VeriSign Inc., the authoritative registry operator for two of the most important top-level domains, .com and .net, filed a request to the Internet Corporation for Assigned Names and Numbers’ (ICANN) Registry Services Evaluation Process on October 10, that proposes a new malware scanning service for domains as well as a new VeriSign Anti-Abuse Domain Use Policy.

This will give VeriSign the power to deny, cancel, or transfer any registration or transaction or the placement of any domain name on registry lock, hold, or similar status depending on the circumstances.

According to VeriSign, “All parts of the internet community are feeling the pressure to be more proactive in dealing with malicious activity. ICANN has recognized this and the new gTLD Applicant Guidebook requires new gTLDs to adopt a clear definition of rapid takedown or suspension systems that will be implemented.”

Also VeriSign aims to immediately take down sites that are harboring malware, launching phishing attacks, or otherwise being used to launch attacks across the Internet based on their malware scanning service.  But the problem with their request is that they want to take things further as they want the authorities to take down a site “to protect the integrity, security and stability of the DNS; to comply with any applicable court orders, laws, government rules or requirements, requests of law enforcement or other governmental or quasi-governmental agency, or any dispute resolution process; (and) to avoid any liability, civil or criminal, on the part of VeriSign, as well as its affiliates, subsidiaries, officers, directors, and employees… VeriSign also reserves the right to place upon registry lock, hold or similar status a domain name during resolution of a dispute.”

Simply put, VeriSign wants what the ICM Registry has with their .xxx domain which launched their ‘sunrise’ period last September 7 and will last until October 28.  VeriSign is also mimicking Nominet‘s proposed move to give UK police new powers to suspend internet domain names without a court order if they’re being used for illegal activity.

The move to request for more power comes from VeriSign’s strong belief that “Various law enforcement personnel, around the globe, have asked us to mitigate domain name abuse, and have validated our approach to rapid suspension of malicious domain names.”  And their system is “an integrated response to criminal activities that utilize VeriSign-managed [top-level domains] and DNS infrastructure.”

The problem with what VeriSign wants is that having that massive control could lead to abuse in power aside from the fact that this could be problematic when ethnicity and religious issues are taken into consideration.  For example, if they sanction the legality of one .com domain to legally host contents in US and Europe, what would their action be if that is deemed illegal in the Middle East?