<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 2/16/2018 5:22 PM, Sara Bockey
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:6F2D9776-FE3D-461A-A7D5-CF3D39842527@godaddy.com">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"GD Boing";
panose-1:2 0 6 3 3 0 0 2 0 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.im
{mso-style-name:im;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.s2
{mso-style-name:s2;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
<div class="WordSection1"><span class="s2">Not only is our
decision to mask customer information in Port43 completely
unrelated to GDPR, but it results directly from attacks
by third parties who harvest and sell our customers’ personal
information. </span></div>
</blockquote>
<br>
I don't know what precipitated this conversation, but I will jump in
here based on my actual experience.<br>
<br>
To say "<span class="s2">it results directly from attacks by third
parties who harvest and sell our customers’ personal information"
is a complete lie!<br>
<br>
GoDaddy has blocked MANY IP addresses I've attempted to use port
43 WHOIS on with absolutely no due process! And I can say with
absolute certainty that I and my IP addresses were not involved in
any form of "attack(s) by third parties".<br>
<br>
But if I wanted to continue fighting phishing, spammers and other
abuses without being forced to use GoDaddy's cumbersome web
interface (with their stupid "I'm not a robot" and "Choose all the
pictures that have a goldfish in them" games) to process each
WHOIS request, I would have to give in to GoDaddy's illegal
blocking (restricted WHOIS output) and sign their "whitelist
request" to get myself back to business!!!<br>
<br>
</span>
<blockquote type="cite"
cite="mid:6F2D9776-FE3D-461A-A7D5-CF3D39842527@godaddy.com">
<div class="WordSection1"><span class="s2">Given the onslaught of
spam and robo-calls our customers have been receiving
– often within minutes of registering a domain name—we felt
that action was required, if not overdue. <br>
</span></div>
</blockquote>
<br>
I'm not sure I can see how port 43 WHOIS requests can be used to
determine new domain registrations in the way you imply? Maybe you
can share how that works??<br>
<br>
<blockquote type="cite"
cite="mid:6F2D9776-FE3D-461A-A7D5-CF3D39842527@godaddy.com">
<div class="WordSection1"><o:p></o:p>
<p style="margin:0in;margin-bottom:.0001pt;line-height:16.2pt"><span
class="s2">WHOIS information is still very much
available for any & all domain names via our web-based
WHOIS tool, <br>
</span></p>
</div>
</blockquote>
<br>
It may be available, but it's quite cumbersome and a waste of good
peoples' time!!<br>
<br>
<blockquote type="cite"
cite="mid:6F2D9776-FE3D-461A-A7D5-CF3D39842527@godaddy.com">
<div class="WordSection1">
<p style="margin:0in;margin-bottom:.0001pt;line-height:16.2pt"><span
class="s2">However, bulk access by anonymous users is no
longer supported.</span></p>
</div>
</blockquote>
<br>
I didn't know "bulk access by anonymous users" was ever a thing?!?
If you were intent on blocking "bulk access", why should that have
impacted port 43 WHOIS requests for single domains???<br>
<br>
<blockquote type="cite"
cite="mid:6F2D9776-FE3D-461A-A7D5-CF3D39842527@godaddy.com">
<div class="WordSection1">
<p style="margin:0in;margin-bottom:.0001pt;line-height:16.2pt"><o:p></o:p></p>
<p style="margin:0in;margin-bottom:.0001pt;line-height:16.2pt"><span
class="s2">I also note that during this entire process, we
have kept ICANN informed of both the attacks </span><span
class="s2"><span class="s2">on our Port43 systems</span></span></p>
</div>
</blockquote>
<br>
Please provide the evidence of my "attacks" that you've provided to
ICANN to justify your restricting WHOIS data to any of my IP
addresses.<br>
<br>
<blockquote type="cite"
cite="mid:6F2D9776-FE3D-461A-A7D5-CF3D39842527@godaddy.com">
<div class="WordSection1">
<p style="margin:0in;margin-bottom:.0001pt;line-height:16.2pt"><span
class="s2">as well as our efforts to mitigate them. Our
actions are justified and to imply otherwise is not only
inaccurate but does nothing to move this PDP forward.</span></p>
</div>
</blockquote>
<br>
Your actions were unilateral and (in my opinion) violated your
registrar agreement(s) with ICANN. You're allowed to block ABUSIVE
behavior, but you blocked many many requests with absolutely no
evidence of abuse! How can you justify that???<br>
<br>
<span class="s2">Patrick Klos<br>
Phishcop Admin<br>
<br>
</span>
</body>
</html>