This week I’ll be heading over to Riga in Latvia to attend and speak at the first edition of the Baltic Domain Days.
The event, which is being held over two days, will cover a fairly broad range of topics including domain takedowns, copyright issues, privacy and cybersecurity.
I’ll be speaking on a panel entitled “Domains and cybercrime: is there a light at the end of the tunnel?” which should be interesting.
We’ll be discussing how DNS abuse happens and what kind of things we’ve seen over the years. I suspect we’ll also be talking about what kind of actions registrars and registries can take to minimise abuse.
Is it within the registrar (or registry) remit to remove domains? Personally I think it is, but you need to be very careful when and how you do it. If a domain name is registered solely for abuse (and we’ve seen that all too often) then removing it makes sense, but if the domain name is “innocent” and is simply being abused by a 3rd party eg. a compromised website, then killing the domain isn’t the right way to solve the issue.
If it is, under what circumstances?
Is that always the best way to deal with abuse? Depending on the type of abuse the domain name(s) being used might not be
There’s also likely to be a certain amount of discussion around things like the NIS Directive and, of course, GDPR.
In some jurisdictions DNS is considered “critical infrastructure” and within scope of NIS, which means there are extra obligations for both registry operators, registrars and DNS operators. However the treatment of DNS isn’t uniform across all member states.
And what about GDPR?
Will the changes to the whois system, that we’ve mentioned in the past, have a negative impact on DNS security? Some argue that it will, as many security firms use whois data as part of their abuse mitigation processes. However conversely many ccTLDs already do not publish much data in the public whois.
Either way it should be an interesting and animated discussion!
