Principles for Rights-Respecting DNS Abuse Mitigation

Associated Domains & Surveillance
When investigating actionable DNS abuse, registrars may need to examine other domains associated with the same registrant data to disrupt broader abuse networks. However, such inspections must be conducted with strict safeguards to avoid undue surveillance of legitimate registrants. Investigations must be grounded in clear, specific evidence of abuse linked to the registrant—never on speculative or broad profiling. The focus must remain on the abusive activity, not on surveilling the registrant’s broader online presence.

Domain Pricing & Access
Affordable or free domain names are essential for digital inclusion. They allow individuals, small businesses, and civil society groups to establish a presence online.

• Pricing should not be used as a blunt tool for abuse mitigation. Doing so risks disproportionately harming legitimate users and undermining efforts to expand equitable access to the Internet.

• Abuse mitigation by registrars offering low-cost domains should instead rely on rights-respecting measures: clear abuse reporting channels, prompt investigation, proportionate response, and strong due process—not financial barriers.

Reactive vs. Proactive Measures
Well-implemented reactive measures can be as effective as proactive strategies in addressing abuse.

• However, overly broad or premature proactive interventions (e.g., preemptive takedowns, automated flagging) can generate false positives, unjust suspensions, and chilling effects on lawful expression.

• Any proactive measure must be subject to rigorous human rights risk assessment, implemented with narrowly tailored scope, transparency, and meaningful recourse options to ensure proportionality and accountability.

Pre-Mitigation Due Diligence
Before taking any mitigation action, registrars must carry out thorough and proportionate due diligence based on specific, actionable evidence. This helps prevent false positives and ensures that mitigation measures are appropriate to the verified abuse. Where possible, less restrictive alternatives should be considered before resorting to domain suspension.

During Mitigation Transparency
When action is taken against a domain, the registrant must be promptly notified (laws to the contrary might apply, we are not talking about those circumstances) This notice should include:

• The reason for the action;

• The type of action taken;

• The initiator of the action (e.g., registrar, third-party request);

• A clear explanation in accessible language.

Post-Mitigation Remedy & Recourse
Registrars must maintain accessible and transparent mechanisms for registrants to seek remedy or challenge decisions. This includes:

• Restoration Process: A pathway for legitimate registrants to demonstrate that abuse has been resolved—or that the action was mistaken—and regain control of their domain in a timely manner.

• Complaints & Appeals: A clear and fair process through which registrants can file complaints or appeal mitigation actions, reinforcing procedural fairness and accountability.