Today, Punktum dk works purposefully to maintain a high level of security on Danish domain names, but in order to meet the threat landscape of the future, we are now introducing a more effective model for cooperation with the authorities: the scheme for trusted flaggers.
What is a Trusted Flagger?
A trusted flagger is typically an organization or authority that, by virtue of its work and expertise, is given a special responsibility in the case processing of other companies.
The use of trusted flaggers has gained traction in recent years in several EU regulations (including the DSA) as it allows for a quicker and more informed response to illegal content or abuse online.
How trusted flaggers can respond faster to online crime
Punktum dk has made an active decision in the fight against cybercrime. By introducing the use of trusted flaggers, we strengthen the foundation for the continued high level of trust in Danish domain names.
When an authority with the status of trusted flagger detects specific abuse, they can make a report, which Punktum dk acts on immediately. This significantly shortens the path from discovery to action, which is essential to minimize the harmful effects of e.g. fraud or phishing.
Important to safeguard legal certainty
As the administrator of the Danish domain names, Punktum dk is the foundation of the Danish internet. Therefore, the protection of the registrant's legal position is at the top of our list.
We ensure that any interventions against a registrant are proportionate and are carried out by the right party. This means, among other things, that you should not shut down an entire domain name if it is sufficient to remove specific content on a website.
However, there are situations where authorities make decisions that require the domain name to be shut down completely. It is in precisely these cases that a trusted flagger makes a difference. Here we can react promptly to a decision that the authority has already made, and thereby more quickly eliminate misuse of .dk domains.
Being self-regulating comes with a responsibility
At Punktum dk, we are self-regulating. This means that we determine the terms under which we conduct our business. This kind of self-regulation is a matter of trust that requires us to take responsibility for the security of the Internet in Denmark.
Our board has chosen to take on this responsibility by opening for trusted flaggers, but with clear and strict criteria for who can achieve this status. In order to be a trusted flagger at Punktum dk, the organization must:
- Be a public authority.
- Make administrative decisions in relation to the case at hand.
- Assume full legal responsibility for the assessment and decision.
- Enter into a formal, written agreement with Punktum dk.
This ensures that other organizations or private companies that do not meet these criteria cannot act as trusted flaggers in our system.
We have previously discussed the use of trusted flaggers at our open consultations on online abuse, where it was highlighted as a concrete and necessary opportunity to strengthen security.
Any misuse of a .dk domain name is one too many. Therefore, we do everything we can to keep security high, so that it is always safe to move around on Danish websites. This initiative is another important step in that direction.