Domain Registrars And ISPs: The Soft Underbelly Of Coercive Control

from the know-your-domain-right dept

When I first got into this business I frequently wondered why the domain-policy mailing lists I was getting involved in attracted a lot of activist types.

Over the years it became apparent to me very quickly, that in an emerging era of global communications and transparency (what Anthony Wile calls "The Internet Reformation") - that "the name" (the domain name) along with the ability to "locate it" (DNS) was a central, all-important "secret sauce" to the entire internet.

But it was only gradually that I became aware that it would take centre stage politically and and become the battleground between forces for liberty, free speech and emerging civil & business models on one hand and entrenched reactionary, authoritarian, cronyist kleptocrats on the other.

Hence those passionate activist types (some of whom I used to tirelessly argue with) were getting so worked up over the high-intensity Orwellianism that they could sense coming somewhere over the event-horizon.

While the co-opting of this marvellous internet into an all pervasive surveillance apparatus is a paramount issue, it is outside the scope of this article. Consider it one side of a dual-pronged approach of modern-era repression and totalitarianism.

The other side of that vice is the DNS and naming system of the internet which is the "choke point", where control can be exerted, censorship implemented and protection rackets flourish.

In a world where news travels over the internet before the traditional media is even aware of it, where non-sanctioned, unofficial sources can audaciously disseminate the truth without central planners massaging, spinning or heavily redacting it; the domain name, or the DNS that powers them is basically the dial tone of the entire global communications medium. Take out a domain or its DNS, you shut down it's voice, it's message or it's economic activity. You make it go away.

Without getting too detailed with the technical specifics (although I'll happily talk the ear off of anybody who asks me about it), the "inverted tree" structure of the DNS naming system distributes power in the following pattern:

  1. The Root < -- ICANN
  2. The Top Level Domains (com, net, org < ---- Verisign, Afilias, Public Interest Registry, Neulevel and soon all the new ones, Donuts, etc)
  3. Second level domains (registrars, DNS providers, web hosting providers, ISPs)

ICANN is conspicuously absent from curating the interests of global stakeholders within the overall naming scheme. Because of this, US law applies across most of the internet, and in the absence of a concerted effort to address global interests (no, not globalist interests, I mean "also considering interests from outside the USA") there will eventually be a root level net split and won't be pretty (yes, I'm fully aware how crazy that sounds now, I always sound crazy about 5-years in advance.)

At Level 2, the registry operators are themselves, pretty big and pretty bureaucratic - if a vested interest wants to compel them to do something they know they have to get a legal basis to do it, like a court order.

So the soft underbelly of coercive control starts at Level 3, which is rife with myriad third parties falling over each other to "serve" registrars, DNS providers, web hosts and ISPs with various facades of "legalese" designed to baffle unwitting abuse desks into submissive compliance with purely "made up" takedown rationalizations.

If you remember the Simpsons episode where Monty Burns is being committed to a mental institution against his will for becoming inordinately enthralled with the difference between "Ketchup" and "Catsup", he is informed by Chief Wiggum as he is being dragged up the steps to the asylum: "Relax…you've gone off your nut and you're being committed to a mental institution…. those grocery store clerks signed the commitment papers".

That's about the best description there is of today's "takedown request" racket that is overrunning the internet.

Quite literally "some guy", in England or "someplace" (often times in England tho), will email a registrar or a DNS host in some other country entirely and will tell them "Hi! I'm an 'internet investigator' here in some place in some official capacity, and the following domain names are operating in contravention to some laws here. So, uh, take the domains down. Ok?"

And more often than not, the recipient will simply AGREE and just do it.

If they do not comply right away the "official guy somewhere" will tell the recipient that if they do not comply then they are themselves in some sort of legal trouble (or in violation of some contractual obligation which some official guy somewhere is not even a party to) and there will be trouble.

Recipient usually agrees and shuts down the domain. Which, absent some obvious network abuse issue, I find mind-boggling. Some of the letters we get from private, non-governmental, self-appointed "regulatory" bodies with no legal or enforcement powers anywhere on earth contain claims and make leaps of logic which are on par with fantastic narratives spun in Nigerian 419 scams.

That some of the largest ISPs and registrars in the world actually take them seriously and shut down entire businesses on this basis is nothing short of criminally negligent.

But shut down they will. Somebody with a badge out of a box of Cracker Jacks can probably email your registrar right now and tell them to unplug your domain name from the internet and there's a good chance they'll do it.

People may tell me to calm down, because right now the most common targets seem to be "dodgy" websites (like "rogue" pharmacies), but as we've noted elsewhere, the script we laid out in First They Came For The File Sharing Domains is playing out nearly verbatim in the three years hence. And there was an extra-judicial attempt to take out Wikileaks for the crime of egregious truth telling.

All of this begs the fundamental question of due process, something these ersatz enforcement agencies are happy to throw overboard and replace with their own Calvin-ball interpretations of reality.

So if or when it happens to you, you should know this:

Unless there is a court order in the jurisdiction of the Registrar who shuts you down - they CANNOT stop you from transferring your domain out to another Registrar.

That is your basic domain right (notice it's in the singular). It was just upheld by an NAF panel under an ICANN TDRP proceeding. We're in the process of doing this again right now for another client who had their fully compliant Canadian business, doing business from and in Canada was shut down entirely when literally "some guy in England" emailed their US-based registrar and told them to shut down their domain - which they promptly did, no questions asked (watch our blog as this unfolds).

Hopefully before long Registrars are going to wake up and realize that Chief Wiggum can't compel them to take down, hijack and lock your domain name unless he has a court order from some place other than Springfield.

Mark Jeftovic is CEO of easyDNS



Reader Comments (rss)

(Flattened / Threaded)

  1. This comment has been flagged by the community. Click here to show it
     
    icon
    Ehud Gavron (profile), Jan 16th, 2014 @ 9:03pm

    Please don't let morons post on techdirt.

    It ruins the playground for everyone else.

    Ehud

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Just Sayin', Jan 16th, 2014 @ 9:06pm

    Wow

    There ain't enough tin foil to make this writer a proper hat. he has convinced me totally though that Easy DNS would be a company to avoid at all costs, as the risks that it goes rogue is about 100%.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Jan 17th, 2014 @ 1:50am

    But the Calvin-ball rules are so much more fun!

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Jan 17th, 2014 @ 3:09am

    Re:

    Damn son, closing down Techdirt is a solution? Gotta close the internet at ICANN-level if you were in charge. T'is the only way to stop "morons" from posting.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Jan 17th, 2014 @ 4:21am

    It's just a bunch of powerholics drunk on power, who are attacking the centralized nature of the current DNS system. Seeing as these drunkards seems to have no inclination for undergo rehab, the only logical answer is a non-centralized DNS system.

    I'm sure once the powerholics decimate and disgrace the current DNS system for long enough, it will accelerate competing, non-centralized systems, as a mainstream alternative to the current DNS design.

    Never underestimate the drunken stupidity of a powerholic. I'm sure we'll have the need for such decentralized systems, probably sooner than later.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    blerk, Jan 17th, 2014 @ 4:31am

    the tin foil is strong with this one.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Clownius, Jan 17th, 2014 @ 5:05am

    Endgame

    Sadly the end game is the demise of the DNS system now. Its so badly abused that its just broken.

    Guys like Mark and easyDNS can take a stand and its great they do so. But at the end of the day i can see laws being changed to make such court orders childs play to get if you just say piracy or terrorism. So even the court order only wont be enough soon enough......

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Jan 17th, 2014 @ 5:33am

    i notice how the change from the USA to the UK (England) has happened. the reason probably being that there seems to be a bit of a slow down in any sort of Internet abuse since the NSA scandal started, and as the accompanying GCHQ involvement is being ignored completely (typical British attitude of if you ignore it, it will disappear) the UK government is taking over the censorship and control of the Internet, including the shutting down of as many sites as possible, particularly those that the entertainment industries dont like, which in truth is 99.9% of the internet!!

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Jan 17th, 2014 @ 6:23am

    Just wondering what you think is the proper resolution to jurisdiction issues?

    I'm not even thinking Police force from country X should be able to seize domains unless they are country specific and proper paperwork is filed. IE I don't have a problem with the UK taking down .uk domains with proper paperwork, but they should not be able to effect .us or any generic domain such as .com. Sadly, I think ICANN is too much of a political mess to actually be any use. Even the ICANN dispute process is painfully hard to traverse, as you probably know from the transfer requests.

    Should we just ditch the current DNS infrastructure?

    In all honestly, I think the protocol is old and worn out and I'm sure you know that changes are hard to implement. (It's been over 10 years since EDNS was written and still isn't properly implemented globally.) Add that UDP is a horrible transport especially without many implementing BCP38, I'm gaining favor of an alternative P2P network like .bit, though I've never actually used it or looked at it.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Pragmatic, Jan 17th, 2014 @ 6:28am

    Re:

    Except that he's already been proven right, and since he's in the business, on the front line, maybe he knows a thing or two.

    What are your qualifications for disrespecting Mark?

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    Ninja (profile), Jan 17th, 2014 @ 7:32am

    Holy crap that's one enlightening piece of information. I for one would sign up with EasyDNS after reading it.

    It's always nice to see an insider criticism like this. The sad part is that when Lvl 3 does not work they will inevitably go to Lvl 2. Can we stop the Owrellian flow before that? If it gets there what can be done? And considering the USA today how long till they attack LVL 1 shamelessly? And if the root splits, what will happen? Can ICANN be replaced by a decentralized but trustful alternative?

    So many questions, so little time.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Cerberus (profile), Jan 17th, 2014 @ 7:43am

    Make a blacklist of bad registrars?

    Can't we compile a blacklist of registrars that are known to comply with such requests, and a whitelist of "safe" registrars?

     

    reply to this | link to this | view in thread ]

  13. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Jan 17th, 2014 @ 7:53am

    Oh, it's conflating "First They Came For The File Sharing Domains" again!

    Putting "File Sharing Domains" under "Coercive Control" headline is the payload here again. Totally undermines the rest that I DO agree with, as I suspect that your WHOLE intent is to do another end-run on copryight.

    Those who call themselves "pirates" self-identify as don't have rights, it's just plain fact that you're calling yourselves thieves and your driving principle is to steal content. No one has a right to distribute the copyrighted content that others made nor even to promote it or put up links to it: that crossed the crucial boundary between "mine" and "yours". Simple principle: if it ain't yours, just leave it alone. It's not "free speech" to help theft, it's contributory infringement.

    Now, you have also wrong notion of "due process" in this context and conflate it with gov't action. But as held here at Techdirt just last weekend: "Google is voluntary. NSA is not." -- ICANN and root DNS servers are corporate, not gov't. When you paid for a domain name, you came under control of corporate entities, not gov't (yes, even if "international" those are corporations). I don't like corporations and would nationalize (or have kept all that national), but that's what we're stuck with now, and you don't have what you're calling "due process". Corporations in fact DO have "extra-judicial" powers. Get facts straight before you rant.

    You should be cleanly and clearly opposing the "extra-judicial" powers of corporations, not muddying your own and public interests up with "file sharing" that's inherently stealing, and "due process" rights that do NOT exist.

    2nd, here's another conflation from "libertarian" loonyism that I'll move words to show your error: "battleground between forces for liberty, free speech and emerging civil [practices] on one hand and entrenched reactionary, authoritarian, cronyist kleptocrats business models on the other." -- It's exactly "business models" that drive all you appear to oppose. You're a small fish and likely okay, but should put this on Populist basis: BIG IS BAD. Of course, that'd require thinking on your nettish idealist notions and much else.

    CORPORATISM IS THE PROBLEM.

    PIRATING CONTENT EUPHEMIZED AS "FILE SHARING" IS STILL STEALING.

    TRUE ANTI-CORPORATE POPULISM IS THE ANSWER.

    Spying is the main "business model" of the internet, especially for Google and Facebook.

    03:51:11[d-602-2]

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    alternatives(), Jan 17th, 2014 @ 10:00am

    I think the protocol is old and worn out

    Ahhh yes, protocols get worn out due to well documented mental fatigue. A common engineering problem in the field of mentalurgy, but with alloying and tempermature control, one can use the older age of mentalolgists to apply the idea of wisdom.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Jan 17th, 2014 @ 10:08am

    Re: Re:

    Well, closing down Techdirt (at least for a time) is easy. Expensive, but easy. http://rtb.techdirt.com/product-cat/anti/

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    PRMan, Jan 17th, 2014 @ 10:41am

    Re:

    Namecoin, based on the Bitcoin protocol is doing exactly this. You register your name on the public blockchain and nobody can take it from you. Domains must re-register every 250 days or the names go back in the pool.

    There are plugins for Chrome and Firefox that resolve these .bit domains, since there is no browser support natively yet.

    It's early, but apparently they have over 77000 domains registered already.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Jan 17th, 2014 @ 11:12am

    Re:

    Actually, I would suggest checking out the SpamHaus DDoS attack, the Open Resolvers issue, the lack of support for AAAA, DNSSec on many ICANN accredited registrars, the ghost resolver issue. Most of these issues are still around today, due to lack of care, and an insecure protocol that wasn't designed for malicious activity.

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    nasch (profile), Jan 17th, 2014 @ 12:58pm

    Re:

    the tin foil is strong with this one.

    The style of writing is very much in the vein of raving, foaming at the mouth tinfoil hattery. But I think the content has a lot of merit.

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    nasch (profile), Jan 17th, 2014 @ 1:00pm

    Cannot?

    Unless there is a court order in the jurisdiction of the Registrar who shuts you down - they CANNOT stop you from transferring your domain out to another Registrar.

    Cannot, or may not?

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Jan 17th, 2014 @ 1:13pm

    You left out an important detail...

    ICANN rules only allow for transfers on domains that are OLDER THAN 60 DAYS OR HAVEN'T BEEN TRANSFERRED FOR 60 DAYS. So if you just registered an new domain or just moved it to a new registrar, you won't be able to transfer it for that reason. Also if the person who got your registrar to shut your domain name down does the same thing again to your new registrar once you get it transferred, your stuck for a while.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Clownius, Jan 17th, 2014 @ 7:52pm

    Re: Re:

    Its certainly an alternative.

    But im fairly tech literate and i cant get my head around how to set one up and more to the point how to actually get users to use it.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Jan 18th, 2014 @ 1:34am

    Re: Wow

    No one believes you, bobmail.

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    Sheogorath (profile), Jan 18th, 2014 @ 9:37am

    Kiddy winks

    But, but... destroying the Internet is for the children!
    Especially if we start by filing takedown requests for the legitimate websites of MAFIAA members. };D

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Jan 18th, 2014 @ 5:04pm

    Nice to see Masnick providing a therapeutic outlet for this obvious lunatic on leave from some sort of mental institution. Here at Techdirt, it doesn't matter if you're nuttier than squirrel shit- only that you're willing to scream hysterically into the echo chamber.

     

    reply to this | link to this | view in thread ]

  25.  
    icon
    Urgelt (profile), Jan 18th, 2014 @ 11:08pm

    Bleeding Eyes

    "Over the years it became apparent to me very quickly..."

    Seriously, get an editor. Or edit it yourself. Or something. Mkay? You made my eyes bleed with that one.

    I think your points are good ones. But a little judicious editing would have been good.

     

    reply to this | link to this | view in thread ]

  26.  
    icon
    TiagoTiago (profile), Jan 28th, 2014 @ 7:06am

    To make things worse, if you don't got enough money, often you won't actually have access to a fair trial...

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This