NOTE: easyDNS reserves the right to publicly post any takedown request we receive. Any legal or public documents involving easyDNS may be (and often are) posted to our blog.
Writing this post I fondly recall one of my favorite Simpson’s scenes, when Montgomery Burns is being committed to a mental institution against his will and Chief Wiggums informs him “Just relax, you’ve gone off your nut, you’re being institutionalized…those grocery store guys signed the commitment papers”. It casts a light on the wider question out here on the internet of “who exactly gets to authorize or order what?” Specifically, the dreaded domain takedown.
Just last friday we wrote our reaction to Godaddy’s cavalier takedown of Jotform last week, a domain with 500,000 end-users summarily unplugged on the basis of a simple faxed request from the Secret Service. The inevitable question follows, so what would easyDNS do under similar circumstances?
Fortunately, we do have a similar circumstance to compare and contrast.
A couple of weeks ago, we received a takedown request from the California Corporations Counsel asking us to take down a domain here. We explained that unless the domain was actively engaged in network abuse or posed an internet stability issue (which it did not), then we would require a court order here in our home jurisdiction of Ontario, Canada to unplug the domain.
We think this is a reasonable response. As the number of both spurious requests and actual takedowns (including spurious takedowns) become near rampant, we have decided to state for the record, what the easyDNS Domain Takedown Policy is:
easyDNS will take down a domain if, and only if:
1) It is suspended or ordered transferred by ICANN (or CIRA) in the compliance with a policy which is a requirement of our Registrar Accreditation Agreements. These policies include things like Dispute Resolution Protocols, invalid whois reports or challenges to the CPR (Canadian Presence Requirements) for .CA domains. In any case, we only suspend the domain when finally ordered to do so by ICANN or CIRA – in the meantime we would have been attempting to contact our Registrant via email and telephone.
2) We are ordered to do so by the Courts. Specifically, the Courts here in our legal jurisdiction of the Province of Ontario, Canada.
3) The domain is engaged in network abuse or poses a threat to the stability of the internet (or to easyDNS itself). In this last case, we are the final arbiters of what qualifies. This would include things like spreading malware, running botnets, spamming, phishing, etc.
NEW (Aug 15, 2014) #4) We are adding this: If a credible source (i.e. government, LEA) requests it on the basis that the domain poses an imminent threat to public safety or health. See why we added this here.
One of the first things any clueful abuse desk should to be able to do upon receiving a complaint about a customer domain is make a basic initial determination: is this domain an abuser? Is it a legitimate domain that has it been compromised? Are they a service provider with many downstream users?
The response is different in each situation , but we basically proceed in a way where we want the problem solved one way or another, very quickly. If you’ve been compromised: fix your system, if you have downstream users: LART that user and if you’re an abuser, you get nuked.
The policy to us seems logical and straightforward. We’ve been doing this for nearly 15 years now and we know actual abuse when we see it (if anybody is worried that we’re “soft on network abuse” they obviously don’t know us, or have never tried it here). We are geeks, not lawyers. So it’s easy for us to make a determination on whether actual network or technical harm is being done and if so, what to do about it. Beyond that, we need it to come from either the governing body that accredits us as a registrar, or via proper legal channels.
Further Reading:
- The price of freedom and the cost of a domain name
- First They Came for the File Sharing Domains
- Whatever Happened to Due Process?
- Domains Locked Down by UK Police Ordered Transferred
- NABP To Registrars: You Must Takedown Any Domain We Tell You To (uh, no we don’t).
It’s nice to see that not every company runs for the hills when they receive a fax such as this.
I wish all businesses would follow due process and not just assume that the first person to send a letter or fax is the paramount security interest holder!
Thanks Abe, we try to do our best!
Arnon
So if i have a phishingsite,do you emidietly take it down when someone reports it or you onl take it down when you have a courtorder?
This is a joke, right?
No, if you have a phishing site we nuke it immediately. We even have systems internally that detect phishing sites before they are even reported to us.