Day Three: At-Large Workshop on Consumer Safeguards Issues

Listen to this post
Voiced by Amazon Polly

Guests: Jamie Hedlund, Contractual Compliance & Consumer Safeguard and Managing Director – Washington D.C. Office and Bryan Schilling, Consumer Safeguards Director

 Questions tackled: 

What is ALAC’s definition of DNS Abuse? What areas within that definition does ALAC view as being within ICANN’s remit and what forms of DNS Abuse, if any, are outside of ICANN’s remit?

Are there voluntary measures, like PIR’s recent announcement [pir.org], that might be effective in mitigating DNS abuse?

What is ALAC’s view on a potential PDP for DNS Abuse as is being suggested? Alternatively, does ALAC have suggestions for amendments to ICANN’s agreements with registries and registrars?

If there were to be a public, cross-community session on DNS Abuse in Montreal, what would ALAC like to see in respect to such a session? Would ALAC co-sponsor it?

Bryan Schilling starts off explaining various areas of focus for the consumer protection team. They include among others DNS Abuse programme. With the community preoccupied with GDPR, the security issues of DNS abuse lost momentum. The Consumer Safeguards team encourages discussion on measures to best address systematic abuse issues. The plan for Montreal is to have a cross community session on consumer protection and DNS abuse. 

Alan Greenberg emphasizes the need to provide information on DNS security research. 

Jamie Hedlund indicates work going on in the OCTO on this issue. Access to non public WHOIS data is critically important for effective abuse prevention and mitigation. 

Jonh Laprise: DNS abuse is critical to ICANN so ICANN should have a mandate to prevent it. 

Consumer protection might not be a hot topic right now but it is a pertaining theme for the user community . 

jamie Hedlund: from the perspective of consumer compliance there is no abuse policy (spec 11). 

No policy on abuse mitigation disallows the consumer compliance team to enforce their mandate. A lot of legacy TLDs have no abuse policies. To level the playing field, there s a need 

Bryan Schilling explains that the impact of DNS abuse for end users is a part of continued capacity building efforts of the team. There are numerous examples that show the types of current DNS abuse. 

Holly Reiche: CTT had a number of recommendations including tying up the name of the reseller. As well as publishing the statistics. 

Jamie Hedlund: there are plans to have extensive monitoring of abuse issues and the CTT recommendations are not being ignored. 

Answering questions Hedlund explains that ICANN is not a regulator which could substitute or add to the work done by national authorities or ITU. 

John Laprise indicates to look at reporting with regard to ICANN regions. Jamie Hedlund confirms that this is possible. All compliance reports is going into open data projects for the community to process. Holly Reiche recalls compliance reports being reviewed in detail by the team, Jamie Hedlund confirms that this will again be the case, also in the form of webinars. 

Eduardo Diaz asks on the definition of DNS abuse, should it include reselling domains at a higher price. Jamie Hedlund answers that at this point it does not include potential economic abuse.

Remote question refers to the need to provide specific research on the scale and character of abuse. Without it any conclusions are strictly speculative. 

Hedlund notes that the scope of ICANN’s remit is set in the Bylaws that do not change. What changes is the amount and kind of abuse, which states wish to regulate. This gives ICANN ground to get involved in policy dialogues. 

Satish Babu addresses the relevance of DoH to DNS abuse. Jamie Hedlund notes there is little to no evidence on this specific protocol yet.

Reported by Joanna Kulesza