Trusted Notifier

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

A Trusted Notifier is a designated entity for alerting registries about illegal activity, content, and/or DNS abuse associated with a domain name. Trusted Notifiers enter into written agreements with registries or registrars, which outline the roles and responsibilities for handling reports of abuse. All action is still determined by the Registrar or Registry.^[1]

Characteristics

Trusted notifiers tend to have a higher level of confidence in reporting malicious activity than outside referrals. However, not all notifiers are “Trusted Notifiers.” What makes a notifier trusted? The organization:^[2]

has strong, demonstrated subject matter expertise
shows consistent adherence to substantive, procedural due diligence
rigorously reports
is committed to a low false-positive rate and the accuracy of its notices
has an enumerated challenge process for registrants

Types and Examples of Programs

Government

The NTIA and the U.S. Food and Drug Administration (FDA)'s trusted notifier pilot program curbs access to illegal online opioid sales by working with domain name registries.^[3]

Non-Governmental Arrangements

TWNIC and DotAsia announced a trusted notifier fast track mechanism in March 2022.^[4]

Content-Based

Often Operators lack the subject-matter competencies and resources to identify, evaluate, and verify the alleged abuse.

The MPAA is treated as a Trusted Notifier for reporting large-scale pirate websites registered in a domain extension operated by Donuts, as announced in February 2016.^[5]
It is illegal for Operators to try to verify certain types of abusive content (such as CSAM). Internet Watch Foundation has trusted notifier arrangements with many entities. See the full list here.

Critiques

While the Trusted Notifier process is efficient for governmental involvement in virtual crimes, some are concerned about the involvement of private parties in content regulation.^[6] Concerns include:

Lack of transparency in non-sensitive private regulation.
The inability of governing bodies to regulate Trusted Notifier Agreements between private entities and registrars.

References

[1] Commerce Department Announces NTIA Pilot Program with HHS, FDA to Fight Illegal Online Opioid Sales

[2] CPH Notifier Framework

[3] NTIA & FDA TF Pilot Program

[4] TWNIC and DotAsia establish fast track mechanism to fight DNS abuse, Digitimes

[5] Donuts and MPAA Trusted Notifier Piracy Program, Motion Pictures

[6] Schwemer, Sebastian Felix, Trusted Notifiers and the Privatization of Online Enforcement (November 20, 2018).

[1]

[2]

[3]

[4]

[5]

[6]