On 12 April 2021 a new set of rules for the .au country code Top Level Domain (ccTLD) - the .au Domain Administration (auDA) Rules - took effect.
The auDA Rules contain a range of changes which enhance the way auDA administers the .au ccTLD in the public interest and for the benefit of all Australians.
When the new rules will apply
Domain names created, transferred or renewed on after 10:00 AEST 12 April 2021 are subject to the auDA rules.
If the current licence period for your .au domain name began before 10:00 AEST 12 April 2021, the legacy published policies in place at the start of your current licence period apply. If you renew your .au name the auDA Rules will apply.
Changes to how auDA operates
Among the changes in the auDA Rules are some more general changes to the way auDA manages the .au ccTLD.
Responding to national security and enforcement bodies, acting in the public interest
Part of auDA’s role is to ensure the .au ccTLD is safe to use and we need to be able to act when a domain or the domain name system is being used illegally.
The auDA Rules allow auDA to act on a request from an enforcement body or intelligence agency where it is in the public interest to do so and there is a significant impact on the Australian community.
Occasionally we get requests from various enforcement bodies to take action on certain domain names. The auDA Rules clarify how requests can be made, by who and the judgement we need to make before we act.
Under the auDA Rules, when we receive a request (which must be in writing) to suspend or cancel a domain name or take any necessary action, from an enforcement body or intelligence agency we must be sure that any action is ‘in the public interest’, and that we believe taking this action will achieve one of the following ‘public interest objectives’:
- the proper administration of government;
- the judicial system;
- public health and safety;
- national security;
- the prevention and detection of crime and fraud;
- consumer protection;
- the economic wellbeing of Australia;
- complying with Australia’s obligations under international law;
- the integrity, stability or security of the Domain Name System.
Changes to reserved names
Reserved names are names not able to be registered as domain names. These names include names prohibited by law, a name or abbreviation of an Australian state and territory, and names which may pose a risk to the domain name system.
Reserving names essential for the operation of government
Under the auDA Rules auDA can also, on request, reserve names which are essential to the administration of government. This change supports government delivering services online.
Reserving names for future use as a second level domain namespace
In .au, our second level domain namespaces include com.au, net.au org.au, id.au etc.
Under the auDA Rules auDA can also now reserve names for future use as a second level domain.
However, any proposed second level name cannot already be registered in the .au ccTLD and must be published on the auDA site for a minimum of 21 calendar days for public comment.
Changes to how we respond to activity occurring on sub-domains
A sub-domain is a part of your domain that you can add before your registered domain name.
e.g. pw.auda.org.au is a subdomain of auda.org.au
They are often used by companies to host different services or serve content to different audiences.
Registrants can create sub-domains as they need, however they aren’t recorded in the .au ccTLD registry.
Responding to activity occurring on sub-domains
Under the auDA Rules a person who holds a domain name licence is responsible for activity occurring on a sub-domain.
Previously, the rules were silent on this and auDA could take no action if the parent domain was compliant with the rules.
e.g. bags.forexample.net.au is being used for phishing, auDA now has the ability to suspend or cancel forexample.net.au.
Selling, renting or leasing sub-domains prohibited
Selling, renting or leasing sub-domains to third parties is clearly prohibited under the auDA Rules.
By selling, renting or sub-leasing sub-domains, a user is effectively operating a private registry. This kind of activity can erode trust in the .au ccTLD as sub-domains are not recorded in the WHOIS, and the ‘registrants’ of these sub-domain names may not meet the Australian presence requirements.
They also present a risk to the third party who using or renting a subdomain – they are at the mercy of the registrant of the parent domain, and are afforded no protections under the rules.