A couple of reports from the people behind .nz have shown the impact of COVID-19 (coronavirus) on New Zealanders and their internet use in recent months. Statistics for .nz shows increased DNS activity, including a surge in registrations that has taken registrations to close to 715,000.
Today [Monday] InternetNZ is launching our #ShopSafeNZ campaign hoping to raise awareness about safer online shopping experiences for Kiwis. We’ll be campaigning in the lead up to the holiday season and retail sales from 25 November – 1 January 2020.
Check the campaign’s website at fakewebshop.nz, learn how to recognise a fake online store, spread the word to protect your whānau, friends and workmates.
Keeping .nz trusted, safe and secure is our priority. It’s crucial for small businesses that have a .nz domain name and everyday New Zealanders who choose to shop online.
In 2019, the Domain Name Commission has suspended or cancelled more than 5000 domain names for fake registration details. Many of these suspensions or cancellations were for domain names associated with fake webshops. Our fake webshop algorithm co-designed with InternetNZ research team also flags 5-35 domain names a week for validation checks.
Opportunists who register a .nz domain name for a short period of time or grab an expired domain name to build a fake webshop are becoming more frequent. It can cost everyday New Zealanders in many ways: money loss, personal data robbery and destroyed trust in online shopping.
The Internet is awash with stories of payments made and goods not received, goods that don’t match the offer, or no ability to return items.
Most people won’t be able to spot a phantom online store and we hope the #ShopSafeNZ educational campaign will make it easier for people to recognise fake webshops.
What we know is:
We invite you to shop safely online this holiday season, New Zealand. Together we can keep the .nz domain name space trusted and secure. Start with visiting fakewebshop.nz – click on the gingerbread icons on the home page and learn the most common warning signs of fake webshops. And then… happy holiday online shopping!
This post by the NZ Domain Name Commissioner, Brent Carey, was sourced with permission from the InternetNZ website. The original version was published here.
An independent review into the body responsible for regulating New Zealand’s ccTLD, the Domain Name Commission, has found “there is much for current and past DNCL staff to be proud of” and that it “is a sound and competent regulator of the .nz space.”
It’s the first regulatory review into the Domain Name Commission and was undertaken over 2018-2019 by independent reviewer David Pickens and was published Thursday. It’s a far cry from New Zealand’s neighbours Australia where a government review published in April 2018 found “urgent reforms are necessary” and that auDA’s “current management framework is no longer fit-for-purpose and reform is necessary if the company is to perform effectively and meet the needs of Australia’s internet community.”
The independent reviewer found DNCL staff are well regarded for their achievements, and there is much optimism with respect to where the DNCL is heading.
One of the findings of the report is “against the theory of regulatory standards and enforcement theory, the evidence available to the review and from the interviews, the DNCL is a sound and competent regulator of the .nz space. It is highly regarded internationally and operates absent many of the handicaps other TLDs contend with. With small exceptions, the .nz policies and the enforcement of those standards were viewed as appropriate.”
The report notes that “overwhelmingly, the response from the DNCL’s stakeholders was positive, with one exception… The majority offered no or minor criticism only. Favourably commented upon were the people, culture, systems and comparative international performance.”
The one exception was criticism of how the DNC deals with domain name abuse but even here there were diverging views with criticism not coming from all respondents.
“All regulators and a number of other stakeholders felt the DNCL needed to more actively reduce opportunities for domain name abuse. Harm was being perpetrated that the DNCL was uniquely positioned to stop, New Zealand was now out of step with international developments, there was a growing risk to integrity and confidence in the .nz space and legal and political risks to the DNCL was growing. Nearly all, however, acknowledged the DNCL appeared more open to debating and moving towards a more proactive role, and its recent efforts were supported.”
With this though there were “a significant number of people who supported the status quo, arguing policing this activity was not the DNCL’s responsibility and that comparatively New Zealand performed well. It was also argued greater policing efforts would be costly and generate little benefit.”
One key weakness identified during interviews was “the absence of well-developed indicators allowing comparison of the DNCL’s performances with comparable entities overseas.”
“This has been a huge amount of work for Mr Pickens, and we thank him for the thought-provoking report,” said DNCL Chair Jordan Carter.
“Since the Domain Name Commission was established in 2002 to regulate the .nz online space, the .nz space has evolved. In today’s online era, the .nz domain is at the heart of New Zealand’s distinctive online world.”
The Domain Name Commissioner Brent Carey welcomed the review findings saying “Mr Pickens’ recommendations will help to ensure we are keeping pace with modern self-regulatory challenges”.
“The Commission and InternetNZ will be looking to work with others to equip us with the right relationships and tools to help us keep .nz fair and safe for everyone.”
There were a number of recommendations made by Pickens including that “the DNCL should view itself more as a competitor against other TLD administrators and regulators,” “to explore the utility of a comprehensive information disclosure regime to drive better performance across registrars in the .nz space”, to collect and disseminate performance data, “seek international co-operation”, “rescinding the current market concentration policies” and to collect market concentration information “with respect to the abuse of market power by registrars”.
In responding to the report, the DNCL have “already commenced the implementation of some of the recommendations and will continue to incorporate the report’s findings and recommendations in its priorities.”
Additionally, the DNCL “have identified several improvement areas including, process improvement, delivery capability, emerging policy considerations, stakeholder relationship management and enforcement and compliance.”
Of the 15 recommendations in the report, the DNCL note they either fully support or support in principle every one of them.
The Commission has published the full final review along with its response to the recommendations. For the report, Pickens conducted 23 interviews with DNC stakeholders, current and past staff, Board members, staff of the other two main players in the .nz space (InternetNZ and the Registry), Government and self-regulators and registrars. Specialists from overseas and those delivering the Disputes Resolution Service were also interviewed. Registrants were sought out, although many interviewed were .nz registrants.
The Independent Review can be downloaded here [pdf] and the Domain Name Commission’s response is available here [pdf].
.NZâs Domain Name Commission has published its monthly update for October with news on its Domain Name Abuse Forum in November and that it is currently seeking submissions as part of their Framework Policy Review 2018.
The Domain Name Abuse Forum next month has Justice Minister Andrew Little opening the event. Numbers are restricted to 100 people for this free, one-day event bringing together lawyers and law enforcement, internet safety and security experts, government departments, academics and more. Attendees will work together to identify issues surrounding domain name abuse, understand the issues more clearly, and identify the best course of action to deal with these challenges.
InternetNZ is currently seeking submissions as part of their .nz Framework Policy Review 2018. The .nz Framework Policy requires updating to reflect the new structure implemented as part of the Organisational Review of 2017. Roles and responsibilities previously assigned to NZ Registry Services in the old organisation structure need to be reassigned to InternetNZ. The review is technical in nature and does not extend to the principles underpinning the operation of .nz.
In other news for New Zealandâs country code top level domain (ccTLD) manager, thereâs an update on InternetNZâs participation at ICANN63 in Barcelona where Jordan Carter was elected as the Asia-Pacific representative on the CCNSO Council that had thus far been held by former Domain Name Commissioner Debbie Monahan. Thereâs also an update on ICANN63 that InternetNZ staff attended, including the Government Advisory Committeeâs (GAC) biannual High Level Government Meeting Session. The ccNSO meeting received updates from various working groups, including one on the retirement of ccTLDS. âThe group achieved consensus on the process to retire a ccTLD. The trigger event is the removal of the ccTLD from the ISO 3166-1 list. The group agreed that the subsequent retirement period before removal from the root zone should be in the range of 3-10 years following the trigger event.â
Thereâs also updates on Domain Name Commission staff attending The Crossroads Conference 2018 in Auckland that brought together local and international experts, and focused on putting the online safety sector ahead of the technology curve. Attendees heard presentations on a range of topics based around promoting online safety, disrupting online harm, and protecting and educating children. Plus InternetNZâs inaugural digital annual report was shortlisted year in the annual report category of the Plain English Awards.
The October DNC Newsletter is available in full from:
https://www.dnc.org.nz/the-commission/news/1745
New Zealand’s Domain Name Commission this week won a motion for preliminary injunction in a US court [pdf] to prevent DomainTools from accessing .nz’s Whois details and downloading the information into their own database.
The DNC, whose role they describe as being to develop and monitor a competitive registrar market, as well as creating a fair environment for the registration and management of New Zealand’s country code top level domain, comes under the InternetNZ umbrella. They viewed the victory as important for the .nz domain name space and for domain name holders wanting to keep some of their personal details from public view. It also strikes a precedent for other registries wanting to keep registrant data private.
The DNC notes that managers of other ccTLDs will want to pay attention to the judgment. This may raise confidence to fight their own cases should DomainTools be breaching their terms of use.
The preliminary injunction prevents DomainTools from “sending ‘high volume’ queries, “accessing the .nz Register ‘in bulk’”, “storing or compiling register data”, “publishing historical or non-current versions of the register data; and publishing register data in bulk.”
In the leadup to the decision, in November 2017 the DNC allowed individual registrants who are not in trade to choose to withhold their phone number and contact address from publicly appearing in the domain registrant search (Whois). Earlier this year, this became mandated. More than 20,000 domain names have already taken up the privacy option.
DomainTools is a digital intelligence-gathering company in the US and has been scraping registration data from New Zealand’s Domain Name Commission for many years. This mass collection of data breaches the Commission’s terms of use and exposes details of domain name holders who choose to have their details kept private. This is because DomainTools makes available historic records which show the now withheld information.
Domain Name Commissioner, Brent Carey, says winning this lawsuit is good news for .nz domain name holders and their privacy.
“The ruling allows the Commission to continue balancing online accountability with respect for individual privacy. The ruling temporarily puts to an end DomainTools’ bulk harvesting of .nz domain holders’ personal information and selling that data for a profit.
“This is a step in the right direction to ensure that any person or company looking to build a business on domain name data, in violation of our Terms of Use, can’t do so,” says Carey.
DomainTools argued that this lawsuit may cause an avalanche of litigation as other registries attempt to protect the privacy of their registrants – and Judge Lasnik stated they may be correct.
“We look forward to presenting our full case to the Court, as we seek to permanently prevent DomainTools from ever building a secondary .nz database offshore and outside the control of the Domain Name Commission,” says Carey.
In court, DomainTools requested $3.5 million (over NZ$5m) in bond to compensate for reworking database files to ensure that .nz data is not provided to its customers. However, the judge ruled that a nominal bond of only $1,000 (NZ$1,500) is required.
Over 22,000 individuals with .nz domain names have chosen to have the Individual Registrant Privacy Option (IRPO) applied, New Zealandâs Domain Name Commissioner has revealed in their August update.
The DNC notes this reflects a significant shift in online spaces more generally, with many users taking a stronger approach to privacy online. In the .nz domain name space, the DNC notes itâs critical to strike the right balance between fostering transparency and accountability, while enabling users to take control of their privacy. The IRPO was designed to do just that.
The DNC reminds that not all .nz registrants qualify to use IRPO, and misuse of the service is something that the DNC will be looking at in greater detail in the coming months. Eligibility is limited to:
As a result of the implementation of the General Data Protection Regulation, there has also been seen an increase in the use of third-party privacy options and proxy services. These are not permissible under .nz policy. The DNC will be addressing the use of these services by working with the providers offering these.
For the complete August update, which also provides updates on International Outreach, the latest Board meeting, a Registrar Advisory Group meeting, Making .nz safe, trusted and secure, NetHui dates and the development of a strawman Cyber Security Strategy by the National Cyber Policy Office, see:
https://www.dnc.org.nz/the-commission/news/1730
New Zealand’s Domain Name Commission and CERT NZ announced this week an agreement to share some domain registration information to help enhance cyber security in the land of the long white cloud. Continue reading NZ’s Domain Name Commission and CERT To Share Domain Registration Information to Enhance Cyber Security
The integration and streamlining of the management of New Zealand’s country code top level domain continues with the announcement that New Zealand Registry Services merged with InternetNZ on 1 April.
Following a consultation with staff and stakeholders of the InternetNZ Group, including InternetNZ, NZRS and the Domain Name Commission, in 2017, it was decided to bring all of the InternetNZ Group under one management. In November it was announced that the existing InternetNZ Chief Executive would head the newly integrated organisation.
In January it was announced Brent Carey would be the incoming Domain Name Commissioner to lead the Domain Name Commission into a new phase after the Organisational Review of the InternetNZ group during 2017.
And the latest announcement saw Carter announce the merger of InternetNZ with NZRS, the registry and operator for .nz domain names.
“The integration of InternetNZ and NZRS is an important shift within the Internet space in New Zealand,” said Jordan Carter, InternetNZ Group Chief Executive. “The change to our structure is designed to slimline our governance and to be able to deliver more for the Internet and for New Zealanders. Our purpose is to support the benefits of the Internet for all New Zealanders. This change will help us further that goal and we’re excited about it.”
“NZRS has a proud record of innovation, service delivery and contributing to the Internet both here and globally, and that foundation is an essential part of the new InternetNZ we’re building this year.”
Carter says the team plans to build on the strengths InternetNZ have across the group, InternetNZ, NZRS and DNCL, to deliver more for the New Zealand Internet community and to face the inevitable challenges as the potential of the Internet grows.
“The work InternetNZ does is important, and as the Internet plays a bigger role in all our lives, our work will continue to reflect that. We speak on behalf of New Zealanders who use the Internet, and the services we offer are essential for Kiwis who want to make the most of a free and open Internet,” says Carter.
InternetNZ doesn’t just manage the .nz ccTLD. It also has a proud history of outspoken advocacy, a voice for the people and helping to implement policy. Since its inception, over the past 20 years InternetNZ has delivered outstanding service to the public through the management of the .nz domain, returned over $2m to the community through grants programmes, influenced a range of public and technical policy debates, and supported and hosted a wide range of community events.
It has also contributed on the regional and global stage, to the framework of a free and open Internet; developed innovative products such as the National Broadband Map, and maintains a leading technical research programme.
“I’m not taking these reigns lightly or on my own, we have strong foundations that we will continue to build on. That’s something the whole team is proud of, it’s why they turn up in the morning and continue to do the great work they do, often changing lives under the radar.
“This year, we will bring our organisations together and take a close look at our strategy. Our job is to serve our community and customers with leading technology, community support and fresh policy ideas. That will remain our focus,” Carter says.
The Dutch and Austrian ccTLD managers, SIDN and nic.at, have signed a cooperation agreement under which all domains managed by SIDN will additionally be hosted on the nic.at anycast network RcodeZero DNS. The agreement was announced by SIDN’s CEO Roelof Meijer and nic.at CEO Richard Wein on the sidelines of the ICANN meeting in San Juan, Puerto Rico.
“We are very happy and proud to offer our technical services to the third largest European ccTLD,” says Richard Wein, CEO of nic.at. The agreement covers the almost 6 million domains registered under .nl, .amsterdam, .aw and .politie and sees SIDN becoming the biggest customer of the RcodeZero TLD DNS network. A network which already hosts twelve different TLDs at thirteen highly available redundant locations all over the world.
Roelof Meijer, SIDN’s CEO, explains the reasons why they decided for RcodeZero DNS: “First of all, it was important for us to have a partner under EU jurisdiction and data protection law. Secondly, we were impressed by nic.at’s technical know-how and flexibility, as well as their readiness to develop their product further based on our needs.” In recent years, SIDN has constantly been improving and optimising its DNS infrastructure with anycast partners to guarantee the best possible availability of .nl domains.
RcodeZero DNS will soon be expanded with additional nodes in Australia and South America to provide better performance and lower latency for customers in those areas, too. However, RcodeZero DNS, had other attractions for a technician, as confirmed by Marc Groeneweg, Coordinator of DNS Ops Team at SIDN: “It’s important for us to have comprehensive statistics and real-time DNS traffic information to further analyse our infrastructure, as a basis for continued improvement of our infrastructure.“
The technical work of integrating all Dutch domains into the network has just been completed and the set-up is now ready for public production.
The agreement is a sign of further consolidation and expansion within the top level domain registry industry, using their experiences in areas such as security among others. In the security area, a big issue for business worldwide, the domain name business is one of the leading providers of online security solutions. Some registries, such as nic.at and SWITCH, the Swiss registry operator, also run CERTs.
Others, such as CIRA, the Canadian ccTLD manager, has been active in recent months signing agreements with Uniregistry, DNS.PT (Portugal’s .pt) and InternetNZ (New Zealand’s .nz) to provide global domain name system services. SIDN itself has acquired a controlling stake in Connectis, one of the Netherlands' leading suppliers of secure log-in solutions and redesigned SPIN, their open-source system for protecting the internet and end-users against insecure IoT devices in home networks. And DENIC, the German (.de) ccTLD manager, has been approved as an authorised New gTLD Data Escrow Agent to offer both to ICANN-accredited registrars and registries an escrow service which fully complies with the European legal framework.
A review of the InternetNZ Group, which includes InternetNZ, NZRS and the Domain Name Commission, and who manages all aspects of New Zealand’s ccTLD .nz, has led to the organisation being streamlined under one “roof” with one Chief Executive. One of the first changes to come out of the review is the announcement today of the appointment of existing InternetNZ Chief Executive Jordan Carter to lead the newly integrated organisation.
The organisational review was announced in late 2016 and in October a report was released announcing changes that would:
Today’s announcement notes that Carter has been Chief Executive of InternetNZ since 2013 and will commence the new Group Chief Executive Officer role on 15 January 2018. Prior to this Carter has worked in a range of internet policy roles. Of particular interest to Carter, says the InternetNZ announcement, is the role of the internet in New Zealand’s economic development, and global internet policy making systems. He holds a Master of Arts degree in political science from Victoria University of Wellington.
“Jordan was chosen for this critical new role due to his ability to distil complex ideas so that anyone can understand what is important and what should be done,” Jamie Baddeley, President of InternetNZ. “He will build on the strengths we have across the group, to deliver more for the New Zealand Internet community and to face the inevitable challenges the Internet faces. He is a leader who brings people together to get things done, and that collaborative approach is important to us and our community.”
“Council is looking forward to Jordan successfully bringing the organisation closer together and realising the untapped synergies and areas of specialism that exist within the high performing staff of InternetNZ and NZRS, and building a stronger collaborative working relationship with an independent Domain Name Commission.”
“As a result of that Council is expecting the organisation as a whole to be more effective in delivering on the objectives of the incorporated society and expects no compromises on the delivery of the .NZ domain name system. Carter has outlined a plan which will see InternetNZ even more in touch with the needs of the local internet community and making sure what we do aligns with that.”
Jamie Baddeley said that he was pleased with the process the organisation followed to get to this point and Council is very happy with the plan that was agreed following an inclusive and open process with staff and stakeholders. He added that Council is looking forward to Jordan Carter delivering bigger and better outcomes in a more integrated operating environment and wishes Jordan every success.
“I am delighted to have the chance to serve InternetNZ in this role,” said Jordan Carter. “Bringing InternetNZ and NZRS together and implementing the changes set out in the Organisational Review is a significant challenge. I’ll be talking with staff and stakeholders informally over the next few weeks and look forward to setting out my plans in the New Year.”
“The work InternetNZ does for New Zealand is very important, and as the Internet plays a bigger role in all our lives, that won’t change. Our voice is an important one and the services we offer are important for Kiwis who want to make the most of a free and open Internet.”
Details regarding the organisational review and decision can be found here:
https://internetnz.nz/blog/changing-internetnz-our-organisational-review