Children's Rights between Door and HingeJutta Croll & Torsten Krause, SDC
From Oct. 23rd to 26th the ICANN community met in Hamburg for their Annual General Meeting, also celebrating the 25th anniversary of the organization. ICANN is an Acronym for Internet Corporation for Assigned Names and Numbers. The non-profit organisation has the objective of ensuring a secure, stable and consistent operation of the Internet and could therefore be called the stewardship of the Internet. All the necessary regulations and principles are developed jointly and consensually between the various stakeholders, such as governments, business, the technical community, civil society and users. In this way, the foundation of the Internet grows in a bottom-up manner with the aim of enabling access to it worldwide and for all people. In doing so, ICANN focuses on the structures and functionalities that make the Internet feasible and are essential for its preservation.
Looking back at the journey ICANN has travelled since 1998 one can see how their organizational structure and their policy development procedures have evolved over time and it also becomes somehow understandable why ICANN refrains from taking responsibility for any content that is made available via the infrastructure it reigns.
Not all abuse is abuse
The Domain name system (DNS) is the backbone of ICANN’s remit and work. So, several committees, units, working groups and sub-groups like e.g. the Security and Stability Advisory Committee are dealing with keeping the DNS intact. This was mirrored in the meeting’s program where several sessions were addressing so called Domain Name Abuse. Per ICANN’s definition DNS abuse comprises phishing, pharming, malware, botnets, and spam. These areas are researched by the DNS Abuse Institute, the DNS Research Federation and the DAAR project (Domain Abuse Activity Reporting) and addressed by the Clean DNS Initiative. Although the dissemination of child sexual abuse material is not understood as being DNS abuse it is at least considered being an issue to be addressed, despite ICANN’s well intended policy not to take responsibility for content. The differentiation between maliciously registered versus compromised domains could also be applied to an approach to combat CSAM on the Internet. In 2023 hotlines in Europe received a high percentage of reports referring to domains with kind of cryptic strings of letters and numbers as a domain name where invites are spread to join platforms for the exchange of CSAM. The Netherland’s registry for their Country Code TOP Level Domain (ccTLD) .nl has implemented an AI based strategy towards DNS abuse that identifies applications for “suspicious” domain registrations and initiates further action to verify the registrant’s data. Such an approach might probably also be used to address domains abused for the dissemination of CSAM.
Is Blocking on DNS level to sharp a sword?
Blocking is the remedy of choice in case of domains rightly identified as being abused in the sense of ICANN’s definition. So as long as CSAM was mainly spread via file sharing servers it is obvious that such a server should not be shut down when 99.9 percent of the content is legally hosted there. For the .1 percent illegal CSAM content it is also true that blocking alone would not help solving the problem. Perpetrators are not all acting out of a pedophile inclination. Many of those who produce and spread CSAM have a commercial interest which is not very much different from those who distribute malware. Although children’s rights are not in the focus of ICANN and only discussed between door and hinge, this swamp must be drained, and also ICANN should be at stake in that.