With unprecedented regulatory attention being given to DNS abuse, collaboration between the domain industry and policymakers is crucial. This is why CENTR brought together key industry leaders to reflect on collaborative strategies to balance cybersecurity and growth, ensuring a secure and reliable online experience for users across Europe and beyond.
How can policymakers and members of the DNS ecosystem, such as European ccTLDs work together on keeping the fine balance between high levels of cybersecurity of their infrastructure and an easy access to the domain space at the same time?
The fireside chat was a chance to reflect on the topic with our members, with insights from Pearse O'Donohue, Director for the Future Networks Directorate of DG CONNECT at the European Commission, CENTR member representatives Peter Vergote from .be registry DNS Belgium, Kristian Ørmen of .se registry Internetstiftelsen, and CENTR's General Manager Peter Van Roste.
Current challenges and opportunities
The discussion highlighted that the priorities of European ccTLDs while navigating this landscape are clear, as proven by the testimonials of CENTR members. A huge driver for growth is users trust that remains a core priority for .be, as ccTLDs are on a mission to provide a space where people can shop, browse, and learn in safety by minimising abuse levels in each ccTLD's respective zone. This, paired with the sustainable use of domain names and the sustainable growth of the domain industry are the objectives, according to Peter Vergote.
In the experience of .se, the safety of users is intrinsically linked to the quality of the service provided by ccTLDs, achieved through stronger requirements for registrars, incentivising those that have the best practices in the marketplace, and by raising awareness about internet safety amongst our local internet communities, said Kristian Ørmen.
Pearse O'Donohue shared the perspective of EU institutions and confirmed that a lot of trust is put on European ccTLDs in protecting European citizens, and the European Commission will continue to promote ccTLD innovation and support their status as the best in the class. As registries and registrars are directly affected by cybersecurity law, a key priority of the European Commission for the European domain space is to make sure that those who are not acting in good faith are not undercutting those who are playing by the rules.
Educating users and policymakers
The DNS community and authorities have an important educational responsibility towards European internet users, who are often not aware of how the internet works, but also towards regulators, to ensure that they are familiar with the crucial role that DNS and ccTLDs play in keeping the boat afloat when discussing cybersecurity legislation.
In the experience of .se, education is a core part of their daily work, but this practice is not scalable. For .be, the great weakness of registries is the lack of amplification of public awareness efforts, preventing ccTLDs to reach the mass of internet users to warn them of the dangers online.
This educational quest cannot be a responsibility that is put solely on the shoulders of registries, according to DG CNECT. While European ccTLDs are already occupied with upholding a large number of obligations, larger educational efforts need to be paired with additional expertise from the governments and authorities on how to effectively reach as many citizens as possible on important issues related to safety and security online. The European Commission also assured that it is building a stronger relationship with the trusted experts at ICANN, other than always listening to the voice of European ccTLDs on policy matters that affect them.
Looking ahead
What would success look like five years from now? For ccTLDs, it entails raising the number of registrations and being the most relevant TLDs in their respective regions with minimal levels of abuse, establishing a stronger cooperation with local competent authorities, and raising awareness on abuse among the general public.
For the European Commission, success will entail the effective implementation of the latest parts of cybersecurity legislation, such as the NIS 2 Directive and the Cyber Resilience Act, and for it to be impactful in tackling DNS abuse. The European Commission is also determined to see all European ccTLDs flourish while tougher rules are being enforced on those that are not following best in class practices.
How do we strike the balance?
Including as many parties as possible when developing the best solutions to DNS abuse is crucial. According to .be, the alignment of European ccTLDs on best practices has the power to drive less serious players that allow great margins of abuse out of the market. The .se registry is a frontrunner in the education of users and law enforcement authorities on how to identify and avoid less reliable players. Despite challenges in DNS abuse discussions on the global level, the multistakeholder model for the global internet governance remains the way forward. The European Commission recognised the need for stronger cooperation with the ICANN community to ensure that the EU's objectives in cybersecurity are achieved quickly and efficiently.
The event highlighted European ccTLDs' commitment to striking a balance between cybersecurity and growth, ensuring a secure and reliable online experience for users across Europe and beyond. The focus on collaboration, education, and innovation will be crucial in navigating the evolving landscape of the Domain Name System.
The first of its kind for CENTR, the event launched a series of fireside chats which will delve into CENTR’s principles ‘Towards a Stronger Internet: Principles for the Next Digital Decade’, our proposed framework for safeguarding Europe’s digital future in the decade ahead.
