Columns

U.S. Uses Domain Names As New Way to Regulate the Net

Governments have long sought ways to regulate Internet activity, whether for the purposes of taxation, content regulation, or the application of national laws.  Effective regulatory measures have often proven elusive, however, since, unlike the Internet, national laws typically end at the border. Earlier this month, the United States began to move aggressively toward a new way of confronting the Internet’s jurisdictional limitations – the domain name system.

Domain names are widely used to ensure that email is delivered to the right inbox or to allow users to access a particular website.  The system includes a large database that matches the domain name (e.g. michaelgeist.ca) to a specific IP address (i.e. the location of the computer server).  The system is used billions of times every day to route Internet traffic to its intended destination. 

As every Internet user knows, inadvertently entering the wrong email or web address typically means that the email bounces back or takes the user to an unexpected destination. As my weekly technology law column notes (Toronto Star version, homepage version), legislators have now begun to consider the possibility of intentionally stopping access to certain sites by ordering Internet providers to block access to their domain names.

The Combating Online Infringement and Counterfeits Act, recently introduced in the U.S. Senate, would potentially force Internet providers, domain name registrars (companies that register domain names) and domain name registries (organizations that maintain the domain name database) to block access to specified domain names.

This domain name block list – already being dubbed the Great Firewall of America – would be created through a censorship court order obtained by the U.S. Attorney General.  The court order could be used to shut down a site located within the U.S. or to order Internet providers to block access to the domain name if the site resides outside the country.

Moreover, the Department of Justice could identify additional domain names that are “dedicated to infringing activities.” Despite the absence of any court oversight, this second list would also likely involve blocked domains since Internet providers would be immune from liability provided they curtail access to them.

This notably targets websites located anywhere in the world, since any domain – wherever located – may placed on the list.  In fact, since the core of the domain name system resides in the U.S., it is possible that the site could be blocked at a global level if it was removed or rendered inaccessible from the “master” domain name database.

This is not the first time the U.S. has used its control over the domain name system to establish a home field regulatory advantage. In 1999, it enacted the Anticybersquatting Consumer Protection Act to deal with cases of domain name cybersquatting.

The drafters of that law recognized the jurisdictional challenges inherent in resolving domain name disputes by granting trademark holders the right to file a lawsuit against the domain name itself, rather than against the domain name registrant.  That approach, known as in rem jurisdiction, treats the domain name as property that can be sued. This led to cases where U.S. courts ruled that they are entitled to order the transfer of a domain name even where a foreign court has issued an order barring the transfer.

The net effect of these laws is to create a two-tier regulatory structure for the Internet.  Domain names may be global – more than 200 million have been registered worldwide – yet the U.S. continues to retain effective control over much of the system.  As the recent moves to use the domain name system to address online concerns demonstrates, that control raises serious concerns about its jurisdictional reach and the misuse of a system intended to route Internet traffic without regard for its content or destination.

33 Comments

  1. So…
    Maybe I’m missing something but there’s no mention of actually block ip addresses! Block domain names ultimately accomplishes nothing. It would take very little for someone to maintain their own Domain Name Server which contains a list of all “banned” domain names and redirects to their ip address when quieried. I’ve had my own ISP’s DNS servers take a dive and it was easy enough to manually enter an ip address and/or use alternate DNS. Nevermind maintaining your own redirects on your system with a hosts file.

    Really, if this is about banning domain names and not ip address then it’s the perfect example of people with no understanding attempting to govern that which they can’t explain.

  2. And such action wll still be ineffective
    Yes, the US has control of the designated root DNS servers. Yes, they could implement blacklists and greylists.

    But this too will only affect the technically naive. It takes some technical expertise, but little effort, to bypass the sanctioned DNS system(s) and create your own. I have already done it for a NA spanning business private net. So have many others.

    The net result of attempting to “control” user activities through technical measures such as this will only hurt legitimate or naive users. It won’t accomplish anything useful in controlling crime or illegitimate access.

    Knowing how something is supposed to work, doesn’t mean it *has* to work exactly that way. The DNS system is essentially a set of protocols and agreements. Control of the DNS “system” only allows you to control the agreements, not the protocols. If individuals or a group decide to create their own agreements, and still use the same protocols, they can bypass any “controls” the US might place on the system. IPSEC actually helps such groups as well.

    Sometimes I wonder about politicians and lawmakers. Are they really this clueless about technology? Or are they simply relying on advise from “experts” that aren’t really experts?
    In the case above, they might be excused because they asked the wrong question and ran away on their own with the answer they got. The wrong question would have been “How does the DNS system work?” The answer would have been right. But the RIGHT question to ask would be “Can the existing DNS system be bypassed?”. The answer would tell them quickly enough that attempting to “control” llegal activity through such a measures is likely to be ineffective.

  3. @oldguy
    In the US, as in Canada, it isn’t about actually doing something useful; its about being visible doing something to appease the voters and/or party donors.

  4. @Joe
    To elborate on oldguy’s explaination. Even blocking at the IP level is easily bypassed in a number of ways and would ultimately be ineffective in blocking those who they’re actually trying to block. Like TMPs this only “really” affects those who wish to be legitemate and those not technically inclined.

  5. A dog chasing it’s tail.
    I’ll say it again *sigh* it’s not technical, legal or punitive efforts that will solve the infringement problem. It’s delivering valuable products at a correct price point and treating the customer with respect.

    The costs of distribution (and in some cases production) of media has decreased with the digital era. There is a balance between making maximum products and alienating your customer base. Get it right and while infringement by some will continue, more of them will have become your customers.

  6. Its about information control over the ‘masses’
    Yes, the tech savvy can get past this very easy, but the majority of couch potatoes will not.

    Yet another attempt to stop any ‘truth’ to leak past the powers that be.

  7. Why such a confusing explaination Professor?
    This is not at all a NEW way of REGULATING the Net. It is exactly the same way of CENSORING the Net that China uses, and that Australia has just narrowly avoided. It’s a blacklist of censored sites (censored DOMAIN NAMES to be sure, if you want to introduce the sometimes confusing Domain Name System, but why would you want to do that?)

    Uses Domain Names As New Way to Regulate the Net

  8. “It is exactly the same way of CENSORING the Net that China uses” …

    So it’s OK for the USA to act like China, as long as it’s in defense of it’s ‘struggling’ media industry?

  9. RE: Crockett
    “So it’s OK for the USA to act like China, as long as it’s in defense of it’s ‘struggling’ media industry?”

    I think you may have read your personal feeling into Boothie’s comment, Crockett. I think he was just pointing out the inaccuracy of the term new. I don’t think he was saying that it was good because it had proven in China or anything like that. If anything, it shows just how hypocritical the US in how they complain about China using such a system and then essentially use the same method for themselves.

    I suppose though, that it is “new” from the point of view of stupid things the America government hasn’t tried before.

  10. $ony $ues their customers
    $ony @ work:

    http://games.slashdot.org/story/10/09/28/210226/

    Nap.

  11. Rant (please forgive)
    OK, so I was reading the $ony case and was thinking that the court was right – it’s not under copyright law that the exploit should be judged. As the exploit is original code and all it does is to start the PS3 in debug mode. There’s no copyright infringement in this act alone.

    But $ony argues that it is done for subsequent copyright infringement….

    Well well. If we have to judge by purpose, then yes many laws are judging you by purpose. E.g. if I crush someone’s skull and kill him, it differentiates on whether I did it accidentally or on purpose, and if the later, if it was planned ahead or under impulse.

    But the law does not differentiate on whether the victim was wearing a helmet or not. (DRM/TPM anyone?)

    And also breaking a helmet sitting on a table (without killing anyone) would not be judged under “manslaughter”. If the helmet is mine (I legally bought it), then it doesn’t even qualify as “property damage”.

    So why exactly breaking DRM/TPM should be included under COPYRIGHT law?

    Nap.

  12. @Nap
    Has anyone actually requested their personal file from Sony in Canada, re: PS3? I’d be interested to know exactly what information they are collecting from users on this system, offside of the above mentioned case.

  13. dns
    Censorship filtering name blocking, etc, will be used to stomp politics first, then bis competation. That is the HISTORY of the web.
    web 3.0 predictive software now, anyone?

    packrat


  14. Sony has the approach all wrong. Did they learn nothing from the first two generations of PS, both which were hacked and nothing they could do about it? Like XBox 360, many games are intended to be played on-line, a simple solution would be to kill on-line access to that station if a hack has been detected. This is precisely what Microsoft did with hacked versions of the XBox 360. They were very careful about only killing on-line access though, local games still run fine, but you cannot access XBox Live at all. In my opinion, this is a much more “reasonable” approach…only original OEM hardware can have access to XBox Live. On the other hand, I believe the XBox hack was a firmware hack, hence probably easier to detect than a USB dongle that starts the PS3 up in debug mode.

    The more approriate course of action for Sony would have been to release a firmware update to disable the hacks, then require that version of firmware or higher for access to on-line materials. Problem solved…little or no bad press. These companies just don’t think.


  15. @IanME: “The more approriate course of action for Sony would have been to release a firmware update to disable the hacks, then require that version of firmware or higher for access to on-line materials.”

    They already did that. Which I’m fine with, since when playing online you don’t really want to run against folks with “transparent walls”, “auto-aim bots” and so on.

    What I’m not fine with is suing some guy that wrote code to start the console in debug mode. Heck, I would do it just for seeing what it looks like. Note that there is no copying of anything involved. It’s pretty much like those tricks of turning the start key thrice so your car blinks a diagnostic code on the “Check Engine” light. Wonder if they sued anyone for doing it.

    Nap.

  16. The.Big.Lie.Society says:

    The.Big.Lie.Society … Follow the Money … It Seeks Overall Control
    Follow the Money … It Seeks Overall Control

    http://TheBigLieSociety.com

  17. @Nap
    There’s too much precident with other hardware devices in the US. Like with unlocking cell phones, the act itself is a modification to a piece of hardware you own. I would be surprized if it doesn’t get thrown out of court.

  18. RE: Fresh News
    This reeks of desperation. Desperate people can be VERY dangerous. Would this even be legal under the various international trade treaties? Yes. Yes. Yes. I know the US is much less worried about legalities than it is about appeasing it’s corporate overlords. They’d prefer just do it rather than ask for permission. It’s no wonder their economy is in the crapper!!! Just curious if this would violate any treaties.

  19. What I don’t get…
    Are no other countries standing up to oppose this blatent misuse of power? What about international Internet governance bodies? United Nations, International Telecommunication Union, Internet Governance Forum, IANA, IETF, ICANN, ISOC, etc. Are none of these bodies pointing out how bad this is? One country should not have so much control over a global architecture.


  20. IanME: US owns all those organizations. Europe has repeatedly tried to discuss implementing their own root DNS servers, however the US have successfully bullied them every time into accepting the status quo. What I can see happening is China coming up the first with an autonomous system – as it will enable them to do their own filtering (instead of getting the American one pushed down their throat).

  21. Root Servers
    There are 13 root servers worldwide, designated “A” through “M” and the US controls 10 of them. Some of those 10 are “anycast” multinational, but headquartered in the US. The others, all anycast, are located in Sweden (I), Japan (M) and the Netherlands (K) and controlled from there. What’s the US going to do, cut them off if they don’t comply?


  22. Sure they will. “War against terror and piracy”. Protects US citizens from terrorists, music downloaders and fake pills. What could be more noble than that?

    Nap. 🙂

  23. Whoops…wrong thread.
    …And so it shall be…
    Congress passed the bill.

    http://www.crikey.com.au/2010/10/01/the-internet-filter-coming-to-the-us-with-barely-any-dissent/


  24. @IanME:

    This is the most important part:

    “A letter signed by 87 prominent internet engineers — including those who invented the technology that would enable the censorship — said the filter would undermine the credibility of the United States in its role as steward of key internet infrastructure”.

    Next thing we’ll hear about Asia becoming autonomous. And next next thing we’ll hear is Asia disconnecting/filtering out US sites from their networks as it does provide nothing but pr0n, viruses and scams.

    Don’t put any hope in Europe. Sarko would be more than happy to ask US to add his own blacklist too.

    Nap.

  25. Wikileaks
    $20 say Wikileaks will be in the first wave of “shutdowns”. Based on “distribution of copyrighted materials without authorization/license”.

    Nap.


  26. BLACKLISTS, SHUTDOWNS, IP BLOCKING ======== CENSORSHIP!!!!!

    This is not “regulation” this is censorship, plain and simple, and of the worse kind.

    This just irks me to no end!!! Censors have always told us that “the lyrics in that music is too obscene to listen to” or “that scene in that movie is too gory, too violent or too sexually explicit to watch”, or “that comic book from Japan is too perverse”. Who in the hell do they think they are to decide for me what media is appropriate or not appropriate for me to consume? I like heavy music which quite often has disturbing or dark lyrics and I like extremely violent and gory movies, however I’m not so much in to the Japanese pOrn comics that tend to get confiscated at the boarder, but that’s neither here nor there. The point is that no one should have the power to tell me what is appropriate for me. I don’t need a shriveled up old prude taking a heart attack while listening to Cannibal Corpse or while watching something like the “Guinea Pig: Flowers of Flesh and Blood”. Whatever happened to the freedom of expression? Now they’re going to take it to a whole new level and start censoring the Internet at the core system level. It’ll only start at what they “consider” to be “pirate” sites, but will quickly move in to sites which are considered to have offensive material and p0rn sites, finally isolating entire countries in to their own giant Intranets. It’ll culminate in to where regional authorities will be able block sites from other region within the same country. The Internet will become a convoluted mess where certain countries can only see pages from certain other countries, it’ll become chaos.

    Before long it’s going to be like the Middle East and we’re going to have morals police…policing the Internet, blocking sites considered offensive.

    Sorry for the rant, but censorship, above any other regulatory function, bothers me quite a lot.


  27. @IanME: Nah, it’s not about censorship (although that might come handy too), it’s about eliminating competitors. You know, they keep talking about “free trade”, “globalization”, “offshoring” and so on, and how good they are. But that only as long as it’s the big American corporations that are the middlemen, and pocket the price differentials.

    But enter now the world of direct competition – when the public buy directly from abroad without going through corporate America. Everything from “Canadian pharmacies”, offshore gambling & pr0n sites, to direct (“gray”) imports of Asian manufactured electronics.

    Of course they cannot outlaw them as it would fly in the face of their “free trade” propaganda, but how about if we magically can erase those sites from the Internet…. if anyone asks it was just a “terrorist” or “copyright/patent infringing pirate” site….

    Nap.


  28. @IanMe: and if you don’t believe me check what’s going in parallel to this:

    http://calvinayre.com/2010/02/08/legal/visa-joins-us-online-gambling-crackdown/

    or a government issued document if you prefer:

    http://www.gao.gov/new.items/d0389.pdf

    There’s also a recent spat with Brazil over pr0n movies, but from consideration to Michael I won’t post the links here 😉

    As for gray imports of electronics, there’s a lot going on with sites like e-bay. However they found a powerful enough deterrent in the fact that US subsidiaries won’t honor warranties for products not bough from their dealer network.

    It’s all about money, not free music downloads.

    Nap.

  29. The.Big.Lie.Society says:

    Follow the Money … It Seeks Overall Control
    Follow the Money … It Seeks Overall Control

    http://TheBigLieSociety.com

    1992 – 2012 Twenty Years of Internet Domination

    52 People you NEVER want to allow near your children’s .NET

    Imagine 52 people creating and sustaining an Internet Eco.System, for their collective benefit, while telling the world they are serving the public good. Imagine the world, unable to put 2 and 2 together, to observe the collective actions of those 52 people. Imagine that the 52 people are never seen together and rarely expose their nefarious inter-actions. How do they do it?


  30. The military has no finesse in censorship. They brought down the whole root server:

    http://tech.slashdot.org/story/10/10/02/1233235/

    Some exercise in the “War Against Piracy” fall games?

    Nap. 🙂

  31. I find it quite humorous that many Americans are so outraged by the Libyan .ly domain name ordeal while the media mostly ignores the US doing pretty much the same thing.

    http://techcrunch.com/2010/10/06/trouble-in-clever-domain-land-bit-ly-and-others-risk-losing-theirs-swift-ly

    Thanks for keeping on top of important issues Michael, love your blog.

  32. DNS
    So all an american reallly needs to do is set DNS to resolve to a server outside of the good olde USA and then type in the IP address or the url.