Verisign, the operator for all .com, .net, and .name top-level domain, has submitted a request to ICANN asking for the power of taking down “abusive” domains following requests from law enforcement agencies and without a court order.
If granted the ability, Verisign would be able to quickly take down sites serving malware of phishing, but also for various other reasons including the protection the integrity, security and stability of the DNS and to “comply with any applicable court orders, laws, government rules or requirements, requests of law enforcement or other governmental or quasi-governmental agency, or any dispute resolution process.” Also, it would reserve the right to “place upon registry lock, hold or similar status a domain name during resolution of a dispute.”
To be entirely fair, Verisign did say that it would be offering a “protest procedure” for those who believe that their domain has been unfairly taken down, but that should not be a great consolation to all those individuals and businesses whose very livelihood depends strongly on their Internet presence.
The news of the request was met with an outcry from security professionals all over the world and digital rights and individual rights advocacy groups such as the Electronic Frontier Foundation and American Civil Liberties Union, who argued that this eminently disruptive approach would be a direct threat to people’s First Amendment rights.
And that’s not even taking into the account the fact that many .com domains are hosted outside of the U.S. and should technically not fall under the U.S. jurisdiction.
Also, as Kevin Murphy helpfully noted: “It’s not yet clear how VeriSign would handle a request to suspend a .com domain that was hosting content legal in the US and Europe but illegal in, for example, Saudi Arabia or Uganda.”
But I’m surely not the only one who has thought about the ways that this ability can be intentionally misused, and was – as Verisign delicately puts it – “worried”. Let’s hope that the myriad of dissenting voices will have the wanted effect on ICANN’s board of directors.
As a side note, Verisign’s request does contain another proposal that was met more favorably by the greater public: the institution of a malware scanning service that would allow Verisign to regularly scan and search for malware on domains whose registrars have given it permission to do so.
“It is our intention to use this capability to identify malware on the internet and present the results to the registrars for action,” Verisign says in the proposal. “This will be strictly optional and informational service to our registrars to allow them to address malware hidden in websites for the domain names they are managing.”