Knowledge Base
Evolution of a PII Free DNS Abuse Management
Evolving Registry DNS Abuse Management: The use of registrant personal data
For decades, the internet has improved lives worldwide by driving economic growth and facilitating the sharing of all types of information. In recent years, given the great dissemination of information, the world has become increasingly focused on why and how much personal information we collect, use, and share. Laws like the General Data Protection Regulation in the European Economic Area and analogous laws in the United Kingdom and certain U.S. states emerged to address the sharing and handling of personal information.
In the domain name industry, there is an ongoing lively debate on whether and how personal data of domain name registrants should be collected and published. Some believe that a safe and secure internet can only be ensured through the collection and publication of personal data of domain name registrants while others insist that personal data should be guarded at all costs. Regardless of this debate, the laws noted above greatly affect the means in which our industry can collect and process personal data. At Identity Digital, we are proving it possible to effectively and quickly stop, and even prevent, online harms without the need of registrant personal data. This allows us to sidestep any debate and be extremely mindful of the data we collect in compliance with applicable laws.
Identity Digital has always taken the prevention and mitigation of harms on the internet, including DNS Abuse (phishing, pharming, malware and botnets), seriously. Since our first top-level domain (TLD) was delegated, we have maintained a robust anti-abuse program and done our best to eliminate harmful material on the internet. In earlier years, like others, we looked for clues within available registrant information to aid our efforts in mitigating abuse. Over time, with improved processes, software, and training, we found that we did not need to rely on personal registrant information to improve our outcomes.
In fact, we recently evaluated our database of registrant information to better understand how much registrant data we, as a registry operator, hold. We discovered to our surprise that over 70% of registrant data we currently receive is either completely redacted by the registrar or, likely due to the increased focus on data privacy, masked by the registrant through a privacy or proxy service provider. Accordingly, our ability to effectively address DNS abuse without this data is excellent news.
Currently, as noted in our anti-abuse reports, our TLDs experience low rates of reported abuse without having to rely on personal information. More importantly, our human and software systems, all designed without the need to access registrant personal information, are tremendous in collecting direct evidence of harms and other technical data. These systems enable us to actively and quickly escalate and mitigate abuse, achieving better results without the need to further use registrant personal information. If you have any questions on how we might help you do the same, please let us know.
Access the Anti-Abuse Report.
Introducing the Identity Digital, Anti-Abuse Report
Introducing the Identity Digital Anti-Abuse Report
At Identity Digital, we work hard to foster a healthy, functional and trustworthy Internet, playing our role in ensuring a secure, safe and resilient domain name system (DNS). As an original drafter and signatory of the Framework to Address Abuse, Identity Digital has always taken an active and consistent approach to remedying abuse of the Domain Name System (DNS Abuse). To that end, we invest a significant amount of time and resources to identify, understand, and disrupt DNS Abuse occurring within the Identity Digital portfolio of top-level domains, including doing significant analysis on the reports and evidence we find. Today we publish our first Anti-Abuse Report so that we can actively share our data and related statistics. We hope you find it as interesting as we do and look forward to your input on how we can all work together toward a better DNS.
Our first report covers these three areas:
- DNS Abuse Actions
The principal focus of our anti-abuse reporting relates to how we handle DNS Abuse identified in our top-level domains, including how we collaborate with our registrar partners, trusted notifiers, and end users (in more limited circumstances).
- Data Disclosure Request Statistics
These statistics relate to requests we receive for the release of registrant data through our data request resources. These resources have been built to account for the introduction of the European Union’s General Data Protection Regulation (GDPR) and similar data privacy regulations from other jurisdictions.
- Law Enforcement and Other Government Request Statistics
These statistics relate to requests from law enforcement and other government requests for our intervention. These include court orders, or other specific requests from applicable government entities with verified, specific, and stated authority.
Why publish statistics on DNS Abuse management matters?
As a registry operator there are only a limited set of actions we can take to address DNS Abuse. The most severe action, which is also the most imprecise, is to “suspend” the domain in question. This stops the domain and all associated services from resolving (i.e., connecting) on the internet.
Given the severity and lack of precision with a domain suspension, there can be significant, far-reaching, and unintended consequences. Not only will websites using that domain cease to be accessible, but any email addresses, applications, or software using that domain also will become critically impaired. For example, suspending a “marketplace” domain because of a verified report of an illegal or abusive product may at first seem appropriate, but given the impact on other legitimate users of the domain and the enterprise as a whole, it may not at all be proportional or appropriate. In other instances when a domain appears to be registered entirely for the purpose of DNS Abuse, a domain suspension may be appropriate and proportional. Accordingly, we do not take the action to suspend lightly; however, when we do believe the registry is the appropriate party to intervene, then we do so, as quickly as we can. By publishing our statistics on DNS Abuse and how we handle such abuse, we hope to provide insight both into our actions and our decision-making process.
We are very happy to present our Anti-Abuse Report. We plan to publish these reports periodically. We hope you find these reports both comprehensive and comprehensible. With that in mind, if you have questions or suggestions on how we may improve our reports, please contact us at compliance@identity.digital.
1 For information on what Trusted Notifiers in the context of our business, please see:
https://www.rysq.info/wp-contenUuploads/archive/Final-CPH-Notifier-Framework-6-0ctober-2021.pdf
2 https://identity.digital/abouUpolicies/whois-layered-access/
