Healthy Domains Initiative

The Domain Name Association (DNA), the Internet domain industry’s trade association, undertook an effort in 2016 it named the Healthy Domains Initiative (HDI). It’s an ambitious, self-motivated effort to build on the DNS’ already secure and stable platform and meet select challenges head-on, before they develop.

While HDI is designed primarily to advance the safe and beneficial evolution of the domain name system, its secondary goal is to demonstrate to Internet stakeholders the capability of industry operators to effectively self-regulate.  HDI is not under the aegis of ICANN or any other regulator — it’s an industry-led program that operates independently, guided by the organizations that have the operational experience to help keep the namespace healthy.

How HDI came about

DNA members, as stewards of the naming infrastructure, have long been attentive to ensuring their customers and Internet end-users have a safe experience with online identities.  This became more the case with the proliferation of new top-level domains (TLDs), when so many new registries joined the community.

Interested DNA members persuaded the organization to form a committee to take on the project and outlined the following objectives:

• Establish a network of industry partners that communicate and collaborate with one another to support a healthy domain name ecosystem.
• Identify and/or develop industry-accepted healthy practices and specific programs that provide tangible ways of promoting standards for healthy domains. 
• Demonstrate to the community the ability to proactively self-regulate and otherwise fulfill stewardship obligations
  

After a year-long process of consultation with registries, registrars, law enforcement, civil society, child protection authorities, pharmaceutical experts, content providers and others, the HDI committee identified the program’s first deliverable: a set of “healthy practices” that members may voluntarily adopt in order to address or prevent various issues that arise in namespace administration.  

The DNA first surveyed its membership on what, if any, healthy practices already were employed by members, and further, regarding the appeal of proposed new practices. An impressive 78% of respondents said that their companies already employed healthy practices outside the scope of their contracts with ICANN. 

89% of respondents said they intend to expand this list to include additional practices.  However, the conclusion of the survey, agreed to by most involved in HDI, is that there existed an opportunity to expand practice ideas, and contracted parties were receptive to doing so.

Healthy practices bring HDI to public notice

On February 8, 2017, HDI made its formal debut by publishing the first set of recommended healthy practices, a set of 37 total recommendations grouped into four areas that address:

• online security abuse;
• child abuse mitigation;
• complaint handling from illegal online pharmacies; and
• online copyright infringement.
  

The belief was that these four areas present a good avenue not only for establishing HDI, but to have an immediate impact on areas of known persistent issues.

In the days following the public launch of these practices, we received initial feedback about concerns regarding the proposed system for adjudicating copyright infringement (seven specific recommendations)—that feedback began to overshadow the other 30 practices advanced by HDI.

While addressing illegal behavior remains a priority of HDI, we accordingly elected to take additional time to consider the details of the recommendations.  Thus, the DNA will take a keen interest in any provider’s considered design and use of a copyright dispute resolution system, and will monitor its implementation and efficacy before further refining its recommendations.

The DNA's Healthy Practice Areas for Domain Registries and Registrars

HDI practices are focused on:

• Addressing online security abuse (e.g., malware, phishing, pharming) — this area encompasses 20 voluntary practices for registrars and registries to employ as a means for combating domain name system (DNS) abuse.  Recommendations include measures to mitigate abuse, receive and handle abuse reports, and otherwise minimize risks associated with potentially compromised domains.
• Enhancing child abuse mitigation systems — the DNA proposes that registries and registrars put in place a formalized system for the handling of abusive child imagery, and establish “trusted notifier” relationships with child protection authorities.
• Streamlining complaint handling from illegal or “rogue” online pharmacies — these measures are designed to enhance registry and registrar capability to field, evaluate and handle complaints regarding online outlets suspected of being unlicensed pharmacies or otherwise distributing harmful or counterfeit medication.
  

Next steps

The HDI committee briefed DNA members on the final details of the plan during the NamesCon conference in Las Vegas in late January 2017.  Members also heard from companies with a successful track record of implementing voluntary measures to combat abuse, as a point of reference for how to move forward.

As member companies voluntarily implement measures, the DNA plans to collect and make known examples of the efficacy of healthy practices, so the Internet community can understand the impact of these measures and contribute additional ideas. The HDI committee also looks forward to considering additional measures to contribute to the healthy evolution of the Internet namespace.