A stack contrast is emerging within the DNS between providers who tolerate blatantly illegal domain use and those who do not. Our study, just published here focuses on five U.S.-based providers, their policies, and their response to reports of opioid traffic within their registry or registrar. There are many providers, not covered here, who removed hundreds of domains selling opioids and I applaud their efforts.
In January of this year on a single day, in a single town in Massachusetts police seized $1.2 Million worth of Fentanyl from one location and revived an infant who was exposed to Fentanyl in another location. These scenes are repeated regularly throughout the world as the specter of opioid abuse haunts us. What is Fentanyl? Let us use a description from a Namesilo-sponsored domain selling Fentanyl without a prescription:
Fentanyl is a powerful synthetic opiate analgesic similar to but more potent than morphine. It is typically used to treat patients with severe pain, or to manage pain after surgery. It is also sometimes used to treat people with chronic pain who are physically tolerant to opiates. It is a schedule II prescription drug.
Fentanyl is 50 times more powerful than heroin and over 100 times more potent than morphine. It is intended to be used as a slow-release, but people who abuse it take the entire dosage through various means. It is a quick route to overdose and death. When we reported this domain to Namesilo, something curious happened, there was no response from NameSilo but the site became "hidden" from certain IP addresses. As of today domain is still selling Fentanyl.
Different societies have struggled with different abuse issues throughout history, this one is ours and is being fueled from unexpected sources. I have written about various illicit pharmacy operations within the DNS before and the registrars who permit them to operate, but online opioid traffic is much worse. Online opioid traffic is inherently predatory, targeting people who will likely suffer and die.
From January 2016 until now I have been working with a variety of ad hoc teams in addressing the problem of online opioids. First, I lead a group of undergraduates to collect and analyze opioid trafficking domains to determine how easy it was to get controlled substances and which providers were most pervasive. Following the release of our findings I was asked to present the report at a number of different venues from Internet policy, security, and law enforcement groups. They were all shocked, but not surprised at the scope of open narcotics traffic on the Internet. The next step in this effort, starting in August 2016, was to begin notifying the various providers and measure their response. The results, overall, were actually encouraging.
Different providers (including registries, registrars, and ISPs) form India, Germany, China, Netherlands, and many other countries used their documented abuse procedures to suspend and remove domains, over 200 of them, engaged in opioids traffic. Domains either directly involved in the trafficking of narcotics or aiding them in transactions, marketing or Internet infrastructure were reported. The registries, registrars and hosting companies recognized that A) the illegal commerce occurring within these domains violated their policies, B) the registrants are likely criminals, and/or C) the threat to the public health does not support a positive model of the Internet. For these efforts, I thank all who participated. Some of the notified domains dropped opioids from their offerings, but continue to be illicit pharmacies and will have to be addressed in a different context, but this is still progress. That is the good news…
The bad news is that there are a handful of providers now knowingly allowing narcotics trafficking domains within their control to persist. This may or may not surprise the reader but these providers are all in the United States where this type of activity has been illegal for nearly a decade. The variety of explanations (and in some cases no explanation) for why opioid dealing domains sponsored by these providers do not violate policy beg credulity and logic. All of the companies listed below were directly notified about the domains and our intent to publish our findings.
Public Interest Registry (PIR) – The correspondence with PIR on this issue was one of the most disappointing and convoluted of this study. PIR prides itself on serving the public interest and holds up the Red Cross and UNICEF as examples of its public commitment, but PIR has a dark side. By some twisted logic, domains dealing in opioids are "public benefit organizations". Some of you may be jumping up and down screaming that registries are not the proper place for enforcement, but you should know that the other TLDs not mentioned here had no problem removing domains selling controlled substances. This makes non-enforcement by PIR an arbitrary choice. Furthermore, PIR has an express policy prohibiting use of the registry for "Illegal or fraudulent actions”, but PIR would not clarify how narcotics traffic did not constitute abuse under their policies why other kinds of illicit use (spam, phishing, child exploitation) do qualify as abuse. There are a number of other inconsistencies in PIR policy described in the report, but the most troubling was an instruction from PIR staff to stop reporting domains selling narcotics. Here is the willful blind eye.
Verisign – Verisign has the largest collection of opioid trafficking domains, but unlike PIR it has no clear policy in terms of illegal activities in the registry, only vague "malicious conduct" reporting. The main problem in this case is that requests to Verisign to clarify their abuse process and policy went unanswered. As an example of the overall problem within .COM our report details a "Silk Road" site operating completely out in the open, not on the Dark Web.
XYZ – XYZ has a number of published policies concerning illegal activities yet has neither responded nor taken action on an opioid domain reported multiple times since August of 2016.
Global Knowledge Group (GKG) – As a registrar, GKG has the largest collection of opioid domains still active following this work. One of the strangest interactions with GKG staff was a declaration that they "can not determine any illegal act occurring” and that "the domain name in question is not in any direct violation of GKG's terms of service”. It is obvious GKG did not actually review the domain or its own policies which define abuse as use that "promotes illegal drugs”.
NameSilo, LLC – It could be complete coincidence that a reported opioid domain sponsored by NameSilo became hidden after being reported, but we will never know since NameSilo staff did not respond to our inquiry (see here).
One of the first arguments that will be thrown at me in response to all of this is the slippery slope, meaning providers feel that removal of certain domains will have a chilling effect and open the door to suspending domains of other types. For people who want to protect freedom of expression on the Internet, this would be the wrong issue to take a stand on. The flip side of chilling is creating safe havens for criminal activity. Once criminals realize that this registry and that registrar have unenforced policies concerning illegal commerce, they will flock there. No one really need the dark net when the open DNS allows unmitigated narcotics traffic.
Complying with the law and complying with a court order are not the same thing. Everyone has to comply with a court order or risk additional penalty. Complying with the law is something most of us do persistently because we understand the civilized intent of the law. If a law is fundamentally unfair, or inconsistently enforced by repressive government, that is a completely different story. A court order is merely an affirmation that a party did not follow the law. To sidestep collaborative Internet policy and demand a court order rejects the idea that the Internet is a space for reasonable process and should only respond to government. The argument frequently pushed forward within ICANN is to reduce the influence of government. Participants in Internet policy who's first answer is "go to the police" risk the development of a fractured Internet controlled in its gated segments by local government. The right way to go is to listen to consumers, and our public health professionals on this issue.
Written by Garth Bruen, Internet Fraud Analyst and Policy Developer