The DNS must enable expression – not silence it

The Domain Name System (DNS) is the backbone of the internet: it allows us to find what we’re looking for and makes the internet easier to navigate.

Thanks to the DNS, to find ARTICLE 19’s website we just have to remember a simple domain name (‘article19.org’). Without it, we’d have to remember a complex string of numbers (e.g. ‘2606:4700:10::ac42:a320’). And we’d have to remember a different string of numbers for each and every website we want to visit.

Yet worldwide, governments are weaponising the DNS to censor content, silence critics, and stifle the free flow of information.

Increasingly, rather than blocking single pages (like the one you’re now reading), they are making entire domains inaccessible (such as every page starting with ‘article19.org’ – thousands of pages spanning three decades).

This is unnecessary, disproportionate, and supercharges the risk of violating our right to speak and to know.

It’s like damming a river to catch a fish.

All companies have a responsibility to protect human rights.

Yet too often, the entities that operate domains comply with suspension requests – even when they don’t legally have to – resulting in censorship of legitimate speech. This gives them an outsized role as arbiters of what we can see and say online.

And they make their decisions in the dark: no oversight, no transparency, no due process. This makes it virtually impossible to challenge them, leaves civil society vulnerable to censorship, and deprives the public of their right to know.

What’s more, because DNS governance is so complex and opaque, neither policymakers nor civil society recognise how much power these entities wield – let alone what to do about it.

That’s where our new report comes in.

ARTICLE 19’s new report demystifies DNS abuse and shows how we can ensure the DNS is not used to silence voices.

Read our report

Key questions answered

What is the DNS?

The Domain Name System (DNS) helps us find our way around the internet.

It’s the reason why, to find ARTICLE 19’s website, you simply have to remember ‘article19.org’ (our domain name) rather than a complex string of numbers (our IP address).

Without the DNS, we’d have to remember the unique IP address of every single website we want to visit. With the DNS, we can just remember the domain name. The DNS then connects the domain name (words) to the IP address (numbers) to find us what we’re looking for.

This makes the internet easier to use – and information easier to access – for everyone.

What is DNS abuse?

How DNS abuse is defined determines what content stays online and what gets removed.

Yet there is no universally agreed definition of DNS abuse.

Different players define it differently – when they define it at all.

ICANN’s definition

The Internet Corporation for Assigned Names and Numbers (ICANN) defines DNS abuse narrowly: botnets, malware distribution, pharming, phishing, and spam.

While their definition is not perfect, it is better than having none at all (as is the case for some registries: see below) – and its narrowness prevents the kind of overreach that could violate online expression.

Registries’ definitions

Some registries stick to ICANN’s definition of DNS abuse. Others supplement it with their own categories of abuse – from child sexual abuse material (CSAM) to content that is ‘defamatory’ or ‘contrary to public policy’. Still others don’t define it at all.

Registries that operate domains like ‘.com’ or ‘.org’ are contractually bound by ICANN’s definition. This means they have to respond to all reports of DNS abuse that adhere to that definition. But how they respond is up to them – and some do so by suspending more content than necessary, which risks infringing on expression.

Registries that operate national domains, like ‘.uk’ (UK) or ‘.br’ (Brazil), aren’t bound by ICANN’s definition. And these registries often have close ties with governments, which can pressure them to remove content that doesn’t align with their politics.

Why do definitions matter?

How DNS abuse is defined determines what content stays online when abuse is reported.

Inconsistent definitions lead to inconsistent responses. One registry might respond to a report of DNS abuse by suspending a domain; another, faced with exactly the same report, might do nothing at all.

And where a registry lacks a definition of DNS abuse altogether, it becomes impossible to differentiate between legitimate suspensions (e.g. of a domain hosting CSAM) and repressive overreach.

Who does DNS abuse affect?

While DNS abuse can affect anyone with a website, ARTICLE 19 has witnessed a growing trend of governments using it to censor critical voices.

From journalists in Belarus to activists in India, our new report reveals how state actors are weaponising DNS abuse to silence dissent.

This violates both their right to speak and the public’s right to know – the twin rights that, together, make up freedom of expression.

Who is responsible for ending DNS abuse?

Protecting expression at the infrastructure level of the internet requires all hands on deck:

ICANN: ICANN maintains the DNS and creates the policies that domain operators implement.
It therefore plays an outsized role in ending DNS abuse.

Domain operators: Deciding whether to suspend a domain is up to the operator of that domain.
These companies also have human rights obligations. To fulfil those obligations, they should make
their decisions transparently, proportionately, on a case-by-case basis, and with due process.

Governments: Ultimately, it is our governments that are responsible for protecting our right to
freedom of expression. They must stop weaponising the DNS to censor, silence, and stifle critical voices
– and stop pressuring domain operators to act as content moderators.

Our report sets out how all of the above can keep the DNS an open, decentralised enabler of access to information – and how civil society can build resilience to its abuse.

The human impact of DNS abuse

India: Activists’ websites vanish as campaign gains traction

In July 2020, climate activists in India launched a campaign against a proposed weakening of environmental protections. But as the campaign took off, their websites suddenly vanished.

Read more

In July 2020, climate activists in India launched a campaign against a proposed weakening of environmental protections. But as the campaign took off, their websites suddenly vanished.

Three youth organisations, concerned about the consequences of a proposed change to India’s Environment Impact Assessment legislation, launched a campaign to stop it.

As their campaign gained traction – an online petition in 11 languages, hundreds of thousands of emails to officials – their websites suddenly vanished and they lost access to their emails.

‘We changed computers, browsers, I tried using a VPN – and it still wasn’t working.’
– Indian climate activist

After multiple attempts, they finally discovered the root cause. Without warning or explanation, the company that manages all websites ending ‘.in’ (India’s equivalent of the UK’s ‘.uk’, Singapore’s ‘.sg’, and Brazil’s ‘.br’) had disabled their domain name.

And without a domain name, accessing a website is virtually impossible.

_{Photo: Global Climate Strike in New Delhi, India, organised by Fridays for Future – one of the three youth organisations whose websites vanished – on 3 March 2023. (Mayank Makhija/NurPhoto)}

Belarus: Journalists’ association censored beyond borders

Read more

There are few more dangerous countries for journalists than Belarus (just two, in fact: Nicaragua and North Korea). But while the Belarusian Association of Journalists is no stranger to repression, they now face censorship beyond borders.

The Belarusian Association of Journalists (BAJ) has operated in exile since 2021. Since then, the authorities have designated their website, social accounts, and even logo ‘extremist’: in Belarus, merely liking one of their posts could land you behind bars.

In 2023, the registry that operates the ‘.by’ domain (the Belarusian equivalent to ‘.uk’) ordered BAJ to present their website-registration documents – in person. BAJ could not comply with this bizarre request: the risks were simply too great.

In response, the registry suspended their domain.

BAJ had to register a new domain, migrate all its web pages, create new email addresses for its staff, and warn its entire network – including at-risk sources – that any emails sent from their old domain could actually be from government officials.

‘For 20 years, the Belarusian authorities have been waging a war on freedom of expression. But … [they] will not result in the halting of independent media activity or the denial of truthful information sources to the people of Belarus.’
– BAJ

Photo: Rally for freedom, Belarus, 26 August 2020.
(VasSaa / Shutterstock)

Spain: Catalonian domains blocked in run-up to referendum

Just 10 days before a referendum on Catalonian independence, Spanish police raided the offices of the ‘.cat’ registry (Catalonia’s equivalent to ‘.uk’).

Read more

Just 10 days before a referendum on Catalonian independence, Spanish police raided the offices of the ‘.cat’ registry (Catalonia’s equivalent to ‘.uk’).

In September 2017, police raided the offices of Fundació puntCAT – part of the Spanish government’s efforts to crush support for Catalonian independence.

The police confiscated all their computers, arrested 6 of its staff, accused one of its executives of sedition, and ordered the registry to block 4 of its domains, including referendum.cat and ref1oct.cat.

Rather than showing information about the referendum, these websites displayed a message – apparently written by the Spanish military police – saying the domains had been seized.

In other words: the government choked access to information about the referendum – a topic of massive public interest.

‘We are being requested to censor content and suppress freedom of speech’
– Eduard Martín Lineros
(CEO, Fundació puntCat)

Photo: People protest for their right to vote in Catalonia’s referendum, 20 September 2017. (Andrea Gabrielli / Shutterstock)

Nicaragua: Regime ‘disappears’ websites of exiled media outlets

From 2018–25, state persecution forced over 280 Nicaraguan media workers into exile. Then the dictatorship found a way to target even exiled outlets: DNS abuse.

Read more

From 2018–25, state persecution forced over 280 Nicaraguan media workers into exile. Then the dictatorship found a way to target even exiled outlets: DNS abuse.

In March 2025, dictator Daniel Ortega moved to block independent websites from using the domain ‘.ni’ (Nicaragua’s equivalent of ‘.uk’). This struck a huge blow against Confidencial, an exiled independent outlet that reports on Nicaragua.

Confidencial had prepared for the attack by registering a new domain. But their new domain was not visible to anyone who visited their original site, who had no idea why they couldn’t find Confidencial in the usual place.

Out of options, Confidencial and similar outlets took to social media to reach their audiences, shining a light into the dark corners of government censorship.

‘The dictatorship of Daniel Ortega has ordered the 100% Noticias site blocked under the domain .ni, in a new attempt at censorship of the independent press.’
– Confidencial

Photo: Cameraman filming in Nicaragua on 16 April 2022. (cfalvarez / Shutterstock)

Recommendations

What should registries and registrars do?

Uphold human rights responsibilities in accordance with the UN’s Guiding Principles on Business and Human Rights.
Clearly define DNS abuse.
Assess DNS abuse reports on a case-by-case basis.
Implement escalating mitigation-response procedures.
Enshrine transparency in both internal operations and external reporting.
Establish recourse and redress mechanisms.
Conduct public consultations when amending policies or terms and conditions.
Develop accessible resources to increase understanding of what domain operators can and cannot do.

Our report provides more detail on all of the above.

What should ICANN do?

Work with the ICANN community (such as the non-commercial stakehold er group) to firmly reiterate ICANN’s human rights commitments.
Standardise due process and recourse mechanisms.

Our report provides more detail on the above.

What should governments do?

Protect, respect and fulfil human rights.
Conduct human rights impact assessments when developing regulation requiring the use of domain suspensions.
Clearly stipulate parameters for domain-suspension orders.
Integrate public consultations when developing legislation that could implicate internet operators.
Clearly define policies pertaining to or impacting the DNS.
Build the capacity of policymakers working on digital issues.
Recognise the varying roles of internet operators and their remit when addressing online content.

Our report provides more detail on all of the above.

What can civil society do?

Gather relevant information pertaining to the registry or registrar’s policies.
Consider the jurisdiction of the registry when registering a domain name.
Regularly back up all content on websites and email servers.
Decentralise domain-operator services and email services.
Consider the contact information shared with the registry when registering the domain.
Inform partners and networks as soon as a domain has been suspended or seized.
Contest domain suspensions through appeal mechanisms.
Develop a plan ahead of time for moving online resources to a new registry.
Develop a rapid-response advocacy campaign.

Our report provides more detail on all of the above.

The DNS was designed to enable access to information – not stifle it.

Let’s keep it that way.

Read the report

Find out more

15.12.2025 8 min read

ICANN: Why the DNS and content moderation shouldn’t mix

Click here to go to article

04.12.2024 4 min read

ICANN: New CEO and the opportunity to reiterate human rights commitments

Click here to go to article

06.06.2022 1 min read

Bridging the Gap: Local voices in content moderation

Click here to go to article

25.10.2021 8 min read

Internet: Content moderation at infrastructure level puts rights at risk

Click here to go to article

10.06.2021 12 min read

Online freedoms: Safeguards must be balanced with free expression

Click here to go to article

08.06.2021 4 min read

Digital freedom: Building an Internet infrastructure that protects human rights

Click here to go to article