Feeds

Domain registrars push back on law enforcement changes

Changes through the backdoor?

Secure remote control for conventional and virtual desktops

The companies that sell domain names have pushed back on proposals made by law enforcement yesterday to change their contracts to make cybercrime more difficult.

Calling the proposals “policy by the back door”, the registrars complained to members of ICANN’s Board in Brussels that the Registrar Accreditation Agreement (RAA) should only be changed through the organization’s official policy-development process. And they asked for the Board’s help in making sure they weren’t used as the fall-guys for online crime.

In a main session yesterday at the ICANN meeting in Brussels, the international police, including the UK’s Serious Organised Crime Agency, argued for changes to the contract that defines what registrars are obliged to do, in an effort to make sure there were “mandatory minimum standards” in the registration of domain names.

But the registrars themselves feel that publicizing changes to their main contract without going through the proper processes put them into a defensive position and made their business environment difficult.

Contracts need to remain stable for periods of time, argued Rob Hall, the CEO of Canada’s largest registrar, Momentus, and there needed to be a clear process for making changes to it. Shifts in the rapidly changing domain name system could be done instead through more-flexible best practices.

Elliot Noss, CEO of Tucows, the third largest registrar in the world, agreed, complaining that the good actors — who represent the vast majority of domain names in existence — risk being punished for the behavior of a few bad actors. “No one in this room [i.e., a member of the registrar constituency of ICANN] has ever had a complaint held against them or been de-accredited,” he pointed out.

The changes suggested by law enforcement would cause registrars to have to make potentially costly changes to their businesses, with some of that cost likely passed onto everyday Internet users.

Instead of “forcing through” changes to the RAA and making registrars figure out how to change their business models, others within ICANN — including governments and law enforcement themselves — could do more work at their end to ease the headaches, Noss said. This might include producing a clear definition of whom would be entitled to access to private data for defeating cybercriminals and how this would work.

Hall also argued that some of the changes being proposed would never make it through the rigorous policy development process and so were being pushed through a different route.

In response, ICANN chairman Peter Dengate Thrush agreed strongly with the point that significant changes to the RAA should only come through the approved policy processes and vowed to make sure that happened.

Board member and CFO of another registrar, Melbourne IT, Bruce Tonkin, agreed and argued that ICANN occasionally confused what was a policy decision with what was an implementation of existing policy.

All that said, the chair of the registrars' constituency, Mason Cole from Oversee, pointed out that the registrars had had a very productive meeting with the law enforcement officials earlier in the day and would be actively working with them to find ways to cut down on cybercrime.

So long as it doesn’t contractually oblige them to fix the problem, that is. ®

Gartner critical capabilities for enterprise endpoint backup

More from The Register

next story
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Canadian ISP Shaw falls over with 'routing' sickness
How sure are you of cloud computing now?
Don't call it throttling: Ericsson 'priority' tech gives users their own slice of spectrum
Actually it's a nifty trick - at least you'll pay for what you get
Three floats Jolla in Hong Kong: Says Sailfish is '3rd option'
Network throws hat into ring with Linux-powered handsets
Fifteen zero days found in hacker router comp romp
Four routers rooted in SOHOpelessly Broken challenge
New Sprint CEO says he will lower axe on staff – but prices come first
'Very disruptive' new rates to be revealed next week
US TV stations bowl sueball directly at FCC's spectrum mega-sale
Broadcasters upset about coverage and cost as they shift up and down the dials
Trans-Pacific: Google spaffs cash on FAST undersea packet-flinging
One of 6 backers for new 60 Tbps cable to hook US to Japan
Tech city types developing 'Google Glass for the blind' app
An app and service where other people 'see' for you
UK mobile coverage is BETTER than EVER, networks tell Ofcom
Regulator swallows this line and parrots it back out at us. What are they playing at?
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.