I just saw a news bit that VeriSign, the company contracted to handle the .com Registry, wants to be able to shut down a “non-legitimate” domain name when asked by law enforcement. It seems scary to think of at first.
Then I read the article a little more to see what their reasons are, or if they at least gave limits. Reading it gave me pause.
For at least the past two years, the U.S. government’s designated authorities has seized certain .com domain names for alleged unlawful activity. I notice this is especially occurring for domain names involved in copyright infringement and selling counterfeit items.
Specifically, they appear to take action against .com domain names whose web sites share links to copyrighted content such as streaming videos. An example I recall is a web site showing links to watching some football games the NFL (I think) didn’t authorize to begin with.
You might’ve encountered a domain name with a “web site” like this:
(Source: IP Kat)
In case you’re wondering what gives the agency mentioned above the “right” or authority to do that, you can check their web site for more details.
VeriSign reported they have shut down some .com domain names involved in either one. In fairness, they’ve done so only when showed a court order and not just on a whim.
The report said VeriSign is cooperating with law enforcement, including the FBI, to develop policies approaching this arguably delicate issue. They also aim to work with other agencies abroad, and also reached out to ICANN for guidance.
I can understand why. Copyright infringement and counterfeit goods has cost companies revenue it would’ve gained from them, and it’s maybe gotten practically too large and costly (?) to handle on their own.
On the other hand, I’m not exactly keen on seeing my domain name shut down just because, say, I shared a link to a video. I have no problem removing that if it turns out to be unauthorized as long as I’m told promptly.
I think an essential part is that law enforcement has to demonstrate that the party who “owns” and uses that .com domain name or so is indeed involved in unlawful activity. Then if it turns out you’ve actually been wronged or were an innocent party who got dragged in, you want to be able to seek redress or “justice” (if you want to call it that) for it.
Now, I’ve read of a few cases where “due process” isn’t necessarily or totally followed, or exceptions were made. One example is if you find someone running a drug laboratory, get some form of proof, and you get a court-issued warrant without giving that someone a chance to explain themselves.
A purpose of that is to stop the drug-producing operation as soon as possible. I’m not sure if there’s a process for returning all that if turns out arguably legitimate, though I’ve yet to see any real-life example of that happening. (yet, anyway…)
Again, that’s just an example. And an exceptional one at that.
Personally, I don’t think you have to worry about this as long as you don’t do what I described above. Still, it helps to know there’s some accountability if something especially goes wrong, and you’re negatively and needlessly affected just because of someone else’s actions.
(I’ve always believed that accountability goes both ways, especially if you’re potentially dealing with an entity who’s obviously in a stronger position than you.)
In essence, I think an arguably reasonable compromise can be reached in this roughly step-by-step process:
Step one – law enforcement is able to gather sufficient proof based on what the law allows, but must get an order from a court of competent jurisdiction to lock and/or shut down the domain name/s.
Step two – law enforcement serves that court order on VeriSign (or whoever Registry operator) to lock and shut down them down, and leave a notice where to be contacted.
Step three – the affected party can easily get in touch with the appropriate law enforcement contact, and (hopefully) work things out as quickly as possible.
Step four – if law enforcement turns out wrong, some apology, compensation or so is in order, and the domain name is returned without unnecessary delay.
The challenge, as always, is the devil in the details. Law is complex enough as it is, let alone be more messy if someone “needlessly” complicates things.
By the way, this involves only the extensions VeriSign handles like .com and .net. Other Registry extensions like Nominet for .uk domain names have their own policies, although they’ve also tackled that directly in recent times.
Update: I just thought I’d add a few more things.
VeriSign handles the Registry database for .com and .net domain names. So if someone, say, secures a court order and serves it on VeriSign, they can do something to your domain name even if it’s with a non-U.S. registrar.
Also, DomainNameWire reported that VeriSign communicated to ICANN about this and indicated proposals. One of them includes:
Registrants may be concerned about an improper takedown of a legitimate website. Verisign will be offering a protest procedure to support restoring a domain name to the zone.
You can read VeriSign’s report to ICANN here.
As always, feel free share your thoughts below.
Hat tip: The Register, IP Kat, and DomainNameWire
Check Out These Other Posts:
VeriSign Wants Power To Zap .Com
Then I read the article a little more to see what their reasons are, or if they at least gave limits. Reading it gave me pause.
For at least the past two years, the U.S. government’s designated authorities has seized certain .com domain names for alleged unlawful activity. I notice this is especially occurring for domain names involved in copyright infringement and selling counterfeit items.
Specifically, they appear to take action against .com domain names whose web sites share links to copyrighted content such as streaming videos. An example I recall is a web site showing links to watching some football games the NFL (I think) didn’t authorize to begin with.
You might’ve encountered a domain name with a “web site” like this:
In case you’re wondering what gives the agency mentioned above the “right” or authority to do that, you can check their web site for more details.
VeriSign reported they have shut down some .com domain names involved in either one. In fairness, they’ve done so only when showed a court order and not just on a whim.
The report said VeriSign is cooperating with law enforcement, including the FBI, to develop policies approaching this arguably delicate issue. They also aim to work with other agencies abroad, and also reached out to ICANN for guidance.
I can understand why. Copyright infringement and counterfeit goods has cost companies revenue it would’ve gained from them, and it’s maybe gotten practically too large and costly (?) to handle on their own.
On the other hand, I’m not exactly keen on seeing my domain name shut down just because, say, I shared a link to a video. I have no problem removing that if it turns out to be unauthorized as long as I’m told promptly.
I think an essential part is that law enforcement has to demonstrate that the party who “owns” and uses that .com domain name or so is indeed involved in unlawful activity. Then if it turns out you’ve actually been wronged or were an innocent party who got dragged in, you want to be able to seek redress or “justice” (if you want to call it that) for it.
Now, I’ve read of a few cases where “due process” isn’t necessarily or totally followed, or exceptions were made. One example is if you find someone running a drug laboratory, get some form of proof, and you get a court-issued warrant without giving that someone a chance to explain themselves.
A purpose of that is to stop the drug-producing operation as soon as possible. I’m not sure if there’s a process for returning all that if turns out arguably legitimate, though I’ve yet to see any real-life example of that happening. (yet, anyway…)
Again, that’s just an example. And an exceptional one at that.
Personally, I don’t think you have to worry about this as long as you don’t do what I described above. Still, it helps to know there’s some accountability if something especially goes wrong, and you’re negatively and needlessly affected just because of someone else’s actions.
(I’ve always believed that accountability goes both ways, especially if you’re potentially dealing with an entity who’s obviously in a stronger position than you.)
In essence, I think an arguably reasonable compromise can be reached in this roughly step-by-step process:
Step one – law enforcement is able to gather sufficient proof based on what the law allows, but must get an order from a court of competent jurisdiction to lock and/or shut down the domain name/s.
Step two – law enforcement serves that court order on VeriSign (or whoever Registry operator) to lock and shut down them down, and leave a notice where to be contacted.
Step three – the affected party can easily get in touch with the appropriate law enforcement contact, and (hopefully) work things out as quickly as possible.
Step four – if law enforcement turns out wrong, some apology, compensation or so is in order, and the domain name is returned without unnecessary delay.
The challenge, as always, is the devil in the details. Law is complex enough as it is, let alone be more messy if someone “needlessly” complicates things.
By the way, this involves only the extensions VeriSign handles like .com and .net. Other Registry extensions like Nominet for .uk domain names have their own policies, although they’ve also tackled that directly in recent times.
Update: I just thought I’d add a few more things.
VeriSign handles the Registry database for .com and .net domain names. So if someone, say, secures a court order and serves it on VeriSign, they can do something to your domain name even if it’s with a non-U.S. registrar.
Also, DomainNameWire reported that VeriSign communicated to ICANN about this and indicated proposals. One of them includes:
You can read VeriSign’s report to ICANN here.
As always, feel free share your thoughts below.
Hat tip: The Register, IP Kat, and DomainNameWire
Check Out These Other Posts: