Feeds

Nominet claws back cops' automatic .UK takedown power

New plan: court order needed in some cases

Secure remote control for conventional and virtual desktops

UK cops hoping to swiftly shutdown .uk websites accused of being involved in counterfeiting will have a harder time under proposed changes to Nominet policy.

Under the changes, which will affect all .uk domain names, Nominet will be able to deny a site suspension request unless police provide a court order or the site is accused of putting the public at serious risk - such as flogging dodgy drugs.

New rights for registrants to object to and appeal a suspension have also been proposed, and the new draft policy also makes it clear how serious and non-serious crimes are handled.

The recommendations feed on the responses of "well over 100" punters who submitted comments on earlier drafts of the policy, according to Nominet policy director Alex Blowers.

A volunteer "Issue Group" comprising cops, techies, policy experts and academics has been working on a process to enable law enforcement agencies to shut down .uk sites selling fake pharmaceuticals or bootleg handbags for the last several months.

Early draft recommendations came in for criticism because police would be able to instruct Nominet to take down unlimited numbers of domains without a court order.

Following previous coverage, many El Reg readers were outraged that the proposals didn't seem to do enough to protect ordinary .uk owners from over-zealous cops.

While Nominet has always said that the takedown policy should always be a last resort for police, the new draft, which is open for public comment until the end of Friday, 18 November, addresses some of those concerns, according to Blowers.

"We're trying to make sure there's a process by which people can hold us to account for our conduct and the administrative processes we put in place," he said. "Law enforcement agencies should be prepared to go to court and obtain a court order if the application of this policy is challenged."

The new draft recommendations state that should a suspension notice be objected to by a domain's registrant, Nominet would be able to consult an "independent expert", likely an outside lawyer, before deciding whether to ask police for a court order.

Risk to the public?

A new revision also draws a distinction between serious cases of botnets, phishing and fake pharmaceuticals sales, which pose an "imminent risk" to internet users, and cases of counterfeiting, which are perhaps not as risky.

Nominet would draw a distinction between the two scenarios. If it received a suspension request relating to a 'low risk' crime, such as alleged counterfeiting, it would have to inform the registrant, giving them an opportunity to object and/or rectify the problem, before it suspended the domain name.

The policy has stated in all drafts that it would not be applicable to private complainants, such as intellectual property interests, and that hasn't changed.

"We're excluding all civil disputes," Blowers said. "If the MPAA [for example] wanted to bring down 25,000 domains associated with online piracy, that would fall outside of this process."

The policy has also been tweaked with respect to free speech issues. Now, it states that cases involving "hate speech" or obscenity, which would usually require the authorisation of the Director of Public Prosecutions or Attorney General to prosecute, are specifically excluded.

In other words, to take down an overtly racist or egregiously pornographic site, Nominet would not suspend the domain name without a court order.

The recommendations are still in draft form, but Blowers said he expects them to be submitted to the Nominet board of directors for approval in December. A working policy could be implemented early next year.

Friday is the last day to submit comments on the proposals. The drafts themselves, background information and contact details for commenting, can be found here. ®

Security for virtualized datacentres

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
'Serious flaws in the Vertigan report' says broadband boffin
Report 'fails reality test' , is 'simply wrong' and offers ''convenient' justification for FTTN says Rod Tucker
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
Apple Watch will CONQUER smartwatch world – analysts
After Applelocalypse, other wristputers will get stuck in
Shades of Mannesmann: Vodafone should buy T-Mobile US
Biting the bullet would let Blighty-based biz flip the bird at AT&T
Drag queens: Oh, don't be so bitchy, Facebook! Let us use our stage names
Handbags at dawn over free content ad network's ID policy
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.