Ever received an unsolicited email from someone you don’t know? Or a message with a suspicious link, from someone pretending to know you? These are just a couple examples of Domain Name System (DNS) Abuse, namely spam and phishing.
Nearly all of us have experienced DNS Abuse in some form as we navigate the modern Internet, ranging from the minor annoyance of receiving junk email to becoming the target of dangerous financial extortion or identity theft.
But, did you know that there are individuals and organizations actively combatting DNS Abuse today, through sophisticated multistakeholder collaboration and policy development processes? And did you know that DotAsia is a leader on this front, combating DNS Abuse both regionally in Asia, and internationally at other fora?
Read on to learn more about DotAsia’s leadership role in this evolving issue.
What is DNS Abuse?
DNS Abuse, as defined by the Internet Corporation for Assigned Names and Numbers (ICANN), refers to:
- Botnets
- Malware
- Pharming
- Phishing
- Spam (when spam serves as a delivery mechanism for the forms of DNS Abuse listed).
Beginning as early as 2009, the ICANN community recognized the need for stronger protections against DNS Abuse and security threats, with concerns and suggestions steadily growing and reaching a peak in recent years. Early in these discussions, the ICANN Governmental Advisory Committee (GAC), through its Public Safety Working Group (PSWG), highlighted the importance of implementing new measures to combat criminal misuse of domain name registrations. The GAC played a key role in raising this issue and formally advised the ICANN Board, which led to new requirements for generic top-level domain (gTLD) registry and registrar operators, as well as enhanced contractual compliance obligations for ICANN itself. In 2011, at an ICANN Forum on DNS Abuse, Edmon Chung, CEO of DotAsia described the challenges faced in Asia from an end-user perspective, and highlighted the efforts of .ASIA, .HK and .CN in addressing DNS Abuse and cybercrime issues. After the launch of the 2012 round of new gTLDs and the 2013 revisions to the Registrar Accreditation Agreement (RAA), several review teams established under ICANN’s Bylaws took a closer look at DNS Abuse. These included the Competition, Consumer Trust and Consumer Choice Review Team (CCT-RT) and the second Security, Stability and Resiliency Review Team (SSR2-RT), both of which stressed the need for better tools to monitor and mitigate DNS Abuse. During this period, the GAC, the At-Large Advisory Committee (ALAC), and the Security and Stability Advisory Committee (SSAC) also submitted their own formal recommendations to the ICANN Board, such as SAC 115, “SSAC Report on an Interoperable Approach to Addressing Abuse Handling in the DNS,” and ALAC’s 2019 Advice on DNS Abuse.
Since 2020, ICANN’s gTLD contracted parties have actively collaborated with various segments of the ICANN community. Registries and registrars within the Generic Names Supporting Organization (GNSO) have worked with nearly every group across ICANN to develop key documents addressing topics such as DNS abuse definitions, actions registries can take, abuse reporting processes for registrars, domain generating algorithms, and the role of trusted notifiers. A major achievement came in 2024, when the contracted parties approved updates to the 2013 Registrar Accreditation Agreement (RAA) and the base Registry Agreement, formally assigning DNS Abuse mitigation responsibilities to both registrars and registries. While this marks a significant step forward, both the contracted parties and the GNSO recognize that it is just one part of a broader strategy to combat DNS Abuse.
Challenges remain in addressing DNS Abuse as the online landscape evolves quickly, and threat actors continuously seek ways to circumvent the protective measures implemented by those working to combat DNS Abuse in the Internet community. The encouraging news is that the collaborative efforts of the Internet multistakeholder community are also evolving. Recently, the GNSO Council DNS Abuse Small Team reconvened in March 2025 to scope a new policy development process (PDP). DotAsia’s VP for Policy Development, Jennifer Chung, was chosen to lead the GNSO Council DNS Abuse Small Team.
Spotlight on Jennifer Chung, GNSO Council DNS Abuse Small Team Lead and VP of Policy Development, DotAsia
Why is it important for ICANN to take a multistakeholder approach on the issue of DNS Abuse?
The ICANN community’s action on DNS Abuse demonstrates the strength of the multistakeholder model in action. DNS Abuse cannot be addressed by one stakeholder alone: A registry operator, a law enforcement or government agency, a technical security expert, or an end user all have valuable insight and need to collaborate in order to solve this problem. DNS Abuse requires the collective effort and sustained willpower of all stakeholders around the table to ensure that the issue is addressed properly.
The GNSO Council Small Team on DNS Abuse focused on prioritizing issues for a policy development process (PDP). We based our prioritization work on data analysis, community consultation, and input from stakeholder groups. Our work demonstrates the effectiveness of the multistakeholder model in action.
Why is the issue of DNS Abuse important to DotAsia, and the Asia Pacific region in general? Are there kinds of DNS Abuse more prevalent in the region?
DotAsia (.Asia) has a long history of leading on this issue. DotAsia moderated a multistakeholder Forum on DNS Abuse in 2011, paving the way for a continuing dialogue with the ICANN Community where different stakeholders affected by DNS Abuse can share information and ideas for responding to such abuse. Since our early days as the first gTLD to be headquartered in Asia, we promote Internet development and adoption in the Asia Pacific region. We also provide front-end registry services for DotKids (.Kids), which can experience more specific forms of DNS Abuse. DNS Abuse is a global concern, but certain types tend to fluctuate in prevalence in Asia, such as phishing attacks and malware. Every “.Asia” and “.Kids” domain registration contributes to our community, and we have a mandate to develop the ecosystem responsibly, which includes combating DNS Abuse.
An important strategy for reducing illegal and abusive online activity is working with third-party “trusted notifiers” who can detect and report these incidents to the proper level within the DNS ecosystem. In addition to our role in the GNSO Council DNS Abuse Small Team, DotAsia recently joined forces with TWNIC and Nominet to join the APAC Trusted Notifier Network, strengthening global domain name trust and security. We look forward to the continued expansion and strengthening of this cooperative effort across the region.
Why is the issue of DNS Abuse important to you personally? And what do the youth want to see on the topic in terms of Internet Governance (IG)?
I’ve been a part of DotAsia and in the policy development space for a number of years, witnessing the evolution of DNS Abuse and our role in it expand and deepen, both regionally and globally. Aside from my current role as the GNSO Council Small Team on DNS Abuse, it’s important to me both personally and professionally to create a safer and stronger Internet for Asia, and for the world.
In terms of the youth’s role in this space, the Asia Pacific Policy Observatory (APPO) published a youth-led analysis this June on “Asia Pacific’s Digital Governance in the Age of Artificial Intelligence”. APPO is part of NetMission’s many capacity-development programs for youth in Internet Governance (IG), with a special focus on policy analyses.
In their report, the APPO stated the urgent need for regional cooperation, ethical AI governance, and youth-led digital policy development to ensure that AI advances do not deepen existing inequalities. Regional cooperation is needed for a safer, more inclusive, and youth-centered digital future for the Asia Pacific. Crucially, we need youth engagement on this rapidly evolving issue, which has ramifications across the DNS, global economy and society. We hope to get more and more youth involved on this topic, both in APPO and in other vital IG fora—we need their leadership now, and in the future.
Asia Pacific Policy Observatory June 2025 Report – Asia Pacific’s Digital Governance in the Age of Artificial Intelligence: A Youth-Led Analysis