[council] Update: ICANN Projects Underway to Improve Whois Accuracy

Mon Dec 24 20:40:42 UTC 2007

[To: council[at]gnso.icann.org; liaison6c[at]gnso.icann.org]
[To: ga[at]gnso.icann.org; announce[at]gnso.icann.org]
[To: regional-liaisons[at]icann.org]

http://www.icann.org/announcements/announcement-2-21dec07.htm
Update: ICANN Projects Underway to Improve Whois Accuracy

21 December 2007

The following compliance projects, intended to improve Whois data 
accuracy and Whois service accessibility, are underway by ICANN.

I. ICANN Commences Whois Data Accuracy Study
http://www.icann.org/announcements/announcement-2-21dec07.htm#I

II. Registrar Whois Data Reminder Policy Audit
http://www.icann.org/announcements/announcement-2-21dec07.htm#II

III. Registrar Investigation of Whois Inaccuracy Claims Audit
http://www.icann.org/announcements/announcement-2-21dec07.htm#III

IV. Whois Accessibility Study
http://www.icann.org/announcements/announcement-2-21dec07.htm#IV

I. ICANN Commences Whois Data Accuracy Study

Over the years ICANN constituencies and others have observed apparent 
inaccuracies in Whois contact information provided by registrants when 
registering and maintaining their domain names. In an attempt to 
contribute to community discussion regarding Whois policy, ICANN has 
undertaken a study of domain name Whois contact information accuracy.

With a great deal of Internet community interest behind it, ICANN 
commenced this study in November 2007 by developing a sampling plan to 
draw a representative sample of domain names from the gTLD name 
population.  In consultation with a statistician, ICANN developed an 
algorithm to determine the appropriate sample population size – one that 
provides acceptable accuracy and certainty levels. In the first phase of 
this study, ICANN will select a sample from what is (for statistical 
purposes) an infinitely large data base that will provide a measure of 
accuracy to +/- 5% with a certainty of 95%.  Staff will then randomly 
select domain names in accordance with statistical sampling practices.

ICANN is currently defining the steps staff will take to determine the 
accuracy of Whois contact information associated with each registered 
domain name and address within the representative sample.  It is ICANN’s 
goal to ensure that staff uses practical and reasonably reliable means 
to assess accuracy of each data set.

After finalizing the methodology to determine the Whois data accuracy of 
each data set, staff will execute the steps for each registered domain 
name within the representative sample.  Staff anticipates several steps 
will be necessary to determine Whois data accuracy.  Therefore, staff 
will conduct this study in phases.  ICANN will publish status reports as 
staff completes work in connection with each phase of the study.  The 
first report regarding this study will be published by February 2008.

II. Registrar Whois Data Reminder Policy Audit

ICANN adopted the Whois Data Reminder Policy (WDRP), through the 
consensus policy process, on 27 March 2003. Partially aided by staff 
audit and compliance efforts, there is a very high level of compliance 
by registrars with this policy implementation. This is illustrated by 
the fact that most registrar activities in compliance with this 
requirement are timed to occur coincidentally with the annual ICANN 
compliance audit.

The WDRP requires all Registrars to:

     * present current Whois information to each registrant on an annual 
basis.
     * request each registrant review the information and if necessary, 
make any corrections.
     * remind each registrant that the provision of false Whois 
information can be grounds for cancellation of their domain name.

All ICANN-accredited registrars must comply with the WDRP for 
registrations they sponsor in all top-level domains for which they are 
accredited.

The WDRP audit requests that all registrars respond to a survey designed 
to obtain information regarding registrar compliance with the WDRP. 
Additionally, ICANN request registrars to provide a sample copy of the 
WDRP notice transmitted to their registrants for assessment by ICANN 
staff.  Staff determines whether the notice is compliant with WDRP 
requirements.

ICANN transmitted the WDRP survey to ICANN-accredited registrars in 
October 2007.  Registrars were given until 16 November 2007 to respond 
to the WDRP survey and provide a copy of their WDRP notices.  ICANN will 
publish its 2007 WDRP Report in February 2008. As has become tradition, 
ICANN has witnessed registrar compliance with this contractual 
requirement, sending the notices to registrants, within the past few weeks.

III. Registrar Investigation of Whois Inaccuracy Claims Audit

ICANN commenced an audit in November 2007 to assess registrar compliance 
with Registrar Accreditation Agreement (RAA) requirements concerning the 
investigation of Whois inaccuracy claims filed through ICANN’s Whois 
Data Problem Report System (WDPRS).

ICANN’s WDPRS receives and tracks complaints regarding incomplete or 
inaccurate Whois data entries. ICANN assesses and reports annually the 
WDPRS activity and apparent level of success this tool has in improving 
Whois accuracy. As a result, ICANN can make a preliminary determination 
as to whether complaints of inaccuracy are routinely investigated by 
registrars. This investigation is a contractual requirement.

ICANN recently transmitted Notices of Concern to registrars that 
appeared to take inadequate action in response to WDPRS complaints. 
Prior to sending the notices, staff analyzed complaints and complainant 
follow-up correspondence. As an example, the Notices of Concern included 
a sample of domain names complainants filed as of 7 July 2007 that 
remained unchanged on 7 December 2007.

Staff requested registrars provide ICANN with details regarding the 
steps taken to investigate the claimed inaccuracies as required by 
Section 3.7.8 of the RAA.  If after analyzing registrar responses ICANN 
determines that registrars breached section 3.7.8 of the RAA, ICANN will 
issue breach notices to those registrars not in compliance with this 
requirement and who have not filed a plan to cure this failure. ICANN 
will publish a report regarding the purpose, methodology and findings 
concerning the Registrar Investigation of Whois Inaccuracy Claims Audit 
by February 2008.

IV. Registrar Whois Accessibility Audit

  Pursuant to Section 3.3.1 of the RAA, a registrar is required to 
provide free port 43 Whois service, allowing the public query-based 
access to up-to-date data concerning all active registered gTLD names 
under the registrar’s sponsorship.

To monitor and enforce registrar compliance with port 43 Whois service 
requirements, ICANN developed an application to regularly, and on an 
ongoing basis, determine if registrars maintain port 43 Whois service 
for public use. ICANN’s new application is being used to conduct a 
Registrar Whois Accessibility Audit.

After obtaining gTLD names from VeriSign, ICANN selected up to five (5) 
domain names from each unique registrar in the VeriSign Whois database. 
[1] ICANN used the domain names selected to query the Whois servers of 
850 registrars to determine if the registrars were providing free port 
43 Whois service as required by the RAA. Responses to ICANN’s queries 
were divided into five (5) categories. [2] The first query revealed that 
745 registrars returned “good” responses indicating that the Whois 
service for those 745 registrars was available to the public at the time 
of the query. ICANN is examining the responses that were not returned 
“good” and where appropriate, informing registrars of port 43 Whois 
service violations. To monitor whether registrars’ port 43 Whois 
services are functioning in conformance with RAA requirements, ICANN 
will commence regular, weekly queries and inform registrars when port 43 
Whois service violations are observed. A report regarding the Registrar 
Whois Accessibility Audit will be published in February 2008.
-- 
Glen de Saint Géry
GNSO Secretariat - ICANN
gnso.secretariat[at]gnso.icann.org
http://gnso.icann.org