Skip to main content

Collaboration is key to clamp down on crime across the .UK domain

(Image credit: Image Credit: Maksim Kabakou / Shutterstock)

Ubiquity breeds criminality, as our society is learning the hard way. Increased use of the internet and connected devices has provided cyber criminals with a paradise of opportunities to con, extort and steal. An online crime is committed every ten minutes in England and Wales, and we are now more likely to be robbed at the computer than in real life. With all these pessimistic facts in mind, it doesn’t seem surprising that Nominet is suspending increasing numbers of .UK domain names due to their association with criminal activity.

In fact, the numbers have doubled in the past two years. Our most recent report, published in November, revealed that 16,632 domains were suspended in the year to date. This compares to 8,049 in the previous year and around 4,000 over the year prior. The growth in suspensions is sustained and consistent, but that doesn’t necessarily mean the .UK domain is a more dangerous place to shop, search, communicate or do business. If anything, we could hope it is getting safer for the following reasons.

Firstly, in partnership with the UK’s law enforcement agencies (LEAs), we have improved awareness of our processes whereby we promptly suspend domain names being used to carry out crime online. We now work with ten different UK agencies in areas as varied as prevention of terrorism to fake medicines. The vast majority of suspensions still result from intellectual property infringements, which are notified to us by the Police Intellectual Property Crime Unit (PIPCU). This is a division of the UK’s National Crime Agency which processes and coordinates requests from nationwide sources for illegal uses, such as the sale of counterfeit goods.

Secondly, the agencies themselves are improving the sophistication and scale at which they process, investigate and prioritise reports of criminality. As they increase their efforts to monitor and track criminal activity – and increase their familiarity with the process – the reports we receive rise and the suspension figure subsequently increases. PIPCU provided us with requests to suspend over 13,000 of the 16,000 domains suspended this year – an 80 per cent rise on the requests they submitted in the previous year.

Other agencies providing us with requests during the year include Trading Standards, National Fraud Intelligence Bureau, Counterterrorism Units and the Medicines and Healthcare Products Regulatory Agency. Each works to their own strategies to target differing elements of online criminality and limit the activity of those seeking to exploit. We have been impressed by the thoroughness of investigation of these agencies.

Finally, Nominet itself is improving its own internal processes, outreach and methods of working with law enforcement. There has been a concerted effort to standardise procedures across all LEAs, and in the past year Nominet staff have spent time with the National Crime Agency to gain an insight into their processes, allowing us to better understand the system by which we work together to keep the .UK domain safer.

Settling disputes

In terms of policy, we recognise that suspension of a domain name without court direction is a potentially controversial approach. As the country code top level domain (ccTLD) registry, in close consultation and discussion with our wider stakeholders and communities, we had to decide for ourselves on the most effective and equitable approach to criminality across the .UK domain. The classical model of separation of powers between the legislative, executive and judicial functions does not translate well into the world of the internet. However, we are not the arbiter of what is, and what is not, criminal activity. At Nominet, we only take action to suspend a domain based on the intelligence of law enforcement and we report on our activity. Working in this way, with the input of established law enforcement agencies to identify the threats, we can maintain the transparency and increase the accuracy of our efforts at limiting criminality in the .UK domain. 

Fraud is currently viewed as the biggest culprit in online crime – it is the UK’s most common offence [Annual Fraud Indicator 2017] and cost the country nearly £11bn in 2015/16. While Action Fraud work hard to tackle the issue and our domain suspensions contribute to the cause, one of the key means of self-protection is for individuals to take extra care online and question things more closely. This is especially pertinent during festive sale times when there is an upswing in online spending. In the week leading up to Black Friday we suspended over 4,000 domains in partnership with PIPCU to disrupt the work of online criminals. We do what we can, but the consumer also needs to be mindful of the threats and make a point of verifying websites, companies and details before parting with any money.

In addition to our efforts to reduce criminality, we also work to settle disputes that arise across the .UK domain with our award-winning Dispute Resolution Service (DRS), an independent, low-cost approach to resolving discord. Encouragingly, these disputes arise over a very small proportion of our domains under management – just 0.0074 per cent in 2016 – and are carefully mediated by our team, escalated to an independent expert for review where necessary. Big brands such as Facebook, Jaguar Land Rover Limited and Anne Summers used the DRS in 2016, although so did many smaller, local businesses and organisations such as Brighton and Hove Albion Football Club. The service helped save up to £7m in legal fees last year alone – a sizeable boon for the businesses and people involved.

Monitoring and mitigating disputes and criminal activity on the internet is an endless task, but it is one made easier by society getting onboard. Consumers have a greater awareness of the risks and are (hopefully) taking more care, while businesses are taking their cyber security provision seriously, spending their money on keeping networks secure. Law enforcement are prioritising a focus on cyber crime, and Nominet supports the process by suspending the domains identified as being used unlawfully. Cyber crime may never be defeated, but we should be encouraged by the increased, collaborative efforts that will make significant inroads in raising the safety and integrity of our national internet infrastructure. 

Nick Wenban-Smith, General Counsel, Nominet
Image Credit: Maksim Kabakou / Shutterstock

Nick Wenban-Smith
Nick Wenban-Smith has been General Counsel at Nominet since April 2007. This role encompasses both the leadership of Nominet’s Dispute Resolution Service (DRS) and in-house legal adviser on all issues.