Cyber cops from both sides of the Atlantic are meeting with domain name registrars in Brussels today to try to figure out ways to crack down on internet crime. This second meeting of the "EU-US working group on cyber security and cybercrime" is dedicated to increasing cooperation between law enforcement agencies and the …
They got it all down except one thing
They don't care about what the domain owners have to say. They don't have any accountability either when real damage occurs from their pin-headed mistakes. One day you have a website, the next the public is greeted with an ICE page claiming you were dealing in child porn. Where's the accountability there?
"In addition, the aftermath of recent US domain seizures has shown that when law enforcement grabs a .com domain, criminals quickly relocate their websites to country-code domains, which are not subject to ICANN oversight or US jurisdiction."
Strangely, what some of these domains stolen by order of the MafiAAS were doing was perfectly legal - at least on their country.
Taking that into account and the way the EU bends over for the USA, add this meeting and it is time to make DNS a peer to peer system, with a ring of trust approach like PGP. That is, if you still want to communicate on the internet instead of just swallowing the pap the *AAs and the USA feeds you.
P2P DNS doesn't work
Unless you want site names which look like random strings, and long ones at that, because that's what these would have to be to avoid collisions and contention. These names would have to be too long and with no properties making these easy to remember. You might as well use IP addresses - but bear in mind that IPV6 addresses will be more difficult to remember than IPV4 ones and that IPV4 addresses with meaningful and constant dynamic DNS names change frequently.
If you want memorable site names such that a name such as example.com belongs to someone and others can't easily take this over, then having a delegated namespace is the only known way to do this.
That doesn't mean there is only 1 governance model possible, or that the many server operators for TLD domains couldn't collectively agree amongst themselves to get the root zone managed by a more acceptable (to them) authority.
it is about child porn?
If the police want to seize my physical property, they have to have a good reason to do so. They have to go through checks and balances to do so, in order to prevent abuse. If a site is obviously doing something illegal, it's not going to be too hard to get that approval. So why are police having a problem figuring this out?
The problem is the authorities don't like having to go through those checks and balances and are trying to find a way to skip them when it comes to cyber crime. Legally, it's much easier for the authorities to spy on your email than it would be to put a listening device in your home, but the results are still the same. So should the law.
Is this a fair analogy?
Replace "domain names" with "car registrations". If a car got involved in a hit and run accident and you had the registration would it be okay for the DVLA to say to the police "we won't tell you the car is registered to, they requested that we keep that private"?
The ownership itself is not proof of the crime but it'd be a necessary step into investigating.
Re: No brainer
The police will argue that they need to shut down the website quickly. If for example there is a website with a similar name to an official outlet selling fake concert tickets, they can't afford to wait for a few months for the court to grant a shut-down order, because by then they have done their damage and moved onto the next one.
So when are they actually planning on shutting down Fleabay then?
Everything for convenience of government; not governance
The government should be adhering to a higher standard as they control most of the levers of power but instead, led by the declining U.S.A., they choose to circumvent existing laws rather than use them. In reality it's a sign of weakness.
The InterNet was designed to be flexible and resistive to attack which is why they find it difficult to control.
How would they propose to control a numbered domain that could use servers based in a less rigid country?
And what would happen if 'criminal' activities, a definition that is currently very broad, uses a numbered domain through which access is gained by named domains not breaking any laws?
Oh the humanity
" ... to shut down web sites selling counterfeit goods and enabling the trading of pirated movies and child pornography."
I don't mind most things people do, but there are two things I can't tolerate. Child sexual abuse and copyright infringement.
And there is one thing I can't tolerate...
... which is people's instant knee-jerk thoughtless reaction to an accusation that someone is abusing children (or providing such images) or that it's obviously copyright infringement without actually thinking "we've only got the Police's word for this".
it's obviously copyright infringement
Actually it is always copyright infringement as long as someone is thinking about the possibility of making or otherwise obtaining a backup copy of something they bought earlier. I don't mind a spot of murder though. If we let murderers out they would bloody well have to get a job like the rest of us. Fucking scroungers.
Do any of these upholders of the law
even consider ensuring proper judicial oversight?
Registar will fight to avoid losing a good business
Legitimate sites owners buy just a few domains each, if not only one. Criminals buy thousand of them, or more each. Why should registrars help stopping a so lucrative business? They will fight any law that will stop Santa Claus, North Pole to buy any domain he likes, as long as he pays somehow. They will tell you any procedure is unfeasible (but to register a .it domain, I had to do some paperwork and send proofs of who I am, thereby some checks are feasible), that we will have another economic crisis if they have to put some checks in place, and so on. Meanwhile they'll keep on making money from a lot of criminals (just check your spam mailbox and track the domain used...)
There was an instance a month or so ago when the Head of Legal Services at Westminster City Council (an "authority" with responsibility for Trading Standards etc) wrote to an ISP from his office email and introducing himself by his role to have a website critical of him shutdown which the ISP duly did, not wanting the implied legal hassle.
Only later did it transpire that he was contacting them "purely in a personal capacity"
Similar abuses will occur. I am fully sympathetic to the idea of shutting scam sites down as soon as possible, but if the police can get a magistrate out of bed for a search warrant (despite their extensive "search after any arrest" powers) then unless they are proposing some kind of midnight operating hours for "trading standards related issues" I think they should go to the courts for this as well.