Summary/analysis of public comments

["Kieren McCarthy" <kieren.mccarthy@xxxxxxxxx>]

Posted by general manager of public participation Kieren McCarthy, on behalf
of Senior Policy Counselor, Liz Gasster.

 

----------------------------------------------------------------------------
--------------------

 

 

Summary of Public Suggestions on Further Studies of WHOIS

 

Background

 

 

On 31 October 2007, the Generic Names Supporting Organization (GNSO) Council

concluded that a comprehensive, objective and quantifiable understanding of
key factual

issues regarding the gTLD WHOIS system will benefit future GNSO policy
development

efforts, and plans to ask ICANN staff to conduct several studies for this
purpose. Before

defining the details of these studies, the Council solicited suggestions
from the

community for specific topics of study on WHOIS that community stakeholders

recommend be conducted.

 

Public Comments Received

 

25 recommendations on WHOIS studies were received (note that each submission
is

referred to by number, correlating to the number assigned on the WHOIS
public

comments chronological index,
http://forum.icann.org/lists/whois-comments-2008/,

except the comment submitted by Steven Metalitz on 14 February, which is
referred to in

this summary and in the chronological index as the "Metalitz comment").
These can be

summarized as follows:

 

Four proposals (suggestions #1, #14, #15 and #21) suggest that ICANN study

documented misuse of WHOIS data to determine the connection, if any, between
WHOIS

and illegal activities; one to study the extent to which WHOIS data is being
misused to

harass, abuse or stalk registrants; one to study the connection, if any,
between the various

means of access to WHOIS and illegal activity, and whether policies should
be changed

to address these problems.

 

Seven proposals (suggestions # 2, #5, #13, #17, #18, #20 and the Metalitz
comment)

suggest that ICANN study various aspects of proxy and privacy services,
including the

availability of WHOIS privacy protection options; the connection, if any,
between

proxies and phishing; why users of proxy and privacy services use these
services; the

percentage of proxy registrations that resolve to commercial sites, and/or
pay-per-click or

advertising sites; the timeliness of proxy services in relaying
communications to

registrants and/or revealing the identity of the underlying registrant; the
degree to which

these services are effective in protecting personal privacy; and the
prevalence of the use

of proxies and their impact on Uniform Dispute Resolution (UDRP) proceedings
in

gTLDs.

 

Two proposals (suggestions #3, #24) suggest that ICANN study certain aspects
of

compliance by registrars with applicable provisions of the Registrar
Accreditation

Agreement, including whether registrars include in their registration
agreements WHOIS

terms required by the RAA, to determine the extent to which registrars
reveal registrant

information when there is reasonable evidence of actionable harm.

 

Three proposals (suggestions #6, #22 and #23) suggest that ICANN study
various aspects

of ccTLD registries with different WHOIS policies, one to determine the
impact of more

restrictive data display policies on crime and other abuse; one to study the
extent to

which ccTLD WHOIS policies reflect national data protection laws and
policies; and one

to perform a legal comparison of national data protection laws.

 

One proposal (suggestion #16) suggests that ICANN study the extent to which
registrants

have consented to the disclosure of personal information under various
national data

protection laws, to determine whether additional measures are needed to
bring WHOIS

into conformance with national privacy laws.

 

One proposal (suggestion #19) suggests that ICANN study certain
characteristics of

registrants, such as how many are legal persons, natural persons or
registrants using

proxies.

 

Two proposals (suggestions #8 and #11) suggest that ICANN study certain
questions of

WHOIS data accuracy. Proposal #8 suggests that ICANN study the participation
of

certain registrars in spam abuse by tolerating falsified WHOIS records, as
demonstrated

by failure to take action on WHOIS data problem reports, to determine
whether there are

chronic violators that should have their accreditation revoked. Proposal #11
suggests that

ICANN study the implications for data accuracy when IDN TLDs are used in
WHOIS

records.

 

One proposal (suggestion #12) suggests that ICANN study how the private
information

of individuals might be secured while allowing law enforcement entities
proportional

access for law enforcement purposes.

 

One comment (suggestion #10) suggests that there is ample information
already

available, and that further study will not inform the debate on WHOIS
policy. Thus, this

commenter recommends that ICANN not conduct any further studies on WHOIS.

Three proposals (suggestions #4, #7 and #9) appear out of scope. These
include a

suggestion to study transport layer security for WHOIS database lookups, a
suggestion to

study the theft of domain names by unscrupulous providers, and a suggestion
to survey

webmasters to determine whether they have observed the largest registrars
locking

domains following a domain name search.

 

Next steps

The GNSO Council will be considering the public input received on further
WHOIS

studies, and at an upcoming meeting will direct staff to develop costs and
estimated time

frames for the study proposals they would like pursued. Following that
input, the

Council will identify the specific studies, if any, that should be
conducted.