• Built by Engineers, Picked by Leaders
  • 24/7 support from real experts
  • 2,000+ TLDs live in seconds, not days
  • 100% Secure
Status Login
Get started today

ICANN Launches DNS Abuse Policy Development: What Partners Should Know

ICANN has launched a new Policy Development Process (PDP) focused on DNS abuse mitigation. While discussions are still ongoing, this initiative could lead to significant changes in how registrars are expected to handle abusive domain activity. 

Here’s what we know so far and why it matters.

What is happening 

In early 2026, ICANN’s Generic Names Supporting Organization (GNSO) officially initiated DNS Abuse Mitigation PDP 1, following earlier updates to the Registrar Accreditation Agreement (RAA) in 2024. 

The focus of this PDP is on “Associated Domain Checks.” 

In simple terms, this means: 

When a domain is confirmed to be abusive (e.g. phishing), registrars may be required to investigate and act on other related domains linked to the same registrant or identifiers. 

 

How it could work in practice 

Under the proposed approach, when abuse is reported: 

  • A registrar identifies a confirmed abusive domain
  • They then use internal data (such as account identifiers, email addresses, or patterns) to detect associated domains
  • Based on predefined criteria, these related domains could also be flagged, investigated, or suspended

The goal is to prevent bad actors from continuing abuse across multiple domains within the same portfolio.


Why this matters 

Although the policy is not final yet, the direction is clear: responsibility for abuse mitigation may expand significantly. 

This could have several implications for you as a partner: 

1. Broader impact of a single abuse case 
A single flagged domain could potentially affect multiple domains within the same customer account. 

2. Increased operational complexity 
Handling abuse cases may require deeper investigation and more advanced tooling or processes. 

3. Higher expectations on monitoring and response 
Registrars, and indirectly partners, may be expected to act more proactively rather than reactively. 

 

Current status 

The PDP is still in the discussion and development phase, but timelines appear to be moving quickly. 

As with many policy processes, there is a balance to be found between effective abuse mitigation and fair, proportionate enforcement.

 

Our involvement 

Realtime Register is actively participating in the ICANN working group for this PDP. 

As always, we are committed to: 

  • advocating for sensible and practical policy
  • ensuring strong checks and balances
  • protecting partners from unintended negative impact

We will continue to represent your interests and keep you informed as the policy develops. 

 
How triggers are being discussed 

The working group’s discussion on Associated Domain Checks is grounded in the existing contractual language of RAA §3.18.2. That provision defines the existence of “actionable evidence” of DNS abuse and serves as the conceptual trigger for registrar mitigation obligations today. 
The PDP is examining whether, and under what safeguards, that same trigger could in future also justify investigating other domains associated with the same actor. 
 

What you should do now 

At this stage, no immediate action is required. 

However, we recommend staying aware of developments, especially if you: 

  • manage large domain portfolios
  • work with higher-risk customer segments
  • already handle abuse-related cases

We will provide further updates as soon as more concrete recommendations are published. 


Key takeaway 

ICANN is exploring stricter DNS abuse mitigation rules that could require registrars to act on entire groups of related domains, not just individual cases. 

While the policy is still under development, it may significantly change how abuse is handled across domain portfolios.