Beginning on 25 October, 2021, the Internet Corporation for Assigned Names and Numbers (ICANN) is holding its 72nd International Public Meeting with representatives from various governments, the private sector, civil society, academia, and the technical community from across the world.
ICANN is the international non-profit organisation that brings together global stakeholders to create policies for coordinating the domain name system (DNS).
On the agenda for this meeting is the longstanding issue of the responsibilities of Internet registries and registrars to respond to “DNS abuse”. In an earlier blog post, we explained what “DNS abuse” is, why it’s been cropping up in recent ICANN discussions, and why we’re generally concerned by its implications for freedom of expression. In this follow-up piece, we will delve into recent examples of Internet registry and registrar actions that have impacted the availability of content online to explain why the “DNS abuse” concept poses such serious risks for freedom of expression and access to information.
The implications of registry and registrar actions: the cases of Tanzania and Kenya
In 2006, Tanzania’s Maxence Melo registered Jamii Forums — a local social media network where users could anonymously connect with others, share information on public interest matters such as corruption and hold their political leaders accountable — under the ‘.com’ generic top-level domain (gTLD). In 2008, he was arrested by the Tanzanian authorities on grounds of terrorism for his part in managing the website. While the arrest and charges were ultimately changed to “obstructing police investigations“, the government followed with several more unsuccessful attempts to arrest Melo in efforts to force him to provide the identity of the users of his website.
Then, in 2018, Tanzania passed the Electronic and Postal Communications Regulations, which mandated that all businesses, companies, governmental organisations and NGOs that are registered and operating in Tanzania must register websites under “.tz”, a country code top-level domain (ccTLD) managed by the Tanzania Telecommunications Regulatory Authority. As a result, Jamii Forums was forced to take down its website and re-register under the “.co.tz” domain name. Following the change, a number of users began claiming that they were having difficulty accessing the website.
While, technically, it remains unproven as to why users started facing these challenges directly after the domain change, it is clear that domain name registration requirements as found in the 2018 Regulations make it easier for a government to censor websites. Because ccTLDs are owned by the governments to which they are assigned, ccTLD operators are dependent on government oversight to continue managing the ccTLD and therefore more susceptible to government pressure; at the same time, ccTLD operators are usually located in-country and therefore subject to local laws, as opposed to operators of gTLDs like “.com”, which are largely based in the United States and the European Union.
In a similar incident in 2015, a popular Kenyan website, isuhuruinkenya.co.ke, was shut down under mysterious circumstances. The website itself posed a simple question: “Is Uhuru In Kenya?” It was then updated regularly to display “YES’ or ‘NO”, depending on whether Kenya’s president, Uhuru Kenyatta, was in Kenya or travelling abroad. The site had been registered in response to growing public scrutiny of the president’s frequent travel and associated expenses.
The Kenya Network Information Centre (KeNIC) — the operator of the Kenyan ccTLD, “.ke” — tweeted a denial that it had any part in taking down the website. However, the website has since remained unavailable and the registrant has never received a clear explanation from KeNIC as to the reason.
‘DNS abuse’ as a proxy for content moderation at the DNS level
As the examples above show, the suspension and deregistration of domain names can be powerful tools to stifle criticism or dissent, with little opportunity for transparency or accountability. And, as demonstrated by its recent submission to the ITU and domain abuse activity monthly report, ICANN itself has been unable to prove a significant increase in technical “DNS abuse” as a result of the pandemic— the apparent reason for the latest interest in “DNS abuse” in the first place.
Given that there is little evidence to justify that efforts against “DNS abuse” will actually counter real technical problems, we should call them what they really are: content moderation measures at the DNS level.
Concerns about the lack of transparency and accountability regarding the unilateral power of Internet infrastructure providers over matters of online content have grown over the years, following recent decisions by providers like Cloudflare, GoDaddy, Google and 101Domain to terminate the services of websites including The Daily Stormer and 8Chan. The very real potential that content-related takedowns and removals will grow under the proposed copyright and trademark infringement justifications of the “DNS abuse” framework is therefore a serious threat. IFEX, Access Now, and ARTICLE 19 Mexico have documented how copyright law is already being used by governments to take down content as part of efforts to stifle dissent and press freedom. As more ccTLD operators join the effort to counter “DNS abuse”, the likelihood that they will be forced to become cogs in governments’ censorship machinery increases; of the 17 ccTLD operators that have already joined the Domain Abuse Activity Reporting (DAAR) initiative, several are operating in jurisdictions where governments have previously pressured registries and registrars to engage in extrajudicial content takedowns — including Tanzania.
While efforts by ICANN and certain TLD operators to respond to “DNS abuse” may be rooted in good intentions, it is important that DNS stakeholders recognise that these efforts may seriously compromise freedom of expression if governments abuse their power over ccTLD operators. Once suspension or deregistration occur, ICANN has little power or recourse to hold ccTLD operators accountable to the public interest.
The way forward
As the ICANN Annual General Meeting gets underway, the ICANN community must recognise that the current attempts to expand the scope of “DNS abuse” to include content-related issues is dangerous because it widens the door for registries and registrars, especially ccTLD operators, to engage increasingly in censorship under government influence. Removing this scope of action is the bare minimum standard to ensure that this framework respects freedom of expression and other human rights.
A detailed overview of our recommendations regarding the “DNS abuse” framework is set out in our previous blog post.