ICANN Summit: the fight against DNS abuse, a GAC priority

recommandationThe 71st ICANN Summit gave its GAC (Governmental Advisory Committee) the competence to take stock of the essential elements of its missions, reflected in its report of June 21, 2021. In the “Issues of Importance to the GAC”, several elements were highlighted.

1. The next round of new gTLDs allow companies to have a TLD in their name


Göran Marby, CEO of ICANN, recalled that strengthening competition and improving the opportunities of Internet users to benefit from their own identifiers is part of ICANN’s duty. The ICANN presented the ODP (Operational Design Phase). This is a system that provides information on the operational issues of the project and aims to implement advice to make the procedure more effective.

But on the other side of the coin, there are also fraudsters amongst the beneficiaries. This is the case, for instance, regarding new gTLDs that were launched on the market almost ten years ago (like <.icu> or <.guru>).



2. Addressing the issue of domain name abuse


The issue of DNS abuse remains a flagship issue for the CAG, who describes the problem as a “priority”. DNS abuse is a term that refers to piracy cases where domain names are registered and used for fraudulent purposes such as phishing. The idea of the Framework on Domain Generating Algorithms (DGA) associated with Malware and Botnets was created. The objective of this framework is to place registries at the center of the fight against these abuses, and to encourage them to prevent the blocking of domain names from DGA’s. These DGA’s are algorithms used to generate a very large amount of domain names that can serve as meeting points between control servers and the command, allowing botnets to thrive more easily.


3. Reliability of Data

The GAC highlighted the importance of the correctness and completeness of domain name registration. Data reliability is an important aspect to ensure the prevention of – and fight against DNS abuses. It recalls the obligation of registers and registration offices to verify, validate and correct data. One of the objectives is to respond to the pitfalls of these data in a timely and efficient manner. The GAC specified that this should not only concern compliance with the GDPR but that it should include all information relating to domain names.


4. Accessibility of data

The ODP for Stage 2 of the EPDP has been put on the table. The purpose of this ODP is to inform interested parties on the question whether the SSAD (System for Standardized Access/Disclosure) works in favor of the interests of the ICANN community, especially in view of its impact in terms of costs. For the record, via the SSAD, it is possible to get information about requests that demand to lift the anonymity on certain domain names.

Phase 2A of the EPDP (Accelerated Policy Development Process) was discussed after the release of the EPDP Phase 2A Initial Report on the “Temporary Specification” (which is a new version of the Whois). This report provides guidance on how to publish registration information on companies that is not protected by the GDPR as well as email addresses for those who are anonymized.


5. Consumer protection

Finally, the recommendations of the CCT (Competition, Consumer Trust and Consumer Choice Review) were addressed. Among the recommendations that the GAC would like to see implemented was a pro bono assistance program as well as the recommendation concerning the identification of party chains that are responsible for registering domain names.

The ICANN’s report of June 21, 2021 highlighted several important elements. The fact that new gTLDs allow companies to have a TLD in their name engenders both benefices and dangers. It underlined the issue of domain name abuse and the importance of the correctness and completeness of domain name registration data, as well as the importance of accessibility of data and the need for consumer protection.



Dreyfus law firm




About this topic…


Attempted reverse domain name hijacking is an abuse of the administrative process