New I&J Outcomes Map Reporting and Action to Address Abuse at the DNS Level

Published on
November 2, 2020

To assist both Notifiers and DNS-Operators in reporting and remediating technical abuse, over 30 senior-level global key actors from governments, internet companies, technical operators, civil society, leading universities, and international organizations, have worked together in the Internet & Jurisdiction Policy Network  Domains & Jurisdiction Program Contact Group, to prepare three resources: 

I&J Outcome: DNS-Level Action to Address Technical Abuse: Due Diligence Guide for Notifiers (REF: 20-113)
I&J Outcome: DNS Technical Abuse Choice of Action (REF: 20-114)
I&J Outcome: Phishing and Malware: A Procedural Workflow (REF: 20-115) 

Meet the Members of the Domains & Jurisdiction Program  Contact Group

The DNS, as the “phonebook of the internet”, saves internet users the burden of memorizing Internet Protocol (IP) addresses. Thanks to the DNS, information can be accessed online through domain names, for example, nytimes.com or lemonde.fr. DNS Operators (Registries and Registrars) receive orders and requests from a variety of sources, including law enforcement, rights holders and other entities, to take action to remediate abuse. Such orders and requests are increasing and often arise without full knowledge of the impact of such action on the general functioning of the internet. This can lead to geographically and substantively disproportionate outcomes.

DNS-Level Action to Address Technical Abuse: Due Diligence Guide for Notifiers (REF: 20-113)

Persons or entities that make notifications concerning alleged technical abuse ("Notifiers") have a duty to conduct both procedural and substantive due diligence prior to making notification to DNS Operators (Registries and Registrars). This document lists a series of questions Notifiers should ask themselves in order to determine that making a notice is appropriate.  It aims to assist Notifiers in ensuring that Notices are addressed in an efficient and effective manner.

I&J Outcome: DNS Technical Abuse Choice of Action (REF: 20-114)

Once technical abuse has been identified, DNS Operators must decide how to address the abuse.  DNS-level action has a major impact not only on the domain name, itself but on other activities linked to the domain name, such as email, name servers, databases, and other services that are linked to the domain name.  For this reason, DNS-level action to address abuses must be not only effective but efficient.  This document lists and explains the various technical actions that DNS Operators may employ to combat technical abuse and the effects and limitations of each action.

I&J Outcome: Phishing and Malware: A Procedural Workflow (REF: 20-115) 

This schematic workflow maps the respective roles of Notifiers, Registrars and Registries and the sequence of their interactions in the context of reporting, evaluating, and taking action on reports of phishing and malware.

The resources build on the outcome of the work of Members of the Internet & Jurisdiction Policy Network’s Domains & Jurisdiction Program Contact Group. In 2019, the Members developed a set of Operational Approaches that provide stakeholders with common Norms, Criteria, and Mechanisms regarding cross-border DNS-level action to address abuses. 

The Internet & Jurisdiction Policy Network is the multistakeholder organization addressing the tension between the cross-border internet and national jurisdictions. It engages over 300 entities from governments, the world’s largest internet companies, technical operators, civil society groups, academia, and international organizations from over 50 countries.