28 Abuse Prevention and Mitigation

Prototypical answer:

The Registry follows ICANNʹs Applicant Guidebook to implement the domain registration management framework and minimizes the risks of domain abuse according to guidelines in the Draft Final Report of Registration Abuse Policies Working Group (RAPWG). As a partner of the Registry, DotAsia (through Namesphere) participates actively in the GNSO policy development processes and advises the Registry on implementation of appropriate Abuse Prevention & Mitigation mechanisms.

28.1. Implementation Plan

The Registry adheres to the ICANN Applicant Guidebook requirements and will release policies to handle domain abuse policies on its website. It will also establish an online domain abuse complaint system for the filing and prompt handling of abuse complaints. The filing party may use this system to submit relevant information of a complaint, such as the domain name in question, abuse behaviors and consequences as well as filing partyʹs contact information, such as name, Email, telephone number and fax number (optional).

The Registry also provides three ways for abuse complaints: fixed telephone, fax and Email. The information will be published on a prominent location on the Registryʹs website as well as provided to all Registrars for their dissemination to end users.

A dedicated hotline is already established by KNET at:
Fixed phone: +8610-58959009
Fax: +8610-57656837
Email: abuse@dot.新闻 (to be confirmed and created upon the delegation of the TLD)

28.2. Policies for Handling Complaints Regarding Abuse

28.2.1. Domain Name Abuse Behaviours

Domain name abuse includes the abuse behaviours happening at domain registration and those abuses in utilization of the domain names. The former abuse includes cybersquatting, gripe sites, deceptive and⁄or offensive domain names, domain tasting, etc., while the latter one includes phishing, spam, and malware⁄Botnet command-and-control.

28.2.2. Abuse Policies

In the policies for handling complaints regarding abuse, it is strictly forbidden for registrants to abuse domain names, and the corresponding penalties are also stipulated in the policies. At the same time, registrants are asked to make commitments when they submit the applications. The registrars should be asked to make the similar commitments. In addition, measures for promote Whois accuracy are provided to prevent and mitigate the potential domain name abuse.

Furthermore, based on the suggestion and advise from DotAsia, we will continue to explore the possibility of implementing a rapid suspension process targeted against phishing. A sample of a draft suspension process is included in the attachments to #30b.

28.2.2.1. Registry Policies

KNET and DotAsia are experienced with managing and mitigating against abuse for TLD registries. A dedicated team at KNET will proactively monitor for any suspicious activities at the registry and respond to abuse complaints.

Following the process included in the .ASIA Registry-Registrar agreement (http:⁄⁄dot.asia⁄accreditationdocs⁄DotAsia-RRA-2010-02-01.pdf), the Registry will also include in its Registry-Registrar agreement 2 key provisions to allow for the Registry to act promptly against any abusive behaviours:

1. Clause to specify that all registrations are to submit to proceedings for expedited suspension processes of domain names:

(3.9.11) Submit to proceedings commenced under other dispute policies as set forth by [DotAsia] from time to time in the Registry Policies, including but not limited to expedited processes for suspension of a domain name by claims sought by intellectual property right holders, Internet engineering and security experts or other competent claimants in the purpose of upholding the stability, security and integrity of the [.ASIA Registry].

2. Clause to reserve the right to cancel registrations that threaten the integrity, security and stability of the registry:

(6.5) Reservation of Rights. [DotAsia] reserves the right to deny, cancel or transfer any registration or transaction that it deems necessary, in its discretion (i) to protect the integrity, security and stability of the registry; (ii) to comply with any applicable laws, government rules or requirements, requests of law enforcement, in compliance with any dispute resolution process; (iii) to avoid any liability, civil or criminal, on the part of DotAsia, as well as its affiliates, subsidiaries, officers, directors, and employees; (iv) for violations of this Agreement and its Exhibits; or (v) to correct mistakes made by the DotAsia, the Registry Services Provider or any Registrar in connection with a domain name registration. DotAsia also reserves the right to freeze a Registered Name such as placing a domain name on hold, lock, or other status during the resolution of a dispute.

These clauses ensure that the Registry can act promptly to suspend or cancel abusive domain registrations. The Registry also believes in due process to avoid false positive suspensions and an overly aggressive approach to cancelling domain registrations. The joint experience and knowledge from KNET and DotAsia will provide sound direction to the Registry to mitigate against abuses with a balanced approach.

28.2.2.2. Commitment of Registrant

In registrant agreements, registrars should include clauses for registrants to declare and uphold that they will not not abuse domain names such as utilize it for phishing or spam when they submit the registration application. For the detected domain name abuse behaviours, the registries have rights to suspend the resolution of registered domain names or cancel the domain name.

28.2.2.3. Commitment of Registrar

In addition to ICANN Accreditation agreements and ICANN consensus policies, the Registry will require registrars to uphold that they will not knowingly participate, encourage or acquiesce in domain name abuse behaviours.

The Registry will proactively monitor registrar system behaviours to avoid any domain name abuse activities.

28.2.2.4. Measures Intended to Promote Whois Accuracy

28.2.2.4.1. Measures for Registrants

The Registrant must accept the Registration Agreement when registering a domain name. The Registrant shall ensure that all the submitted registration information is authentic, accurate and complete. If any registration information changes, the registrant shall inform the registrars of the registration information update within 30 days.

28.2.2.4.2. Measures for Registrars

A Registrar must be accredited by ICANN before becoming a Registrar of the Registry.

In the Registry Registrar Agreement, the Registrar is required to take necessary measures to increase the Whois accuracy which is considered as an important indicator for the Registrar assessment. Other requirements intended to avoid and mitigate domain name abuse are stipulated in this agreement as well.

28.2.2.4.3. Additional measures from the Registry

Being a Registry based in China, in compliance with the local requirements as well as additional measures to ensure Whois accuracy, for users of Mainland China: If the Registrant is a real person, he⁄she must submit the following information: real name, email, fixed telephone, mobile phone, ID card number, and the valid ID card (two sides) in the form of electronic file (without any manual modification) or the passport (the first page) in the form of electronic file (without any manual modification). If the Registrant is an organization, it must submit the following additional information: valid enterprise business license or other valid qualification certificates in the form of digital photo file (without any manual modification), company address, and the ID card (two sides) or other valid certificates of company’s legal representative or contact in the form of electronic file (without any manual modification).

Any Registrant information updated by the Registrant shall undergo the same auditing procedures before taking effect. These measures ensures a high level of Whois accuracy.

28.2.3. Procedures for Handling Complaints Regarding Abuse

The Registry, through KNET, has an abuse complaints disposal working group composed of technical and legal professionals to handle complaints about domain name abuse and build linkage mechanism with CADNA (Coalition Against Domain Name Abuse) to effectively handle the domain name abuse complaints.

The team at the Registry will adopt the definition on the abuse by the Registration Abuse Policy Working Group (RAPWG).

The team would automatically send confirmation mail to the complaint filing party upon receiving an abuse complaint. Generally the team will arbitrate the abuse complaint within 5 working days. Under any circumstances, the period of handling complaints cannot exceed 10 working days.

For domain abuses that need to be resolved by dispute resolution mechanism, the complaint filing party will be informed of the specific domain dispute resolution institutions and processes. For any domain name that has been confirmed to be abused, the Registry may either suspend its resolution or cancel its registration according to the domain name abuse management policies. If a Registrant disagrees with the penalty, he⁄she may apply to the Registry for re-arbitration. However, the implementation of the penalty will not be suspended during the re-arbitration period. The Registry will not take any punitive actions on those domain names that have not been confirmed to be abused.

After the arbitration is made, an email containing the arbitration result will be sent to the complainant filing party, the Registrant and the Registrar of the domain name under the complaint.

28.2.4. Collaboration with other parties

Externally, the Registry will work with other parties to prevent and mitigate the abuses on its domain names. The procedures or mechanisms of the cooperation will be described as follows:

With ICANN

With contractual relationship with ICANN, the Applicant is obliged to abide by the legal obligations described on the Registry Agreement. The Applicant also consent to the Consensus policies and temporary policies specification described in the Specification 1 of the Registry Agreement. Details of the consensus policies can be found at: http:⁄⁄www.icann.org⁄en⁄general⁄consensus-policies.htm.

With regard to Temporary Policies, the Applicant shall comply with and implement all specifications or policies established by the ICANN Board on a temporary basis. The Registry pledges that the Temporary Policies will be implemented within a month upon the notice of the policies. In the event of a conflict between Registry Services and Consensus Policies or any Temporary Policies, the Consensus Polices or Temporary Policy shall control.

With LEAs and other security providers

KNET and DotAsia works closely with CERTs (Computer Emergency Response Team) in China and around Asia. APCERT is also a member of DotAsia. The Registry will establish a contact window with CNCERT⁄CC, LEAs, APWG, CERTs around Asia and other security providers to take down domain name abuse incidents concerning domain names registered under the TLD.

The Registry will work closely with Registrars nn the implementation of suspension and takedown of domain name abuse incidents. The collaboration mechanism is as follows:

1) The Applicant will instruct the sponsoring registrar to send email notification the registrant (administrative contact, technical contact or billing contact) concerned to respond to the domain abuse complaints upon receipt of the takedown notice from the LEAs, CERT⁄CC; the notification requires the registrant to respond within an expressed time period; in the meanwhile, the domain name in question will be put in “lock” status;

2) Should there be no response from the registrant, the Applicant will instruct the sponsoring registrar to put the domain name in suspension take down and a notice of takedown will be sent to the email address of the registrant.

28.3. Disposal of Orphan Glue Records

KSRP automatically marks the resulting orphan glue records of a domain and dates them when suspending the domain resolution and deleting the domain. At the same time when the orphan glue records are generated, KSRP automatically sends an email notification to the registration management contact, technical contact and Registrar of the affected domain names to update their systems within the 30-day grace period.

The orphan glue records scanning and cleaning system will perform a scheduled scanning on the platform system on a daily basis to delete those orphan glue records that are no longer used and those that are still being used but have exceeded the 30-day grace period. An email notification will be sent to the registration management contact, technical contact and Registrar of the domain name that still uses the orphan glue records for resolution.

If there is any written evidence indicating that an orphan glue record is related to any malicious conducts, the domain name management procedures will be followed to directly delete such records via the back-stage management operations.

28.3.1. Reasonable Access Control

Registrars may remotely log into the online domain management system which is encrypted via HTTPS and pass the high-security password authentication and Captcha prior to performing operations such as updating Registrant information, transferring, renewing and deleting domain name.
The Registrars must obtain the domain name transfer password before performing the transfer operation. The user submits the transferred domain and transfer password to the Domain Management System of the target Registrar. The target Registrar submits relevant information to the registration system of Registry, who will complete the transition after verifying the transfer password.

The Registry will recommend that Registrant should change its password in the Domain Management System of Registrars once within at least three months on a regular basis.

When the domain name is updated, transferred or deleted, the registration system of .新闻 Registry will automatically send a mail notice to the original and new Registrants.

28.4. Meeting Evaluation Criteria

28.4.1 Adequate description of abuse prevention and mitigation policies

A thorough and tested abuse and complaint handling process is put in place by the Registry through KNET as its Registry Back-End Services Provider. A clear set of policies will be put in place and published on the Registry website to both deter against potential abusers as well as to provide a clear process for resolving and suspending abusive domains.

28.4.2 Well-developed abuse policies and procedures

Together with KNET and DotAsia, the Registry will put in place policies and procedures, including appropriate additions to the Registry-Registrar Agreement with Accredited Registrars. This ensures that the Registry can enforce and deliver on its commitments on abuse prevention and mitigation.

28.4.3 Plans consistent with technical, operational and financial approach

As the Registry Back-End Services provider KNET is fully equipped with the capabilities and manpower to implement the technical and operational aspects of the abuse prevention and mitigation policies. KNET costs are largely variable based, therefore highly scalable, and incorporated into the financial models discussed in #46-50.

28.4.4 Adequate level of resources committed

The Registry, through KNET, will have a designated team for abuse management as well as for auditors (two auditors at least will be included, one for the initial audit and one to re-audit) for Whois accuracy compliance. The abuse management team will form an abuse complaint disposal group (three auditors are advised: two auditors and one legal professional) to handle the anticipated increase in complaints in proportion to the total number of registered domains under the TLD.

28.4.5 Measures to promote Whois accuracy

Besides registry, registrar and registrant agreement and enforcement of Whois accuracy, additional Whois accuracy measures are put in place, especially for mainland China registrations. Because a majority of registrations are expected to come from China, the Registry expects that this measure would significantly enhance Whois accuracy for the Registry.

28.4.6 Additional Measures for Abuse Prevention and Mitigation

Both the additional Whois accuracy measure as well as the additional rapid suspension policy being put in place against Phishing are additional measures for abuse prevention and mitigation. Based on the joint experience from KNET and DotAsia, it is also important that the Registry clearly position itself as being proactive and diligent in mitigating against registration abuses, which these additional measures signify.

Similar gTLD applications: (0)