• About the Institute
  • Innovation
  • Education
  • Collaboration
  • Events
  • Blog
  • Contact
  • Events
  • Contact
  • Blog
  • NetBeacon
  • DNSAI Compass
DNS Abuse Institute

ABOUT US

Discover who we are and what we do

INNOVATION

Learn about our innovative solutions to strengthen the DNS.

EDUCATION

Access our resources and discover our projects and research.

COLLABORATION

Learn how to join, contribute, and participate!

Article

  • Home
  • Blog
  • Article
  • Best Practice: Abuse Reporter Expectation Management

Best Practice: Abuse Reporter Expectation Management

  • Posted by Rowena Schoo
  • Categories Article, Best Practice, News, Resources
  • Date September 7, 2022

This best practice explores how registrars should manage the expectations of abuse reporters. It starts with general research on the psychology of waiting, considers current registrar practices and reporter expectations, and provides specific guidance for registrars on how to manage expectations. 

 

Psychology of waiting 

Waiting for things is often an inevitable part of life, but some waits are more frustrating than others. Academics, consultants, and service providers have thought carefully about the psychology of waiting. They’ve found that the experience of waiting is important, if the wait is indeterminate, anxiety inducing, lonely, uncertain, unexplained, or is perceived as unfair it feels longer. This knowledge has been utilized in various contexts to improve the overall experience through communication. For example, Disney over estimates waiting times (promising 60 minutes and delivering 45 minutes). 

 

Abuse report responses 

When we set up NetBeacon, we tracked down abuse reporting emails for every ICANN accredited registrar. All registrars are required to publish an email to receive abuse reports. Once we cross referenced various lists, sense checked, and de-duplicated,(related registrars often use the same abuse contact) we were left with over 556 unique emails. 

 

We emailed all of them to introduce our new free service and encourage registrars to create an account so they could benefit from customization. We received no response (automated or otherwise) from 90% (503) of registrars. Almost 8% (43) confirmed the receipt with the creation of a ticket. The remaining 2% (10) were a mix, including redirections to a form, unclear responses, and instructions to create an account.

 

Reporter expectations 

Reporters and their expectations vary greatly, some of these expectations are entirely reasonable, others can be problematic. 

 

On the reasonable end of the spectrum, most reporters appreciate an acknowledgement of receipt. This helps them know if they have the correct information, and means they don’t need to duplicate the report. 

 

Some reporters may expect to be contacted for further information. In some cases, this may be appropriate. In others it may be unfeasible. Either way, clearly communicating a registrar’s standard practice is an easy way to manage expectations of future engagement. 

 

Expectations start to become more complex when reporters also want to know what the outcome of the decision was, and why it was made. The correct course of action becomes quite circumstantial as it may be appropriate to update reporters on the outcome of the decision depending on the context. It may also be sensible to simply have high level generic information publicly available that outlines the way decisions are made without disclosing too many details. Generally, it is necessary and potentially irresponsible for a registrar to publicly disclose the inner decision making of abuse determinations as this can result in an instruction booklet on how to slip through the abuse system. This does not mean that individual registrars should not exchange information with specific reporters. It just means the information they routinely publish for public consumption should be discerning on details. A publicly available policy, and high level answers to frequently asked questions are great ways to provide this information. 

 

There are some reporters who expect their reports to be actioned in a certain way—to have their determination and recommendation respected as a final decision on what should happen next. This is problematic for the registrars and for the wider system of internet governance. Registrars have developed policies and processes to make decisions based on evidence provided to them. They carry the customer relationship and potential legal liability for the result of that decision. It’s not appropriate for an external third party to appoint themselves to make such decisions. This expectation can create additional issues for registrars when they do engage with this type of reporter because it can result in an endless loop of back and forth communications, even escalating to threats of litigation. 

 

The question for registrars is how to best manage reasonable expectations, without getting drawn into time consuming correspondence that is not contributing to making the internet safer?

 

The reality of what registrars receive into their abuse inboxes is vast and varied, sometimes duplicative, automated, irrelevant, or unevidenced. Meeting every expectation of every reporter is not feasible or recommended. We’ve set out some guidance on how we think this can be managed. 

 

How to manage reporter expectations

Managing reporter expectations does not mean that a registrar is required to respond to and answer every question a reporter has. They don’t need to spend countless hours going back and forth in email chains. They are certainly not obliged to agree with the reporter’s determination of abuse, or to disclose the inside decision making of their abuse assessment. In most cases, it’s completely reasonable for a registrar not to respond at all beyond an initial acknowledgement of receipt. 

 

Based on our email experience, it seems the vast majority of registrars don’t currently provide an automated response. At the other end of expectation management we know that at least one registrar goes as far as to provide a unique URL for the reporter to monitor the status of their report. 

 

When it comes to reporter expectations, there are some relatively quick wins to reduce uncertainty, clarify the process, and hopefully improve the experience for everyone. 

 

  • Autoresponse: Set up an auto response on your abuse email. The wait for an initial acknowledgment of receipt is essentially instant.

 

  • Reduce uncertainty: Explain what happens next. If you’re not likely to respond beyond the initial autoreply, say so. If you don’t intend to tell the reporter the outcome, explain this too. If you do intend to respond or close cases within a particular time frame, say so and try to stick to it.

 

  • Share high level principles: Your auto response is a good opportunity to explain the “why.” For example, it can be useful to explain that it is not your standard practice to discuss the details of why a report is or is not determined to be abuse under your policy (e.g., because doing so could provide an instruction booklet for malicious actors to bypass your anti-abuse policies). We also recommend that you include a link to your public abuse policy. If you receive repeated questions, you could also compile a public Q&A on your website. 

 

We know that some registrars go above and beyond these three points, for example, including  unique URLs. This is certainly helpful for managing expectations and providing updates. We haven’t included this as advice because we’re aiming to create a best practice that all registrars, large and small, can easily meet. If you use a ticketing system you can include this information in your response, but managing expectations doesn’t require new software or business processes. It can be as simple as communicating clearly about your existing policies and processes. To make this even easier, we’re providing a generic response template that you can use and adapt. 

 

Generic response template 

“Thank you for contacting [registrar]. 

 

We have received your report and will investigate whether the domain name is in breach of our policies. If we find abuse, we will take action in line with our policies and processes. 

 

You can read our abuse policy here: [website]

 

If we need more information we may reach out to you. Due to the volume of reports we receive, we don’t routinely respond to reporters beyond this initial email confirming receipt. 

 

Please be aware that we do not share details of our investigation with external parties, this is to prevent malicious actors finding ways to exploit our policies and processes. 

 

Thank you for contacting us.”

Tag:DNS Abuse, DNS Abuse Institute, DNS Abuse Reporting, dnsai best practice

  • Share:
author avatar
Rowena Schoo

Previous post

DNS Abuse Institute Launches NetBeacon: First Ever Centralized DNS Abuse Reporting Service
September 7, 2022

Next post

Measuring DNS Abuse: Our First Report
September 16, 2022

You may also like

注册商和注册机构的《通用滥用政策》
30 August, 2023

最近,一位注册商联系我,他们真切关注采取更多措施来解决 DNS 滥用的问题,但不确定应该从哪里开始着手。DNS 滥用是一个复杂的问题,没有明确的切入点来着手解决。不止这一家注册商,许多注册机构和注册商越来越担心滥用行为,并需要帮助来着手解决这一问题。 本文是三部分系列文章的第一篇,该系列文章旨在为制定反滥用实践的关键组成部分提供合理、简明的介绍。第一篇文章致力于提供合理的法律依据,或者说基本的 DNS 滥用政策,以解决滥用问题。接下来的两篇文章将讨论管理 DNS 滥用的有效手段以及实际缓解程序。 本政策是与互联网和司法管辖区政策网络 (I&J) 共同制定的,我们对他们的贡献和支持表示感谢。I&J 在这一领域有很多非常好的内容,其中包括他们的 Toolkit: DNS Level Action to Address Abuses(工具包:DNS 层面应对滥用的行动),我建议任何对减少滥用感兴趣的人士都要读一下。DNS 滥用研究所也是 I&J 域名联络小组的积极参与者。  DNS 滥用具体政策 大多数注册商都会在其网站上发布某种形式的“服务条款”或“可接受的使用政策”。这些政策条款通常赋予注册商出于多种原因而终止服务的自由裁量权。 发布和采用特定的滥用政策提供了几个优势,主要是在于明确性和保护性方面。明确的滥用政策以及对其执行的声誉,可以对不良行为者使用该服务构成威慑。如果注册商或注册机构的相关政策涵盖了滥用行为,那么在对滥用行为采取行动时也会得到更有力的法律保护。  在我们详细介绍通用政策如何发挥作用之前,我想先说明一下它是如何制定的。首先,我们专门制定了这一通用政策,这样所有注册商或注册机构都可以根据具体情况来使用/修改/实施此政策。这就是为什么该政策采用创意共享许可,特别是 CC By 4.0 license(CC By 4.0 许可)的原因,这些许可允许任何人在注明 DNSAI 的情况下分享和调整材料。其次,我们正在将其转换为 Markdown 格式并将存放在 …

dnsaicompassinset
A New Phase of Measuring DNS Abuse
9 June, 2023
2022 DNSAI Annual Report Image
DNSAI Releases 2022 Annual Report
11 April, 2023

Search

Categories

  • Article
  • Best Practice
  • Bulletin
  • DNSAI Compass
  • News
  • Newsletter
  • Report
  • Research
  • Resources
logo-public-interest-registry-dns-abuse-institute

The DNS Abuse Institute

Providing innovative solutions and information that ensure the DNS is safe and secure worldwide.

Institute

  • About the Institute
  • Innovation
  • Education
  • Collaboration

Quick Links

  • Blog
  • Contact
  • Privacy Policy
  • NetBeacon
  • DNSAI Compass

Connect With Us

Newsletter

Get the latest DNS Abuse Institute news delivered to your inbox.


PIR will only use the personal data you submit via this form to contact you regarding the DNS Abuse Institute Newsletter. The information will not be used for any other purpose.

Please be aware that if you do not consent to the use of your email for this purpose we will not be able to fulfill your request.

Opt-In *

* indicates required

© 2022 Public Interest Registry. All rights reserved.