http://www.icann.org/en/reviews/affirmation/whois-rt-discussion-paper-09jun11-en.pdf
Translations of the WHOIS Review Team Discussion Paper:
العربية |
[Español |
http://www.icann.org/es/reviews/affirmation/whois-rt-discussion-paper-09jun11-es.pdf] |
[Français |
http://www.icann.org/fr/reviews/affirmation/whois-rt-discussion-paper-09jun11-fr.pdf] |
[Русский |
http://www.icann.org/ru/reviews/affirmation/whois-rt-discussion-paper-09jun11-ru.pdf] |
[中文 |
http://www.icann.org/zh/reviews/affirmation/whois-rt-discussion-paper-09jun11-zh.pdf] |
]]></ac:plain-text-body></ac:structured-macro> |
INTRODUCTION
WHOIS Review
The WHOIS review team has been constituted under the Affirmation of Commitments (AoC), which was signed by the United States Department of Commerce and the Internet Corporation for Assigned Names and Numbers on 30 September 2009.
In accordance with the principles set out in the AoC, in particular its paragraph 9.3.1, the scope of the review team is to assess the extent to which existing WHOIS policy in the generic top level domains (gTLDs) and its implementation:
- is effective;
- meets the legitimate needs of law enforcement; and
- promotes consumer trust.
The review team will also undertake an analysis and determination of ICANN's performance against the AoC requirements that ICANN:
- implements measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information; and
- enforces its existing policy relating to WHOIS, subject to applicable laws.
Purpose of this Paper
This paper describes of areas of interest identified by the review team to date, both in its own deliberations and in discussions with the community. The review team seeks comment from the community on any aspect of this paper, including any relevant issues not covered by the paper.
Background on WHOIS
WHOIS is a protocol that enables users to find information about Internet resources including domain names, IP address blocks and autonomous systems.
The current version of the WHOIS protocol (RFC 3912) states that while WHOIS was originally used to provide "white pages" services and information about registered domain names, current deployments cover a much broader range of information services. The review team understands that WHOIS facilitates identification and communication for a range of purposes.
Some issues are potentially beyond the scope of the review team. For example, the review team is aware of work being done elsewhere in the community on the internationalisation of WHOIS data and the technical evolution of the protocol. The review team is also aware that ICANN is considering several WHOIS studies, and that discussions are underway on potential amendments to the Registrar Accreditation Agreement. The review team will take account of these issues when developing its recommendations.
How to comment
The closing date for comment is 23 July 2011.
Comments should be sent to: xxxx
ISSUES FOR DISCUSSION
In its preliminary discussions and interactions with the community, the review team’s attention has been drawn to several areas of interest which will inform its work going forward. Questions on each of these issues are below.
Clarity of existing policy
The Affirmation of Commitments (paragraph 9.3.1) and 2007 GAC Principles Regarding gTLD WHOIS Services appear to provide high level principles that are intended to inform WHOIS policy development and its implementation. However, it is not clear whether these principles are reflected in ICANN’s consensus policies, or in its mechanisms to implement policy.
There is limited ICANN consensus policy on WHOIS, and that which does exist is supplementary to the rules set out in other documents. These include technical standards (such as Internet Engineering Task Force Requests for Comment) and ICANN contracts (such as the Registrar Accreditation Agreement). Current consensus policies regarding WHOIS are:
- An annual WHOIS Data Reminder Policy designed to improve Whois accuracy (effective October 31, 2003)
- A Restored Names Accuracy Policy that applies when names have been deleted on the basis of submission of false contact data or non-response to registrar inquires (effective November 12, 2004)
- A WHOIS Marketing Restriction Policy prohibiting bulk access to Whois information for marketing purposes (effective November 12, 2004), and also
- prohibiting resale or redistribution of bulk WHOIS data by data users (effective November 12, 2004).
Finally, there is a consensus procedure for “Handling WHOIS conflicts with Privacy Law” (effective January 2008) which details how ICANN will respond to a situation where a registrar or registry indicates it is legally prevented by local/national privacy laws or regulations from complying with the provisions of its ICANN contract regarding the collection, display and distribution of personal data via WHOIS. The procedure is for use by ICANN staff and did not change the obligations of registries, registrars or third parties when approved by the GNSO and adopted by the Board.
Questions
|
Applicable Laws, Privacy issues and Proxy/Privacy
The review team understands that some registrants are concerned about publicly sharing their information through WHOIS. The review team is also aware of concerns raised within the community about potential conflicts between WHOIS requirements, domestic privacy laws and consumer protection laws.
The review team is interested in ways that ICANN could balance privacy concerns with its AoC goal of making accurate and complete WHOIS data publicly accessible without restriction.
Questions |
One response to these concerns has been the use of privacy and proxy services, which limit publicly accessible information about domain name registrants. A recent ICANN study found that at least 18% of domain names registered under the top five gTLDs are likely to have been registered using a privacy or proxy service[[1]|#_ftn1].
Questions |
ICANN’s compliance and enforcement activities
The review team is interested to examine any gaps between ICANN’s commitments, stakeholder expectations and ICANN’s actual implementation and enforcement activities. This includes whether ICANN has the power and/or resources to enforce its commitments.
A key example relates to WHOIS accuracy. WHOIS accuracy is mentioned in the AoC, and is also a requirement in policy and contractual documents. However, a recent ICANN report found that, by the strictest interpretation, only 22.8% of WHOIS records could be considered "fully accurate[[2]|#_ftn2]". The report further categorized the accuracy according to the ability to contact the registrants. On this analysis, 22.8 % was considered "no failure", 20.9% "substantial failure" and 7.8 % "full failure".
Some actors in the WHOIS space appear to have little or no direct contractual relationship with ICANN (e.g. resellers and privacy and proxy service providers). The review team is interested to examine whether this raises any compliance issues for ICANN.
The review team is aware that there may be examples of good practice across the ccTLDs with regard to data accuracy, but notes that ccTLD policy is independent of the ICANN process, and that the contractual framework and other elements vary across the ccTLDs, and this should be borne in mind when drawing any comparisons.
Questions
|
Other issues
The review team is also interested to hear from the community about any other relevant issues relating to its scope.
Questions |
[[1]|#_ftnref1] http://www.icann.org/en/compliance/reports/privacy-proxy-registration-services-study-14sep10-en.pdf
[[2]|#_ftnref2] http://www.icann.org/en/compliance/reports/whois-accuracy-study-17jan10-en.pdf