Amended Comment of Special Task Force on Counterfeiting and Piracy on Whois Task Force Preliminary Report

["Epperson, Ron" <Ron.Epperson@xxxxxx>]

Please edit the comments originally sent in by me on January 15th as follows. 
Thank you.

________________________________


We strongly support the U.S. government's position on the purpose of the gTLD 
Whois service and the importance of making registrant data publicly available. 
The Internet is the preferred medium for a great number of business 
transactions. Unfortunately, it has also become prey to an increasing number of 
dishonest acts by domain name registrants whose wrongful acts are abetted when 
full disclosure of their true identity is kept from the public. It is not 
sufficient for WHOIS information to be available by subpoena; this adds 
tremendous costs and time delays for an injured party to overcome in order to 
begin the process of determining who is involved in the dishonest acts. 

Our concerns in the area of internet commerce include the ability of 
intellectual property owners to control the use of their trademarks on web 
sites, within code used to identify the subject matter and ownership of sites, 
and as part of domain names which consumers and others rely on to identify, 
promote, and locate web sites for information and the purchase of goods and 
services. In order to police and protect these and the public's interest in 
trademarks, it is essential for intellectual property owners to be able to 
identify and promptly contact persons and companies which have registered and 
are using domain names which infringe intellectual property owners' trademarks 
or are likely to draw consumers away from genuine and authorized web sites 
based on the use of similar domain names, keyword registrations, and the like.

One of the most important tools for IP owners in investigating and preventing 
the use of domain names registered in bad faith (to either usurp owners' rights 
in using their trademarks as part of their online identities and addresses or 
to lure browsers to other or competing websites and products) is the listing of 
contact information on the WHOIS database. Without the existence of an 
accurate, readily available data base of domain name registrants, it is 
impossible to know for certain the identity of web site operators, or to 
contact them in the event of possible conflicts or concerns. Without the 
ability to require accuracy and completeness in such records, it is impossible 
for domain name registries to ensure the efficacy of their databases.

We therefore endorsed the following view of the purpose of the WHOIS database 
expressed by the Intellectual Property Constituency in its statement of July 
25, 2005: 

                        [The purpose of the Whois database - from its 
inception, through commercialization of the Internet, and continuing today - 
has always included to provide the public with ready access to the identity and 
contact information for domain name registrants. That purpose has never 
changed, and registrants have always been on notice of this purpose, regardless 
of when they registered their domains." 

                        [The purpose of the Whois database, in terms of ICANN's 
mission and core values, is primarily to promote the reliability and security 
of the Internet. Making Whois data publicly available regarding the Registered 
Name Holder is critical to accomplishing this purpose. The Registered Name 
Holder is ultimately responsible for the use of the domain name and the 
operation of the corresponding website or other Internet resource, and is also 
the entity with authority to transfer the domain name registration to another 
party. Making information on the Registered Name Holder available thus directly 
promotes accountability and transparency, which in turn increases the overall 
reliability and security of the Internet. 

In its Preliminary Task Force Report on Whois Services, however, the GNSO Whois 
Task Force notes that a somewhat different definition of the purpose of the 
Whois service was used by the Task Force in reviewing the role and structure of 
the Whois database:

                The purpose of the gTLD WHOIS service is to provide information 
sufficient to contact a responsible party for a particular gTLD domain name who 
can resolve, or reliably pass on data to a party who can resolve, issues 
related to the configuration of the records associate with the domain name 
within a DNS name server.

While this statement is generally accurate, we are concerned with the 
reliability of the information contained in the WHOIS database, and the ability 
to sufficiently identify the owners of domain names to permit or enable contact 
to be made when necessary. The purpose of this conditional definition is to 
permit the establishment of a public WHOIS database which limits the available 
information in order to protect the privacy and contact information of domain 
name registrants so that they will not be the victims of scams, solicitations, 
and unrestrained contact from third parties. However, the solution incorporated 
in this definition and in the Operational Point of Contact ("OPoC") proposal 
adopted by a majority of the Task Force is of concern to us.

We recognize the concern of companies and individuals in preventing the use of 
WHOIS contact data for scams, identity theft, and the like. However, both the 
perceived threat and the results of the Task Force's concern with providing 
privacy go too far in the direction of blocking ready access to information 
which we believe should be available in order to enable adequate policing of 
domain name and web site owner actions. We believe either the present WHOIS 
structure or the "Special Circumstances" proposal introduced by the 
Intellectual Property Constituency represent the best means for intellectual 
property owners to be able to identify and contact domain name owners, and 
present a not unreasonable exposure of contact information. 

However, in order to balance these interests of accessibility to domain name 
owner information and ensuring the reliability of contact information, with the 
concerns expressed by a majority of members of the Task Force, we believe a 
combination of the two proposals presently before the GNO regarding the nature 
and structure of the WHOIS database and listings would be appropriate. We 
believe that the use of operational points of contact could be an effective 
means for providing owners with sufficient contact information to enable them 
to contact domain name owners without providing information which can be put to 
use in illicit scams and activities. However, we also believe that if this 
proposal is adopted, the final proposal and procedures must ensure that notices 
sent to OPoCs will be timely transmitted to the correct domain name owners, and 
that if the domain owner provides false or faulty information the domain name 
registration will be PROMPTLY terminated. A procedure and time requirements 
must therefore be made part of any such proposal.

In addition, as we know from experience, the present WHOIS information, and the 
proposed OPOC information and links are only as good and useful as they are 
accurate. We strongly recommend that registries and registrars be required to 
promptly terminate any domain name registrations for which the registrants can 
be shown to have submitted incorrect or deceptive information, and to require 
that accurate information be provided upon request.

Finally, we believe that any OPoC system must also require that some general 
information regarding the actual domain name owners should be included with the 
OPoC contact information in order to ensure that both the intellectual property 
owners and the OPoC are contacting and conveying information to the correct 
party. This contact information could be limited to the name of the owner and 
other vital and public information. However, it should be required unless, 
applying the "special circumstances" scheme proposed by two of the GNO 
constituencies, the domain name owner can demonstrate that such a listing could 
present a sufficient threat to its privacy, security, or identity to warrant 
not listing this additional information in the WHOIS record. The OPoC must also 
have complete contact information for domain name owners and be able to 
guarantee and make contact within a short period of time. We suggest that 
realistic, but prompt time requirements be included in any final proposal.

With these observations, reservations, and suggestions, we support the work of 
the Task Force and proposes that either the "Special Circumstances" proposal or 
the "OPoC" proposal with the foregoing modifications be adopted by ICANN.
 

--------------------------------------------------------


In accordance with applicable professional regulations, please understand that, 
unless expressly stated otherwise, any written advice contained in, forwarded 
with, or attached to this e-mail is not intended or written by Grant Thornton 
LLP to be used, and cannot be used, by any person for the purpose of avoiding 
any penalties that may be imposed under the Internal Revenue Code. 

--------------------------------------------------------

 This e-mail is intended solely for the person or entity to which it is 
addressed and may contain confidential and/or privileged information.  Any 
review, dissemination, copying, printing or other use of this e-mail by persons 
or entities other than the addressee is prohibited.  If you have received this 
e-mail in error, please contact the sender immediately and delete the material 
from any computer.