Analysis: VeriSign wants to take down websites

The .com database manager VeriSign wants the power to shut down “illegitimate” domains when asked to by law enforcement.

The company apparently believes it shouldn’t have to wait for due process before downing a domain.

According to The Register, VeriSign is asking for the authority to eliminate a .com or .net domain, along with its web content and email.

In a document filed with domain name industry overseer ICANN, VeriSign claims shutting down illegitimate domains would enable them “to comply with any applicable court orders, laws, government rules or requirements, requests of law enforcement or other governmental or quasi-governmental agency, or any dispute resolution process.”

The courts and law officers that VeriSign is referring are the same courts and law officers who do not like to wait for a fair shake before a Web domain is pulled. That’s not unconstitutional or anything…

This attitude has already helped law enforcement officials in the US (under the auspices of the Immigration and Customs Enforcement agency) seize domains that were supposedly being used to sell counterfeit goods or promote piracy. Thankfully, both the public and certain politicians were outraged over this policy, so DHS-ICE took a lot of flak for their actions.

Clearly, people have a right to not have their Web domains pulled without due process. Yet, ICE and VeriSign don’t seem to think so.

Here’s the main reason why VeriSign’s request doesn’t make much sense: the new powers it is asking for would be international, meaning, they would be allowed to shut down a domain after simply receiving a request from Johnny Law to do so – without an actual court order.

“Various law enforcement personnel, around the globe, have asked us to mitigate domain name abuse, and have validated our approach to rapid suspension of malicious domain names,” VeriSign told ICANN, describing its system as “an integrated response to criminal activities that utilize Verisign-managed [top-level domains] and DNS infrastructure.”

The company proudly says they have worked with US enforcement – like the FBI – to come up with domain seizure policies. They also want to work with police in the EU and anywhere else they believe  Internet censorship can be monetized without due process.


Now I’m not sure why a publicly traded company wants to get into the business of helping governments strip domain owners of their rights without due process, but I think it stinks. VeriSign says it will pair the new powers with a protest option that would allow people to file a complaint when they feel that a domain was unjustly taken down from the Web. However, this doesn’t change the fact the corporation is demanding broad powers that we cannot even fully trust our law enforcement officials  and courts with.

Cyber security is a real-life concern, but this VeriSign issue isn’t really about cyber security. Rather, it’s about people wanting to wield power. As such, only law enforcement officials should have the power to seize Web domains – and only in the context of due process and court order.

And to be honest, even with due process and a court order, the recent ICE VeriSign raids earlier this year would still have been an abuse of power. It seems unnecessary to give this kind of power to a publicly traded company.