains for DNS abuse, but the number of domains it takes down for copyright infringement is quite small.
ID said that it received 3,007 reports covering 3,816 unique domains in the quarter, almost 93% of which related to phishing. The company said the complaints amounted to 0.024% of its total registered domains.
Most cases were resolved by third parties such as the registrar, hosting provider, or registrant, but ID said it suspended (put on “protective hold”) 746 domains during the period. In only 11% of cases was no action taken.
The company’s hitherto opaque “Trusted Notifier” program, which allows the Motion Picture Association and Recording Industry Association of America to request takedowns of prolific piracy sites resulted in six domain suspensions, all as a result of MPA requests.
The Internet Watch Foundation, which has similar privileges, resulted in 26 domains being reported for child sexual abuse material. Three of these were suspended, and the remainder were “remediated” by the associated registrar, according to ID.
The report also breaks down how many requests for private Whois data the company received, and how it processed them. Again, the numbers are quite low. Of requests for data on 44 domains, 18 were tossed for incompleteness, 23 were refused, and only three resulted in data being handed over.
Perhaps surprisingly, only two of the requests related to intellectual property. The biggest category was people trying to buy the domain in question.
This is a pretty cool level of transparency from ID and it’ll be interesting to see if its rivals follow suit.
IWF finds 3,401 “commercial” child porn domains
The Internet Watch Foundation last year found child sexual abuse material on 3,401 domains that it says appeared to be commercial sites dedicated to distributing the illegal content.
The UK-based anti-CSAM group said in its annual report, published last week, that it found 5,590 domains containing such material in 2020, and 61% were “dedicated commercial sites… created solely for the purpose of profiting financially from the distribution of child sexual abuse material online.”
That’s a 13% increase in domains over 2019, the report says. It compares to 1,991 domains in 2015.
IWF took action on 153,369 URLs containing CSAM last year, the report says.
For example, the TLD with the most CSAM abuse is of course .com, with 90,879 offending URLs in 2020, 59% of the total. That compares to 69,353 or 52% in 2019.
But because those 90,000 URLs may include, for example, pages on image-hosting sites that use .com domains, the number of unique .com domains being abused will be substantially lower.
Same goes for the other TLDs on the top 10 list — .net, .ru, .nz, .fr, .org, .al, .to, .xyz and .pw.
.co, .cc and .me were on the 2019 list but not the 2019 list, being replaced by .al, .org and .pw.
The most disturbing part of the report, which is stated twice, is the alarming claim that some TLDs exist purely to commercially distribute CSAM:
We’ve also seen a number of new TLDs being created solely for the purpose of profiting financially from the distribution of child sexual abuse material online.
…
We first saw these new gTLDs being used by websites displaying child sexual abuse imagery in 2015. Many of these websites were dedicated to illegal imagery and the new gTLD had apparently been registered specifically for this purpose.
I can only assume that IWF is getting confused between a top-level domain and a second-level domain.
The alternative would be that the organization believes one or more TLD registries are purposefully catering primarily to commercial child pornographers, and for some reason it’s declining to do anything about it.
I’ve put in a request for clarification but not yet received a response.
IWF is funded by corporate donations from primarily technology companies. Pretty much every big domain registry is a donor. Verisign is a top-tier, £80,000+ donor. The others are all around the £5,000 to £10,000 mark.
UPDATE May 26: IWF has been in touch to clarify that it was in fact referring to SLDs, rather than TLDs, in its claims about dedicated commercial CSAM sites quoted above. It has corrected its report accordingly.
Criminal .uk suspensions down this year
Nominet suspended fewer .uk domain names due to reports of criminality in the last 12 months that in did in the prior period.
The registry said last week that is suspended 28,937 domains in the year to the end of October, down from 32,813 in the 2018 period.
That’s 0.22% of all .uk names, Nominet said.
As usual, complaints about intellectual property infringement — filed by copyright owners to the IP cops and handed to Nominet — account for the vast majority of takedowns, some 28,606 in the period.
The rest were suspended due to complaints about fraud, trading standards, financial conduct and healthcare products.
Only 16 requests were denied by Nominet, down from 114 in the previous year, and only five false-positive suspensions were reversed.
The controversial ban on “rape” domains resulted in 1,600 new regs getting automatically flagged, but zero getting suspended.
There were no requests from the Internet Watch Foundation to take down child sexual abuse material.
Nominet’s newish automated anti-phishing system, which uses pattern recognition to flag potential phishing domains at point of registration, saw 2,668 domains suspended before going live, of which 274 were released after the registrant passed due diligence checks.
These five TLDs contain 80% of all child abuse images
Online child abuse watchdog the Internet Watch Foundation has released its 2018 annual report, and it fingers the five TLDs that host four in five cases of child sexual abuse images and videos.
The TLDs in question are Verisign’s .com and .net, Neustar’s repurposed Colombian ccTLD .co, Russia’s .ru and Tonga’s .to.
IWF found the illegal content in 3,899 unique domains, up 3% from 2017’s 3,791 domains, in 151 different TLDs.
Despite the apparent concentration of illegal web pages in just five TLDs, it appears that this is largely due to the prevalence of image-hosting and file-sharing “cyberlocker” sites in these TLDs.
These are sites abused by the purveyors of this content, rather than being specifically dedicated to abuse.
It would be tricky for a registry to take action against such sites, as they have substantial non-abusive uses. It would be like taking down twitter.com whenever somebody tweets something illegal.
In terms of domains being registered specifically for the purpose of distributing child abuse material, the new gTLDs created since 2012 come off looking much worse.
IWF said that last year it found this material on 1,638 domains across 62 new gTLDs. That’s 42% of the total number of domains used to host such content, compared to new gTLDs’ single-figures overall market share.
The number of URLs (as opposed to domains) taken down in new gTLD web sites was up 17% to 5,847.
IWF has a service that alerts registries when child abuse material is found in their TLDs.
Its 2018 report can be found here (pdf).
Child abuse becoming big problem for new gTLDs
There were 3,791 domain names used to host child sexual abuse imagery in 2017, up 57%, according to the latest annual report from the Internet Watch Foundation.
While .com was the by far the worst TLD for such material in terms of URLs, over a quarter of the domains were registered in new gTLDs.
Abuse imagery was found on 78,589 URLs on 3,791 domains in 152 TLDs, the IWF said in its report.
.com accounted for 39,937 of these URLs, a little over half of the total, with .net, .org, .ru and .co also in the top five TLDs. Together they accounted for 85% of all the abuse URLs found. The 2016 top five TLDs included .se, .io and .cc.
New gTLDs accounted for a small portion of the abuse URLs — just over 5,000, up 221% on 2016 — but a disproportionate number of domains.
The number of new gTLD domains used for abuse content was 1,063, spread over 50 new gTLDs. Equivalent numbers were not available in the 2016 report and IWF does not break down which TLDs were most-abused.
According to Verisign’s Q4 Domain Name Industry Brief (pdf), new gTLDs account for just 6.2% of all existing domain names, and yet they account for over 28% of the domains where IWF found child abuse imagery.
IWF said that the increasing number of domains registered to host abuse imagery can be linked to what it calls “disguised websites”.
These are sites “where the child sexual abuse imagery will only be revealed to someone who has followed a pre-set digital pathway — to anyone else, they will be shown legal content.”
Presumably this means that registries and registrars spot-checking domains they have under management could be unaware of their true intended use.
Recent Comments