Frequently Asked Questions

From sanctions

What is the purpose of this project?

This project allows Internet organizations to comply with the sanctions imposed by the government or governments to which they're responsible, without "over-complying" by blocking entities which are not specifically named in those sanctions.

Who is it for?

This project is operated by and for Internet organizations which are required by governmental regulation to comply with sanctions. Since this project is never inherently pro sanction, we do not anticipate, nor advocate, that organizations which are not regulatorily required to comply with sanctions automate action based on the project's data feeds (e.g. the project does wants to help avoid over-compliance with sanctions by Internet organizations, rather than contributing to it).

How does it work?

The project uses standardized protocols (BGP and RPZ) to distribute lists of Internet networks and domain names associated with sanctioned entities in ways that Internet network operators already use for blocking spam senders, DDoS attackers, malware distribution, and other threats against the Internet's infrastructure.

Who runs it?

This is a typical Internet governance organization. It is operated by volunteers, and decisions are made by those who show up and do the work. There are no barriers to entry which would prevent any other organization from forming to perform the same function in a different way, or a competing effort in the same way.

Does this project advocate for sanctions?

No, this project is agnostic with regard to whether sanctions should or should not exist, or should or should not be levied by any government against any party. Sanctions exist, and have done for centuries, and governments and society (particularly those in the Global North) generally regard them as deescalatory and preferable to violent alternatives. The aim of this project is to assist governments (that wish to impose sanctions) and network operators (that wish to comply with governmental requirements) to reach a mutually-satisfactory state. If you don't like the idea of sanctions, you can take that up with the government of your choice; this is not a forum for debate on fundamental questions such as whether sanctions should exist.

Do Internet sanctions disconnect anyone from the Internet?

No, Internet sanctions remove the societal subsidy from the cost of Internet access to sanctioned entities. In the same way that banking sanctions don't prevent sanctioned entities from using money, they just increase the friction and cost of doing so, Internet sanctions don't disconnect sanctioned parties from the Internet, they just ensure that they pay the full cost of using it, without the subsidies which would normally be provided as a function of societal cooperation.

Is anyone required to use this project?

No, this project is entirely voluntary. The relationship between this project and Internet network operators is exactly the same as the relationship between many preexisting organizations which provide similar blocklists identifying spam, malware, phishing, DDoS, and other forms of abuse to network operators, and the functional mechanisms are identical. Network operators choose to subscribe to the data-feeds we provide, or not, and choose to act upon the data, or not. The obligation to comply with sanctions imposed by the governments, regional organizations or international organizatinos in which the network operators are incorporated, however, is not voluntary, it's mandatory under law. This project gives network operators a mechanism for complying with those mandatory requirements and helping to avoid operators from over-complying with measures that might otherwise arise due to lack of clarity of sufficient information on sanctions designations and legal requirements.

What is the beacon?

The beacon is a set of artificial IP addresses and domain names which are not associated with any real-world organization or users, which will always be "sanctioned" and can thus be used by researchers to measure the reach and effect of the system. If the beacon is visible to you, the Internet sanctioning feeds are not being consumed by your transit providers or DNS recursive resolver operators. Beacons are a frequently-implemented diagnostic feature of Internet routing security systems.

Is that really supposed to be a logo in the top left corner?

Yes, well, it wasn't the highest priority at the time, and these things are always stickier than you hope. A better project logo would be very welcome. Consensus is, as always in open projects, the difficult part.