FDA Is Angry That ICANN Won't Just Censor Websites On Its Say So

from the what's-wrong-with-a-court-order? dept

Wed, Oct 29th 2014 11:38am — Mike Masnick

It's not just the City of London Police demanding that websites be taken offline without any due process. It appears that the US Food & Drug Administration (FDA) is getting in on the game as well. The Wall Street Journal recently published a detailed article about how angry the FDA is with ICANN (there's also a corresponding blog post which may not face the same paywall restrictions) for not simply killing domains that the FDA deems "rogue pharmacies." That's not to say that there aren't reasonable concerns about rogue pharmacies. There are clearly some concerns about those sites, but it seems like there are better ways to deal with those than just barging in and saying that ICANN and registrars need to take down sites based solely on their say so.

In July, the FDA teamed with Interpol and dozens of countries to try to shut down more than 1,300 websites suspected of selling drugs without a prescription. Officials sent a list of all the websites, carrying names such as buyoxycontinonline.com and approvedonlinepharmacy.net, to the Chinese company that registered them. The company replied with a request for a court order and then sent a terse follow-up email: “It is not possible for us to take action.”

In frustration, officials turned to the Internet’s central administrator, an organization called the Internet Corp. for Assigned Names and Numbers, or Icann. Its contract with the registrar, BizCN.com, requires the company to investigate reports of illegal behavior.

But here's the thing. Everyone in the articles (including the reporters) seem to take it as perfectly reasonable that ICANN and/or these registrars should have just taken down these sites. No one points out that BizCN seemed to respond properly by asking for a court order. ICANN isn't in the business of censorship. It shouldn't be the one to determine if a site is an illegal pharmacy or not. There's a reason why we have due process and courts to adjudicate decisions like that. Putting the entire burden on registrars and/or ICANN to act as internet cops, ready to take down sites at a notification's notice seems tremendously problematic.

It's a recipe for censorship, stifling free speech and hindering innovation. And yet, that's what the FDA and others want:

Because of its central role, regulators and law-enforcement agencies around the world say Icann could be crucial to their crackdown on illicit Internet operators of all kinds.

Already, just in the online pharmacy space, we've seen how certain pharmaceutical companies like to conflate the small number of truly "rogue" pharmacies that sell either counterfeit drugs or real drugs without proper procedures, with perfectly safe and legal Canadian pharmacies that many Americans rely on for cheaper drugs. The big pharmaceutical companies would like to shut down that competition, even as American politicians have explored expanding the ability of US citizens to get their drugs from such pharmacies. And that's why it's reasonable to ask for an actual court order before taking down sites -- rather than just assuming that some bureaucrat at the FDA can accurately determine which sites are "good" and which are "bad," and then demand that registrars or ICANN automatically take action.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: canadian pharmacies, censorship, fda, icann, interpol, pharmaceuticals, pharmacies, registrars, rogue pharmacies, rogue sites
Companies: bizcn, icann

40 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

ChurchHatesTucker (profile), 29 Oct 2014 @ 11:45am

Is it me?
Or has reporting at the WSJ gotten pretty shitty lately? They seem to have gotten as lazy as the rest of their cohort.
[ link to this | view in chronology ]
- Designerfx (profile), 29 Oct 2014 @ 11:48am
  
  Re: Is it me?
  You have it backwards. the WSJ was never good at reporting.
  [ link to this | view in chronology ]
  - ChurchHatesTucker (profile), 29 Oct 2014 @ 12:09pm
    
    Re: Re: Is it me?
    No, they were pretty reliable outside the editorial pages. People who had money on the line wanted to know what was actually happening, after all. It's just lately that they turned into part of the stenographer corps.
    [ link to this | view in chronology ]
    - John Fenderson (profile), 29 Oct 2014 @ 12:36pm
      
      Re: Re: Re: Is it me?
      Does the change date back to 2007 when News Corp. bought them?
      [ link to this | view in chronology ]
      - ChurchHatesTucker (profile), 29 Oct 2014 @ 12:41pm
        
        Re: Re: Re: Re: Is it me?
        Not that neatly, but it seems to be the obvious suspect.
        [ link to this | view in chronology ]
        
        Anonymous Coward, 29 Oct 2014 @ 1:01pm
        
        Re: Re: Re: Re: Re: Is it me?
        The change started almost immediately after News Corp purchased the WSj. At first it was small, but still obvious. For example stories that talked about anything potentially negative had a clause or two assigning blame to Obama.
        
        Now the whole things is just a POS that cares more about the party line than it does about little things like facts. I don't even trust the basic business indexes printed in it anymore.
        [ link to this | view in chronology ]
    - toyotabedzrock (profile), 29 Oct 2014 @ 2:04pm
      
      Re: Re: Re: Is it me?
      If you are deciding to invest based on WSJ or CNBC your doing yourself a great disservice.
      [ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 11:48am

If the FDA gets Canadian pharmacies taken off line, will the pharmacies have a case against the US government for preventing them from serving their Canadian customers?
[ link to this | view in chronology ]
- Anonymous Coward, 29 Oct 2014 @ 12:16pm
  
  Re:
  Or an ISDS case?
  [ link to this | view in chronology ]
- Anonymous Coward, 29 Oct 2014 @ 12:24pm
  
  Re:
  Just think, in a few years, when the TPP or its big brother get passed into law, the Canadian pharmacies can go through the Investor-State Dispute Resolution process ...
  [ link to this | view in chronology ]
  - Anonymous Coward, 29 Oct 2014 @ 1:39pm
    
    Re: Re:
    I'm sure NAFTA has ISDS or one of the other 20 treaties we've probably signed with Canada.
    [ link to this | view in chronology ]
  - Anonymous Coward, 29 Oct 2014 @ 3:36pm
    
    Re: Re:
    somehow i have a feeling the whole ISDS will be a one-way street, in practice if not in actual wording.
    [ link to this | view in chronology ]
    - Anonymous Coward, 31 Oct 2014 @ 5:42am
      
      Re: Re: Re:
      Exactly! The Americans will just lumber around.
      [ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 11:50am

Not to mention its not even an effective strategy. I can get a new domain pretty quickly... Definitely quicker than a beauocracy can churn out takedowns and registrars/hosts can act.

Taking down the domains hurts, but its hardly a pancea
[ link to this | view in chronology ]
Derek (profile), 29 Oct 2014 @ 11:51am

Suspected
Does no one with an inkling of American law hiccup after this part?

"...shut down more than 1,300 websites suspected..."

"suspected" is not enough to ask anyone to do anything...
[ link to this | view in chronology ]
- Anonymous Coward, 29 Oct 2014 @ 11:53am
  
  Re: Suspected
  "Suspected" is enough to get you killed these days.
  [ link to this | view in chronology ]
  - That One Guy (profile), 29 Oct 2014 @ 11:59am
    
    Re: Re: Suspected
    'Suspected': If it's good enough to justify a drone strike, armed SWAT raid, or armed robbery at badge-point, it's good enough to shut down a site.
    
    -USG and related agencies
    [ link to this | view in chronology ]
DB (profile), 29 Oct 2014 @ 11:58am

The irony of a Chinese company refusing a not-legally-supported request from a US government agency is not lost on me.
[ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 12:15pm

There really are better ways
Bizcn is well-known to those of us who work in the areas of security, privacy, and abuse. I'm sure they have some legitimate customers...but offhand I'm not able to point to any.

So a useful tool for defending networks is to use DNS RPZ in order to cause any domain that's known to be registered via Bizcn to fail to resolve. This is strictly voluntary; it doesn't affect anyone or anything beyond the local environment; it doesn't require a court order; it doesn't require any action from Bizcn; and it's limited in scope.

Voluntary action such as this, taken either unilaterally or in cooperation with others, is far more effective. We've been doing it with spammers for many years, and it works. (Yes, there are occasionally false positives, but we've developed rather sophisticated mechanisms for detecting and correcting those.)

Instead of asking ICANN -- or any other central authority -- to defend us, we should taken it upon ourselves when and where we see fit. (Note: if you think this is "vigilantism" then (a) you are wrong (b) you do not understand what vigilatism is (c) you do not understand how the Internet works.)
[ link to this | view in chronology ]
- ysth (profile), 29 Oct 2014 @ 12:26pm
  
  Re: There really are better ways
  Who is this "We" that has been doing this for many years?
  
  And I'm a little concerned here; applying your advice to this situation seems to say to me that you want the FDA to approach ISPs to get the DNS servers they provide to their customers to not resolve these names?
  
  Is that correct?
  [ link to this | view in chronology ]
- John Fenderson (profile), 29 Oct 2014 @ 12:41pm
  
  Re: There really are better ways
  "Yes, there are occasionally false positives, but we've developed rather sophisticated mechanisms for detecting and correcting those."
  
  Mechanisms that at least occasionally fail, as I can personally attest from having gone through a protracted nightmare trying to get one of my servers out from under a block.
  
  It was that experience that soured me on the notion of this kind of blocking entirely. I don't want my ISP deciding who I get to talk to or not.
  [ link to this | view in chronology ]
- PaulT (profile), 30 Oct 2014 @ 2:01am
  
  Re: There really are better ways
  "Bizcn is well-known to those of us who work in the areas of security, privacy, and abuse. I'm sure they have some legitimate customers...but offhand I'm not able to point to any."
  
  Cool. So, why is ICANN being urged to remove the domains of their customers, and not to revoke BizCN's own contract with ICANN themselves? Why not go after the unscrupulous vendor rather than attacking its customers individually?
  
  Just because you don't of legitimate companies, that doesn't mean they don't exist. If BizCN is stopped from acting as a registrar, those customers will move to legitimate registrars. If their legitimate domains are blocked by ICANN, their business is killed while they fight to get their property back.
  
  "We've been doing it with spammers for many years, and it works. (Yes, there are occasionally false positives, but we've developed rather sophisticated mechanisms for detecting and correcting those.)"
  
  Mechanisms that don't always work, and are often piss-poor at getting corrected when some unsuspecting person buys a domain for legitimate usage only to find that the previous owner got it blocked, for example. Doubly so if you're using shared server hosting and some spammer has managed to get the IP blacklisted for the entire server and the hundreds of sites on there. Sometimes all it takes is an idiot misconfiguring the server so that it acts as an open relay for a few hours. I've spent many a week trying to get sites off blacklists, and believe me it's a painful process for the truly innocent.
  
  I don't know which specific company or mechanism you're talking about, but those false positives are a *major* problem for many people. As ever, the quick and "easy" route will affect innocent people and affect them badly. Believe me, it's not a good thing if you're one of those false positives, especially with the action being encouraged by the FDA, which would leave property and business removed without process or possibly even recourse. If ICANN have a contract with the registrar that's being violated, why not put the effort into encouraging them to honour their own terms? If no such contract is being violated, why not pressure ICANN into introducing such clauses? Why play games with smaller fish?
  
  "if you think this is "vigilantism" then (a) you are wrong"
  
  But, like most ACs who smugly proclaim such things, you won't bother to explain why. No, we have to take your godlike knowledge at face value, even though you neither detail it nor present a reason to trust you.
  [ link to this | view in chronology ]
Alien Rebel (profile), 29 Oct 2014 @ 12:18pm

Bunched Panties
The FDA's just pissed that the Food Safety Modernization Act (FSMA) has mandated them to be the food safety cops they always should've been.
We can't get by with merely issuing recall recommendations anymore? . . F** all 'yall.
[ link to this | view in chronology ]
ysth (profile), 29 Oct 2014 @ 12:20pm

unclear?
Were they asking for a US court order or a Chinese court order? (The latter would make more sense to me.) And did they get one (either)?
[ link to this | view in chronology ]
- Anonymous Coward, 29 Oct 2014 @ 12:33pm
  
  Re: unclear?
  Does it really matter? The fact is that the FDA thought it could ignore the rule of law (partly because other administrations withint the US Government blithely ignore the rule of law.)
  
  Without the court order, why should those sites be taken down, even if they are in breach of the law of the US, without evidence? I would ask for evidence of the court order, so I could spend a few minutes verifying that such a case exists.
  [ link to this | view in chronology ]
  - ysth (profile), 29 Oct 2014 @ 10:36pm
    
    Re: Re: unclear?
    But I'm saying the story doesn't say that a court order wasn't provided. There were two emails from the Chinese company:
    
    The company replied with a request for a court order and then sent a terse follow-up email: "It is not possible for us to take action."
    
    Sounds to me like in between they did receive the court order; but it doesn't explicitly say so.
    [ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 12:48pm

i have to ask what the CoLP and the FDA would say if someone went to ICANN and demanded their websites were taken down? do you think the FDA would be a tad upset? i would guess so and that is exactly how others feel!
what is a real pisser though is all the news reports about 'net neutrality', the internet being free, freedom of speech, privacy and others as well, yet the USA government, along with the UK government more than any others i've read about, are trying to dictate what should and shouldn't be available and accessible on the 'net, who should be able to get at the 'whatever' etc, and most importantly, whether the net should be a payable extra, with different speeds depending on whether a person/country is rich or not!! after the constant condemnation of N.Korea, China and other nations because of website blocking and internet censorship, the US and the UK are proving themselves to be at least as bad whilst still trying to decry those nations on humanitarian, privacy and freedom grounds! what two-faced fuckers we have in governments!!
[ link to this | view in chronology ]
- Anonymous Coward, 29 Oct 2014 @ 1:08pm
  
  Re:
  i have to ask what the CoLP and the FDA would say if someone went to ICANN and demanded their websites were taken down? do you think the FDA would be a tad upset? i would guess so and that is exactly how others feel!
  I expect CoLP/FDA would not care much about that kind of turnabout, because they lack the technical expertise to understand the implications and/or because they are not heavily reliant on their domains as a method of conducting their regular operations.
  [ link to this | view in chronology ]
  - Anonymous Coward, 29 Oct 2014 @ 2:28pm
    
    Re: Re:
    While http://www.fda.gov may not be a key part of their business, I can guarantee you that they'd feel the lack of mailto:tips@fda.gov as well as their personal email addresses.
    [ link to this | view in chronology ]
- Bergman (profile), 30 Oct 2014 @ 10:10pm
  
  Re:
  Given that the FDA is a US Government agency, and it is a federal crime (18USC241, 18USC242) to violate anyone’s right to due process as guaranteed by the constitution, it seems to me that ICANN could make a pretty good case for shutting down the FDA’s website for illegal activity.
  [ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 1:18pm

http://dnsreactions.tumblr.com/post/101167222839/dns-censorship-explained-politely
[ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 1:59pm

US Gov seriously needs a time-out. Go sit in a corner for a while and get your shit together.
[ link to this | view in chronology ]
toyotabedzrock (profile), 29 Oct 2014 @ 2:05pm

If ICANN allows government to do this I expect independent DNS operators might become popular.
[ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 2:22pm

Legitimizing decisions about censorship
“Here’s how the U.S. plans to avoid a U.N. vote on the future of the Internet”, by Nancy Scola, Washington Post, October 20, 2014
. . . U.S. officials see the potential wrangling in Busan as part of the desire of some governments, Russia and China chief among them, to gain greater latitude to block content, turn off the Internet and otherwise exercise more control over the online world.

"Countries want to be able to legitimize their own decisions about censorship," [U.S.] Under Secretary of State Catherine Novelli said at the roundtable, "and that's why these proposals are put forward." . . . .

(Emphasis added.) (H/T CircleID)
[ link to this | view in chronology ]
- Anonymous Coward, 29 Oct 2014 @ 2:34pm
  
  Re: Legitimizing decisions about censorship
  ... wrangling in Busan...
  
  Here's a link for the "wrangling in Busan" that Nancy Scola's recent Washington Post column talks about:
  
  ITU Plenipotentiary Conference 2014 (PP-14)
  20 October - 7 November 2014
  BEXCO, Busan, Republic of Korea
  [ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 2:23pm

"Internet’s central administrator"
I'm lucky I wasn't drinking coffee when I got to that line, or else my laptop would have broken.
[ link to this | view in chronology ]
Anonymous Coward, 29 Oct 2014 @ 4:15pm

If a random government agency can "order" icann to take down random website..

What's to stop China, Russia or even othernone "western" government sending request to icann to take down "western" website that doesn't fit their religios, political, or for the lulz"
[ link to this | view in chronology ]
velox (profile), 30 Oct 2014 @ 1:33am

Damned Lies and Statistics
The WSJ article would have us believe there are between 30,000 and 40,000 illegal online pharmacy websites in the world, although no standard of what constitutes an illegal pharmacy is given. The WSJ then drops clues to who is behind this supposed FDA initiative to get rid of "illegal" online pharmacies. The article quotes the opinion of legal counsel to the pharmaceutical firm Eli Lilly, and also the Portland firm LegitScript which consists of former drug prosecutor John Horton, who is a consultant to pharmaceutical companies regarding "illegal" distribution of medications online.

A quick browse to LegitScripts' website reveals that there are exactly 35,610 illegal online pharmacies in the world, but only 212 legal pharmacies.
Wow! Who knew that 99.4% of the entire online world was so completely over-run with crooks?
LegitScript tells us that only online pharmacies who have pledged to follow the regulations issued by the FDA and the DEA are legal.

If you read a bit more about LegitScript you find that its chief reason for existence is to help pharmaceutical companies keep inexpensive medications out of the mailboxes of US consumers, and thereby ensure that the US drug pricing scheme is maintained.
Dubious made-up scare-mongering statistics - they're not just for media copyrights and trademarks anymore, they work for pharmaceutical patents too.
[ link to this | view in chronology ]
Anonymous Coward, 30 Oct 2014 @ 10:07am

No doubt and alliance between the City of London Police and the FDA is imminent..
[ link to this | view in chronology ]
rxrightsadvocate (profile), 30 Oct 2014 @ 2:35pm

Thanks for calling out the FDA and others in this piece for their censorial view that all "suspect" sites should be immediately taken down.

I recently traveled to L.A. to personally deliver 24,349 consumer signatures to ICANN along with a message opposing the National Association of Boards of Pharmacy's bid to control the .pharmacy domain. Our concern is that the NABP (and more recently, the FDA) has a history of rejecting all international online pharmacies and labeling them as rogues.

Yes, rogue pharmacies are a problem that should be taken seriously. But this blanket approach of shutting down all suspect websites is problematic. Instead, why not educate consumers about how to choose a safe online pharmacy? There are ways to distinguish between rogue and legit pharmacies. Organizations out there such as CIPA and PharmacyChecker.com certify the safety of online pharmacies.

Legitimate international online pharmacies require prescriptions and they sell the same drugs available in the U.S.--only at cheaper prices. Five million Americans each year depend on these pharmacies to access the medicine they need at prices they can afford. If there's any doubt about that, visit the testimonials section on our website: http://www.rxrights.org/testimonials/

Lee Graczyk, RxRights lead organizer
[ link to this | view in chronology ]