Like anything valuable, it can be abused. I think having the capability of anonymity on the internet is too important to forgo because there are some criminals, terrorists, pedophiles etc. who would also use it as a tool. They can be caught or stopped in other ways. With global surveillance and data mining quickly becoming a technological possibility, anonymity provides a way for dissidents to communicate, which is an important tool to fight tyranny.
One of the characteristics of TOR is that a message transmitted through the network will travel through node(s) that are not subject to a single country's laws. Also, you personally could host a TOR node. I'm sure there are people who are willing to do this in the US who are motivated not to voluntarily share information with the government.
I am certainly motivated, after reading recent articles on NSA's Bluffdale, Utah facility which included the fact that Stellar Wind uses at least 10 to 20 intercept points in our telecom infrastructure. This certainly has undercut and continues to undercut the 4th amendment I am motivated because CISPA will legitimize, unless it is found contrary to the 4th amendment, arbitrary surveillance leading to a surveillance state. A surveillance state, for sure, provides the tools to protect from terrorism, cybercrime, etc. but at the same time provides the infrastructure for a totalitarian state. I am now motivated and will be sending in my resume tonight to work full time on the TOR project as I saw this week they have a software opening.
If you read the article referenced in this story it is completely understandable that you could come away with the impression it was no coincidence that Bit9 released the survey results while CISPA was being debated and the survey results could be used to support CISPA. I looked further and it seems the survey release may or may not be coincidental but if the timing was intentional Bit9 is only glomming onto any sort of publicity dealing with "cybercrime".
From Bit9's web-site and about the survey: http://www.bit9.com/company/news-release-details.php?id=247
"Despite current plans to implement cyber security legislation, only 7 percent believe that government regulation and law enforcement will best improve security."
"S o how do we protect against these types of attacks while still not infringing on the privacy of the typical user? The legislation is very broad, leaving a lot of wiggle room for the government to acquire information outside of the bill's initial intent. Unlike the USA PATRIOT Act, which allows roving domestic wiretaps, CISPA would grant the government unprecedented access to web company user data and trump already passed (and extended) legislation like the USA PATRIOT Act."
"By putting companies in control, the bill claims to protect each user’s privacy by not mandating private or public web companies to fork over their user data. This would leave companies like Facebook to choose what to do with the information it knows about you as opposed to the government – a little better, but still disconcerting. Facebook, Microsoft, Oracle, Symantec, Verizon and reportedly Google have come out in support of the legislation – a stark contrast to the public and company protests regarding SOPA and PIPA."
"But most of these brands do not have a great track record of protecting user privacy to begin with. So the fact that they embrace support for this bill is a far cry from an authoritative endorsement of user privacy protection. The bill may be an "opt-in" legislative measure, but who is to say that both parties (the government and corresponding companies) can't both mutually benefit from the sharing of private information? This may now give companies the ability to barter private information with the government in exchange for corporate influence."
I would say this shows that Bit9 does not support CISPA. It does show that you often need to look past a single blog's summary of an event or publication, particularly if you are going to make a presumption, about Bit9 and CISPA here, that the blog does not make.
Nice summary of botnets Rich. I would like to point out one aspect of botnets you did not mention. I don't have the time today to track down a reference, but my memory tells me that a large portion of botnet zombies become zombies because the user does not update their OS or application software to patch security vulnerabilities and/or they do not have anti-malware software installed. There is a correlation between pirated versions of Windows and malware infection. This could be due to the end-users risky behavior in general, by downloading software from any source and blindly trusting it not to be malware, or the end-users mistaken perception that Microsoft insists on applying security updates to only validated versions of MS software.
This is not to say that fully updated systems running anti-malware and IDS systems cannot be infected. They can. However, it is more likely that a system that is not updated will be infected. This makes anti-malware software useful in limiting the size of botnets. Otherwise, why isn't everyone's computer part of some botnet? Frankly, I don't know how to convince people to keep their computers updated, but wider adoption of this practice would limit the size of botnets further. In addition, takedowns of botnets like Zeus and Kelihos is a new technique that pushes the balance further toward limiting the spread of botnets.
One thing for sure, as you say, the problem of botnets will not be fixed through legislation and is not a valid argument in support of CISPA.
I am always skeptical of what Richard Clark says but I would not dismiss everything he says out of hand. I assume that he is always selling something, and to me, his worst fault is intentionally distorting the context or importance of the things he talks about. The following is a short video he did for Bit9 discussing this survey. http://www.youtube.com/watch?v=rnnxFPOKHKU&feature=relmfu
In this, he categorizes the different motivations for attacks well (CHEW - crime, hacktivism, espionage, and war). Surprisingly, he downplays the threat of war by saying it doesn't go on very much. I imagine, that apparent change in his thinking is motivated by who he is currently representing. He emphasizes espionage as being the most important concern. Despite the cover photo for the video being the, Anonymous adopted, Guy Fawkes mask from "V for Vendetta", Clark doesn't seem too concerned about hacktivism here.
Richard Clark, former advisor to 3 presidents including National Coordinator for Security and Counterterrorism, and Special Advisor to the President for Cyber Security, is on the board of directors for Bit9 which is the company that conducted this survey. This is not terribly surprising though. I would not expect congress members to be involved because this company is a technology company providing security software and appliances. US government agencies could be a customer but as their survey emphasized, the solutions IT professionals see for security are not more government regulations and more law enforcement but technological tools to protect against cyberattacks (i.e. what Bit9 sells). Not much use for lobbying here.
There was an incident in Britain, which already has a law similar to the CFAA in the US, where Glenn Mangham was sentenced several weeks ago to 8 months in jail for doing security research. He found a security vulnerability in Facebook and collected evidence (internal Facebook documents and code) to present to Facebook as proof of the vulnerability. Despite the judge in his case stating:
"I acknowledge ... that you never intended to pass any information you got through these criminal offences to anyone else and you never did so, and I acknowledge that you never intended to make any financial gain for yourself from these offences,"
he was found guilty and sentenced to jail time under Computer Misuse Act despite having no criminal intent associated with his actions. The EU Cybercrime bill not only would allow this kind of abuse across all of Europe, it would be worse than the CMA or the US CFAA.
Peer to peer protocols will be of no benefit to DNS whether they use the current root or an alternate one. The main benefit of peer to peer is relieving bandwidth requirements on what would otherwise be the sole source of distribution. That benefit comes when the files being distributed are sizable. DNS records, even ones with certificates, are not very big. The response to a root query is contained, by design, in a single 512 byte IP packet. This is why there are only 13 root servers. (Yes, I know this is amplified by anycast and load balancing to some 242 physical root servers).
The other main benefit of peer to peer protocols is redundancy and a distributed architecture. DNS already is structured to be redundant and distributed in other ways. The contents of the root zone file is determined at a single point, but the distribution of these contents is indeed, redundant and distributed.
I think it is a little unfair to say that the comment process was being abused. The topic for these comments was "Defensive Applications for New gTLDs". ICANN was opening up, for further comment, a discussion about why corporations or individuals feel the need to defensively register for gTLDs to protect their brand(s), whether or not it is a trademark or service mark. An important motivation for defensive registrations is how the brand owner perceives the effectiveness of rights protection measures (RPMs). ICANN has pointed out that the objection process for domains that are either already registered or in the process of being registered by someone else, is easier and cheaper than defensively registering a domain. So, bringing up issues surrounding the RPMs, such as URS, is a valid part of this current discussion.
Given that, I don't view items 1 and 2 above as being good ideas. It was Verizon, AT&T, Microsoft and CRIDO/ANA (Coalition for Responsible Internet Domain Oversight and Association of National Advertisers) that were the main parties making comments in support of making URS more favorable to big brands. One of their arguments was that defensive registration of 2nd level domains under a new gTLD was more expensive than registration of just a gTLD.
Readers here ought to be interested in the following portion of a Verizon comment:
"Amending the PDDRP to offer real remedies against new registries that become havens for cybersquatting and other crimes, with the lower “preponderance of the evidence” standard of proof. Registries should be held accountable when acting in bad faith and with willful blindness for fraudulent and illegal activities shown to arise on a continued basis in their delegated gTLD." Verizon (29 Feb. 2012).
I find the phrase "cybersquatting and other crimes", as if cybersquatting itself was a crime, to be rather revealing.
I think it's funny that someone, other than Verizon, registered verizonwireless.xxx, though I don't see why Verizon should get so freaked out about that as it's not plausible that Verizon would run a porn site. Am I being naive?
ICANN's summary of all this indicates that nothing will change for the current round of gTLD applications. These battles will be seen again for the next round, in 2 or 3 years.
Please note that item #3 above, applying URS to .com, was not part of this ICANN comment process, but a "horrendous idea recently advocated by a former President of ICANN’s Intellectual Property Constituency" (from the referenced article).
I believe one needs to read the accounts from both articles referenced in this Techdirt post. Also, understand that the school officials may not comprehend how their laptops are set-up and represent any access incorrectly. A critical point is that school's officials said that the twitter posting showed the school's IP address. My educated guess is that the student did tweet from home using the school laptop given to him. Furthermore, the laptop is set-up to use a server at the school as a proxy. Thus, any internet access went through the school as an intermediate step. The school could be monitoring this internet activity via it's proxy or it could log transactions on the laptop which are then reported to the school when the laptop is directly connected to the school's network. If so, and the school did not explain to students about the proxy or that their internet activity, even at home, was being monitored, then the school is in the wrong, violated the student's 1st amendment rights and violated his privacy.
The problem with using real estate agents is that the commission is a fixed percentage of the sale price of the house. A 6% total commission, split between the listing agent and selling agent, may have been reasonable at one time, but in many areas of the country housing prices have increased dramatically in the last few decades. A typical house in my area costs, roughly, a 1/2 million dollars. These are not homes for the wealthy, but this still makes the commission $30,000. I, and a lot of folk, don't see the value of the real estate agents as being worth $30,000. Nowadays, the value of a real estate agent has been reduced because the vast majority of listings are available on-line. This is particularly true with respect to the buyer. I can easily look through the listings and find a house on my own. All I need is a knowledgeable person, that represents my interests, to hold my hand during the purchasing process. I used a lawyer familiar with real estate contracts and other issues. I paid him a flat fee which was much, much less than 3% of the purchase price. Ah, but you say it is the seller that pays the commission. In my case, the lawyer negotiated a clause limiting the commission to 3%, which went entirely to the listing agent. My offer took this into account as it was 3% less than it would have been otherwise.
That purchase happened some 11 years ago. This new model is very much a threat to real estate agents livelihoods. Earlier, I had made an offer on a house that had been on the market a while. After a couple of days of silence, I had to call the listing agent to find out what was happening. He said it had been sold to someone else. Their had not been any mention of multiple offers. The agent had not come back to me for a counter-offer. Since, neither the listing agent nor the seller would have earned less money in a deal with me, I have to assume the listing agent just shut me out because I was a threat to their business model and they did not want to encourage such an arrangement. Such behavior was not in the interests of the seller which they were supposedly representing.
Cute idea, but it raises concerns in my mind about the toxicity of ink, not just to humans, when introduced to septic tanks and sewage systems. I really don't know how toxic modern ink is but why introduce it for unnecessary reasons?
The Computerworld article this story referenced is a bit misleading. Domain seizure and copyright infringement were not directly discussed. The open session at ICANN's recent board meeting was between the ICANN board and ICANN's Government Advisory Committee (GAC). Some 12 recommendations, that came from law enforcement authorities were discussed. I list them below.
LEA REQUEST 1:
(a)If ICANN creates a Privacy/Proxy Accreditation Service, Registrars will accept proxy/privacy registrations only from accredited providers;
(b) “Registrants using privacy/proxy registration services will have authentic Whois information immediately published by Registrar when registrant is found to be violating terms of service”
LEA REQUEST 2:
To RAA paragraph 5.3.2.1, language should be added to the effect “or knowingly and/or through gross negligence permit criminal activity in the registration of domain names or provision of domain name WHOIS information…”
LEA REQUEST 3:
All Accredited Registrars must submit to ICANN accurate and verifiable contact details of their main operational and physical office location, including country, phone number (with international prefix), street address, city, and region, to be publicly disclosed in ICANN web directory. Address must also be posted clearly on the Registrar's main website. Post Office boxes, incorporation addresses, mail-‐drop, and mail-‐forwarding locations will not be acceptable. In addition, Registrar must submit URL and location of Port 43 WHOIS server
LEA REQUEST 4:
Registrars must publicly display of the name of CEO, President, and/or other responsible officer(s).
LEA REQUEST 5:
Registrars with multiple accreditations must disclose and publicly display on their website parent ownership or corporate relationship, i.e., identify controlling interests.
LEA REQUEST 6:
Registrar will notify ICANN immediately of the following: a. Any and all changes to a Registrar’s location(s), office(s);
b. Changes to presiding officer(s);
c.Change in controlling ownership;
d. Any criminal convictions, and any civil convictions causal or related to criminal activity. Registrar will concurrently update their website upon notifying ICANN of (a)–(c) above.
LEA REQUEST 7:
Registrar should be legal entity within the country of operation, and should provide ICANN with official certification of business registration or license.
LEA REQUEST 8:
Reseller Accountability and disclosure obligations.
LEA REQUEST 9:
Registrar collection and maintenance of data on the persons initiating requests for registration, as well as source IP addresses and financial transaction information.
LEA REQUEST 10:
Validation of Whois data upon receipt from registrant
LEA REQUEST 11:
Registrar creation of an abuse point of contact, and provision of a well-‐defined, auditable way to track complaints.
LEA REQUEST 12:
ICANN should require Registrars to have a Service Level Agreement for their Port 43 servers.
There was agreement in principle to every one of these recommendations except for request #9. In general, this deals with law enforcements ability to find and contact individual domain owners. It eliminates the ability to own a domain anonymously, that is anonymous from law enforcement. This could be a free speech issue. China has restricted registrars within China from allowing anonymous domain ownership. The other issue is making registrars liable for permitting criminal activity in the registration of domain names. It is not clear to me yet if this covers criminal activity by the domain owner in general related to using the domain. These are important issues but do not directly deal with domain seizure or copyright enforcement.
You are on to something here. I am sure there are a lot of behind the scenes battles. ICANN exists because it was a step the US had to take to mollify international interests and their effort to put the IANA function under international control (e.g. ITU). ICANN has just had their arm publicly and painfully twisted by DOC NTIA and yet the pressure is still building from countries who want to see the IANA function more independent from US control. The root (pun intended) cause here is using DNS as a tool for controlling copyright infringement, speech, and lawlessness in general on the Internet. In a way, ICANN is stuck in the middle and it's role has become that of a whipping boy.
On the post: Insanity: CISPA Just Got Way Worse, And Then Passed On Rushed Vote
Re: Re: Re: Re: It's finally time
On the post: Insanity: CISPA Just Got Way Worse, And Then Passed On Rushed Vote
Re: Re:
On the post: Insanity: CISPA Just Got Way Worse, And Then Passed On Rushed Vote
Re: Re: It's finally time
I am certainly motivated, after reading recent articles on NSA's Bluffdale, Utah facility which included the fact that Stellar Wind uses at least 10 to 20 intercept points in our telecom infrastructure. This certainly has undercut and continues to undercut the 4th amendment I am motivated because CISPA will legitimize, unless it is found contrary to the 4th amendment, arbitrary surveillance leading to a surveillance state. A surveillance state, for sure, provides the tools to protect from terrorism, cybercrime, etc. but at the same time provides the infrastructure for a totalitarian state. I am now motivated and will be sending in my resume tonight to work full time on the TOR project as I saw this week they have a software opening.
On the post: As CISPA Hits Congress, Cybersecurity Company Hypes The Fear Of Anonymous
Bit9 doesn't support CISPA
From Bit9's web-site and about the survey:
http://www.bit9.com/company/news-release-details.php?id=247
"Despite current plans to implement cyber security legislation, only 7 percent believe that government regulation and law enforcement will best improve security."
and from:
http://blog.bit9.com/bid/81664/CISPA-Does-the-Bill-Protect-Brands-More-Than-Their-Users
"S o how do we protect against these types of attacks while still not infringing on the privacy of the typical user? The legislation is very broad, leaving a lot of wiggle room for the government to acquire information outside of the bill's initial intent. Unlike the USA PATRIOT Act, which allows roving domestic wiretaps, CISPA would grant the government unprecedented access to web company user data and trump already passed (and extended) legislation like the USA PATRIOT Act."
"By putting companies in control, the bill claims to protect each user’s privacy by not mandating private or public web companies to fork over their user data. This would leave companies like Facebook to choose what to do with the information it knows about you as opposed to the government – a little better, but still disconcerting. Facebook, Microsoft, Oracle, Symantec, Verizon and reportedly Google have come out in support of the legislation – a stark contrast to the public and company protests regarding SOPA and PIPA."
"But most of these brands do not have a great track record of protecting user privacy to begin with. So the fact that they embrace support for this bill is a far cry from an authoritative endorsement of user privacy protection. The bill may be an "opt-in" legislative measure, but who is to say that both parties (the government and corresponding companies) can't both mutually benefit from the sharing of private information? This may now give companies the ability to barter private information with the government in exchange for corporate influence."
I would say this shows that Bit9 does not support CISPA. It does show that you often need to look past a single blog's summary of an event or publication, particularly if you are going to make a presumption, about Bit9 and CISPA here, that the blog does not make.
On the post: As CISPA Hits Congress, Cybersecurity Company Hypes The Fear Of Anonymous
Re: Re: Re:
This is not to say that fully updated systems running anti-malware and IDS systems cannot be infected. They can. However, it is more likely that a system that is not updated will be infected. This makes anti-malware software useful in limiting the size of botnets. Otherwise, why isn't everyone's computer part of some botnet? Frankly, I don't know how to convince people to keep their computers updated, but wider adoption of this practice would limit the size of botnets further. In addition, takedowns of botnets like Zeus and Kelihos is a new technique that pushes the balance further toward limiting the spread of botnets.
One thing for sure, as you say, the problem of botnets will not be fixed through legislation and is not a valid argument in support of CISPA.
On the post: As CISPA Hits Congress, Cybersecurity Company Hypes The Fear Of Anonymous
Re: Re: Re:
http://www.youtube.com/watch?v=rnnxFPOKHKU&feature=relmfu
In this, he categorizes the different motivations for attacks well (CHEW - crime, hacktivism, espionage, and war). Surprisingly, he downplays the threat of war by saying it doesn't go on very much. I imagine, that apparent change in his thinking is motivated by who he is currently representing. He emphasizes espionage as being the most important concern. Despite the cover photo for the video being the, Anonymous adopted, Guy Fawkes mask from "V for Vendetta", Clark doesn't seem too concerned about hacktivism here.
On the post: As CISPA Hits Congress, Cybersecurity Company Hypes The Fear Of Anonymous
Re:
On the post: EU Cybercrime Bill Targets Anonymous: Makes It A Criminal Offense To Conduct 'Cyber Attack'
"I acknowledge ... that you never intended to pass any information you got through these criminal offences to anyone else and you never did so, and I acknowledge that you never intended to make any financial gain for yourself from these offences,"
he was found guilty and sentenced to jail time under Computer Misuse Act despite having no criminal intent associated with his actions. The EU Cybercrime bill not only would allow this kind of abuse across all of Europe, it would be worse than the CMA or the US CFAA.
http://www.out-law.com/en/articles/2012/february/british-facebook-hacker-sentenced-to-eight -months-in-jail/
On the post: Trademark Lawyers Push For Crazy New Domain Rules Making It Easy For Them To Take Away Others' Domains
Re: Alt DNS
The other main benefit of peer to peer protocols is redundancy and a distributed architecture. DNS already is structured to be redundant and distributed in other ways. The contents of the root zone file is determined at a single point, but the distribution of these contents is indeed, redundant and distributed.
On the post: Trademark Lawyers Push For Crazy New Domain Rules Making It Easy For Them To Take Away Others' Domains
not an abuse of comment process
Given that, I don't view items 1 and 2 above as being good ideas. It was Verizon, AT&T, Microsoft and CRIDO/ANA (Coalition for Responsible Internet Domain Oversight and Association of National Advertisers) that were the main parties making comments in support of making URS more favorable to big brands. One of their arguments was that defensive registration of 2nd level domains under a new gTLD was more expensive than registration of just a gTLD.
Readers here ought to be interested in the following portion of a Verizon comment:
"Amending the PDDRP to offer real remedies against new registries that become havens for cybersquatting and other crimes, with the lower “preponderance of the evidence” standard of proof. Registries should be held accountable when acting in bad faith and with willful blindness for fraudulent and illegal activities shown to arise on a continued basis in their delegated gTLD." Verizon (29 Feb. 2012).
I find the phrase "cybersquatting and other crimes", as if cybersquatting itself was a crime, to be rather revealing.
I think it's funny that someone, other than Verizon, registered verizonwireless.xxx, though I don't see why Verizon should get so freaked out about that as it's not plausible that Verizon would run a porn site. Am I being naive?
ICANN's summary of all this indicates that nothing will change for the current round of gTLD applications. These battles will be seen again for the next round, in 2 or 3 years.
Please note that item #3 above, applying URS to .com, was not part of this ICANN comment process, but a "horrendous idea recently advocated by a former President of ICANN’s Intellectual Property Constituency" (from the referenced article).
On the post: High School Student Expelled For Tweeting Profanity; Principal Admits School Tracks All Tweets
Re: school email list
Dennis Stockdale
@MrDStockdale
On the post: High School Student Expelled For Tweeting Profanity; Principal Admits School Tracks All Tweets
Re: school email list
Matt Smith
Principal
msmith@gkb.k12.in.us
probably better to contact the district superintendent at this point.
Dennis Stockdale, Superintendent of Schools, dstockdale@gkbschools.org
On the post: High School Student Expelled For Tweeting Profanity; Principal Admits School Tracks All Tweets
Re: Re: Re:
On the post: Twilight Studio Issues Another Bogus Takedown, But Is Zazzle Partially To Blame?
Re: Needs a T-Shirt
Remember, remember the twentieth of November
vampires, trademark, and tag lots
I see no lark why vampires, trademark
should ever be forgot
Hmm, throws off the rhythm a bit.
On the post: Twilight Studio Issues Another Bogus Takedown, But Is Zazzle Partially To Blame?
Re: Re: Re: its the tags
On the post: Canadian Real Estate Agents: Without Us, Poor Homeowners Would Be Getting Attacked And Killed
Re: Realtor Here
That purchase happened some 11 years ago. This new model is very much a threat to real estate agents livelihoods. Earlier, I had made an offer on a house that had been on the market a while. After a couple of days of silence, I had to call the listing agent to find out what was happening. He said it had been sold to someone else. Their had not been any mention of multiple offers. The agent had not come back to me for a counter-offer. Since, neither the listing agent nor the seller would have earned less money in a deal with me, I have to assume the listing agent just shut me out because I was a threat to their business model and they did not want to encourage such an arrangement. Such behavior was not in the interests of the seller which they were supposedly representing.
On the post: Kickstarter Project Looks To Print SOPA/PIPA On... Toilet Paper?
toxicity?
On the post: Fear-Induced Foolishness: Entertainment Industry Thinks Controls On New TLDs Will Actually Impact Piracy
Re: Re: Re: Re: Re: Re: Re:
On the post: ICANN Confirms That It's Going To Make It Easier For Governments To Seize Domains Around The Globe
Computerworld article is misleading
http://www.icann.org/en/resources/registrars/raa/raa-negotiations-progress-report-01mar12- en.pdf
LEA REQUEST 1:
(a)If ICANN creates a Privacy/Proxy Accreditation Service, Registrars will accept proxy/privacy registrations only from accredited providers;
(b) “Registrants using privacy/proxy registration services will have authentic Whois information immediately published by Registrar when registrant is found to be violating terms of service”
LEA REQUEST 2:
To RAA paragraph 5.3.2.1, language should be added to the effect “or knowingly and/or through gross negligence permit criminal activity in the registration of domain names or provision of domain name WHOIS information…”
LEA REQUEST 3:
All Accredited Registrars must submit to ICANN accurate and verifiable contact details of their main operational and physical office location, including country, phone number (with international prefix), street address, city, and region, to be publicly disclosed in ICANN web directory. Address must also be posted clearly on the Registrar's main website. Post Office boxes, incorporation addresses, mail-‐drop, and mail-‐forwarding locations will not be acceptable. In addition, Registrar must submit URL and location of Port 43 WHOIS server
LEA REQUEST 4:
Registrars must publicly display of the name of CEO, President, and/or other responsible officer(s).
LEA REQUEST 5:
Registrars with multiple accreditations must disclose and publicly display on their website parent ownership or corporate relationship, i.e., identify controlling interests.
LEA REQUEST 6:
Registrar will notify ICANN immediately of the following: a. Any and all changes to a Registrar’s location(s), office(s);
b. Changes to presiding officer(s);
c.Change in controlling ownership;
d. Any criminal convictions, and any civil convictions causal or related to criminal activity. Registrar will concurrently update their website upon notifying ICANN of (a)–(c) above.
LEA REQUEST 7:
Registrar should be legal entity within the country of operation, and should provide ICANN with official certification of business registration or license.
LEA REQUEST 8:
Reseller Accountability and disclosure obligations.
LEA REQUEST 9:
Registrar collection and maintenance of data on the persons initiating requests for registration, as well as source IP addresses and financial transaction information.
LEA REQUEST 10:
Validation of Whois data upon receipt from registrant
LEA REQUEST 11:
Registrar creation of an abuse point of contact, and provision of a well-‐defined, auditable way to track complaints.
LEA REQUEST 12:
ICANN should require Registrars to have a Service Level Agreement for their Port 43 servers.
There was agreement in principle to every one of these recommendations except for request #9. In general, this deals with law enforcements ability to find and contact individual domain owners. It eliminates the ability to own a domain anonymously, that is anonymous from law enforcement. This could be a free speech issue. China has restricted registrars within China from allowing anonymous domain ownership. The other issue is making registrars liable for permitting criminal activity in the registration of domain names. It is not clear to me yet if this covers criminal activity by the domain owner in general related to using the domain. These are important issues but do not directly deal with domain seizure or copyright enforcement.
On the post: ICANN Confirms That It's Going To Make It Easier For Governments To Seize Domains Around The Globe
Re:
Next >>