DNS Abuse
AL-ALAC-ST-1219-03-00-EN was submitted to the ICANN Board on 24 December 2019. For complete historical information on the development of this Advice, visit the At-Large workspace: ALAC Advice on DNS Abuse and the At-Large website: https://atlarge.icann.org/advice_statements/13747.
| Recommendation | Description | Phase |
|---|---|---|
| Recommendation 1 | Establish a clear definition of DNS Abuse. The GNSO has already produced consensus definitions of “abuse” and “malicious use of domain names” that are more expansive. According to that definition, “abuse” is an action that: 1) Causes actual and substantial harm, or is a material predicate of such harm; and 2) Is illegal or illegitimate, or is otherwise considered contrary to the intention and design of a stated legitimate purpose, if such a purpose is disclosed. The GNSO also recognized that “malicious use of domain names” include, but are not limited to: 1) spam, 2) malware distribution, 3) online child sexual exploitation and imagery abuse, 4) phishing, 5) botnet command-and-control. ICANN should clarify the purposes and applications of “abuse” before further work is done to define DNS abuse. Once those purposes are identified, ICANN should determine whether abuse definitions used by outside sources can serve as references for the ICANN community, or whether a new, outcomes-based nomenclature could be useful (including impersonation, fraud, or other types of abuse) to accurately describe problems being addressed. | Phase 3 | Evaluate & Consider |
| Recommendation 2 | Cease rate limiting WHOIS (eventually RDAP) or simplify the process of whitelisting, so that it can report on the registration ecosystem. Adopt a uniform and timely access framework for publicly available registrant data. | Phase 3 | Evaluate & Consider |
| Recommendation 3 | Direct ICANN Org to establish low thresholds for identifying bad actors. Direct ICANN Org to publish more actionable Domain Abuse Activity Reporting (DAAR) data: identifying the operators with high concentrations of abuse against whom onward action ought to be contemplated. | Phase 3 | Evaluate & Consider |
| Recommendation 4 | Provide an explicit mandate to ICANN Contractual Compliance to regularly use the audit function to root out “systemic” abuse; not to regulate content, but to proactively exercise enforceability. | Phase 3 | Evaluate & Consider |
| Recommendation 5 | Do not process registrations with “third party” payments, unless they have been approved prior to the request. | Phase 3 | Evaluate & Consider |
| Recommendation 6 | Adopt an “anti-crime, anti-abuse” Acceptable Use Policy (AUP) and include enforcement. | Phase 3 | Evaluate & Consider |
| Recommendation 7 | Compel industry-wide good behavior: for ex. by increasing per domain transaction fees for registrars that continually demonstrate high abuse rates. | Phase 3 | Evaluate & Consider |
| Recommendation 8 | Implement the above in agreements/contracts, with clear enforcement language for ICANN Contractual Compliance to adopt.5 Convene a discussion between the Contracted Parties and ICANN Compliance to finally resolve what additional tools might be needed by Compliance. | Phase 3 | Evaluate & Consider |
