📵 DNS Abuse and Freedom of Expression: ICANN’s Balancing Act Between Security and Rights

by Pierfrancesco C. Fasano

As ICANN moves forward with developing a policy framework on Domain Name System (DNS) abuse mitigation, the stakes are high. The choices made in this process will shape how the internet is protected—and how open it remains. Done right, this work can strengthen both security and fundamental rights. Done poorly, it risks sliding into over-enforcement and unintended censorship.

Understanding what DNS abuse really is, why it matters, and where the red lines should be drawn is essential for anyone following the future of internet governance.

The DNS is often described as the internet’s phonebook. It translates human-readable domain names (like example.org) into the numerical addresses that computers use to talk to each other. ICANN oversees this core layer of internet infrastructure.

That technical role carries real-world consequences. Decisions taken at the DNS level can directly affect access to information. Shutting down a domain doesn’t just remove a single page—it can wipe an entire website off the map. That’s why DNS governance is not just a technical issue; it’s a human rights issue.

At recent ICANN meetings, one question has dominated the conversation: What should be done about DNS abuse? The sense of urgency is real. Many in the community worry that if ICANN doesn’t act, governments will step in with their own rules—potentially fragmenting the global internet and weakening the multistakeholder model.

DNS abuse refers to threats to the security and stability of the DNS itself. But for years, the term lacked a clear, shared definition. That ambiguity created risks: when definitions are fuzzy, enforcement tends to creep.

After long and often difficult consensus-building, ICANN adopted a narrow, technical definition of DNS abuse, covering five categories:

• phishing,

• malware distribution,

• botnets,

• spam used as a vector for harm,

• pharming.

These are infrastructure-level abuses. They are not about speech, opinions, or lawful content—even if that content may be controversial.

Registries and registrars usually operate behind the scenes, but they play a powerful gatekeeping role. Like social media platforms, they face increasing pressure from governments, rightsholders, and other actors to “do something” about online harm.

The problem is scale and precision. DNS operators don’t moderate individual posts or pages. In many cases, their only tool is domain suspension. And that’s a blunt instrument. Taking down a domain blocks everything—legal speech included. One disputed article should not result in an entire website going dark.

This is why a tight definition of DNS abuse matters. Without it, DNS enforcement can quickly become content moderation by another name.

Even with a clear definition in place, the line remains thin—and fragile. There is constant pressure to expand DNS abuse to include copyright claims, misinformation, or broader security concerns. But those are content issues, and they vary widely across jurisdictions.

Blurring this line would put DNS operators in an impossible position and open the door to inconsistent, and potentially politicized, enforcement. Keeping DNS abuse strictly technical is not a loophole—it’s a safeguard.

ICANN is now at an early but critical stage in developing a DNS abuse mitigation policy. This is a moment to prove that the multistakeholder model works—not just in theory, but in practice.

Key principles should guide the process:

• Technological evolution (including AI-enabled attacks) should not automatically justify expanding the definition of DNS abuse. Scale may change, but categories often don’t.

• The distinction between technical abuse and content-related concerns must remain clear and enforceable.

• Any mitigation policy must include due process: transparent notice, clear standards, and accessible mechanisms to challenge domain suspensions. A consistent dispute and recourse framework is essential.

Protecting the DNS and protecting freedom of expression are not competing goals. They are mutually reinforcing. A stable, secure DNS is what allows free expression to thrive online—but only if enforcement is precise, proportionate, and accountable.

This policy development process gives ICANN a real opportunity to show leadership: to build smart, targeted responses to abuse while keeping human rights front and center. The challenge is real—but so is the chance to get it right.