A couple of reports from the people behind .nz have shown the impact of COVID-19 (coronavirus) on New Zealanders and their internet use in recent months. Statistics for .nz shows increased DNS activity, including a surge in registrations that has taken registrations to close to 715,000.
Today [Monday] InternetNZ is launching our #ShopSafeNZ campaign hoping to raise awareness about safer online shopping experiences for Kiwis. We’ll be campaigning in the lead up to the holiday season and retail sales from 25 November – 1 January 2020.
Check the campaign’s website at fakewebshop.nz, learn how to recognise a fake online store, spread the word to protect your whānau, friends and workmates.
Keeping .nz trusted, safe and secure is our priority. It’s crucial for small businesses that have a .nz domain name and everyday New Zealanders who choose to shop online.
In 2019, the Domain Name Commission has suspended or cancelled more than 5000 domain names for fake registration details. Many of these suspensions or cancellations were for domain names associated with fake webshops. Our fake webshop algorithm co-designed with InternetNZ research team also flags 5-35 domain names a week for validation checks.
Opportunists who register a .nz domain name for a short period of time or grab an expired domain name to build a fake webshop are becoming more frequent. It can cost everyday New Zealanders in many ways: money loss, personal data robbery and destroyed trust in online shopping.
The Internet is awash with stories of payments made and goods not received, goods that don’t match the offer, or no ability to return items.
Most people won’t be able to spot a phantom online store and we hope the #ShopSafeNZ educational campaign will make it easier for people to recognise fake webshops.
What we know is:
We invite you to shop safely online this holiday season, New Zealand. Together we can keep the .nz domain name space trusted and secure. Start with visiting fakewebshop.nz – click on the gingerbread icons on the home page and learn the most common warning signs of fake webshops. And then… happy holiday online shopping!
This post by the NZ Domain Name Commissioner, Brent Carey, was sourced with permission from the InternetNZ website. The original version was published here.
An independent review into the body responsible for regulating New Zealand’s ccTLD, the Domain Name Commission, has found “there is much for current and past DNCL staff to be proud of” and that it “is a sound and competent regulator of the .nz space.”
It’s the first regulatory review into the Domain Name Commission and was undertaken over 2018-2019 by independent reviewer David Pickens and was published Thursday. It’s a far cry from New Zealand’s neighbours Australia where a government review published in April 2018 found “urgent reforms are necessary” and that auDA’s “current management framework is no longer fit-for-purpose and reform is necessary if the company is to perform effectively and meet the needs of Australia’s internet community.”
The independent reviewer found DNCL staff are well regarded for their achievements, and there is much optimism with respect to where the DNCL is heading.
One of the findings of the report is “against the theory of regulatory standards and enforcement theory, the evidence available to the review and from the interviews, the DNCL is a sound and competent regulator of the .nz space. It is highly regarded internationally and operates absent many of the handicaps other TLDs contend with. With small exceptions, the .nz policies and the enforcement of those standards were viewed as appropriate.”
The report notes that “overwhelmingly, the response from the DNCL’s stakeholders was positive, with one exception… The majority offered no or minor criticism only. Favourably commented upon were the people, culture, systems and comparative international performance.”
The one exception was criticism of how the DNC deals with domain name abuse but even here there were diverging views with criticism not coming from all respondents.
“All regulators and a number of other stakeholders felt the DNCL needed to more actively reduce opportunities for domain name abuse. Harm was being perpetrated that the DNCL was uniquely positioned to stop, New Zealand was now out of step with international developments, there was a growing risk to integrity and confidence in the .nz space and legal and political risks to the DNCL was growing. Nearly all, however, acknowledged the DNCL appeared more open to debating and moving towards a more proactive role, and its recent efforts were supported.”
With this though there were “a significant number of people who supported the status quo, arguing policing this activity was not the DNCL’s responsibility and that comparatively New Zealand performed well. It was also argued greater policing efforts would be costly and generate little benefit.”
One key weakness identified during interviews was “the absence of well-developed indicators allowing comparison of the DNCL’s performances with comparable entities overseas.”
“This has been a huge amount of work for Mr Pickens, and we thank him for the thought-provoking report,” said DNCL Chair Jordan Carter.
“Since the Domain Name Commission was established in 2002 to regulate the .nz online space, the .nz space has evolved. In today’s online era, the .nz domain is at the heart of New Zealand’s distinctive online world.”
The Domain Name Commissioner Brent Carey welcomed the review findings saying “Mr Pickens’ recommendations will help to ensure we are keeping pace with modern self-regulatory challenges”.
“The Commission and InternetNZ will be looking to work with others to equip us with the right relationships and tools to help us keep .nz fair and safe for everyone.”
There were a number of recommendations made by Pickens including that “the DNCL should view itself more as a competitor against other TLD administrators and regulators,” “to explore the utility of a comprehensive information disclosure regime to drive better performance across registrars in the .nz space”, to collect and disseminate performance data, “seek international co-operation”, “rescinding the current market concentration policies” and to collect market concentration information “with respect to the abuse of market power by registrars”.
In responding to the report, the DNCL have “already commenced the implementation of some of the recommendations and will continue to incorporate the report’s findings and recommendations in its priorities.”
Additionally, the DNCL “have identified several improvement areas including, process improvement, delivery capability, emerging policy considerations, stakeholder relationship management and enforcement and compliance.”
Of the 15 recommendations in the report, the DNCL note they either fully support or support in principle every one of them.
The Commission has published the full final review along with its response to the recommendations. For the report, Pickens conducted 23 interviews with DNC stakeholders, current and past staff, Board members, staff of the other two main players in the .nz space (InternetNZ and the Registry), Government and self-regulators and registrars. Specialists from overseas and those delivering the Disputes Resolution Service were also interviewed. Registrants were sought out, although many interviewed were .nz registrants.
The Independent Review can be downloaded here [pdf] and the Domain Name Commission’s response is available here [pdf].
New Zealand’s Domain Name Commissioner has been sharing its expertise both in New Zealand and among a couple of Pacific countries, signing 4 Memorandums of Understanding, the latest announced this week with Papua New Guinea’s ccTLD manager.
Previous MoUs have been with CERT NZ, The Telecommunications and Radiocommunications Regulator of Vanuatu and the Digital Safety Directorate in NZ’s Department of Internal Affairs.
In the latest MoU [pdf] with the Department of Information Technology of the Papua New Guinea University of Technology, who manages the country’s country code top level domain (ccTLD) .pg, the DNC will collaborate and cooperate on rules and regulations, dispute resolution, consumer protection and any other issues that emerge.
It appears registrations of .pg domain names are restricted to Papua New Guinea entities with com.pg and net.pg domain names requiring proof they’re for bona fide PNG businesses. Other second level .pg domain names available for registration include org.pg, gov.pg and ac.pg.
The DNC is a body appointed by InternetNZ, who is delegated to manage .nz, to develop and monitor a competitive registrar market, as well as create a fair environment for the registration and management of .nz domain names.
Recently the DNC has been seeking feedback on its first Independent Review, giving New Zealanders and anyone else that’s interested an opportunity to have their say on how the Commission can best serve the sellers, buyers and service providers in the .nz domain name industry and how the Commission should represent itself at international fora alongside InternetNZ. Consultation closes on 6 June.
New Zealand’s Domain Name Commission is seeking feedback on their first independent review with a view to making the organisation even better and fit for purpose for the years ahead. The review found the organisation has been effective in its oversight of the .nz domain name industry.
“The Commission is pleased the review found no systemic or widespread issues with the way we operate, or with our general approaches to self regulate the .nz domain name market,” says Domain Name Commissioner, Brent Carey.
“We are nevertheless committed to continuous improvement to the way we work and there are a number of findings and recommendations for us to reflect upon.”
The draft report, outlining the review, has been published and the Domain Name Commission is inviting the community to engage with its content before the independent reviewer, Mr David Pickens, finalises the report.
Giving people an opportunity to have their say on the report will help ensure the Commission is fit for purpose for the years ahead.
The review includes 14 recommendations aimed at improving the DNC. The first is it “should view itself more as a competitor against other TLDN [top-level domain name] administrators and regulators. A useful objective would be to better meet the needs and preferences of registrants than other TLDNs.” A common theme among the recommendations appears to international benchmarking and international cooperation.
“I would like to take this opportunity to thank Mr Pickens for his comprehensive review that will allow us to strengthen the role of the Commission into the future,” says Carey.
Anyone can make a submission. Whether a part of the technical community, the domain name industry, an international counterpart, business owner or member of the public. This is a chance to have your say on how the Commission can best serve the sellers, buyers and service providers in the .nz domain name industry.
Once the consultation period ends, Mr Pickens will create a final report. This report will be published in July.
Submissions can be made via email to consultations@dnc.org.nz. The closing date for submissions is 6 June 2019. For more information, including the review report, go to: Regulatory Review where there are links to the Review and Recommendations and Findings.
.NZâs Domain Name Commission has published its monthly update for October with news on its Domain Name Abuse Forum in November and that it is currently seeking submissions as part of their Framework Policy Review 2018.
The Domain Name Abuse Forum next month has Justice Minister Andrew Little opening the event. Numbers are restricted to 100 people for this free, one-day event bringing together lawyers and law enforcement, internet safety and security experts, government departments, academics and more. Attendees will work together to identify issues surrounding domain name abuse, understand the issues more clearly, and identify the best course of action to deal with these challenges.
InternetNZ is currently seeking submissions as part of their .nz Framework Policy Review 2018. The .nz Framework Policy requires updating to reflect the new structure implemented as part of the Organisational Review of 2017. Roles and responsibilities previously assigned to NZ Registry Services in the old organisation structure need to be reassigned to InternetNZ. The review is technical in nature and does not extend to the principles underpinning the operation of .nz.
In other news for New Zealandâs country code top level domain (ccTLD) manager, thereâs an update on InternetNZâs participation at ICANN63 in Barcelona where Jordan Carter was elected as the Asia-Pacific representative on the CCNSO Council that had thus far been held by former Domain Name Commissioner Debbie Monahan. Thereâs also an update on ICANN63 that InternetNZ staff attended, including the Government Advisory Committeeâs (GAC) biannual High Level Government Meeting Session. The ccNSO meeting received updates from various working groups, including one on the retirement of ccTLDS. âThe group achieved consensus on the process to retire a ccTLD. The trigger event is the removal of the ccTLD from the ISO 3166-1 list. The group agreed that the subsequent retirement period before removal from the root zone should be in the range of 3-10 years following the trigger event.â
Thereâs also updates on Domain Name Commission staff attending The Crossroads Conference 2018 in Auckland that brought together local and international experts, and focused on putting the online safety sector ahead of the technology curve. Attendees heard presentations on a range of topics based around promoting online safety, disrupting online harm, and protecting and educating children. Plus InternetNZâs inaugural digital annual report was shortlisted year in the annual report category of the Plain English Awards.
The October DNC Newsletter is available in full from:
https://www.dnc.org.nz/the-commission/news/1745
New Zealand’s Domain Name Commission this week won a motion for preliminary injunction in a US court [pdf] to prevent DomainTools from accessing .nz’s Whois details and downloading the information into their own database.
The DNC, whose role they describe as being to develop and monitor a competitive registrar market, as well as creating a fair environment for the registration and management of New Zealand’s country code top level domain, comes under the InternetNZ umbrella. They viewed the victory as important for the .nz domain name space and for domain name holders wanting to keep some of their personal details from public view. It also strikes a precedent for other registries wanting to keep registrant data private.
The DNC notes that managers of other ccTLDs will want to pay attention to the judgment. This may raise confidence to fight their own cases should DomainTools be breaching their terms of use.
The preliminary injunction prevents DomainTools from “sending ‘high volume’ queries, “accessing the .nz Register ‘in bulk’”, “storing or compiling register data”, “publishing historical or non-current versions of the register data; and publishing register data in bulk.”
In the leadup to the decision, in November 2017 the DNC allowed individual registrants who are not in trade to choose to withhold their phone number and contact address from publicly appearing in the domain registrant search (Whois). Earlier this year, this became mandated. More than 20,000 domain names have already taken up the privacy option.
DomainTools is a digital intelligence-gathering company in the US and has been scraping registration data from New Zealand’s Domain Name Commission for many years. This mass collection of data breaches the Commission’s terms of use and exposes details of domain name holders who choose to have their details kept private. This is because DomainTools makes available historic records which show the now withheld information.
Domain Name Commissioner, Brent Carey, says winning this lawsuit is good news for .nz domain name holders and their privacy.
“The ruling allows the Commission to continue balancing online accountability with respect for individual privacy. The ruling temporarily puts to an end DomainTools’ bulk harvesting of .nz domain holders’ personal information and selling that data for a profit.
“This is a step in the right direction to ensure that any person or company looking to build a business on domain name data, in violation of our Terms of Use, can’t do so,” says Carey.
DomainTools argued that this lawsuit may cause an avalanche of litigation as other registries attempt to protect the privacy of their registrants – and Judge Lasnik stated they may be correct.
“We look forward to presenting our full case to the Court, as we seek to permanently prevent DomainTools from ever building a secondary .nz database offshore and outside the control of the Domain Name Commission,” says Carey.
In court, DomainTools requested $3.5 million (over NZ$5m) in bond to compensate for reworking database files to ensure that .nz data is not provided to its customers. However, the judge ruled that a nominal bond of only $1,000 (NZ$1,500) is required.
Over 22,000 individuals with .nz domain names have chosen to have the Individual Registrant Privacy Option (IRPO) applied, New Zealandâs Domain Name Commissioner has revealed in their August update.
The DNC notes this reflects a significant shift in online spaces more generally, with many users taking a stronger approach to privacy online. In the .nz domain name space, the DNC notes itâs critical to strike the right balance between fostering transparency and accountability, while enabling users to take control of their privacy. The IRPO was designed to do just that.
The DNC reminds that not all .nz registrants qualify to use IRPO, and misuse of the service is something that the DNC will be looking at in greater detail in the coming months. Eligibility is limited to:
As a result of the implementation of the General Data Protection Regulation, there has also been seen an increase in the use of third-party privacy options and proxy services. These are not permissible under .nz policy. The DNC will be addressing the use of these services by working with the providers offering these.
For the complete August update, which also provides updates on International Outreach, the latest Board meeting, a Registrar Advisory Group meeting, Making .nz safe, trusted and secure, NetHui dates and the development of a strawman Cyber Security Strategy by the National Cyber Policy Office, see:
https://www.dnc.org.nz/the-commission/news/1730
New Zealand’s Domain Name Commission and CERT NZ announced this week an agreement to share some domain registration information to help enhance cyber security in the land of the long white cloud. Continue reading NZ’s Domain Name Commission and CERT To Share Domain Registration Information to Enhance Cyber Security
The integration and streamlining of the management of New Zealand’s country code top level domain continues with the announcement that New Zealand Registry Services merged with InternetNZ on 1 April.
Following a consultation with staff and stakeholders of the InternetNZ Group, including InternetNZ, NZRS and the Domain Name Commission, in 2017, it was decided to bring all of the InternetNZ Group under one management. In November it was announced that the existing InternetNZ Chief Executive would head the newly integrated organisation.
In January it was announced Brent Carey would be the incoming Domain Name Commissioner to lead the Domain Name Commission into a new phase after the Organisational Review of the InternetNZ group during 2017.
And the latest announcement saw Carter announce the merger of InternetNZ with NZRS, the registry and operator for .nz domain names.
“The integration of InternetNZ and NZRS is an important shift within the Internet space in New Zealand,” said Jordan Carter, InternetNZ Group Chief Executive. “The change to our structure is designed to slimline our governance and to be able to deliver more for the Internet and for New Zealanders. Our purpose is to support the benefits of the Internet for all New Zealanders. This change will help us further that goal and we’re excited about it.”
“NZRS has a proud record of innovation, service delivery and contributing to the Internet both here and globally, and that foundation is an essential part of the new InternetNZ we’re building this year.”
Carter says the team plans to build on the strengths InternetNZ have across the group, InternetNZ, NZRS and DNCL, to deliver more for the New Zealand Internet community and to face the inevitable challenges as the potential of the Internet grows.
“The work InternetNZ does is important, and as the Internet plays a bigger role in all our lives, our work will continue to reflect that. We speak on behalf of New Zealanders who use the Internet, and the services we offer are essential for Kiwis who want to make the most of a free and open Internet,” says Carter.
InternetNZ doesn’t just manage the .nz ccTLD. It also has a proud history of outspoken advocacy, a voice for the people and helping to implement policy. Since its inception, over the past 20 years InternetNZ has delivered outstanding service to the public through the management of the .nz domain, returned over $2m to the community through grants programmes, influenced a range of public and technical policy debates, and supported and hosted a wide range of community events.
It has also contributed on the regional and global stage, to the framework of a free and open Internet; developed innovative products such as the National Broadband Map, and maintains a leading technical research programme.
“I’m not taking these reigns lightly or on my own, we have strong foundations that we will continue to build on. That’s something the whole team is proud of, it’s why they turn up in the morning and continue to do the great work they do, often changing lives under the radar.
“This year, we will bring our organisations together and take a close look at our strategy. Our job is to serve our community and customers with leading technology, community support and fresh policy ideas. That will remain our focus,” Carter says.