Cross-Border Clashes Domain Takedown Requests and the Struggle Between Transnational Crime Control and National Sovereignty
- by Staff
In an increasingly interconnected digital world, the domain name system (DNS) is no longer a passive infrastructure for routing traffic—it is a frontline battleground in the fight against transnational cybercrime. From phishing and ransomware to intellectual property infringement and online marketplaces for illicit goods, criminal actors frequently exploit domain names to facilitate or conceal their activities. As a result, law enforcement agencies and regulatory bodies around the globe routinely seek the takedown of domain names associated with unlawful content or conduct. However, the global nature of the DNS raises complex legal and political questions when such takedown requests cross national borders. At the center of the controversy is the tension between international efforts to disrupt cybercrime and the principle of state sovereignty, particularly when domain seizures or suspensions originate from jurisdictions other than the domain’s country of registration.
This tension is not merely academic—it plays out regularly in real-world conflicts between governments, domain registrars, registry operators, and internet governance bodies. One of the most prominent cases that exposed the fragility of this cross-border legal equilibrium was the 2018 takedown of domain names by the U.S. Department of Justice (DOJ), which seized dozens of .com domains allegedly used for sanctions evasion and propaganda by foreign actors, including Iran. Even though many of the affected domains were operated by entities based in other countries, the DOJ justified its actions on the grounds that the domains were registered through U.S.-based registrars or used TLDs administered by U.S.-based registries, such as Verisign. The implication was clear: jurisdiction over a domain could be claimed not based on where the content was hosted or the registrant located, but based on registry control and infrastructure geography.
This legal posture has drawn intense criticism from other sovereign states, particularly those who view such extraterritorial enforcement as a violation of international norms and digital sovereignty. Countries like Russia and China have publicly denounced U.S. takedown actions as overreach, arguing that they circumvent local laws and due process. Even allies of the United States have expressed concern that unilateral takedown orders risk fragmenting the internet and undermining multistakeholder governance principles that prioritize international consensus over state fiat. The issue becomes especially acute in politically sensitive contexts, such as when a website critical of a government is taken offline due to pressure from a foreign power.
Adding complexity is the technical reality that many domain names are governed by contracts and infrastructures that span jurisdictions. A domain may be registered through a registrar in one country, use a TLD operated by a registry in another, resolve via name servers in a third, and host content on a server in a fourth. This diffuse architecture makes it difficult to neatly localize legal authority. It also creates opportunities for so-called “forum shopping,” where parties request domain takedowns through jurisdictions known to respond quickly to enforcement demands, often with minimal scrutiny or notification to affected parties. The London-based non-governmental organization ARTICLE 19 has documented cases in which domain takedown requests led to the removal of legitimate speech because enforcement authorities lacked the linguistic or cultural context to assess content lawfully.
A particularly illustrative conflict arose in the context of online piracy. Rights holders in Europe, frustrated by the availability of pirated content through domains registered outside the EU, began lobbying for EU-level measures to compel domain takedowns even when the registrar or registry was not under EU jurisdiction. This led to cooperation agreements with some generic TLD registries to voluntarily suspend domains identified by enforcement agencies or rights holders as infringing. While such voluntary cooperation may appear efficient, it often bypasses judicial review and due process protections, raising red flags for digital rights advocates. They argue that such practices risk eroding the rule of law in cyberspace, where the standards for censorship or criminality vary drastically across legal systems.
The role of ICANN, the global coordinator of domain names and root zone policy, remains ambiguous in this landscape. ICANN has generally maintained a neutral stance, arguing that it is not an internet content regulator and that disputes over domain name legality should be resolved through applicable laws and courts. However, critics contend that ICANN’s contractual framework, which includes provisions for compliance with local laws, indirectly facilitates extraterritorial takedown pressure when registrars are subject to foreign jurisdictions. This ambiguity has led to growing calls for ICANN to establish clearer norms or procedural safeguards around domain takedowns, particularly in cross-border contexts.
In response to rising concerns, some countries have moved to assert greater control over their own ccTLDs as a means of reasserting digital sovereignty. Russia’s .ru registry, for instance, is governed under national legislation that allows state authorities to suspend or revoke domains deemed to violate Russian law. China’s .cn operates under tight administrative controls, with content restrictions enforced through both registry policy and state surveillance. In other cases, governments have explored the creation of parallel DNS infrastructures or national root servers, citing the need to prevent foreign interference. While these measures may enhance local control, they also increase the risk of DNS fragmentation, in which the global coherence and universality of domain resolution breaks down into isolated national or regional internets.
The fight against transnational cybercrime clearly requires international cooperation. Malicious actors do not respect borders, and effective enforcement often hinges on rapid response and cross-border intelligence sharing. Yet when enforcement mechanisms such as domain takedowns are used without clear procedural protections or mutual legal frameworks, the legitimacy of those actions can be called into question. One possible solution is the expansion of multilateral agreements that harmonize takedown procedures, ensuring that requests meet minimum standards of evidence, proportionality, and judicial oversight. Another approach is to promote greater transparency from registrars and registries, requiring them to publicly disclose the number, origin, and legal basis of takedown requests they receive and act upon.
At its core, the controversy over transnational domain takedowns is a manifestation of a deeper challenge: how to reconcile the borderless nature of the internet with the territorial limits of legal authority. It forces us to ask whose laws govern digital infrastructure, and under what conditions those laws can extend beyond physical borders. As the DNS becomes ever more entangled with global commerce, speech, and security, striking a fair and durable balance between crime prevention and sovereignty will be essential. Otherwise, the very universality that gives the internet its power may become its most vulnerable point of fracture.
In an increasingly interconnected digital world, the domain name system (DNS) is no longer a passive infrastructure for routing traffic—it is a frontline battleground in the fight against transnational cybercrime. From phishing and ransomware to intellectual property infringement and online marketplaces for illicit goods, criminal actors frequently exploit domain names to facilitate or conceal their…