Thursday, 8 March 2012
Uncle Sam: If It Ends in .Com, It’s .Seizable
When U.S. authorities shuttered sports-wagering site Bodog.com last week, it raised eyebrows across the net because the domain name was registered with a Canadian company, ostensibly putting it beyond the reach of the U.S. government. Working around that, the feds went directly to VeriSign, a U.S.-based internet backbone company that has the contract to manage the coveted .com and other “generic” top-level domains.
EasyDNS, an internet infrastructure company, protested that the “ramifications of this are no less than chilling and every single organization branded or operating under .com, .net, .org, .biz etc. needs to ask themselves about their vulnerability to the whims of U.S. federal and state lawmakers.”
But despite EasyDNS and others’ outrage, the U.S. government says it’s gone that route hundreds of times. Furthermore, it says it has the right to seize any .com, .net and .org domain name because the companies that have the contracts to administer them are based on United States soil, according to Nicole Navas, an Immigration and Customs Enforcement spokeswoman.
The controversy highlights the unique control the U.S. continues to hold over key components of the global domain name system, and rips a Band-Aid off a historic sore point for other nations. A complicated web of bureaucracy and Commerce Department-dictated contracts signed in 1999 established that key domains would be contracted out to Network Solutions, which was acquired by VeriSign in 2000. That cemented control of all-important .com and .net domains with a U.S. company – VeriSign – putting every website using one of those addresses firmly within reach of American courts regardless of where the owners are located – possibly forever.
The government, Navas said, usually serves court-ordered seizures on VeriSign, which manages domains ending in .com, .net, .cc, .tv and .name, because “foreign-based registrars are not bound to comply with U.S. court orders.” The government does the same with the non-profit counterpart to VeriSign that now manages the .org domain. That’s the Public Interest Registry, which, like VeriSign, is based in Virginia.
Such seizures are becoming commonplace under the Obama administration. For example, the U.S. government program known as Operation in Our Sites acquires federal court orders to shutter sites it believes are hawking counterfeited goods, illegal sports streams and unauthorized movies and music. Navas said the U.S. government has seized 750 domain names, “most with foreign-based registrars.”
VeriSign, for its part, said it is complying with U.S. law. “VeriSign responds to lawful court orders subject to its technical capabilities,” the company said in a statement. “When law enforcement presents us with such lawful orders impacting domain names within our registries, we respond within our technical capabilities.”
VeriSign declined to entertain questions about how many times it has done this. It often complies with U.S. court orders by redirecting the DNS (Domain Name System) of a domain to a U.S. government IP address that informs online visitors that the site has been seized (for example, ninjavideo.net.)
“Beyond that, further questions should be directed to the appropriate U.S. federal government agency responsible for the domain name seizure,” the company said.
The Public Interest Registry did not immediately respond for comment.
Bodog.com was targeted because federal law generally makes it illegal to offer online sports wagering and to payoff online bets in the United States, even though online gambling isn’t illegal globally.
Bodog.com was registered with a Canadian registrar, a VeriSign subcontractor, but the United States shuttered the site without any intervention from Canadian authorities or companies.
Instead, the feds went straight to VeriSign. It’s a powerful company deeply enmeshed in the backbone operations of the internet, including managing the .com infrastructure and operating root name servers. VeriSign has a cozy relationship with the federal government, and has long had a contract from the U.S. government to help manage the internet’s “root file” that is key to having a unified internet name system.
Still, the issue of the U.S.’s legal dominion claim over all .com domains wasn’t an issue in the January seizure of the domain of megaupload.com, which is implicated in one of the largest criminal copyright cases in U.S. history. Megaupload.com was registered in the United States with a registrar based in Washington state.
The United States would have won even more control over the internet with the Stop Online Piracy Act and the Protect IP Act. But the nation’s biggest online protest ever scuttled the measures, which would have allowed the government to force internet service providers in the U.S. to prevent Americans from being able to visit or find in search engines websites that the U.S. government suspected violated U.S. copyright or trademark law.
But as the Justice Department demonstrated forcefully with the takedown of Megaupload, just a day after the net’s coordinated anti-SOPA protest, it still has powerful weapons to use, despite the deaths of SOPA and PIPA.
So how does International Corporation for Assigned Names and Numbers, the global body that oversees the domain-naming system, feel about the U.S. government’s actions? ICANN declined comment and forwarded a 2010 blog post from it’s chief Rod Beckstrom, who said ICANN has “no involvement in the takedown of any website.”
ICANN, a non-profit established by the U.S., has never awarded a contract to manage the .com space to a company outside the United States — in fact VeriSign has always held it — despite having a contentious relationship with ICANN that’s involved a protracted lawsuit. But, due to contract terms, VeriSign is unlikely to ever lose control over the immensely economically valuable .com handle.
ICANN is also seeking to distance itself from the U.S. government by being more inclusive, including allowing domain names in a range of written, global languages, ending the exclusivity of the Latin alphabet in top-level domains.
Still, many outside the United States, like China, India and Russia, distrust ICANN and want control of the net’s naming system to be turned over to an organization such as the International Telecommunications Union, an affiliate of the United Nations. Last year, Russian Prime Minister Vladimir Putin met with Hamadoun Toure, the ITU’s chief, and said he wanted international control over the internet “using the monitoring capabilities of the International Telecommunication Union.”
“If we are going to talk about the democratization of international relations, I think a critical sphere is information exchange and global control over such exchange,” Putin said, according to a transcript from the Russian government.
Just last week, Robert McDowell, a Federal Communications Commission commissioner, blasted such an idea. “If successful, these efforts would merely imprison the future in the regulatory dungeon of the past,” he said. “Even more counterproductive would be the creation of a new international body to oversee internet governance.”
ICANN was established in 1998 by the Clinton administration, and has been under global attack to internationalize the control of the Domain Name System ever since. A United Nations working group in 2005 concluded that “no single government should have a pre-eminent role in relation to international internet governance.”
But those pressures don’t seem to have registered with President Barack Obama’s Justice Department. Hollywood was a big donor to Obama, and Obama reciprocated by naming at least five former Recording Industry Association of America attorneys to posts in the Justice Department, which has been waging a crackdown on internet piracy. The Justice Department is looking for even more money in next year’s budget to hire more intellectual-property prosecutors.
Without SOPA or PIPA, the Justice Department lacks any mechanism to prevent Americans from visiting sites that are on a domain not controlled by a U.S. corporation. Knowing that, the world’s leading BitTorrent site, The Pirate Bay, recently switched its main site from a .org domain to .se, the handle for Sweden.
The Pirate Bay’s lead is unlikely to be followed by the millions of non-U.S. companies that rely on .com, which remains the net’s beachfront real estate, even if it is subject to being confiscated by the U.S.
But it is possible that the U.S. government’s big-footing over dot-com domains in the name of fighting copyright could add more weight to the arguments of those who want to put the U.N. in charge of the internet’s naming system. While that’s not inevitably a bad thing, it could lead to a world where any .com might be seizable by any country, including Russia, Libya and Iran.