POLICIES

Creating a new, clean and healthy internet name space.

Introduction

Radix is part of the Directi Group. With over 6 million active domain names registered through its registrars, our group has significant experience (over 20 years) of managing domain names and is fully cognizant of the threat that stems from their abuse.

As one of the world's top ten registrars, we equally understand our ability to make a sizable contribution towards curbing internet abuse, and believe that mitigating this threat is one of our foremost responsibilities. By instituting policies, processes and services which go significantly above and beyond our obligation as a registrar, Directi has taken various initiatives to make the Internet a safer ground.

To drive this effort, Directi has a committed function working towards identifying abusive domain names and enforcing its policies. Our Abuse Desk functions 24/7 and takes prompt and effective action (both reactively and proactively) against domains reported or co-networked to be involved in any sort of online abuse. On an average, we already address 15,000 reported or detected abuse cases per year. Abuse cases are addressed within pre-determined SLAs, and our team is committed to ensure that each incident is resolved satisfactorily.
The Directi abuse team has been heralded on many occasions by various security groups, law enforcement organizations and the general anti-abuse community for the manner in which abuse mitigation has been handled by us. Additionally, we have always become highly involved, and continue to remain committed to industry-wide efforts to address organized abuse such as botnets (see below) and large scale phishing attacks, and any other malfeasances.

Building A Zero-Tolerance Reputation

All our Anti-Abuse Policies will put Registrants on notice of the ways in which we will identify and respond to abuse. They will also serve as a deterrent to those seeking to register and use domain names for abusive purposes.
Directi has vast experience in minimizing abusive registrations. Our Zero-Tolerance procedures and aggressive proactive takedown measures as a Domain Registrar have resulted in a white-hat reputation discouraging abusive registrations to begin with. The same approach will be followed for all our Registry operations.
Our proactive abuse procedures are geared towards building a reputation that discourages miscreants and malicious intent. Once it is known that abusive registrations and registrations in violation of our policies are suspended rapidly, both abusive registrations and abusive behavior will be discouraged.

Notable Instances Of Directi's Successful Abuse Mitigation Initiatives

Our abuse mitigation team has developed strong relationships with many security groups and individuals in the abuse mitigation community, with the aim of sharing intelligence and facilitating quick action on abusive domain names. These sources provide us actionable intelligence on domains bought through our registrar. We have also participated in coordinated takedowns with such agencies in the past and are committed to doing so in the future.
Here are some examples of cases where our efforts paid great results in abuse mitigation:

Directi was part of the Mariposa Working Group which was responsible for taking down the largest known botnet network at the time.
(Ref: Mariposa WhitePaper.pdf)

IM Worm Botnet Takedown Coordinated by IID

All our Anti-Abuse Policies will put Registrants on notice of the ways in which we will identify and respond to abuse. They will also serve as a deterrent to those seeking to register and use domain names for abusive purposes. Directi has vast experience in minimizing abusive registrations. Our Zero-Tolerance procedures and aggressive proactive takedown measures as a Domain Registrar have resulted in a white-hat reputation discouraging abusive registrations to begin with. The same approach will be followed for all our Registry operations.

Proposed Policies

To ensure acceptable usage of all our new generic Top-Level Domain extensions, Radix will implement stringent abuse policies for each extension, that go beyond ICANN stipulation. Every domain name must comply with these policies during registration and throughout its tenure. All of these policies have fully adopted the definition of abuse developed by the Registration Abuse Policies Working Group (ref. Registration Abuse Policies Working Group Final Report, 2010).

Industry Collaboration and Information Sharing
  • Sunrise Policy Violation
  • Whois Inaccuracy
  • Trademark Infringement Violation And UDRP
b. Acceptable Usage Related Violations
  • Intellectual Property, Trademark, Copyright, and Patent Violations, including Piracy
  • Spamming
  • Phishing (and various forms of identity theft)
  • Pharming and DNS Hijacking
  • Distribution Of Viruses Or Malware
  • Child Pornography
  • Using Fast Flux Techniques
  • Running Botnet Command And Control Operations
  • Hacking
  • Financial And Other Confidence Scams
  • Illegal Pharmaceutical Distribution
  • Other Violations
Additional Mitigation Mechanisms

Based on our experience of running a leading Registrar, we have also devised some powerful mechanisms which will prevent possible abuse, and quickly diffuse abusive domains. These mechanisms include:

Profiling & Blacklisting

This process, currently in practice for our registrar businesses within the Directi Group, is used for gathering intelligence on known offenders. We maintain abuse ratios for each of the 1,000,000 plus registrants and 65,000 plus resellers under Directi's registrar business.

Experience has enabled us to use these ratios accurately to uncover registrants who are known and repeated offenders. Expert offenders rarely reuse the same registrant profile and often maintain a myriad number of profiles to mask their true identity. Through pattern mapping we try and group registrant profiles that we believe belong to the same operator.

Proactive Quality Review

As a preventive safeguard against abusive domain registration, we follow a consistent review process for domain registrations on our registrar, where a sample of newly registered domain names are analyzed for potential abusive activity. Coupled with our profiling process (described above), it enables us to take proactive measures against domain names that are registered solely to perpetrate malicious activities such as phishing, or otherwise infringe on the rights of others. This helps us curb abusive activity before it can affect too many Internet users. We shall seek to implement similar safeguards for our new gTLDs and encourage registrars to incorporate this practice as part of their abuse mitigation processes.

Industry Collaboration and Information Sharing

Directi's strong participation in the industry facilitates collaboration with relevant organizations on abuse related issues and ensures that Directi is responsive to new and emerging domain name abuses.

The information shared as a result of this industry participation will be used to identify domain names registered or used for abusive purposes. Information shared may include a list of registrants known to partake in abusive behavior in other TLDs. While presence on such lists will not directly constitute grounds for registrant disqualification, we will investigate domain names registered to those listed registrants and take appropriate action. In addition, information shared regarding practices indicative of abuse will facilitate detection of abuse by our own monitoring activities.

Sunrise Registrations

The sunrise registration service for each of our TLDs will provide trademark holders with atleast one 30-day priority period in which to register their trademarks as domain names. Trademark holders satisfying the Sunrise eligibility requirements proposed in the 'gTLD Applicant Guidebook' will be eligible to apply for a domain name. Sunrise applicants should also need to be supported by an entry in the Trademark Clearing House (TMCH).

Sunrise Dispute Resolution Process

We will also implement a Sunrise Dispute Resolution Policy (SDRP) to allow any party to raise a challenge. All registrants will be required to submit to proceedings under the SDRP and such claims may be raised at any time after registration of a domain name.
After a Sunrise name is awarded, it will also remain under a "Sunrise Lock" status for at least 60 days. During this period the domain will not resolve and cannot be modified, transferred, or deleted by the sponsoring registrar. A domain name will be unlocked at the end of that lock period only if it is not the subject of a Sunrise Challenge. Challenged domains will remain locked until the dispute resolution provider has issued a decision, which the registry operator will promptly execute.

Trademark Claims (TMC)

A robust Trademark Claims service will be implemented across all our new gTLD extensions. We will check every domain registration to determine whether it matches an existing trademark at the Trademark Clearing House (TMCH). This service will also be enforced on every Registrar offering our extensions to registrants.

Uniform Rapid Suspension (URS)

The URS (Uniform Rapid Suspension) procedure is a new RPM implementation which will be mandated in all our new gTLDs. Each provider will receive an email address where URS-related correspondence can be sent. And our compliance desk will monitor this email address for receipt of communications from URS providers.
All correspondence from a URS provider will be validated and we will lock the domain name in question by restricting all changes to the registration data, including transfer and deletion of the domain name. The domain name will continue to resolve while in this locked status. Upon receipt of notification from the URS provider of termination of a URS proceeding we will promptly unlock the domain name and return full control to the registrant.

Additional Rights Protection Mechanisms (RPMs)

The protection of trademark rights is one of our core goals. Our Right Protection Mechanisms, policies and procedures go significantly above and beyond the minimum mandated RPMs to prevent abusive registrations, rapidly take-down abuse when it occurs, and foster a clean namespace for every extension that we control. Our goal is to create a namespace that provides maximum protection to trademark holders.
Some of the mechanisms include:

1. Optional Trademark Declaration

Under this unique feature, during General Availability, we will continue to make available the EPP Trademark extension fields that are provided during sunrise. Registrants will be able to specify their IPR details against their domain names even after sunrise. This ability for a Registrant to voluntarily declare Trademark data even during general availability will reduce potential confusion amongst mark holders and the general public and reduce unnecessary UDRP procedures.

2. Profiling and Blacklisting

This process, currently in practice for our registrar businesses within the Directi Group, is used for gathering intelligence on known offenders. We maintain abuse ratios for each of the 1,000,000 plus registrants and 65,000 plus resellers under Directi's registrar business.
Experience has enabled us to use these ratios accurately to uncover registrants who are known and repeated offenders. Expert offenders rarely reuse the same registrant profile and often maintain a myriad number of profiles to mask their true identity. Through pattern mapping we try and group registrant profiles that we believe belong to the same operator.

3. Proactive Domain Quality Assurance

As a preventive safeguard against abusive domain registration, we follow a consistent review process where a sample of newly registered domain names are analyzed for potential abusive activity. Coupled with our profiling process, it enables us to take proactive measures against domain names that are registered solely to perpetrate malicious activities such as phishing, or otherwise infringe on the rights of others. This helps us curb abusive activity before it can affect too many Internet users. We will implement similar safeguards for our TLDs and encourage registrars to incorporate this practice as part of their abuse mitigation processes.

Subscribe to our Newsletter