Canadian Internet Registration Authority (CIRA)

Consultation on a modern copyright framework for online intermediaries

Submission of the Canadian Internet Registration Authority (CIRA)
#400, 979 Bank Street Ottawa, ON  K1S 5K5

May 31, 2021

Table of contents

• Executive summary
• Introduction
• About CIRA
  • The .CA DNS and Registry
  • CIRA’S Relevant Experience
• Options for reform as contemplated by the consultation paper
• DNS Abuse
• Principles
  • Necessity
  • Proportionality
  • Transparency
  • Non-Discrimination
• Who is an intermediary?
• Conclusion
• Appendices

Executive summary

The Canadian Internet Registration Authority (CIRA) is a member-based, not-for-profit organization best known for managing the .CA top-level domain (TLD) on behalf of all Canadians. This work includes maintaining the .CA domain name system (DNS) and associated registry services.

CIRA has long championed the principles of an open internet, which are essential to ensuring that the internet's different components interoperate effectively, and is opposed to impingements on it, such as what might occur with site blocking at the internet service provider (ISP) level. Under the principle of net neutrality, the content of internet communications are not controlled or interfered with by intermediaries except in extraordinary circumstances without a reasonable alternative to achieve a pressing outcome. In considering site blocking as a remedy for copyright infringing activities, it should therefore be unavailable unless:

1. other reasonable remedies targeting intermediaries closer to the infringing activity have proven ineffective;
2. the site’s electronic location and locus of control are deemed to operate outside of Canada and, therefore, beyond the reach of direct enforcement;
3. blocking is implemented in a way that, in the view of an impartial third party competent to review such matters, is least harmful to the quality, efficiency, and security and stability of the internet as a telecommunications network;
4. and a fair and considered process overseen by a court of competent jurisdiction testing the use of these other remedies has been followed.

To this end, CIRA is seeking a number of changes and clarifications to the proposals set out in the Consultation on a Modern Copyright Framework for Online Intermediaries. Our concern is primarily focused on the proposals set out in 4.4.1, “Establish a Statutory Basis and Procedure for Injunctions Against Intermediaries”:

The [Copyright] Act could be amended to provide expressly for injunctions against intermediaries to prevent or stop online copyright infringement facilitated by their services even where they are not themselves liable for it, such as where they may be protected by the safe harbours. These injunctions could be available through a court process to ensure the highest standards of procedural fairness. The specific relief possible through such injunctions could include orders to disable access to infringing content (e.g., “website-blocking” or “de-indexing” orders), remove such content (e.g., “takedown” orders), otherwise prevent or stop infringing activity (e.g., “stay-down” orders) or limit, suspend or terminate access to an intermediary’s service.

The proposal seems to suggest that all of these options have equal merit or efficacy, or ought to be weighed equally, in addressing the problem of infringement. This is not the case. The most logical and effective way to proceed initially is against the owner or operator of the site. Where that bears no reasonable chance of success, as may be demonstrated by unsuccessful efforts undertaken in good faith, the next most effective method is to seek an injunction against the website hosting provider to have the content itself removed — what the consultation paper calls a ”takedown order.” The involvement of the financial services and online payments communities may also be useful. Consequently, the scope of what might be considered an intermediary should be expanded to include these communities.

The more invasive option of website blocking at the ISP level strays from copyright-only matters to encompass the subject-matter of the Telecommunications Act. Blocking is, in fact, only a partial remedy as it is easily circumvented by, for example, obtaining a new domain name, or by users employing a commercial virtual private network (VPN) service or alternative public DNS resolver which does not filter out the website in question. Finally, if implemented incorrectly at the network layers, as there are multiple ways of doing this, website blocking may have unexpected negative consequences.^{Footnote 1 Footnote 2}

Given the limitations of site blocking, the proposed statutory guidelines should make it clear that a website blocking order cannot be issued unless the copyright owner has established a prima facie case of commercial scale infringement, they have failed to secure redress from the website owner, and efforts to have the hosting provider remove the content have been unsuccessful. Site blocking should only occur where both the site owner and hosting provider are located outside of Canada, thus outside the jurisdiction of a Canadian court, and where the hosting provider refuses to honour a Canadian order for injunctive relief. Should the department of Innovation, Science and Economic Development Canada (ISED) seek to allow for website blocking orders, the Government of Canada should follow the practice of Australia^{Footnote 3} and only permit these where the infringing content is located outside of Canada.

The issue of content abuse online is receiving considerable attention internationally and there are emerging best practices in this area. CIRA commends ISED’s attention to the work of the Internet and Jurisdiction Policy Network which recently published a toolkit entitled DNS Level Action to Address Abuses.^{Footnote 4} It contains a proposed “content complaint referral path” which integrates the important principles of necessity, proportionality, transparency and non- discrimination into a progressive approach to content abuse mitigation. This progressive approach lays out a hierarchy of different online intermediaries and the order in which to involve them when addressing issues of content abuse online.

The Copyright Act currently contains no definition of what might constitute an ‘online intermediary’, though the consultation document provides a casual definition, that being “the entities that facilitate access to the immense and growing volume of online content.” Later, the document indicates that intermediaries include internet service providers, private data storage services, web hosting and related services and web-based messaging, calling or mail services, among others. What is notably absent from this list is DNS operators when many, if not most, instances of website blocking are carried out through intervention points within the DNS. This omission suggests that the paper’s authors may not be fully aware of the important role played by various DNS operators in the architecture of the internet.

Internet access is a telecommunications service which is governed by the Telecommunications Act, which in turn has a number of policy objectives that strive to ensure the availability of high- quality affordable services and to enhance competition in the industry. Directing smaller ISPs to implement website blocking may prove to be a financial burden, thus impacting competition in the industry. It is of concern that the consultation document does not reference the Telecommunications Act, its policy objectives, common carriage (AKA “net neutrality”) obligations, and the potential impact on competition, or specifically engage telecommunications stakeholders.

This is even more peculiar given that s. 36 of that Act specifically prohibits service providers from interfering with content transmitted across their network. These telecommunications policy issues need to be surfaced and debated before proceeding. The timeframe for this consultation has been quite short, indeed rushed. CIRA is of the view that more research and background study is required before proceeding.

CIRA remains opposed to the concept of website blocking at the ISP level as, in all but the most extreme circumstances, it violates the principles of net neutrality that underwrite a free and open internet, and the common carriage principles codified in the Telecommunications Act. Should the government introduce a statutory framework for injunctive relief to address copyright infringement among online intermediaries, website blocking should only be permitted to address commercial-scale infringement after all other available remedies have proven ineffective, a fair and considered process overseen by a court has been followed, the infringing content’s electronic location and locus of control have been determined to be outside of Canada, and the blocking order has been implemented in a way that is the least harmful to the security and stability of the internet. CIRA requests further consideration of these issues before any legislative amendments are proposed.

Introduction

The Canadian Internet Registration Authority (CIRA) is a member-based, not-for-profit organization best known for managing the .CA top-level internet domain name on behalf of all Canadians. This work includes maintaining the .CA domain name system (DNS) and associated registry services. CIRA is also responsible for developing and implementing policies for the .CA domain that support Canada's internet community, and representing the .CA registry internationally.

CIRA has long championed the principles of an open internet to ensure that the internet's different components operate together in an effective and standards-based manner. In an open internet, the content of internet communications between endpoints are not controlled or interfered with by intermediaries except in extraordinary circumstances where reasonable, more proportionate alternatives are unavailable. This ensures that any user of the network can expect their information to reliably reach its destination free from interference by intermediaries.

CIRA has significant expertise in network operation and internet governance, having participated in multiple regulatory and legal proceedings about intermediary liability as it pertains to website blocking. CIRA is also a member of several international domain name industry working groups on international telecommunications, security, and internet governance issues.

Most pertinent to this proceeding is our participation in the Internet Corporation for Assigned Names and Numbers (ICANN) and the Internet & Jurisdiction Policy Network (I&JPN). ICANN is the California-based not-for-profit corporation responsible for global coordination of, and policy on, the unique domain names and Internet Protocol (IP) addresses that bind the internet together as a network of networks. The I&JPN is the preeminent multistakeholder organization dedicated to understanding the mechanisms to address online abuse in a cross-border context. Its secretariat facilitates a global policy process engaging over 400 entities including governments, internet companies, technical operators, civil society groups, academia and international organizations from over 70 countries.^{Footnote 5}

Drawing on this expertise, our submission will focus on the enforcement tools and obligations of intermediaries to address copyright infringement. The submission will detail how the internet works as a hierarchy of technical functionalities performed by different types of service providers. It will then identify enforcement actions available at each stage of functionality, and their corresponding consequences for internet users.

The consultation document proposes establishing a statutory basis for injunctions against intermediaries, including mechanisms to disable access to infringing content, such as “website- blocking,” or “de-indexing.” These mechanisms exist at different layers within the internet’s staged hierarchy of technical functionalities. We submit that any remedy established in legislation that would require domain name registries to suspend domains or internet service providers (ISPs) to block websites is a remedy of absolute last-resort, after a step-by-step approach of progressive escalation has been duly exhausted. We propose a “referral path” for content abuse, including copyright abuse that is rooted in the principles of necessity, proportionality, transparency, and non-discrimination.

CIRA does not function as a content host or platform. This submission will therefore not address the question of remuneration schemes as contemplated by the consultation document.

About CIRA

The .CA DNS and Registry

In the DNS, a top-level domain (TLD) is the part of a domain name that appears to the right of the dot; for example, COM, NET, CA, UK, or BIZ. There are over 1500 TLDs available. The authoritative list of all TLDs is maintained by the Internet Assigned Numbers Authority (IANA) in the Root Zone Database, overseen by ICANN. A country-code top-level domain (ccTLD) is generally used and reserved for a country, sovereign state, or territory as identified with an International Organization for Standardization (ISO) 3166-1 alpha-2 country code. Canada's ccTLD is .CA.

CIRA's responsibility to manage the .CA top-level domain and the underlying authoritative DNS services arises from the management function extended to CIRA in the 1999 letter from the Government of Canada.^{Footnote 6} ICANN and IANA recognize CIRA as the authoritative TLD manager for the .CA ccTLD. CIRA is responsible for ensuring the uniqueness of domains in the .CA zone and maintaining the authoritative directory of domain names therein. There are now more than 3 million .CA domain names, which CIRA has registered.

As a domain name registry, CIRA operates an information system (“database”) whose zone files contain the resource records that are the single authoritative source of information for .CA domain registrations. This authoritative database is distributed across many locations and updated regularly, for resiliency. These records amount to what some describe colloquially as the .CA “phonebook,” or official records on where to find a given .CA domain on the internet. At the core, CIRA and its TLD registry perform a directory function. As such, TLD registry operators do not have influence over the content of websites, nor do they transmit or store the content of websites.

Persons who wish to register a .CA domain name, called “registrants,” do not deal directly with CIRA. Instead, they must deal with a CIRA-certified “registrar.” Registrars are organizations certified by CIRA to facilitate the registration, transfer, renewal and modification of registration data for registrants. Only CIRA-certified registrars may apply to CIRA for the registration of domain names in the .CA registry and request modifications and other transactions with respect to .CA domain name registrations (for example transfers, renewals, etc.) pursuant to agreements, policies, rules and procedures set by CIRA and agreed to by the certified registrars.

For example, the registrant of the domain name Canada.ca is Shared Services Canada using the registrar Authentic Web Inc.^{Footnote 7} Authentic Web registered the domain name in the .CA registry with CIRA on behalf of the registrant, Shared Services Canada. The Government of Canada’s primary contractual relationship for the domain name is with Authentic Web Inc. In registering a domain through Authentic Web, the government also enters a contract with CIRA and agrees to abide by CIRA’s terms of service.

It is important to note that neither CIRA, as the registry, nor Authentic Web, as the registrar of the domain name, have any control over the content the government makes available on Canada.ca. The content resides on the premises of web hosting providers. As we will discuss later in the submission, neither suspending the domain name with the registrar or registry, nor blocking the domain at the ISP level would directly affect the content itself. Even if Canada.ca was suspended or blocked, sophisticated users would still be able to access this content by using tools such as virtual private networks (VPNs) or alternative DNS resolution services. It is therefore most effective and proportional to remove the offending content at the web-hosting level.

CIRA’S relevant experience

How to curb copyright infringement online is not a new policy debate. CIRA has participated in regulatory, judicial, and policymaking proceedings about intermediary liability as it pertains to site blocking. Most recently, CIRA intervened in TekSavvy Solutions Inc. v. Bell Media Inc. et al at the Federal Court of Appeal to assist the Court in the determination of factual and legal issues related to the appeal.^{Footnote 8} CIRA’s priorities in this intervention were to protect the technical integrity of the DNS and internet architecture from problems associated with website blocking at the ISP level, to help the Court appreciate deficiencies in the Plaintiffs’ approach in this matter, and to suggest preferable alternatives.

CIRA also made submissions to the government-appointed panel responsible for conducting the Broadcasting and Telecommunications Legislative Review in 2019.^{Footnote 9} CIRA's submissions centered on the technical arguments for continued separation of broadcasting and telecommunications legislation. Communications law in the digital age, CIRA submitted, should attempt to regulate at those points on the internet most directly associated with the related policy objectives.

In addition, CIRA made submissions to the Canadian Radio-television and Telecommunications Commission (CRTC) in response to the 2018 site blocking proposal by Fairplay Canada.^{Footnote 10} CIRA opposed the Fairplay proposal on the grounds that website blocking by ISPs should only be permitted in exceptional or extreme circumstances due to the potential for unintended harm caused by relying on the DNS to block content, and to the ability of users to circumvent such blocking mechanisms.

CIRA participates in international working groups dedicated to developing new methods and industry best practices for curbing technical and content abuses online. These include ICANN meetings, where CIRA staff have served in various ICANN leadership positions to foster policy consensus and technical cooperation among ccTLDs, as well as facilitate the development of best practices for ccTLD managers globally. In 2012, the ICANN Security and Stability Advisory Committee published an advisory report about the impacts of content blocking, including site blocking, via the domain name system.^{Footnote 11} The report outlines issues that governments should take into consideration in order to fully understand the technical implications of different methods of site takedowns or site blocking when developing policies that depend upon the DNS to block or otherwise filter internet content.

CIRA also participates in the I&JPN, described earlier, which has a mandate to enhance legal interoperability and reduce jurisdictional tensions in the global governance of the internet. CIRA staff are currently involved in a working group which considers issues of jurisdiction related to domain names and the DNS, specifically including questions about how the neutrality of the internet's technical layer can be preserved when national laws are applied to the DNS.

Our submission will draw on CIRA’s submissions to related proceedings, best practices within the internet governance communities in which CIRA participates, and the efforts of the domain name industry to address abuse.

Options for reform as contemplated by the consultation paper

Section 4.4 of the consultation document contemplates clarifying or strengthening the tools available to rights holders in their online enforcement efforts, with a focus on commercial-scale infringement. The document goes on to propose the establishment of a statutory basis and procedure for what it refers to as “website blocking,” “de-indexing,” or “takedown” orders in the form of court Injunctions against intermediaries.

CIRA agrees that statutory guidance is required for the courts to interpret the appropriateness of such remedies for rights holders. Other jurisdictions base blocking orders on explicit statutory regimes. Where legislators prescribed statutory benchmarks, such as in Australia, the United Kingdom (UK), and elsewhere in the European Union (EU), courts grant blocking orders in accordance with the relevant statute. Australian legislation is “deliberately prescriptive; it is intended as a precise response to a specific concern raised by copyright owners.”^{Footnote 12} CIRA agrees that within the framework of an explicit statutory regime, courts are the appropriate body to determine what constitutes copyright infringement and to order intermediaries to take action, provided that when such orders engage other areas of the law such as telecommunications, they are tested against those policy goals and issued in the manner that best furthers them.

Canadian jurisprudence on website blocking is limited. Bell Media Inc. et al v Goldtv.biz et al., (2019 FC 1432) (“GoldTV”) saw the court acting without explicit statutory guidance, instead relying on a body of case law from outside Canada and efforts to read between the lines of the Telecommunications Act and the Copyright Act. The major flaw in the GoldTV approach is that a court has granted an injunction, not as a last resort, but as a first resort. Moreover, it has done so in a context where there is evidence of Canadian operators and information potentially available from Canadian entities, and from financial intermediaries, and whose efficacy or availability were not first tested by the court. For example, the plaintiffs did not make efforts to seek an injunction or a Norwich order with the content hosts, the domain name registrars or registries, or the payment processors.

CIRA submits that a new statutory basis for online copyright enforcement efforts should indeed be codified, and in a way that the extreme remedy of site blocking at the ISP level would be a true last resort. Instead of site blocking as a first resort, as we see in the GoldTV jurisprudence, CIRA makes submissions about developing a logical and hierarchical referral path of intermediaries that are best suited to address the infringing content.

The reforms as proposed by the consultation paper suggest that all options for enforcement have equal value in addressing the problem of copyright infringement. Given the limitations of website blocking, new statutory guidelines should make clear that a site blocking order cannot be issued unless and until the copyright owner has tried and failed to secure redress from the website owner and efforts to have the hosting provider remove the content have also failed. Finally, the latter situation should only occur where both the site owner and hosting provider are located outside of Canada, thus outside the jurisdiction of a Canadian court, and where the hosting provider refuses to honour a Canadian order for injunctive relief.

DNS Abuse

The DNS has been likened by many to the internet’s address book. When a user enters a domain name in an internet browser—Canada.ca for example—the browser is configured to access one of the many nameservers owned and operated by CIRA (located in Canada and around the world) to tell the user’s computer the internet protocol (IP) address of the server where the content managed by Canada.ca is located. Put simply, the registry helps match the domain name to its unique, corresponding number (IP address) “out there” on the network. CIRA’s role in the process is the same as other TLD registries, including other country code TLDs (ccTLDs) such as .fr, .us, .uk, .de; and generic TLDs (gTLDs) such as .com, .net, .org. The role of a registry is to maintain records of registrants and provide the IP address where the content can be located via authoritative DNS resolvers. The content itself, however, is located on servers operated by hosting providers. DNS resolvers do not host any content, nor does any internet content travel over the DNS itself.

ISPs provide what are called recursive DNS services to their customers, but this is ancillary to their provision of internet connectivity. The recursive DNS services of ISPs are largely unseen and unfelt by the end user but are necessary to the provisioning of internet connectivity services. As demonstrated in Figure 1, the recursive DNS records of ISPs rely upon the authoritative records of ICANN and the TLD registries. There are also many standalone DNS resolver operators in Canada that are neither domain name registries nor ISPs. These also rely on the records of ICANN and TLD registries. DNS resolvers play an essential role in how internet users access websites and in how intermediaries implement site blocking, yet the technology is curiously absent from the consultation document.

DNS operators from around the globe, such as registrars and registries, are, from time to time, presented with orders compelling domain name suspensions or registrant identification details related to alleged abusive content on the sites underlying their domain names. The domain name and internet governance communities have identified two major categories of DNS abuse: technical abuse, and website content abuse. An associated set of best practices is emerging for addressing each category. The I&JPN defines these categories as:

1. Technical abuse (e.g. phishing, malware distribution, etc.), which is closely related to the security and stability of the technical layer of the internet; and
2. Content abuse (e.g. child sexual abuse imagery, intellectual property violations, etc.) which occur at the level of the website

Copyright infringement is therefore categorized as a type of content abuse. Technical abuses and content abuses each present different sets of characteristics and considerations for online intermediaries. Content abuse, including copyright abuse, is best dealt with through content- proximate intermediaries such as social media platforms and web hosting providers. The DNS, as an addressing system or directory function, is a neutral technical infrastructure which is critical to the proper functioning of the internet. Similarly, ISPs function as neutral common carriers of telecommunications. Intervention at these layers is an invasive and blunt way of addressing content abuse, and should not be reached for as the first logical tool for doing so, for reasons we outline below.

The I&JPN offers helpful guidance for establishing a referral path hierarchy for content abuses which takes into consideration the specialized roles and categories of various internet intermediaries. They propose a process of procedural due diligence organized around the closeness of the relationship of the intermediary to the person or entity sharing the infringing content. The proximity of that relationship also determines the precision with which the intermediary can take action to remove the content. A toolkit for DNS Level Action to Address Abuses is available on the I&JPN website.^{Footnote 13}

CIRA supports the model of a referral path of procedural due diligence for addressing the problem of online copyright infringement, which includes both internet intermediaries and the financial services intermediaries who facilitate the electronic transfer of funds that incentivizes online infringement.

CIRA submits that intervention at the ISP level should be a remedy of absolute last resort which, unlike other remedies considered, engages the Telecommunications Act in addition to the Copyright Act. What is more, acting at the DNS or ISP level for website content abuses should only be considered when a domain is used with clear intent of significant abusive conduct, and only after other, more effective, and more narrowly-tailored remedies have been exhausted through a defined course of procedural due diligence.

Principles

The next sections of this submission establish why a defined referral path of procedural due diligence is the appropriate approach for a framework that addresses copyright infringement. CIRA submits that such a referral path must be rooted in the principles of necessity, proportionality, transparency, and non-discrimination, which we understand to be international best practice. The provisions of the EU Open Internet Regulation establishing net neutrality rules across Europe to be enforced by national telecommunications regulatory agencies, for instance, state in part:

Providers of internet access services shall treat all traffic equally, when providing internet access services, without discrimination, restriction or interference, and irrespective of the sender and receiver, the content accessed or distributed, the applications or services used or provided, or the terminal equipment used. The first subparagraph shall not prevent providers of internet access services from implementing reasonable traffic management measures. In order to be deemed to be reasonable, such measures shall be transparent, non-discriminatory and proportionate, and shall not be based on commercial considerations but on objectively different technical quality of service requirements of specific categories of traffic. Such measures shall not monitor the specific content and shall not be maintained for longer than necessary.

Providers of internet access services shall not engage in traffic management measures going beyond those set out in the second subparagraph, and in particular shall not block, slow down, alter, restrict, interfere with, degrade or discriminate between specific content, applications or services, or specific categories thereof, except as necessary, and only for as long as necessary…^{Footnote 15}

CIRA urges the Government of Canada to adopt as foundational to the modernization of the copyright framework for online intermediaries the principles of transparency, non- discrimination, necessity, and proportionality underlying a referral path of escalating measures to address copyright infringement online.

Necessity

Before persons or entities filing complaints alleging abuse seek remedies with intermediaries operating in the technical infrastructure of the internet— including domain registrars, domain registries, and ISPs—they must conduct proper substantive and procedural due diligence. Substantively, there must be no question as to the substance of the allegation, that is, the infringement is unequivocally piracy and not a ‘fair use.’ The rights holder must ensure any claim against the content of a domain is properly investigated, substantiated and documented (e.g., screen shots, evidence of ownership in claims of infringement.) Only after this proper substantive due diligence has been undertaken would the process of addressing the abuse through procedural due diligence be commenced. CIRA commends the statement in the consultation document that the focus of any new regime for orders would be on commercial scale infringement rather than infringement by individuals. Commercial scale activity would need to be established at this stage.

This procedural due diligence would follow the content complaint referral path outlined earlier, starting with the intermediary whose relationship is closest to the person or entity sharing the infringing content. The I&JPN’s proposed ‘Proper Content Complaint Referral Path’ provides excellent guidance on the order in which a rights holder should provide notice.^{Footnote 16} The government may also contemplate injunctions against financial intermediaries, such as payment processors, and other intermediaries involved in the chain of value.

In assessing whether it is necessary to grant a blocking or takedown injunction at the ISP level, the court must determine whether such a blunt enforcement tool is necessary under the circumstances. Under Australia’s statutory scheme for site blocking, only “an online location outside Australia” can be blocked.^{Footnote 17} This “important limitation on the power of the Court”, wrote Australian Justice Nicholas, “may reflect an assumption that other provisions of the Act provide copyright owners with adequate remedies in respect of online locations situated within Australia”.^{Footnote 18} This is to say, more proportional remedies than site blocking targeting intermediaries closer to the infringing content are available to the court when the site operator or hosting company is situated in and subject to the jurisdiction of the court. It is therefore unnecessary to seek redress at the ISP level when other more appropriate and more effective interventions are available in the court’s jurisdiction.

Proportionality

Any remedial action sought through intermediaries must be proportionate to the severity of the infringement. First, the damage must be significant in the context of the injunctive relief sought. The proportionality of the effects on intermediaries must also be considered.

On one side of the proportionality fulcrum is a spectrum of copyright enforcement options, ranging from least to most intrusive. On the other side are an array of economic impacts, human rights, public interests, internet governance, and technical and policy considerations. The balance point between these is the principle of minimal impairment. Less intrusive options should be tried first. The most intrusive option (blocking) should be ordered last.

For example, facebook.com would not be ordered taken down by a registry or registrar, or blocked by ISPs, because a small percentage of posts by its users contains infringing content. Such an order would make the entirety of facebook.com unavailable to most people, and skip more proportionate approaches. Indeed, in this situation, it’s clear that the intermediary with the ability to remove the content with precision and the least impact on the technical functioning of the internet is the site operator: Facebook Inc.

In the case of a file sharing site, if a registrar or registry suspended the domain due to a small proportion of infringing content then thousands of other pieces of legitimate content such as open-source software or Creative Commons-licensed media would be rendered inaccessible by users. Similarly, an individual's personal website should not be ordered taken down or blocked because a small percentage of the content infringes upon a rights holder. The intermediaries with the ability to remove the content with precision are the website operator or registrant and the website hosting provider, who are likely able to remove the instances of abusive content while leaving the remaining content (and the domain name) intact.

Furthermore, as mentioned earlier, intervening in the DNS is rarely completely effective as many takedown or blocking techniques can be circumvented by sophisticated users employing VPNs, alternative DNS resolvers, or the IP address underlying a given domain name.

Ordering a website be blocked by ISPs is a blunt instrument that crosses statutory domains, requires coordinated action by many different network operators, challenges net neutrality, and can have collateral impacts. In CIRA's view, direct action at the DNS level is only justified in the context of technical abuse, because of the imminent threat to the security and stability of the internet. For content abuse, acting at the DNS level is rarely appropriate as DNS operators are not in a position to remove the offending content. At these intervention points, the whole of the site would become unavailable, including those portions that include non-offending material. Furthermore, services such as email that rely on the resolution of a domain name, may also become inoperable.

However, if the rights holders have pursued a path of procedural due diligence and demonstrated the website operator and website hosting companies are non-responsive and the process has escalated to the registrar and registry level, the next step is an in-depth evaluation towards making a decision on whether the abuse meets a sufficient threshold justifying taking action at the DNS level.

Even if it is established that the website contains infringing material, the proportion of the site dedicated to the infringing content must be considered. It would not be appropriate to seek to block access to Tik Tok or Facebook because of isolated instances of copyright infringement. Caution would also need to be taken with respect to file sharing sites where the majority of the content is non-infringing.

Even if it is found that some form of action at the DNS level is warranted, a further decision is required on the specific action to be taken. Action at the DNS level can take the form of holding a domain so that it does not resolve, locking the domain, transferring or even deleting it. ^{Footnote 19 Footnote 20}

Transparency

Some of the most internationally recognized guidelines for designing legal frameworks for intermediary liability come from the Manila Principles on Intermediary Liability, which were designed through a multi-stakeholder process in 2015. The sixth of the six Manila Principles calls for programmatic transparency with respect to content-oriented blocking (“[t]ransparency and accountability must be built into laws and content restriction policies and practices”). The following guidance is particularly germane:

3. Intermediaries should publish their [blocking] policies online, in clear language and accessible formats, and keep them updated as they evolve, and notify users of changes when applicable….

5. Intermediaries should publish transparency reports that provide specific information about all … restrictions taken by the intermediary, including actions taken on government requests, court orders, private complainant requests, and enforcement of… policies.^{Footnote 21}

Any framework for addressing copyright related content abuses that employs content takedowns or website blocking as a remedy must include mechanisms for notifying the infringing party that they have offended, and notifying users attempting to access the content what content has been ordered taken-down or blocked and on what grounds. In the absence of such transparency, DNS blocking can be misdiagnosed and may result in responses from end users, network administrators, service providers, etc. that attempt to mitigate the damage.^{Footnote 22}

As a best practice, intermediaries should publish their corporate policies for compliance before the fact, and account for how they have been applied afterwards. Finally, there must be a publicly available appeal mechanism where the website owner can contest the action. This is particularly important in cases of false positives, where infringement is inappropriately identified or applied.

Non-Discrimination

Independent judicial oversight is a key consideration given the vertically-integrated nature of Canada’s telecommunications sector, where several major players have significant content holdings and sell internet services. There is an issue of negative competitive impact that must be assessed in considering telecommunications policy concerns with the vertical integration of common carriers and content providers. In the GoldTV case, the applicants seeking the remedy were also the third-party common carriers tasked with implementing it.

As stated by a 2019 Parliamentary committee considering blocking orders: “It is not hard to imagine a situation where one vertically integrated ISP-rights-holder seeks an injunction that would apply to another ISP-rights-holder, who would gladly provide it with little contest given that they share similar interests in the outcome of the case.”^{Footnote 23} In clarifying intermediary liability and developing a framework for enforcement of copyright, parliament must seize the opportunity to clarify how to weight such difficulties against polycentric telecommunications and copyright objectives.

Who is an intermediary?

The Copyright Act contains no definition of what constitutes an ‘online intermediary’. It is unclear which actors this consultation aims to capture or provide clarity around. DNS operators, including domain name registrars and registries, as well as public DNS resolver operators are not contemplated by the consultation. DNS operators’ absence is notable because the consultation document proposes a statutory framework for takedowns and website blocking — remedies that are achieved by utilizing intervention points within the DNS. Consulting on website blocking without understanding the DNS is like studying the behavior of the tides without understanding the patterns of the moon.

CIRA has interventions in policy that are available to rightsholders in order to address alleged abuses, including copyright infringement. Rightsholders may contact the registrant of a domain name. For domain names owned by businesses, rightsholders can complete a WHOIS search to obtain the contact details for the registrant. The contact details of individuals who own domain names, however, are protected for privacy reasons and not searchable through WHOIS. If one wishes to contact an individual registrant, they may use CIRA’s message delivery form, which enables the rightsholder to send a message to the registrant.^{Footnote 24} This is a tool that allows rightsholders to send notices to registrants and ask for the infringing content to be removed, a first step in the content complaints referral path described above.

In the event that the owner of a domain name does not respond to the message sent through CIRA’s message delivery form, CIRA has rules and procedures for the Request for Disclosure of Registrant Information.^{Footnote 25} To be able to request information, Requestors must meet the following requirements:

1. the information is not publicly available through the WHOIS search tool,
2. the Requestor must have a good faith dispute with a registrant, meaning the Requestor reasonably believes in good faith that the domain name or its content infringes their (I) registered trademark, (ii) registered copyright, (iii) issued patent, (iv) registered corporate, business, or trade name, or
3. is making use of the Requestor’s personal information without their knowledge or consent to commit a crime.

This process enables a rightsholder to engage with registrants in good faith in order to try to address alleged copyright infringement at the party closest to the infringement – the registrant. The omission of the DNS from the consultation document suggests the paper’s authors may not be fully aware of the important role played by DNS operators in the architecture of the internet, and therefore as intermediaries that may be captured by proposed updates to the Copyright Act.

It is also unclear why the consultation is restricted solely to so-called “online intermediaries,” when other points of interventions or “choke points” exist. CIRA notes that financial intermediaries, such as payment processors like PayPal, or credit card companies, which play a key role in much infringement, and have material information of assistance in identifying the infringing party, are absent from this list.

Finally, the Telecommunications Act governs the provision of telecommunications services. It is concerning that the consultation document does not refer to the Telecommunications Act, its policy objectives, the principle of common carriage or net neutrality, or how the proposed enforcement tools for online copyright infringement could impact the body of law and regulation that form telecommunications policy in Canada. These telecommunications policy issues need to be raised and considered before proceeding. CIRA holds the view that more research and background study is required before proceeding.

Conclusion

The reforms proposed in the consultation paper for modernization of Canada's copyright framework for online intermediaries suggest that site blocking and takedown orders are the preferred enforcement tools. We have demonstrated that there are more effective, less intrusive, and more proportional enforcement tools that exist which target intermediaries closer to the infringing activity.

An intellectual property owner who believes that their copyright has been violated should seek redress through the use of a progressive and proportional process that begins with the owner of the website and then through the hosting provider. CIRA urges the Government of Canada to adopt a referral path of escalating measures to address copyright infringement online. Such a framework would be rooted in the principles of transparency, non-discrimination, necessity, and proportionality, and would harmoniously integrate the objectives of both the Telecommunications Act and the Copyright Act.

Website blocking should only be considered a measure of last resort to be used after working through the remedies available closer to the infringing content. Only after these remedies have been exhausted without redress should a rights holder seek action at the DNS or ISP level. When remedy is granted here, it must be proportional to the degree of harm posed by the site. Rarely, and only under extraordinary circumstances, is it justified to block a whole domain name.

Finally, the lack of clarity around what constitutes an intermediary; the omission of a concurrent consideration of the relevant elements of the Telecommunications Act; and the timing of the appellate court’s decision on Canada’s only site-blocking jurisprudence all point to the need for more time and study before the implementation of a statutory scheme for site blocking.

Appendices

1. Security and Stability Advisory Committee, “SAC 056: SSAC Advisory on Impacts of Content Blocking via the Domain Name System,” ICANN Security and Stability Advisory Committee, October 9, 2012
2. Internet and Jurisdiction Policy Network, “DNS Level Action to Address Abuses,” Internet andJurisdiction Policy Network, March 2021
3. Michael Binder, “Letter from Michael Binder, Industry Canada, to Robert Hall, CIRA,” IANA, March 11, 1999
4. Memorandum of Fact and Law of the Intervener, Canadian Internet Registration Authority and of the Intervener, The Samuelson-Glushko Canadian Internet Policy & Public Interest Clinic, TekSavvy Solutions Inv v Bell Media Inc., et al, 2020 FCA No. A-440-19
5. CIRA, “Submission to the Broadcasting and Telecommunications Legislative Review Panel,” Canadian Internet Registration Authority, January 11, 2019
6. CIRA, Intervention in Public Process 8663-A182-201800467 - Asian Television Network International Limited, on behalf of a Coalition (FairPlay Canada), Application to disable on-line access to piracy sites
7. CIRA, ”Request for Disclosure of Registrant Information,” Canadian Internet Registration Authority
8. Manila Principles on Intermediary Liability, March 24, 2015