Go To Namecheap.com
Hero image of A dangerous precedent for web blocking
News

A dangerous precedent for web blocking

The world wide web seems simple: type in a domain name or use a search engine and get the content you want. But a lot is going on under the hood. 

When it comes to blocking content, various companies and governments attempt to block content at different levels of the technology stack that sits between you and content.

In a quiet news story reported on by Electronic Frontier Foundation and others, a German court just handed down an injunction that could have major ramifications for what happens between you and content on the web.

The web stack

To understand what the German court did and why it’s problematic, it’s important to understand what happens when you visit a website.

When you create a website you choose a web host, such as Namecheap. There are thousands of web hosts and cloud providers out there. These hosts maintain content for their customers that web users can access.

Technically, you don’t need a domain name to have a website. But without domain names, each website would have a long, hard-to-remember IP address. Domain names were created as a simpler way to navigate to websites. It’s much easier to remember a domain name like Namecheap.com than to remember a string of numbers like a phone number.

Domain names are registered at a domain name registrar, such as Namecheap. (Companies often act as both a web host and domain name registrar.) When you reserve a domain name through a registrar, the registrar reserves the domain name with a domain name registry. The registry depends on the top-level domain (the part to the right of the dot) you choose. 

For example, if you register a .COM domain name, the registry Verisign reserves the domain name. Think of Verisign and other registries like phonebooks. Once you reserve a domain name and connect it to a website, Verisign tells people where the content is that the domain name should point to.

sections of a website

This description simplifies things a lot but describes the basic plumbing of the web.

Then there’s the access side. You use an Internet service provider (ISP) to access the web. In many places, this is a cable or telecom company such as Spectrum or Comcast. On your mobile phone, it’s your mobile service provider, such as Verizon or AT&T.

When you type a domain name into your browser, your ISP acts as the first step to figuring out where the content is hosted. Rather than ping the registry’s “phonebook” each time, many ISPs cache (remember) where a domain name address points. (There can be other parties in this process, but the key is that your query usually starts at the ISP and goes to the phonebook or a copy of it, which then tells your browser where to go.)

Some people don’t like to use the ISP as the first step to navigating to a website. There are many reasons for this; the ISP might be slow to resolve the website, it might interject itself in the process to show ads related to the website you want to visit, and it could track the sites you visit and sell your data.

To bypass the ISP, users can select a different Domain Name Server (DNS) resolution service to resolve their queries. These DNS resolution services promise faster speeds and added security (such as blocking malware). Google and Cloudflare both offer DNS resolution services.

Another service is Quad9, which is the party involved in the German injunction.

Blocking content

Web hosts, domain name registrars, and registries all have some sort of business connection to website creators and play a role in blocking access to content. Their exact roles have changed over time. Sometimes, they require a court order to block content. Other times, they will block access to bad content, such as phishing sites, based on a report.

For example, there is a process in the Digital Millennium Copyright Act that U.S. web hosts follow. If someone complains to the host about copyrighted content a customer hosts, the process lets the host avoid responsibility for the content. Valid complaints usually result in quick content takedowns after the site owner is given a chance to respond.

In another example, domain registrars play a role in cybersquatting disputes. Trademark holders can file a complaint under the Uniform Domain Name Dispute Resolution Policy (UDRP). If they win the case, the UDRP forum will instruct the domain registrar to transfer the domain name to the trademark holder.

Also, courts sometimes instruct domain name registries to suspend or transfer domain names.

Domain name registrars and web hosts often have to balance privacy and due process with blocking content to infringing or potentially dangerous content. Here’s what Namecheap does to strike this balance.

Reasonable people can disagree about the role that these parts of the web stack should have in blocking content. But the key with hosts, registrars, and registries is that they all have a business relationship and direct connection to the person who creates the website/content.

On the contrary, ISPs and DNS resolution services don’t have this direct relationship to the content creator. Most people agree that they should not play a direct role in blocking access to content due to complaints about copyright or opinion.

page not found

The German court and Quad9

Sony Music obtained an injunction against Quad9 in the lower court of Hamburg, Germany. Sony Music wants Quad9 to block the resolution of domain names that it says host content that infringes on its copyrights.

This is a dangerous precedent and could lead to more efforts to block content on the access level with entities, such as ISPs, that don’t have a direct relationship with the content creator.

In this case, the court considered that Quad9 already blocks access to certain content, such as malware and phishing sites. Thus, it should be able to block access to sites that infringe copyright, the court determined.

Writing on its blog, Quad9 states:

The inclusion of recursive DNS servers, which do not handle copyrighted material and have no relationship with the involved parties, in the ranks of legally mandated blocking mechanisms is a dangerous precedent. The assertion of this injunction is, in essence, that if there is any technical possibility of denying access to content by a specific party or mechanism, then it is required by law that blocking take place on demand, regardless of the cost or likelihood of success. If this precedent holds, it will appear again in similar injunctions against other distant and uninvolved third parties, such as anti-virus software, web browsers, operating systems, IT network administrators, DNS service operators, and firewalls, to list only a few obvious targets.

A dangerous precedent

The German court’s decision sets a dangerous precedent. Internet access companies that help point domain names to content should not be a chokepoint based on copyright claims. 

Organizations that advocate for rights to free speech are taking notice. Electronic Frontier Foundation writes:

The seemingly endless battle against copyright infringement has caused plenty of collateral damage. But now that damages is reaching new levels, as copyright holders target providers of basic internet services.

Quad9 is fighting back with the resources it has. It’s a non-profit with limited resources — perhaps why Sony Music decided to go after it — but it vows to fight the court order.

Stay tuned.

Was this article helpful?
3
Get the latest news and deals Sign up for email updates covering blogs, offers, and lots more.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

Check your inbox

We’ve sent you a confirmation email to check we 100% have the right address.

Help us blog better

What would you like us to write more about?

Thank you for your help

We are working hard to bring your suggestions to life.

Andrew Allemann avatar

Andrew Allemann

Andrew is the founder and editor of Domain Name Wire, a publication that has been covering domain names since 2005. He has personally written over 10,000 posts covering domain name sales, policy, and strategies for domain name owners. Andrew has been quoted in stories about domain names in The Wall Street Journal, Washington Post, New York Times and Fortune. More articles written by Andrew.

More articles like this
Get the latest news and deals Sign up for email updates covering blogs, offers, and lots more.
I'd like to receive:

Your data is kept safe and private in line with our values and the GDPR.

Check your inbox

We’ve sent you a confirmation email to check we 100% have the right address.

Hero image of [News] WordPress 5.8 launches with a pattern libraryA dangerous precedent for web blocking
Next Post

[News] WordPress 5.8 launches with a pattern library

Read More