a blue circle with the word pir in it.

PIR ANTI-ABUSE PRINCIPLES

INTRODUCTION

Public Interest Registry (“PIR”) is the nonprofit registry operator of the .ORG Family of Domains. The Domain Name System (DNS), known as the “phonebook of the Internet”, saves Internet users the burden of memorizing Internet Protocol (IP) addresses. Thanks to the DNS, information online is more easily accessed through domain names, for example: pir.org. PIR is proud to serve as the steward of one of the most trusted spaces on the Internet. In furtherance of our nonprofit mission, PIR devotes considerable thought and resources to  ensure that our TLDs live up to the standards that we have set for ourselves and that our inspiring registrants deserve. 

BACKGROUND

One of the ways we foster those standards is through robust enforcement of our Anti-Abuse Policy (“Policy”). Given our position as a registry operator, our Policy focuses on technical abuses of the DNS, or “DNS Abuse” (i.e., phishing, pharming, malware, botnets, and spam) and limited instances of Website Content Abuse (i.e., complaints of abuse that fall outside of DNS Abuse, the definition of which can be found in the Framework to Address DNS Abuse). Our Anti-Abuse Policy covers what is prohibited in our TLDs and these principles explain why we make the decisions that we do.

At the registry or DNS level, PIR cannot affect individual pieces of website content by, for example, removing or blocking an image, video, or file. PIR can only suspend or delete an entire domain, which also affects all underlying services related to the domain such as email and sub-domains. To more effectively address abusive content on a website, parties with more specialized tools (i.e.,  the ability to remove or affect the content), such as the hosting provider, should take action. 

This becomes evident through the example of a large-scale forum or marketplace. There might be thousands of legitimate posts on such a site, and among those legitimate posts, there is one post allegedly attempting to sell stolen credit card information. For PIR to mitigate that one post, we would have to suspend the entire domain name which would take down all of the thousands of legitimate posts. This action would also take-down the email infrastructure of the entity that manages and operates the forum or marketplace. 

In all cases of abuse, PIR must balance the level of harm and the proportionality of our actions when addressing abuse. In most cases, targeted action by the service provider closest to the content with the ability to remediate the abuse is appropriate. 

PRINCIPLES

These principles outline PIR’s commitment to fighting online abuse across the .ORG Family of Domains. These principles seek to provide nuance, context, and structure to the way PIR addresses abuse under our Anti-Abuse Policy. 

1. We will act transparently with regards to Abuse. Every quarter, PIR will publish its Abuse and suspension metrics, including DNS Abuse (phishing, malware, botnets, etc.), court takedown orders, and Website Content Abuse suspensions.

2. Registrants will enjoy the benefits of registration, including free expression. Everyone who visits or registers a site with the .ORG family of domains should be able to express themselves and their views freely as long as they don’t breach legal requirements or PIR’s Anti-Abuse Policy.

3. We will do what is right, even when it is hard. PIR is fortunate to serve as steward for the trusted .ORG Family of Domains where so many are doing so much good online. We cannot and will not do the bare minimum on DNS Abuse, and we will be forward leaning and thoughtful in all cases. Our approach may prove challenging at times, but we should always strive to do what is right when all factors are weighed. Would it be easy and legally conservative to have a less robust Anti-Abuse Policy? Yes, but we don’t think it is the right thing to do.

4. Due process will be observed in each decision; this includes having a publicly available appeal process. Abuse mitigation can work only if it is seen to be fair and to follow basic principles of due process, including notice through the registrar to the registrant (in some cases ex-post facto), an opportunity to be heard, an opportunity to cure or correct alleged abuses, and the ability to appeal decisions taken. More information on PIR’s appeal process can be found here.

5. Actions will be proportionate and with a clear understanding of collateral damage. PIR cannot remove individual pieces of content on a website. Instead, we can only take down the entire domain name, along with any and all postings, threads, third-level domains, email, and all other content associated with the website attendant to the domain. Acting at the DNS level to address Website Content Abuse can cause immense collateral damage so we must act with caution when using the DNS to address abuse.

6. We will consider the scale of harms in making decisions on Abuse. We must weigh all relevant factors, and when online harms are severe enough, suspending a domain name is the appropriate action. In cases involving Child Sexual Abuse Material (CSAM), human trafficking, or other abuse that poses a threat to human safety, we will not hesitate, consistent with due process and these principles, to act swiftly.

7. Action based on illegality must be apparent on its face. For actions based on purely “illegal content” on a website, the manifest illegality must be apparent without any further investigation. For example, we would suspend the domain ‘stolencreditcards[.]org’ if the manifest purpose of the site was to sell stolen credit card information on the homepage. The illegality has to be manifestly evident because as a domain name Registry, we do not have the capacity, expertise, or knowledge to evaluate the extent of illegality of content and activities.

In other cases dealing with “illegal content,” the courts have to make a final determination of what is illegal and what is not. 

© 2025 PIR. ALL RIGHTS RESERVED