Botnets are networks of compromised computers that are remotely controlled by malicious agents. They represent a threat to security and trust in online environments. Internet Service Providers (ISPs), by virtue of their ownership of the physical networks and consumer-facing position, are well placed to respond proactively to botnets. This report analyses initiatives in a number of countries through which end-users are notified by ISPs when their computer is identified as being compromised by malicious software and encouraged to take action to mitigate the problem. It reviews the core dimensions of these initiatives and provides high-level guidance for future policy development.
