Current Developments in DNS Privacy | IGF 2023

10 Oct 2023 06:45h - 08:15h UTC

Event report

Speakers and Moderators

Speakers:
  • Becky Burr, Private Sector, Western European and Others Group (WEOG)
  • Yuko Yokoyama, Technical Community, Western European and Others Group (WEOG)
  • Geoff Huston, Technical Community, Asia-Pacific Group
  • Manal Ismail, Government, African Group
  • Bruna Santos, Civil Society, GRULAC
Moderators:
  • David Huberman, Technical Community, Western European and Others Group (WEOG)

Table of contents

Disclaimer: This is not an official record of the IGF session. The DiploAI system automatically generates these resources from the audiovisual recording. Resources are presented in their original format, as provided by the AI (e.g. including any spelling mistakes). The accuracy of these resources cannot be guaranteed. The official record of the session can be found on the IGF's official website.

Knowledge Graph of Debate

Session report

David Huberman

The summary emphasises the importance of DNS privacy, as DNS queries can reveal personal information about individuals. The clear text nature of DNS data until a few years ago made it accessible to anyone. This highlights the urgent need for developing protocols that ensure DNS privacy. The DNS was created in 1983, but privacy-focused developments only began in the last five to six years.

Paul Makapetris, the inventor of DNS, is credited for solving significant issues regarding the scaling and knowledge of all hosts on the internet. Prior to DNS, existing processes were unable to scale effectively. The creation of a distributed system through DNS enabled anyone to access information about hosts and their corresponding IP addresses, greatly enhancing the functionality and efficiency of the internet.

Jeff Houston, the chief scientist of APNIC, is regarded as a highly respected authority in the field of internet engineering. His deep understanding of the internet and its engineering aspects is acknowledged by David Huberman. As a thought leader, Jeff Houston is considered one of the best sources for discussing technical considerations related to DNS privacy.

In conclusion, DNS privacy is crucial due to the potential exposure of personal information through DNS queries. The delay in developing protocols for DNS privacy is seen as a missed opportunity, considering the long history of DNS and the recent start of privacy-focused developments. The invention of DNS by Paul Makapetris is credited for resolving critical issues associated with scaling and knowledge of internet hosts. Overall, Jeff Houston’s expertise in internet engineering is seen as valuable for discussions on the technical considerations of DNS privacy.

Geoff Huston

DNS privacy is an incredibly important issue, as DNS queries can track online activities, and if someone sees your DNS queries in real time, they essentially have access to all your secrets. Manipulations of DNS queries are also possible, as applications believe the first answer they receive. However, the DNS industry has made positive strides towards improving DNS privacy and security. Efforts such as query name minimisation and implementing encryption protocols like HTTPS and QUIC are being employed to protect DNS transactions. Despite these advancements, there is a challenge in balancing the need for an efficient network with the need for privacy in the DNS. Additionally, the technical community is working towards an opaque system that removes attributions in name use, but this may lead to a loss of transparency. The role of ICANN in DNS privacy is uncertain, and applications have gained control over the DNS, leaving traditional infrastructure operators behind. This shift towards application-driven technologies presents challenges for infrastructure operators. Overall, DNS privacy is a critical concern, and while improvements are being made, there are still challenges to address.

Manal Ismail

The European General Data Protection Regulation (GDPR) has had a significant impact on the GTLD Whois landscape. It mandates the reduction of personally identifiable information in registration data, radically changing the landscape. However, implementation of GDPR varies depending on the registry or registrar involved, resulting in a fragmented system. This has introduced several key issues, including increased ambiguity regarding the differentiation between legal and natural persons.

To address these challenges, there is a pressing need for standardized regulations and mechanisms for accessing non-public registration data and responding to urgent requests. However, reaching an agreement on the necessary policy recommendations has proven difficult. For example, the Governmental Advisory Committee (GAC) has found the proposed three-business-day timeline for responding to urgent requests unreasonable.

Another challenge arises from the lack of policy applicable to domain registrations subject to privacy proxy services. The use of privacy proxy protection has increased over time, and governments within the GAC are unsure of how to address this issue. The absence of clear policies in this regard makes it difficult to ensure compliance and protect privacy rights.

Improving the accuracy of GTLD registration data is a prioritized area of work. The GAC principles place great importance on the accuracy of this data, and ICANN is preparing a comprehensive assessment of the activities it may undertake to study accuracy obligations in light of applicable data protection laws and contractual authority.

During discussions, Manal Ismail expressed agreement with Steve and Farzi regarding the significance of data collected during the proof of concept. This demonstrates the recognition of the value of such data in informing decision-making and shaping policies.

Moreover, Manal Ismail believes in the necessity of constructive and inclusive discussions within ICANN’s bottom-up multi-stakeholder model. Despite diverse views, all participants were observed speaking from a public interest perspective. This highlights the importance of finding a balance between privacy and safety while considering the broader societal impact of ICANN’s decisions.

In conclusion, the GDPR has brought about significant changes in GTLD Whois records, necessitating the need for standardized regulations and mechanisms for accessing registration data and addressing urgent requests. The lack of policies applicable to domain registrations with privacy proxy services poses additional challenges. Efforts are being made to improve the accuracy of registration data. It is crucial to recognize the value of collected data during the proof of concept and engage in constructive and inclusive discussions to strike a balance between privacy and safety within ICANN’s bottom-up multi-stakeholder model.

Audience

During the ICANN62 Policy Forum, discussions on data privacy and access covered several crucial points. One speaker highlighted the potential harm caused by publicly accessible personal data of domain name registrants. For 20 years, this sensitive information, including mailing addresses, phone numbers, and email addresses, was available to the public. This raised concerns regarding the potential risks and harm that could arise from such unrestricted access to personal data.

On the positive side, another speaker mentioned the improvement brought by the advent of privacy proxies. This development allowed for increased privacy protection by masking personal information in domain registrations. This was seen as a step in the right direction towards improving domain privacy.

The forum also acknowledged and appreciated ICANN’s focus on DNS privacy. In one of the workshops, ICANN specifically titled it as DNS privacy and emphasized the importance of privacy in addition to access. This recognition highlighted the commitment to address privacy concerns and protect the data of internet users.

Transparency and accountability regarding law enforcement’s access to people’s data were deemed important. It was stressed that governments and law enforcement agencies should be transparent in their requests for access. This would ensure that there are clear processes in place for requesting and granting access to personal data, minimizing the potential for misuse or abuse.

Concerns were raised about the implementation of metrics for requester’s access, particularly when the requesters are from authoritarian countries. Questions were posed regarding the accessibility of data to law enforcement in such countries and the verification process to ensure compliance with ethical standards. These concerns emphasized the need for a robust system that prevents unauthorized access to personal information.

The audience also expressed the need for clarification on who has access to the data and how it is granted. This highlighted the importance of defining and understanding access privileges to ensure that data is only accessed by authorized entities and for legitimate reasons.

The adoption of the Registration Data Access Protocol (RDAP) was seen as a positive development. RDAP is a standardized protocol aimed at improving data access and security in domain registrations. However, concerns were raised regarding data privacy and security under the new protocol. The example of Indonesia was mentioned, where a local law prohibits the disclosure of data, even for legitimate law enforcement interests. This highlighted the challenges of reconciling different data protection regulations and ensuring compliance.

Data ownership was emphasized as a fundamental aspect of data protection and privacy discussions. Registrars were highlighted as having an obligation to comply with the data protection laws of the country whose residents’ data they hold. With potential obligations under multiple data protection laws based on the nationality of residents, the need for clarity and understanding of data ownership became crucial.

The forum also recognized the importance of ICANN, IETF, and IANA in addressing DNS privacy and developing policies. There was an expectation for these organizations to be actively involved in considering the costs and benefits of potential tools and providing guidance on DNS privacy.

Regarding Request Distribution Reporting System (RDRS), concerns were raised about its adequacy as a measure of demand. The need for improvements, such as the ability to allow bulk uploading of requests and retaining requester data for analysis, was suggested. It was proposed to hire a privacy lawyer for an in-depth review to ensure the system’s effectiveness.

The uncertainty of registrar participation in RDRS and its potential impact on requesters’ engagement was highlighted. It was remarked that promises on the operation of RDRS could not be successfully delivered due to the unknown number of participating registrars. A negative initial experience discouraging further engagement was also mentioned as a potential consequence.

Suggestions were made to retain data for evaluation purposes to provide an incentive for requesters to continue participating, despite potential initial disappointments. The low submission of requests indicated that some requesters might be tackling the issue without relying on data, but the importance of data retention for downstream analytics was emphasized.

Making participation in the Expansive Secure Synchronized Access and Disclosure (ESSAD) program mandatory was seen as beneficial. It was recognized that ESSAD could potentially serve as a valuable resource for data gathering and enhance the effectiveness of data access and disclosure.

ICANN’s participation in discussions on DNS abuse was mentioned, indicating a commitment to address and mitigate abuse issues in the domain name system. This participation demonstrated the recognition of the importance of maintaining a secure and abuse-free online ecosystem.

The lack of uptake of encrypted DNS, DNSSEC, and other protocols was highlighted, raising concerns about the security of the internet infrastructure. The need for end-user involvement in the design and implementation of standards was emphasized to ensure better adoption and implementation.

Lastly, the importance of not compromising enterprise cybersecurity through the “going dark” phenomenon was emphasized. Privacy was viewed as deluded without security, and it was emphasized that removing all data without ensuring proper security measures would lead to a worse privacy condition than before.

In conclusion, the discussion at the ICANN62 Policy Forum highlighted the necessity of addressing data privacy concerns while ensuring responsible data access. It underscored the importance of transparency, accountability, and clarity in the process of granting data access, especially for law enforcement agencies. The adoption of protocols such as RDAP and ESSAD were seen as positive steps towards improving data privacy and access. However, concerns regarding privacy, security, and the participation and effectiveness of various systems were also raised, emphasizing the need for continuous improvement and collaboration among stakeholders to ensure a secure and privacy-focused internet ecosystem.

Becky Burr

The discussion revolves around the need to protect privacy in the Domain Name System (DNS), particularly with regards to WHOIS data. WHOIS data contains information about the registrant of a domain name, and access to this data can potentially be misused for phishing, fraud, and suppressing free expression.

To ensure appropriate handling of data, it is important to adhere to fair information practice principles, which include principles of lawfulness, fairness, transparency, and accountability. These principles should guide the way data is dealt with in the DNS.

One notable development in 2018 was when WHOIS data went offline and became accessible only upon request. This change was made to provide better accountability and protection of privacy in the DNS ecosystem.

While ICANN (Internet Corporation for Assigned Names and Numbers) plays a role in supporting and facilitating registrars in their data processing responsibilities, it cannot dictate the outcome of the balancing test that registrars must perform when determining the accessibility of data. The responsibility for data processing lies with the respective registrars.

Queries associated with an IP address can provide information about individual and institutional internet uses. However, it is argued that not all queries associated with an IP address should be public. The public nature of the DNS is essential for resolving queries, but privacy considerations should also be taken into account.

Registrars, who hold the data, make decisions about the release of data based on a variety of circumstances. These decisions are informed by the relevant laws, regulations, and the registrars’ own company policies. The release of data should consider legitimate interests and the privacy rights of the individuals involved.

Data ownership is a complex issue that is fundamental to the discussion of data protection and privacy. Modern data protection laws apply not just to processing data within a country but also to the information about residents of that country. When users register a domain name with a registrar, they agree to the registrar’s privacy policy. Additionally, the ICANN contract requires registrars to make certain disclosures.

Compliance with the law is crucial for registrars. Even if registrars are located outside a particular country, they may have obligations under the law of the country where the resident whose information they hold is located. Therefore, registrars must comply with the applicable laws and regulations governing the processing of data.

In terms of encouraging participation, it is suggested that collecting data for downstream analytics can serve as an incentive for registrars to participate. This data can offer valuable insights into the DNS ecosystem. There is even a suggestion to make participation mandatory for all registrars, as it is seen as important for the overall functioning and improvement of the system.

Finally, there is an acknowledgement of the importance of understanding the needs of requesters through the system. This understanding can help address any issues or concerns and improve the overall experience for all parties involved.

In conclusion, the discussion highlights the importance of protecting privacy in the DNS, specifically in relation to WHOIS data. Fair information practice principles should guide appropriate data handling, and registrars are responsible for complying with relevant laws and regulations. Data ownership and privacy are complex issues that need to be considered in the context of data protection. Encouraging participation and understanding the needs of requesters are also essential for the effective functioning of the DNS ecosystem.

Yuko Yokoyama

ICANN (Internet Corporation for Assigned Names and Numbers) is developing a new service called RDRS (Registration Data Request Service), which aims to simplify the process of requesting non-public GTLD (Generic Top-Level Domain) registration data. RDRS will act as a centralized platform for registrars to submit and receive data requests, benefiting stakeholders such as law enforcement agencies, IP attorneys, and cybersecurity professionals.

RDRS is a voluntary service and ICANN cannot force registrars to disclose data through this platform. The decision to disclose or not lies with the registrars, and RDRS operates as a proof of concept service for up to two years.

Key features of RDRS include the automated identification of domain managers, eliminating the need for requesters to identify them themselves. Additionally, requesters will have access to their past and pending requests within the system.

It is important to note that the disclosure of requested data is not guaranteed by RDRS. Each registrar conducts a balancing test before deciding whether to disclose data, taking into account local laws and other applicable regulations. This ensures compliance with legal regulations and protects individual privacy rights.

Only ICANN accredited registrars have access to the RDRS system. They act as intermediaries between requesters and the platform, holding the registration data and routing requests accordingly.

In summary, ICANN’s RDRS aims to streamline the process of requesting non-public GTLD registration data. It provides a central platform for registrars to submit and receive data requests, benefiting stakeholders such as law enforcement agencies, IP attorneys, and cybersecurity professionals. However, the decision to disclose data is ultimately up to the registrars, considering local laws and regulations. Only ICANN accredited registrars can use the RDRS system.

Speakers

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more

Speech speed

0 words per minute

Speech length

words

Speech time

0 secs

Click for more