The 2020 Nordic Domain Days has been postponed until further notice due to the COVID-19 situation. The fifth of the annual event for the Nordic domain name conferences was originally scheduled to be held in Stockholm in September, was postponed and now postponed indefinitely.
Although the European Union already has a lot on its hands as it confronts a new wave of COVID-19 infections and seeks to position itself for a sustainable recovery, it must not ignore another crisis looming on the horizon. The bloc is rapidly and inexcusably falling behind China and America in the digital transition.
Children who have suffered abuse, who were robbed of their childhood and instead carry guilt and shame … children who are at risk of future atrocities … it is for all these children that we are here today.
The Swedish ccTLD manager IIS has decided to offload its registrar business, .SE Direkt.
.SE Direkt, which has almost 122,000 .se domain names under management with 87,000 customers (almost 67,000 corporate and 21,000 private individual customers), sells domain names but doesnât offer additional services such as webhosting, which most registrars offer these days as a means of making money. The domain name registration business isnât particularly lucrative when it comes to profitability.
Domain names registered through .SE Direkt currently cost SEK270 (â¬26) (SEK216 excl. VAT). The price increased from SEK255 to 270 as of 1 October 2017. .SE Direkt’s market share is 7%, which has increased from 6.8% in 2016. There are currently 1,768,495 domain names for the Swedish country code top level domain.
.SE Direkt commenced operations in 2009 when the business model with registrars was established. The idea was that it would act as a stopgap and that domain name registrants would gradually switch to other registrars. The number of customers has not since declined at the expected rate, but is now after ten years down at a level that makes IIS believe the timing is right to no longer continue with the registrar business.
The transfer includes domain names and customer agreements with .SE Direkt and the possibility of a license to use .SE Direkt’s trademark and/or domain name for up to two years.
To ensure that the buyer has the necessary experience and skills required, IIS places, among other things, the requirement that the purchaser should be, or will become, a registrar. Indicative bids with responses to the âInformation for stakeholdersâ [pdf, Swedish only] must be submitted by 17 October 2018.
Companies letting their domain names expire are often finding e-shops are re-registering their domain names and using them to market trademark infringing, or counterfeit, goods. But there’s no correlation between the use of the domain name prior to the e-shop and what the e-shop sells.
The study by the European Union Intellectual Property Office (EUIPO) [pdf], through the European Observatory on Infringements of Intellectual Property Rights, was on online business models used to infringe intellectual property rights. The study found when domain names were available for re-registration the entities operating the e-shops would systematically re-register the domain names and shortly after set up e-shops marketing goods suspected of infringing upon the trademarks of others. It was a characteristic that the prior use of the domain names was completely unrelated to the goods being marketed on the suspected e-shops. There were examples of domain names previously used by politicians, foreign embassies, commercial businesses and many other domain name registrants.
The study was conducted in 2 phases. Phase one looked at .dk (Denmark) from October 2014 to October 2015. During this period 566 .dk domains were re-registered by suspected infringers of trademarks immediately after the domain names had been given up by their previous registrants and became available for re-registration. Phase 2 looked at Sweden, which as a Scandinavian country would be assumed comparable with Denmark, Germany and the United Kingdom, which have very well-developed and large e-commerce sectors, and a country with a large e-commerce sector in southern Europe, Spain.
Phase 2 found the same phenomenon previously documented in Denmark also occurs in the Swedish, German, British and Spanish ccTLDs.
According to the study, the “total number of detected e-shops suspected of infringing the trade marks of others using a domain name under the ccTLD” ranged from 2.9% in .de (Germany) to 9.5% in .se (Sweden) while the “total number of detected e-shops suspected of infringing the trade marks of others using a domain name under the ccTLD where the domain name had been previously used by another registrant” ranged from 71.1 % of suspected e-shops in .uk (United Kingdom) to 81.0% in .es (Spain). The average was 5.41% across all ccTLDs in the study and 75.35% respectively.
Based on the research, the researchers believe it must be considered likely that the same also occurs in other European countries with well-developed e-commerce sectors.
An analysis of the 27,970 e-shops in the study identified a number of patterns including shoes were the product category most affected, accounting for two-thirds (67.5%) of the suspected e-shops and then clothes, accounting for 20.6%, while 94.6% of the detected suspected e-shops used the same specific e-commerce software.
Additionally, 40.78 % of the detected suspected e-shops in Sweden and the United Kingdom were registered through the same registrar, 21.3 % of all the e-shops used the same name server and a quarter (25.9%) of the suspected e-shops had the hosting provider located in Turkey, 19.3 % in the Netherlands and 18.3 % in the United States.
Even if the domain name was previously used for the marketing of goods, the study found the current e-shops were marketing a different type of product at the time of analysis. The study examined 40 case studies that indicated the sole reason for re-registration of the domain names is to benefit from the popularity of the website that was previously identified by the domain name. The benefits would include search engine indexing, published reviews of services and/or products and links from other websites that have not yet taken the current use into consideration. The case studies used also indicate a high degree of affiliation between the e-shops is likely. The research seems to indicate that what on the surface seems like thousands of unrelated e-shops are likely to be one or a few businesses marketing trade mark infringing goods to European consumers.
The 140 page study is available for download from:
Five top level domains accounted for 80% of all webpages identified as containing child sexual abuse images and videos, according to the 2016 annual report from the UK’s online reporting hotline for child sexual abuse, the Internet Watch Foundation, released today, with 57,335 URLs containing child sexual abuse imagery and these were hosted on 2,416 domains worldwide.
The 5 TLDs are .com, .net, .se (Sweden), .io (British Indian Ocean Territory) and .cc (Cocos (Keeling) Islands). Verisign is the registry operator for .com and .net, the largest and fifth largest TLDs globally, with 126.9 and 15.3 million registrations respectively, according to their latest quarterly Domain Name Industry Brief, as well as the backend registry operator for .cc. On a per domain basis, it’s clear the operators of .se, .io and cc need to do much more.
Criminals are increasingly using masking techniques to hide child sexual abuse images and videos on the internet and leaving clues to paedophiles so they can find it. IWF has identified commercial child sexual abuse websites which only display the criminal imagery when accessed by a “digital pathway” of links from other websites. The pathway is like a trail of breadcrumbs; when the pathway is not followed or the website is accessed directly through a browser, legal content is displayed. This means it’s more difficult to find and investigate the illegal imagery. It also means that criminal enterprises online are receiving legitimate banking services, as checking their website won’t automatically reveal the criminal content.
When IWF first identified this technique, they developed a way of revealing the illegal imagery, meaning they could remove it, and the websites could be investigated. But the criminals continually change how they hide the illegal imagery, so IWF’s expert analysts adapt in response.
Europe now hosts the majority of child sexual abuse webpages (60%), with North America moving to second place (37%). In contrast, UK now hosts less than 0.1% of child sexual abuse imagery globally, and this is due to the zero tolerance approach the internet industry in the UK takes. Breaking this down further, 92% of all child sexual abuse URLs identified globally in 2016 were hosted in five countries: Netherlands (37%), USA (22%), Canada (15%), France (11%), and Russia (7%).
Unsurprisingly, the criminals behind child sexual abuse online have also taken to the new gTLDs. Registration numbers in the new generic top level domains have jumped almost 8-fold to 29.034 million today from 3.722 million on 1 January 2015 and 2.6-fold from 11.230 million on 1 January 2016. And so has the child abuse that has used new gTLDs. In 2015, the IWF took action against 436 URLs on 117 websites using new gTLDs. In 2016 they took action against 1,559 URLs on 272 websites using new gTLDs – an increase of 258% from the year before, or 2.3-fold. Of these 272 websites, 226 were websites dedicated to distributing child sexual abuse content.
Recognising that new gTLDs are also used for hosting child sexual abuse, the IWF has partnered with leading registries to help prevent the use of gTLDs being used to show children being sexually abused. They utilise Domain Alerts to help their members in the domain registration sector to prevent abuse of their services by criminals attempting to use domains for websites dedicated to the distribution of child sexual abuse imagery. Several registries and registrars are members of IWF, including Rightside and Nominet.
Rightside has been particularly active and playing their part, becoming an IWF Member in September 2015. The IWF annual report gives as a case study the work Rightside, registry operator for .ninja, in attempting to take down domain names that host child abuse content. In 2016 Rightside received Domain Alerts relating to two .ninja domains. These domain names were found to be associated with 138 items of content depicting child sexual abuse material.
Rightside considers the IWF as a trusted third party notifier; this simply means that given the IWF’s unique mandate from the UK authorities, to actively seek and take action on criminal online content worldwide, any Domain Alert report received from the IWF, is taken at face value. Rightside’s Abuse Team can proceed, confident in the knowledge that the IWF’s trained analysts, have investigated, evidenced, and reported all findings to the relevant law enforcement authorities.
Rightside has implemented rapid internal processes for best managing IWF Domain Alerts. They are especially sensitive to the possibility of hacked websites, or situations where their domains are being used by legitimate businesses who may have thousands of users, with any one of these users being potentially responsible for the illegal content. As a registry, Rightside wants to ensure their actions don’t cause further harm, working quickly and decisively to identify the best way to remove illegal content, with the least impact to those not responsible.
“We believe that the IWF partnership provides an important protection, not only for all of Rightside’s registrants, and the general internet user, but protects the well-being of Rightside’s own Abuse Team in processing such reports,” said Alan Woods, Rightside’s Registry Compliance Manager.
“Rightside, as one of the first new gTLD registries to partner with the IWF, sees the benefit of membership in establishing gTLD best practices to protect all web users worldwide from malicious actors. Working with the IWF has been a great partnership in notifying us immediately when a site, using one of our domains, is being abused so we can take action to disable the domain in question.”
“Criminals will attempt to abuse new technologies for their own gain – in this case it’s using new domain names,” said Susie Hargreaves OBE, IWF CEO.
“As a Member of IWF, and the registry for .NINJA, we’ve seen first-hand how Rightside shares our zero-tolerance of child sexual abuse material. We appreciate their commitment and hope the rest of the industry steps up to ensure that criminals distributing child sexual abuse material can find no refuge in gTLDs, only swift and immediate action to stamp out these channels.”
The IWF Annual Report 2016 is available here:
The Swedish government has long been waging a struggle against âThe Pirate Bay,â an online platform for the illegal downloading of music, films, games and software. On 12 May 2016, the Swedish Court of Appeal ruled in a case against Punt SE, the Swedish registry, about the domain names of âThe Pirate Bayâ. It upheld an early decision by a judge who had confiscated two domain names of âThe Pirate Bayâ (thepiratebay.se and piratebay.se). Punt SE was required to transfer the ownership of the domain names to the Swedish state.
Could that happen in Belgium as well?
Whether that can happen in Belgium depends on the specific context and on whether there are legal grounds for it: is there infringement on intellectual property rights? Economic fraud or misleading practices? A criminal offence, e.g. child pornography?Â A judge will investigate each time whether there is a possibility pursuant to the underlying legislation.
A second important difference between Belgium and Sweden is that confiscation can be carried out on the holder of a domain name, and not the registry. The registry is responsible for the technical and administrative management only.
When the crown prosecution service issues a requisition to get a domain name offline, the domain name in question is withdrawn. The 2 leading registries in Belgium, DNS Belgium and EURid, comply with the requisitions of the crown prosecution service in each case.
BAF vs. Telenet & Belgacom
A court has already ordered the withdrawal of a domain name in the past. In 2011, BAF, the Belgian Anti-piracy Federation, won a case against Telenet and Belgacom concerning some domain names of âThe Pirate Bayâ. Belgacom and Telenet had to make surfing to those websites impossible by either blocking the IP addresses or by blocking traffic to the domain name.
Alas, this measure is not the most efficient. Just a few days after the ruling, the company behind âThe Pirate Bayâ registered the domain name âdepiraatbaai.beâ and started using it. In Sweden âThe Pirate Bayâ can be reached âthepiratebay.orgâ, the domain name with which it all began for them all those years ago.
To be continued
The saga of the Swedish domain names of âThe Pirate Bayâ has not run its course yet with the ruling of the court of appeal. One of the co-founders of âThe Pirate Bayâ, Fredrik Neij, did not agree with the ruling and has appealed the decision to the highest judicial body of Sweden, the âHÃ¶gsta domstolenâ. The essence of the case:Â should the confiscation be directed against Fredrik Neij or Punkt SE? To be continued without any doubt.
This DNS Belgium post was sourced from:
[news release] As of today (16 May), IIS will be providing information about .se and .nu domain names that are visible to the internet public. This means that the registered and delegated domains in the Domain Name System (DNS) will now be visible as the zone files for the IIS top-level domains are being released to the public and made available for download for the first time.
The underlying reason for making the zone files for .se and .nu available is our endeavor at IIS to promote transparency and openness. IIS has made the assessment that the zone files do not contain any confidential information and, therefore, there is no reason not to make this information available.
âOur hopes are that services will be built that enable laymen to use the information and that disclosure will positively impact research into the Swedish internet infrastructure,â says Patrik WallstrÃ¶m, IT security expert at IIS.
What is a zone file?
A zone file is a text file that contains all of the delegated domain names for a top-level domain and the related information. Domain names require the information in the zone file to be able to function at a technical level. In addition to the domain names that IIS administers, a zone file also contains its associated name servers and all the DNSSEC information.
What does this mean for domain name registrants?
In practical terms, this has no practical implications for existing owners of .se or .nu domains. The information in the zone file has never been considered confidential, even if zone files have never previously been published in full.
However, this could have an impact on parties that, for various reasons, do not wish to publish a domain name that is not in use. New brands and temporary campaigns are typical examples of names that many wish to keep under wraps before their launch. If the owner of a .se or .nu domain wishes to keep the domain name secret, no delegation should be written to the zone file. The registrar (reseller of .se domains) that the domain name is registered with can assist with this.
The UK’s Internet Watch Foundation found 68,092 URLs containing child sexual abuse imagery and hosted on 1,991 domains worldwide according to their latest annual report published Thursday.The IWF, the UK online child sexual abuse charity, found these 68,092 URLs hosting child sexual abuse content were traced to 48 countries, which is an increase from 45 in 2014. And five top level domains (.com, .net, .ru, .org and .se) accounted for 91 percent of all webpages identified as containing child sexual abuse images and videos.And for the first time the IWF saw these new gTLDs being used to share child sexual abuse imagery. The IWF believes many of these domains in new gTLDs have been registered specifically for that purpose.The IWF took action on 436 websites in 2015 using new gTLD domains to share child sexual abuse material. 138 of these were disguised websites.To assist registries and registrars that are members of IWF in taking down domain names that are used to host child sexual abuse content, the IWF has a Domain Alerts service to prevent abuse of their services by criminals attempting to share child sexual abuse imagery. This service appears to have commenced last year.The service works through IWF analysts identifying new child sexual abuse images and videos. Domain registries or registrars are sent immediate alerts if any child sexual abuse material is discovered on any domains registered through or by them.In the domain name business, members include Nominet, who provide registry services for .uk, .wales and .cymru, ICM Registry who operates .xxx, .adult and .porn, Afilias, GoDaddy, Rightside, names.co.uk and DotLondon.The main finding of the report reveals a staggering increase in the number of reports of illegal child sexual abuse images and videos that the IWF removed from the internet last year.68,092 reports were positively identified as containing illegal child sexual abuse imagery and taken down. This is a 417 percent increase in online confirmed reports over two years and an 118 percent increase in illegal child abuse imagery over the previous year.Data from IWF’s 2015 Annual Report, show their analysts have seen a dramatic increase in reports. This is since Prime Minister David Cameron gave his approval for the IWF to start proactively searching for online child sexual abuse imagery in April 2014.The IWF’s annual report is available for download from:
There is an auction coming up for the .shop and .shopping gTLDs and Domain Incite reports that it is getting âweirdâ.
The report notes that there are three ways the auction could play out, and itâs possible that the winning bidder(s) may not have to pay out anything in the auction.
There is reportedly a growing issue with security and DDOS attacks and IPv6 according to a report in Dark Reading. According to the report âbecause IPv6 occupies such a relatively small space, Internet security implementations that take it into full consideration are also lagging. This leaves a lot of networks vulnerable to distributed denial of service (DDoS) attacks.â
Nordic Domain Days is coming in late November and will be held in Stockholm. Nordic Domain Days will be part of the long-running and very popular Internet Days (Internetdagarna) organised by IIS, the registry for .se and .nu.
There will be a focus on the interaction between registrars and registries. Representatives from more than 10 registries including .se, .no, .fi, .dk, .nu, .de, .nl, .cloud, .global and .one will be present.
Registration costs 1000 SEK (approximately â¬106) plus 250 SEK (VAT) and more information, along with registration, can be found here.