[council] FYI

Denise Michel denise.michel at icann.org
Sat Nov 1 07:51:31 UTC 2008

Stacy Burnette, ICANN's Contractual Compliance Director, posted the
following update on WHOIS-related compliance work that I thought you might
find informative.  I've included it below for your inforation.


Denise Michel
ICANN VP, Policy
policy-staff at icann.org

What's happening with Whois compliance
activities?<http://blog.icann.org/?p=384> October
31st, 2008 by Stacy Burnette

Whois has been a complex issue within ICANN, and continues to receive
attention at the policy level. While this important policy work goes on,
ICANN still has the clear responsibility to enforce existing Whois
provisions in the Registrar Accreditation Agreement (RAA), and to better
understand the real world status of Whois accuracy and Whois related
services (e.g. privacy and proxy registration services).

So, what is ICANN doing for Whois compliance? Here is a recent survey of

*1. A Whois Accuracy Study to Assess the Accuracy of Registrant Data in the
Whois Database *
Understanding the Whois environment is important. The GNSO is considering,
and the GAC has called for, various Whois-related studies. You may or may
not know that there has been study work underway, and some new work is just
starting. There has been a long-running and challenging effort underway to
statistically answer the question "How accurate is Whois data?" After
multiple starts on such a study, an initial study/contract phase has just
been completed with the National Opinion Research Center (associated with
the University of Chicago) to design such a study. NORC recently provided
ICANN with a proposed methodology for selecting a representative sample of
domain names and a proposed methodology for verifying the accuracy of Whois
data. ICANN is analyzing this information and we're optimistic that this
will turn into an executable study plan within the next few weeks.

*2. A Registrar Privacy/Proxy Registration Services Study to Assess the
Extent to Which Registrants Are Using Privacy/Proxy Registration Services*
ICANN has initiated a study of Proxy/Privacy Registration Services. The
purpose of this study is to determine the extent to which registrants are
using privacy and proxy registration services and to obtain information
regarding the business models used to provide such services. As part of this
study, ICANN will send a survey to all ICANN-accredited registrars
requesting that they provide, among other things, information regarding the
number of registrations they manage that currently use privacy or proxy
registration services. The survey is being finalized and it is anticipated
that registrars will receive ICANN's survey before the end of 2008.

*3. ICANN's Whois Data Problem Report System (WDPRS) is Undergoing a
Redesign to Improve Functionality and Meet Community Needs*
The Whois Data Problem Report System (WDPRS), implemented in 2002 to assist
registrars in complying with their obligation to investigate Whois
inaccuracy claims, is undergoing a system redesign. ICANN frequently
receives thousands of Whois inaccuracy claims through this system per day.
The redesigned software system (to be completed in November), will include
components that allow for better, hands-on analysis of actual problem
reports and processing of bulk Whois inaccuracy claims. I'm happy to note
that there has been consultation with high volume submitters and
representatives from the Intellectual Property and Registrar constituencies
regarding the system redesign (these high volume submitters account for
about 80% of inaccuracy complaints filed through the WDPRS.)

A demonstration of the redesigned WDPRS will be provided at the Cairo
meeting as well as information regarding ICANN's findings relative to our
manual reviews of Whois inaccuracy claims. This work should result in
quality improvements for users of the WDPRS and system improvements that
allow ICANN to better monitor Whois accuracy compliance. Moreover, we
anticipate the use of the redesigned WDPRS to lead to a better understanding
of the environment: How long does it take to go from an inaccuracy complaint
to resolution of that complaint? How many complaints are successfully
resolved the first time?

*4. Recent Whois-Related Enforcement Action – Notices of Breach*
The community may have noted that in October two registrars, Joker.com and
DNS.com.cn, were sent breach notices regarding insufficient follow-up on
complaints of Whois inaccuracy. Inaccuracy investigation, per the RAA, is a
requirement and it is important that this requirement be taken seriously.

ICANN analyzed both registrars' responses to ICANN's notices of breach and
found that Joker.com appeared to take reasonable steps to investigate the
Whois inaccuracy claims provided. Conversely, DNS.com.cn was found
non-compliant, as it failed to take reasonable steps to investigate the
Whois inaccuracies indentified by ICANN.

Consistent with RAA requirements, DNS.com.cn cured the cited breach within
15 days to avoid termination by ICANN. However, in an effort to ensure that
DNS.com.cn complies with the registrar Whois accuracy requirements set forth
in Section 3.7.8 of the RAA, ICANN developed a remediation plan that
requires DNS.com.cn to provide monthly reports identifying, among other
things, exactly what steps were taken to investigate each Whois inaccuracy
claim sent to DNS.com.cn via the WDPRS. DNS.com.cn has agreed to remain on
ICANN's remediation plan for six months.

*5. Whois Data Inaccuracy Audit - Ongoing*
ICANN has conducted a Whois Data Inaccuracy Investigation Audit, and will
continue to do this in the future. Thirty ICANN-accredited registrars were
part of the audit. Each of these 30 registrars was asked to provide specific
information on 10 domain names randomly selected from the WDPRS. From the
selected sample, 187 domain names were included in the audit. Registrars
took action on 89 of them, and as of 12 June 2008, registrars report they
are currently investigating an additional 26 domain names.

*6. Whois Data Reminder Policy Audit - Ongoing*
The Whois Data Reminder Policy Compliance Audit has been ongoing. In the
first half of 2008, reports showed 850 of 901 registrars responded, and 98%
of responders were found in compliance. (Follow-up action has been taken
with non-respondants.) This means that the vast majority of gTLD registrants
are contacted at least annually regarding updating their Whois records.

ICANN will continue to broaden its efforts to enforce the Whois provisions
of the RAA and study trends that impact Whois accuracy, but I thought it
would be useful to review the plans for future Whois compliance action and
the Whois compliance actions underway right now.

For current information regarding ICANN's Whois-related compliance
activities, community members are encouraged to read and subscribe to the
monthly ICANN Compliance Newsletter
In almost every issue, you'll find some update on Whois compliance actions.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/council/attachments/20081101/3e099b56/attachment.html>

More information about the council mailing list