Case of the Day: Weinstein v. Iran

The internet: a series of tubes

The case of the day is Weinstein v. Islamic Republic of Iran (D.C. Cir. 2016). The plaintiffs were victims of terrorist attacks who held unsatisfied judgments against Iran, North Korea, and Syria. They sought to attach “Internet data” managed by the Internet Corporation for Assigned Names and Numbers (ICANN), namely the top-level domains for Iran (.ir), North Korean (.kp), and Syria (.sy). In other words, the plaintiffs wanted to assume control of the defendant countries’ top-level domains in partial satisfaction of the judgments.

To understand the case, you need to understand a little bit about domain names. I will give you a very simplified example that omits DNS caching and other complications and just gives the bare bones. When you type a domain name into your browser, your browser has to translate that name into an IP address, which it can then use to connect to the appropriate server. It starts by sending a query to a DNS root server—the names of the root servers are hard-wired into your broswer: “I am trying to find the IP address for a computer that has a domain name that uses ‘.com’ as its top-level domain.” The root server responds: “You can get authoritative information about domain names in the .com top-level domain by using the following nameserver —” Your browser then sends a new request to the nameserver for the .com TLD: “I am trying to find the IP address for a computer that uses ‘’ as its domain name.” The nameserver responds: “You can get authoritative information about the domain by using the following nameserver —” Finally, your computer sends a query to the indicated nameserver: “I am trying to find the IP address for ‘’ (or ‘’, or ‘’, or whatever).” The nameserver responds: “The IP address you want is —” Then your computer can connect to my server. Pretty amazing! You can now see, by the way, why I called the DNS database a distributed database: the whole database doesn’t exist on any single computer. Computers higher up in the database hierarchy have pointers to computers lower down in the hierarchy. In the very early days of the internet, there was actually a file called hosts.txt that had the IP address for every computer on the internet, but that became impracticable a long time ago.

How does the administrator of the .com TLD know that I am the person who has the right to tell the .com nameserver where to send requests for Or how does the administrator of the root domain know that the administrator of the .com domain is the person who has the right to tell the root servers where to send requests for the .com nameservers? There is a whole system of registrars to help ensure this. The same is true for country top-level domains like .us, .uk, or in this case .ir or .sy. This is where ICANN comes into the case. ICANN is responsible for determining who gets to operate each TLD, subject to the approval of the US Commerce Department. Once ICANN makes such a decision, Verisign, the company in charge of maintaining the root zone file, modifies the file accordingly.

The District Court, with this background in mind, refused to allow the attachment on the grounds that the TLDs are not property that can be attached. Here’s the basic idea, I think. A TLD is nothing more and nothing less than an entry in the root zone file that says that so-and-so (in this case, probably the appropriate government ministries in Iran, North Korea, and Syria) has the right to administer the top-level domain in question, so that when you type a .ir address into your browser, for example, your DNS query goes first to the root nameservers, then to the .ir nameservers managed by Iran, and then to the nameserver of the particular second-level domain you want. It’s hard to see how this is property, particularly if you realize that there’s the governments in question cannot transfer the power to administer the TLDs even if they wished to, without ICAAN’s permission, and that no rule or law that requires your computer to use the ICANN-administered root. In fact, believe it or not, there are various “alternative roots” out there, though if you’re like me you’ll likely never use one.

On the other hand, the law typically treats second-level domain names (“, “”) as property, particularly in cases of cybersquatting, and the government sometimes seizes domain names in criminal cases. So perhaps the District Court was wrong about the somewhat metaphysical question whether a TLD is property. It’s a little scary to think just how much of our “property” exists primarily as an entry in a database somewhere that we agree to regard as authoritative, for example, bank deposits, or uncertificated securities!

On appeal, the DC Circuit ignored this difficult question and considered instead whether attachment was permissible even if the TLDs were property. I’ll skip some of the detail and just tell you that the court found that the TLDs were within the scope of 28 U.S.C. § 1610(g), providing an exception to the ordinary rule of immunity from execution in state-sponsored terrorism cases. But the court nevertheless refused to permit the attachment in light of § 1610(g)(3), which provides:

Nothing in this subsection shall be construed to supersede the authority of a court to prevent appropriately the impairment of an interest held by a person who is not liable in the action giving rise to a judgment in property subject to attachment in aid of execution, or execution, upon such judgment.

The Ghostbusters crossing the streams

This seems exactly right to me. Suppose ICANN changed the root zone file. First, there is no reason to think that the plaintiffs would have the necessary technical competence to allow them to administer the TLD. Second, because the DNS database is distributed, the .ir zone files would still reside on a nameserver controlled by the Iranian government, and the data could not be transferred to the plaintiffs without the Iranian authorities’ cooperation (the data are not in the hands of ICANN itself). Third, Internet governance itself would take a blow, as internet users around the world might stop trusting ICANN and start using alternative roots, leading to a “split root,” which would be as bad as the Ghostbusters crossing the streams.

So full marks to the plaintiffs for creativity, but the court was right to preserve the integrity of the DNS system.

Leave a Reply

Your email address will not be published. Required fields are marked *

Thank you for commenting! By submitting a comment, you agree that we can retain your name, your email address, your IP address, and the text of your comment, in order to publish your name and comment on Letters Blogatory, to allow our antispam software to operate, and to ensure compliance with our rules against impersonating other commenters.