mark jeftovic – Techdirt (original) (raw)
Domain Registrars And ISPs: The Soft Underbelly Of Coercive Control
from the know-your-domain-right dept
When I first got into this business I frequently wondered why the domain-policy mailing lists I was getting involved in attracted a lot of activist types.
Over the years it became apparent to me very quickly, that in an emerging era of global communications and transparency (what Anthony Wile calls “The Internet Reformation”) – that “the name” (the domain name) along with the ability to “locate it” (DNS) was a central, all-important “secret sauce” to the entire internet.
But it was only gradually that I became aware that it would take centre stage politically and and become the battleground between forces for liberty, free speech and emerging civil & business models on one hand and entrenched reactionary, authoritarian, cronyist kleptocrats on the other.
Hence those passionate activist types (some of whom I used to tirelessly argue with) were getting so worked up over the high-intensity Orwellianism that they could sense coming somewhere over the event-horizon.
While the co-opting of this marvellous internet into an all pervasive surveillance apparatus is a paramount issue, it is outside the scope of this article. Consider it one side of a dual-pronged approach of modern-era repression and totalitarianism.
The other side of that vice is the DNS and naming system of the internet which is the “choke point”, where control can be exerted, censorship implemented and protection rackets flourish.
In a world where news travels over the internet before the traditional media is even aware of it, where non-sanctioned, unofficial sources can audaciously disseminate the truth without central planners massaging, spinning or heavily redacting it; the domain name, or the DNS that powers them is basically the dial tone of the entire global communications medium. Take out a domain or its DNS, you shut down it’s voice, it’s message or it’s economic activity. You make it go away.
Without getting too detailed with the technical specifics (although I’ll happily talk the ear off of anybody who asks me about it), the “inverted tree” structure of the DNS naming system distributes power in the following pattern:
- The Root < -- ICANN
- The Top Level Domains (com, net, org < ---- Verisign, Afilias, Public Interest Registry, Neulevel and soon all the new ones, Donuts, etc)
- Second level domains (registrars, DNS providers, web hosting providers, ISPs)
ICANN is conspicuously absent from curating the interests of global stakeholders within the overall naming scheme. Because of this, US law applies across most of the internet, and in the absence of a concerted effort to address global interests (no, not globalist interests, I mean “also considering interests from outside the USA”) there will eventually be a root level net split and won’t be pretty (yes, I’m fully aware how crazy that sounds now, I always sound crazy about 5-years in advance.)
At Level 2, the registry operators are themselves, pretty big and pretty bureaucratic – if a vested interest wants to compel them to do something they know they have to get a legal basis to do it, like a court order.
So the soft underbelly of coercive control starts at Level 3, which is rife with myriad third parties falling over each other to “serve” registrars, DNS providers, web hosts and ISPs with various facades of “legalese” designed to baffle unwitting abuse desks into submissive compliance with purely “made up” takedown rationalizations.
If you remember the Simpsons episode where Monty Burns is being committed to a mental institution against his will for becoming inordinately enthralled with the difference between “Ketchup” and “Catsup”, he is informed by Chief Wiggum as he is being dragged up the steps to the asylum: “Relax…you’ve gone off your nut and you’re being committed to a mental institution…. those grocery store clerks signed the commitment papers”.
That’s about the best description there is of today’s “takedown request” racket that is overrunning the internet.
Quite literally “some guy”, in England or “someplace” (often times in England tho), will email a registrar or a DNS host in some other country entirely and will tell them “Hi! I’m an ‘internet investigator’ here in some place in some official capacity, and the following domain names are operating in contravention to some laws here. So, uh, take the domains down. Ok?”
And more often than not, the recipient will simply AGREE and just do it.
If they do not comply right away the “official guy somewhere” will tell the recipient that if they do not comply then they are themselves in some sort of legal trouble (or in violation of some contractual obligation which some official guy somewhere is not even a party to) and there will be trouble.
Recipient usually agrees and shuts down the domain. Which, absent some obvious network abuse issue, I find mind-boggling. Some of the letters we get from private, non-governmental, self-appointed “regulatory” bodies with no legal or enforcement powers anywhere on earth contain claims and make leaps of logic which are on par with fantastic narratives spun in Nigerian 419 scams.
That some of the largest ISPs and registrars in the world actually take them seriously and shut down entire businesses on this basis is nothing short of criminally negligent.
But shut down they will. Somebody with a badge out of a box of Cracker Jacks can probably email your registrar right now and tell them to unplug your domain name from the internet and there’s a good chance they’ll do it.
People may tell me to calm down, because right now the most common targets seem to be “dodgy” websites (like “rogue” pharmacies), but as we’ve noted elsewhere, the script we laid out in First They Came For The File Sharing Domains is playing out nearly verbatim in the three years hence. And there was an extra-judicial attempt to take out Wikileaks for the crime of egregious truth telling.
All of this begs the fundamental question of due process, something these ersatz enforcement agencies are happy to throw overboard and replace with their own Calvin-ball interpretations of reality.
So if or when it happens to you, you should know this:
Unless there is a court order in the jurisdiction of the Registrar who shuts you down – they CANNOT stop you from transferring your domain out to another Registrar.
That is your basic domain right (notice it’s in the singular). It was just upheld by an NAF panel under an ICANN TDRP proceeding.
We’re in the process of doing this again right now for another client who had their fully compliant Canadian business, doing business from and in Canada was shut down entirely when literally “some guy in England” emailed their US-based registrar and told them to shut down their domain – which they promptly did, no questions asked (watch our blog as this unfolds).
Hopefully before long Registrars are going to wake up and realize that Chief Wiggum can’t compel them to take down, hijack and lock your domain name unless he has a court order from some place other than Springfield.
Mark Jeftovic is CEO of easyDNS
Filed Under: dns, domain transfers, domains, mark jeftovic, web hosting
Companies: easydns
Pharmacy Group Lies To Registrars: If We Complain About A Site, It Must Be Taken Down No Questions Asked
from the that's-not-how-it-works dept
This is incredible. Just yesterday we wrote about how EasyDNS won its arbitration case, saying that a registrar cannot takedown and block the transfer of a domain name just on the say so of law enforcement or anyone else not carrying a court order. And, the very next day, EasyDNS is reporting on an absurd letter it has received from the National Association of Boards of Pharmacy, which argues exactly the opposite of what the arbitration panel told EasyDNS.
Incredibly, it says that if it complains about a domain, the registrar must take it down:
“Upon receipt of an abuse notification, some Registrars claim that a court order is required or that they are not violating the laws of the Registrar’s country. Both assertions are wrong.”
Except, as EasyDNS points out, the arbitration ruling says that it’s the NABP that’s wrong, and that a court order is required. Similarly, the NABP claims that registrars must freeze the domains, even without a court order.
You should not allow domain names engaged in the illegal sale or distribution to transfer to another Registrar: the question of legality does not relate to where the Registrar is located, but rather to the activity of the Web site.
But, again, the arbitration ruling, which merely read from ICANN’s own rules, says the exact opposite — noting that you clearly need a court order
The NABP also tries the same direct misreading of ICANN’s rules that Public Domain Registry used, to pretend that “fraud” is a reason to deny transfer, but as the arbitration ruling found, that claim is simply incorrect. The “fraud” referenced in the rules is only fraud concerning transfers not fraud in terms of what the website was used for.
There’s much more in the letter as well. There is some history here. The NABP is basically an organization designed to artificially inflate the price of drugs in the US, cynically using highly questionable claims to pretend that they’re focused on “public safety.” For years, the NABP has worked hard to keep legitimate but cheaper versions of drugs outside the US, so that US pharmacies (and the drug companies they work with) can charge increasingly insane prices for drugs. Because they can use the specter of “fake drugs killing people!” they’re able to do all sorts of nasty attacks on foreign pharmacies that are selling perfectly legitimate drugs to willing buyers, by claiming that they put people’s lives at risk.
And, now, it appears they’re going even further in trying to basically create a “SOPA-like” setup, whereby registrars are required to pull down any domain based solely on NABP’s say so without any judicial review at all. The fact that this is happening at the same time that City of London Police are doing the same exact thing (at the urging of the legacy music/movie industries) isn’t an accident. While the supporters of SOPA insist that there’s no new legislation coming, they’re all trying to do an end run around all of it, creating something that’s even more extreme than SOPA by getting registrars to simply kill sites they don’t like based on nothing but a complaint.
EasyDNS’s Mark Jeftovic says it all in his blog post about it, noting that this is why they fought back against COICA/SOPA/PIPA:
It really is getting creepy out there.
We now know that we live in a total surveillance society, governments are printing money, going broke, manufacturing consent and lying about nearly everything; while quasi-governmental agencies all over the world are now asserting they have the authority to overturn legal process and basically dictate everybody else’s business.
This script is playing out almost verbatim what we wrote only three years ago in “First They Came For The File Sharing Domains”.
Who will be the next batch of clowns who tell us they can use liberally interpreted language in a couple of agreements that they aren’t even party to to compel us to takedown your website? Let’s start a betting pool.
This is why pushing back and standing up for internet freedom is so important. The attempts to control, to censor, to block and to silence are only increasing. The legacy players who can’t stand competition or innovation are looking for any way to hold back the future, and that means attacking the public’s ability to make use of the internet and to speak freely.
Filed Under: censorship, domains, mark jeftovic, registrars, takedowns
Companies: easydns, icann, nabp