The discussion follows representations by SOCA, the Serious and Organised Crime Agency, and are likely to gain favour amongst many ISPs, Infosecurity understands.
In its RFC/discussion document, Nominet points out that it "does not have any clear obligation in its registrant terms and conditions that a domain name should not be used in connection with any activity that would constitute an offence under UK criminal law."
Infosecurity notes that many ISPs have been taking sites down where a major malware or similar criminal action is suspected. Many, however, have not, and it's this area that the UK's internet registrar wants to clarify and lay down in its terms and conditions.
All ISPs will respond to a court order, but the gameplan with these changes is that a court order will no longer be required, and a simple request from the police - or a decision by Nominet itself - will be enough to trigger a site takedown.
Commenting on the Nominet plans, Claire Sellick, event director with the Infosecurity Europe show, said that infected websites are now a serious threat to internet users, whether they are employees working for a major corporation or SoHo workers, working on a single PC from a home office.
"The problem to date has been the electronic paper chase required for interested parties to complain - through various channels - that a site is causing infections or malware-laded links to visitors, and then for the hosting provider - often acting on their own principles - taking down the site, usually after several weeks of investigation", she said.
"If, as seems likely, Nominet adopts the plan, then a decision will be taken to take a site offline in very short order, where the intent is clearly criminal or the site appears to act as a conduit for malware", she added.
Nominet’s move, she went on to say, reflects the growing importance that the internet has in modern business life, and the fact that it has almost become an essential utility in the same way that energy and water suppliers are central to modern life.
The good news that will result from the adoption of the proposals, says Sellick, is that it will effectively devalue a UK-registered website in the eyes of cybercriminals, who will be less inclined to hack into the pages and load their own rogue data, knowing full well the site will be offline in a short space of time.
"Crime has a habit of seeking the path of least resistance and cybercrime is no exception. Reducing the risk of a UK business website from being misused is always going to be welcome, even against the backdrop of the Wild West that the internet has become in some areas", she said.