Cybertelecom
Cybertelecom
Federal Internet Law & Policy
An Educational Project

WHOIS

Dont be a FOOL; The Law is Not DIY
Internet Addresses
- DNS
- History
- NTIA & Fed Activity
- ICANN
- Root Servers
- ccTLDs
- - .us
- - -.kids.us
- gTLDs
- - .gov
- - .edu
- - .mil
- - .xxx
- WHOIS
- WGIG
- ENUM
- IP Numbers
- - IPv6
- BGP
- NATs
- Ports
- Security
- Trademark
- AntiCybersquatter Consumer Protection Act
- Gripe Sites
- Truth in Domain Names
Telephone Addresses

WHOIS is a DNS (and IP address) tool that identifies who has registered a particular domain name. WHOIS works by querying the WHOIS database with a domain name, and receiving back detailed information including contact information for the registrant, contact information for the host, technical information such as relevant IP number addresses, and expiration dates of the domain name. WHOIS is a tremendously useful tool, however WHOIS data is openly available to everyone everywhere - a privacy issue, and a significant portion of WHOIS data is either falsified or is incomplete. [GAO] [Farnan 2003] [ARIN's WHOIS]

WHOIS has become a policy issue because:

This simple issue has become highly charged and entrenched with years of deliberation without resolution. In the post-9/11 era, law enforcement demands on WHOIS have increased significantly.

WHOIS Accuracy: A complaint is that WHOIS data can be inaccurate, stale, or fraudulent, thus frustraiting LEA.

WHOIS has been examined by the US Congress, ICANN, and many other legal or policy bodies. ICANN initiated in November 2007 a study of WHOIS data accuracy; the first report from the study is expected February 2008.

Derived from Internet Domain Names: Background and Policy Issues, CRS Report to Congress PDF July 14, 2006:

On April 12, 2006, the GNSO approved an official "working definition" for the purpose of the public display of WHOIS information. The GNSO supported a narrow technical definition favored by privacy advocates, registries, registrars, and non-commercial user constituencies, rather then a more expansive definition favored by intellectual property interests, business constituencies, Internet service providers, law enforcement agencies, and the Department of Commerce (through its participation in ICANN's Governmental Advisory Committee). At ICANN's June 2006 meeting, opponents of limiting access to WHOIS data continued urging ICANN to reconsider the working definition. The GNSO will next decide what data should be available for public access in the context of the working definition.

Meanwhile, over the past several years, with the WHOIS database continuing to be publicly accessible, registrants who wish to maintain their privacy have been able to register anonymously using a proxy service offered by some registrars. In February 2005, the National Telecommunications and Information Administration (NTIA) - which has authority over the .us domain name - notified Neustar (the company that administers .us) that proxy or private domain registrations will no longer be allowed for .us domain name registrations, and that registrars must provide correct WHOIS information for all existing customers by January 26, 2006. According to NTIA, this action will provide an assurance of accuracy to the public and to law enforcement officials. The NTIA policy is opposed by privacy groups and registrars who argue that the privacy, anonymity, and safety of people registering .us domain names will be needlessly compromised. A lawsuit is pending in U.S. District Court that challenges the NTIA policy.

Derived From: Derived From: Lennard Kruger, Internet Domain Names: Background and Policy Issues, Congressional Research Service p 10 (Oct. 28, 2009)

On April 12, 2006, the GNSO approved an official "working definition" for the purpose of the public display of WHOIS information. The GNSO supported a narrow technical definition favored by privacy advocates, registries, registrars, and non-commercial user constituencies, rather then a more expansive definition favored by intellectual property interests, business constituencies, Internet service providers, law enforcement agencies, and the Department of Commerce (through its participation in ICANN's Governmental Advisory Committee). At ICANN's June 2006 meeting, opponents of limiting access to WHOIS data continued urging ICANN to reconsider the working definition. On October 31, 2007, the GNSO voted to defer a decision on WHOIS database privacy and recommended more studies. The GNSO also rejected a proposal to allow Internet users the option of listing third party contact information rather than their own private data. Currently, the GNSO is exploring several extensive studies of WHOIS.

Solutions: A current proposed solution is know as the Operational Point of Contact (oPOC) solution. This would attempt to solve both problems: giving law enforcement access to WHOIS data while otherwise ensuring privacy of registrants. This is achieved by placing a proxy in the WHOIS database in place of the WHOIS registrant's information. If law enforcement needs access to the actual information, law enforcement would contact the proxy; otherwise the personal information of the registrant is not publicly visible within the WHOIS database. A claimed advantage of the OPOC solution is that it is an administrative solution which requires no technical change to WHOIS or the DNS. Some proxy registrars already exist.

This solution is controversial (for example, how do you determine who is a legitimate law enforcement agency; how do you comport with multiple national privacy laws).

  • First created April 2005 by independent working group Mar del Plata, Argentina
  • Presented to GNSO WHOIS Task Force Jan. 18, 2006
  • GNSO WHOIS Task Force Final Report August 2007
  • Statistics | Assessment | Forensics

    Petreaus Incident

     

    Hearings

    Law

    Govt Activity

    ICANN

    Registrar Advisory concerning the 15 Day Period in Whois Accuracy Requirements, April 3, 2003, and.

     

    Documents

    Timeline

    Notes

    News

    © Cybertelecom ::