By Nivaldo Cleto*
On Tuesday, June 9th, I participated in the open meeting of the Business Constituency, BC2, during ICANN861 in Seville. BC is the ICANN group (photo above) that represents commercial internet users, that is, companies and organizations that depend on the network to sell, communicate, protect their brands, serve customers, and operate securely in the digital environment.
The meeting opened with a moving tribute to Arinola Akinyemi, an important member of the Business Constituency who recently passed away. Her passing was deeply felt by BC members, who remembered her kindness, good humor, collaborative spirit, and dedication to the Internet community.
Arinola played a significant role in the BC, including as a representative to the NomCom3. She was also remembered for her career in Nigeria and Africa’s information technology sector, for her contribution to AfICTA4, and for her commitment to inclusion, participation, and strengthening African presence in Internet governance spaces. It was a reminder that global Internet governance is not only about policy and technology, but also about people who dedicate time, energy, and life to building a better Internet.
One of the main technical topics of the day was Netcraft’s presentation on bulletproof hosting. In simple terms, this refers to hosting providers that directly or indirectly shelter malicious online activity, such as phishing, fake shops, digital fraud, and malware distribution. These structures often ignore abuse reports, move infrastructure quickly, and make it difficult to take criminal content offline.
For small and medium-sized businesses, this topic is highly relevant. Many fraud schemes use domain names that look similar to legitimate brands, fake sales pages, fraudulent payment requests, phishing campaigns, and websites that impersonate real companies. The damage is not only financial. It also affects reputation, customer trust, and the cost of digital protection.
The presentation showed that criminals do not act in isolation. They follow patterns: registering multiple domains, changing servers, using different providers, reusing infrastructure, and exploiting ineffective abuse reporting channels. As a result, taking down a single fake website may not be enough. The whole campaign must be identified.
This point connects directly with the debate on Associated Domain Checks10. The idea is that when one domain is identified as abusive, it should be possible to investigate whether other domains are linked to the same actor, infrastructure, or attack pattern. This kind of intelligence can help stop fraudulent campaigns before they reach more consumers and businesses.
The role of registrars9 was also discussed. Some participants stressed that the issue is not only who commits abuse, but also who fails to actively look for abuse. The concern is that ICANN enforcement should not depend only on individual complaints, but should also rely on data, records, minimum standards, and auditability.
Within the BC, there was discussion of the policy development work on DNS5 abuse mitigation. The group is closely following this process and supports rules that are clear, proportionate, and useful for the security of the ecosystem. At the same time, there is a practical concern: rules that are too vague make enforcement difficult; rules that are too rigid may quickly become obsolete.
Another important point was the discussion on reporting, records, and metrics. To know whether a policy works, it is not enough to say that a domain was suspended. It is necessary to verify whether the investigation was conducted, whether documentation exists, whether data can be audited, whether false positives occurred, and whether the criminal campaign was actually disrupted.
The meeting also addressed internal BC topics such as finances, governance, new membership, and outreach activities. The BC was reported to be in good financial condition and to maintain reserves for future expenses. Members were also encouraged to share their experiences and explain why it is valuable to participate in this ICANN group.
With Steve Crocker, the father of the internet
On policy matters, updates were presented on the work of the GNSO6 Council, which is responsible for policies related to generic domains such as .com, .org, .net, and new top-level domains. Topics included ICANN internal processes, review mechanisms, new domain rounds, and how specific issues should be handled within the community.
Another relevant topic was access to domain registration data. This debate is essential for companies, brand owners, authorities, and security specialists who need to identify those responsible for fraud, abuse, or infringement. At the same time, this access must be balanced with privacy and data protection rules.
The meeting also addressed collaboration between commercial and non-commercial ICANN groups, including dialogue within the CSG8. Even where views differ, dialogue is important to build balanced policies that protect users, companies, fundamental rights, Internet security, and stability.
In this context, I would like to extend a special invitation to major Brazilian brands: follow the debates of the Business Constituency more closely. Companies that invest in reputation, e-commerce, digital channels, customer relationships, and brand protection need to be present where global policies on domain names are discussed. BC membership allows companies to participate directly in debates on DNS abuse, access to registration data, fraud prevention, misuse of brands, fake shops, phishing, and the responsibility of actors operating the Internet’s domain name infrastructure.
For Brazil, expanding business participation in the BC is also a way to strengthen our voice in global Internet governance. Major Brazilian brands have much to contribute because they face real challenges every day involving digital identity protection, online reputation, consumer fraud, and misuse of their names on the Internet.
For Brazilian business leaders, the main message from the BC meeting is clear: Internet security does not depend only on antivirus tools, firewalls, or internal best practices. It also depends on global policies regarding domain names, registration data, registrar responsibilities, abuse response, and international cooperation.
The Internet is now essential infrastructure for every company. When DNS abuse, phishing, fake shops, or malicious use of domains occur, everyone loses: consumers, businesses, governments, and trust in the digital environment itself.
My mission in following ICANN86 is to observe these debates, understand their practical impacts, and bring concerns and opportunities to the Brazilian Internet Steering Committee so that Brazil can participate in a qualified way in the construction of global Internet policies.
The invitation is clear: more Brazilian companies, especially our major brands, should get to know the Business Constituency and take part in this debate. Protecting the digital identity of Brazilian brands also means being present in the global forums where Internet rules are built.
*Nivaldo Cleto, representative of the Business Users Sector at the Brazilian Internet Steering Committee
Member of the ICANN Business Constituency
Explanatory notes on acronyms and technical terms
