Amended Comment of Special Task Force on Counterfeiting and Piracy on Whois Task Force Preliminary Report
Please edit the comments originally sent in by me on January 15th as follows. Thank you. ________________________________ We strongly support the U.S. government's position on the purpose of the gTLD Whois service and the importance of making registrant data publicly available. The Internet is the preferred medium for a great number of business transactions. Unfortunately, it has also become prey to an increasing number of dishonest acts by domain name registrants whose wrongful acts are abetted when full disclosure of their true identity is kept from the public. It is not sufficient for WHOIS information to be available by subpoena; this adds tremendous costs and time delays for an injured party to overcome in order to begin the process of determining who is involved in the dishonest acts. Our concerns in the area of internet commerce include the ability of intellectual property owners to control the use of their trademarks on web sites, within code used to identify the subject matter and ownership of sites, and as part of domain names which consumers and others rely on to identify, promote, and locate web sites for information and the purchase of goods and services. In order to police and protect these and the public's interest in trademarks, it is essential for intellectual property owners to be able to identify and promptly contact persons and companies which have registered and are using domain names which infringe intellectual property owners' trademarks or are likely to draw consumers away from genuine and authorized web sites based on the use of similar domain names, keyword registrations, and the like. One of the most important tools for IP owners in investigating and preventing the use of domain names registered in bad faith (to either usurp owners' rights in using their trademarks as part of their online identities and addresses or to lure browsers to other or competing websites and products) is the listing of contact information on the WHOIS database. Without the existence of an accurate, readily available data base of domain name registrants, it is impossible to know for certain the identity of web site operators, or to contact them in the event of possible conflicts or concerns. Without the ability to require accuracy and completeness in such records, it is impossible for domain name registries to ensure the efficacy of their databases. We therefore endorsed the following view of the purpose of the WHOIS database expressed by the Intellectual Property Constituency in its statement of July 25, 2005: [The purpose of the Whois database - from its inception, through commercialization of the Internet, and continuing today - has always included to provide the public with ready access to the identity and contact information for domain name registrants. That purpose has never changed, and registrants have always been on notice of this purpose, regardless of when they registered their domains." [The purpose of the Whois database, in terms of ICANN's mission and core values, is primarily to promote the reliability and security of the Internet. Making Whois data publicly available regarding the Registered Name Holder is critical to accomplishing this purpose. The Registered Name Holder is ultimately responsible for the use of the domain name and the operation of the corresponding website or other Internet resource, and is also the entity with authority to transfer the domain name registration to another party. Making information on the Registered Name Holder available thus directly promotes accountability and transparency, which in turn increases the overall reliability and security of the Internet. In its Preliminary Task Force Report on Whois Services, however, the GNSO Whois Task Force notes that a somewhat different definition of the purpose of the Whois service was used by the Task Force in reviewing the role and structure of the Whois database: The purpose of the gTLD WHOIS service is to provide information sufficient to contact a responsible party for a particular gTLD domain name who can resolve, or reliably pass on data to a party who can resolve, issues related to the configuration of the records associate with the domain name within a DNS name server. While this statement is generally accurate, we are concerned with the reliability of the information contained in the WHOIS database, and the ability to sufficiently identify the owners of domain names to permit or enable contact to be made when necessary. The purpose of this conditional definition is to permit the establishment of a public WHOIS database which limits the available information in order to protect the privacy and contact information of domain name registrants so that they will not be the victims of scams, solicitations, and unrestrained contact from third parties. However, the solution incorporated in this definition and in the Operational Point of Contact ("OPoC") proposal adopted by a majority of the Task Force is of concern to us. We recognize the concern of companies and individuals in preventing the use of WHOIS contact data for scams, identity theft, and the like. However, both the perceived threat and the results of the Task Force's concern with providing privacy go too far in the direction of blocking ready access to information which we believe should be available in order to enable adequate policing of domain name and web site owner actions. We believe either the present WHOIS structure or the "Special Circumstances" proposal introduced by the Intellectual Property Constituency represent the best means for intellectual property owners to be able to identify and contact domain name owners, and present a not unreasonable exposure of contact information. However, in order to balance these interests of accessibility to domain name owner information and ensuring the reliability of contact information, with the concerns expressed by a majority of members of the Task Force, we believe a combination of the two proposals presently before the GNO regarding the nature and structure of the WHOIS database and listings would be appropriate. We believe that the use of operational points of contact could be an effective means for providing owners with sufficient contact information to enable them to contact domain name owners without providing information which can be put to use in illicit scams and activities. However, we also believe that if this proposal is adopted, the final proposal and procedures must ensure that notices sent to OPoCs will be timely transmitted to the correct domain name owners, and that if the domain owner provides false or faulty information the domain name registration will be PROMPTLY terminated. A procedure and time requirements must therefore be made part of any such proposal. In addition, as we know from experience, the present WHOIS information, and the proposed OPOC information and links are only as good and useful as they are accurate. We strongly recommend that registries and registrars be required to promptly terminate any domain name registrations for which the registrants can be shown to have submitted incorrect or deceptive information, and to require that accurate information be provided upon request. Finally, we believe that any OPoC system must also require that some general information regarding the actual domain name owners should be included with the OPoC contact information in order to ensure that both the intellectual property owners and the OPoC are contacting and conveying information to the correct party. This contact information could be limited to the name of the owner and other vital and public information. However, it should be required unless, applying the "special circumstances" scheme proposed by two of the GNO constituencies, the domain name owner can demonstrate that such a listing could present a sufficient threat to its privacy, security, or identity to warrant not listing this additional information in the WHOIS record. The OPoC must also have complete contact information for domain name owners and be able to guarantee and make contact within a short period of time. We suggest that realistic, but prompt time requirements be included in any final proposal. With these observations, reservations, and suggestions, we support the work of the Task Force and proposes that either the "Special Circumstances" proposal or the "OPoC" proposal with the foregoing modifications be adopted by ICANN. -------------------------------------------------------- In accordance with applicable professional regulations, please understand that, unless expressly stated otherwise, any written advice contained in, forwarded with, or attached to this e-mail is not intended or written by Grant Thornton LLP to be used, and cannot be used, by any person for the purpose of avoiding any penalties that may be imposed under the Internal Revenue Code. -------------------------------------------------------- This e-mail is intended solely for the person or entity to which it is addressed and may contain confidential and/or privileged information. Any review, dissemination, copying, printing or other use of this e-mail by persons or entities other than the addressee is prohibited. If you have received this e-mail in error, please contact the sender immediately and delete the material from any computer.