Confidentiality Note:  Proprietary and confidential to Public Interest Registry.  If received in error, please inform sender and then delete.

Volker,

I agree with most of these points and that these are important considerations for the registrar when deciding what mitigation action to take, but my point was that the takedown part is not part of the ADC.  The takedown part already exists in the DNS Abuse amendments in the RAA.  This discussion, while important, is outside the ADC.  That’s why it is a rabbit hole for purposes of trying to create the ADC.  Once again, it is the conflation of investigation with enforcement/mitigation.

Best regards,

Marc H. Trachtenberg
Shareholder

Chair, Internet, Domain Name, e-Commerce and Social Media Practice
Greenberg Traurig, LLP

Aspen                                           Chicago

411 E. Main Street                         360 North Green Street

Suite 207 | Aspen, CO 81611        Suite 1300 | Chicago, IL 60607

T +1.970.300.5313                         T +1.312.456.1020

M +1.773.677.3305                        M +1.773.677.3305
trac@gtlaw.com | www.gtlaw.com  |  View GT Biography

Hi Marc,

it is not really a rabbit hole since it is just the kind of issue that registrars face when dealing with associated domain names. Every takedown also carries with it a certain liability risk that has to be balanced as part of the review process before taking a decision to act. That is why we need actionable evidence of abuse, and that does not change for associated domain checks either. 

We have had cases where "Dumb Criminal A" defecated where he dined and had registered his personal (legal-use) domain names in the same account that also held the problematic ones. Do we take those down as well? 

We have had cases where we took down a significant number of domain names of a third-party privacy or trustee service that was not recognizable as such because of a high prevalence of abusive registrations using that registration data set, thereby affecting a significant number of non-abusive registrations. Justified? Maybe! Liability risk? For sure.

We do see cases where criminals register domains through various resellers and even registrars, but never use more than one at a time. We can only ever detect one domain engaged in abusive activities. We see the associated domains as such and even without actionable evidence for every single one we will take action based on various indicators of likelihood of abusive use. But the risk remains of also taking down domains that were never intended for such use. 

We have seen domains registered for advertising or monetization purposes where the abuse originates from a bad advertiser of the parking provider that circumvented their internal review processes. Most of those domains are used by other advertisers for legitimate purposes. In fact, their registration pattern is similar to the case of the reservoir domains above. They would all fall into the classification of associated domains, but in this case, a takedown would be problematic. 

Just because a domain is associated somehow with an abusive registration does not mean it was registered for the same purpose, or even by or on behalf of the same end customer. As a registrar, it is our job to navigate those dangerous waters, balance legal obligations to our legitimate customers and our legal and policy obligations to take action on malicious registrations. It is easy when the ocean is clear and you can see the floor, but there are hidden reefs that we need to watch out for. And it does take an experienced captain and crew to navigate those shoals. But to do that successfully, we need room to navigate and trust in our experience. 

Eberhard,

I think we are going down a rabbit hole here. This is outside the scope of the ADC as the ADC is not mandating that entire accounts get shut down or that the registrar take any action other than investigate for associated domains. Any resulting obligations to take action based on what the registrar finds already exist in the RAA.

Best regards,

Marc H. Trachtenberg
Shareholder

Chair, Internet, Domain Name, e-Commerce and Social Media Practice
Greenberg Traurig, LLP

Aspen                                           Chicago

411 E. Main Street                         360 North Green Street

Suite 207 | Aspen, CO 81611        Suite 1300 | Chicago, IL 60607

T +1.970.300.5313                         T +1.312.456.1020

M +1.773.677.3305                        M +1.773.677.3305
trac@gtlaw.com | www.gtlaw.com  |  View GT Biography

*EXTERNAL TO GT*

Becky, 

you are the lawyer, I am not. 

I just mean a concept. 

Can you take down a Registered Name, just because (at least) another Name registered by same Registrant has been mitigated?

If a single Registrant has 5 Names, 1 reported, investigated, proven as phishing, and mitigated accordingly, ADC done, and 3 of the others are mitigable, I still don't like that the 5th one would or could be mitigated as well. 

However as Marc wrote, you act against the Registrant (for violating the Terms and Conditions). 

How would that work? Can you really unilaterally decide to take Names down, or do you have to give notice of termination of the Registrant agreement (0 to n days notice)? So they transfer the Name elsewhere, and perhaps even register the mitigated Names again.

Now you take a Reseller which has a Million Names. ADC finds 50, 500 or even 5000 in need of mitigation. 

Do you take the 50, 500 or 5000 names down or do you cancel the agreement with the Reseller (for violation the Terms and Conditions). What happens then to the Names left? 

Or if the Reseller is just irritated enough that they transfer significant Revenue elsewhere? There are enough accredited Registrars around, after all.

The obviously even more difficult question is how to prevent them from becoming wise to the Policy and transferring the rest of a portfolio to another Registrar, when a single one is taken down, ie before the ADC can be done?

We have not thought through the consequences of our considerations, and/or the cost. 

el

--
Dr. Eberhard W. Lisse \ / Obstetrician & Gynaecologist (retired)
el@lisse.NA / * | Telephone: +264 81 124 6733 (cell)
PO Box 8421 Bachbrecht \ / If this email is signed with GPG/PGP
10007, Namibia ;____/ Sect 20 of Act No. 4 of 2019 may apply

On Apr 14, 2026 at 18:50 +0200, Becky Burr <bburr@pir.org>, wrote:

I am confused by the use of the term “guilt by association” here.  That usually means you consider one person guilty of some bad act because that person is associated with someone else who is a known bad guy.  And yes, in that context, there are significant human rights concerns.

 

Here, we are just saying that if a registrant/account holder is known to be using one domain for DNS abuse then we are going to check to make sure the same registrant/account holder isn’t using other domains for DNS abuse.  And, if the answer is no, then nothing happens to the associated domains.  So, unless you are arguing that domains themselves have human rights, I don’t see what the guilt by association issue is.  

 

Am I missing something? 

 

Becky Burr

 

If you are not an intended recipient of confidential and privileged information in this email, please delete it, notify us immediately at postmaster@gtlaw.com, and do not use or disseminate the information.