What is “Trusted Notifier”?
Trusted Notifier (TN) is one of the solutions relied upon by registries and registrars to address DNS Abuse[1] issues as well as website content abuse questions that fall within their respective policies (including those beyond ICANN’s remit). The concept has existed for several years now, and has been recognized as a best practice to enhance abuse monitoring. ICANN’s Registries and Registrar Stakeholder Groups have developed a voluntary Trusted Notifier Framework, serving as a guide for parties considering to enter into TN arrangements.
A TN is a designated entity entering into a written understanding with a registry or registrar on a defined process for notifying alleged malicious online activities (e.g. illegal activity, content, and/or DNS abuse associated with a domain name). These abuse notices will be reviewed by the registry/registrar, and it is the responsibility of the registry/registrar to take action on verified forms of abuse.
Goals of Trusted Notifier Agreements
1. Reduce societal harm over DNS abuse – TN is a cooperative scheme developed by the domain name industry (registries and registrars) to build a safer Internet.
2. Leverage on expertise and enhance review process – TNs, as subject matter experts, could enhance abuse review processes as registries and registrars may not always have the resources and expertise to make judgement on all abusive content. The review process could also be expedited through the TN arrangement.
3. Reduce cost and operational resources – TNs could reduce overall operating cost and operational resources required for registries and registrars through its due diligence on evaluating the accuracy of abuse reports.
4. Distributing legal requirements – Registries/registrars and TNs could agree on the sharing of legal implications in relation to actions taken on verified abuse.
Trusted Notifier Arrangements in APAC
TN arrangements have been developing across entities in the Asia Pacific (APAC) region. Current TN signed parties include:
- TWNIC and DotAsia Organization
- TWNIC and CSC
- CSC and ID-CERT
- CSC and .TOP Registry
- CSC and LINE Taiwan Limited
FAQ
- Would TN violate any personal data law?
- No, TN is about taking action on DNS abuse and website content abuse issues, and does not involve any personal information disclosure.
- What is the scope of a TN agreement or Memorandum of Understanding (MoU)?
- The scope is determined across the parties entering into the agreement or MoU.
- Do I have control over who to trust?
- Yes, you have full control over the TN relationship. Registries and registrars can vet and decide which entity could act as a trusted party and only enter into agreements with these entities.
- Are all TN agreements bilateral arrangements (only 2 entities entering into the agreement)?
- TN agreements can expand beyond a bilateral arrangement. Currently in the APAC region, all arrangements are bilateral, but the longer run goal is to build a regional cooperative network of trusted relationships so that we can collectively reduce social harms from malicious activities on the Internet.
- What is my legal liability?
- Arrangements are discussed between/among the entering parties, and typically through a Memorandum of Understanding (MoU) instead of formal contracts. As such, provisions remain flexible, and open to further adjustments.
- I am interested, what can I do next?
- 1. Engage in a discussion with the current TN signed parties or other potential TNs in APAC
- 2. Evaluate which entity can be trusted
- 3. Define the specific TN operating procedures between/across TN signing party(ies)
- 4. Proceed with the TN signing.
For general enquiries about TN, please write to apachub@icann.org. [Note: The ICANN APAC Regional Office only serves as a coordination point of contact in facilitating connections across entities in the region for the above discussion topic]
[1] DNS Abuse is defined as five broad categories of harmful activities as they intersect with the DNS: malware, botnets, phishing, pharming, and spam (when it serves as a delivery mechanism for the other forms of DNS Abuse).