An ICANN working group is deciding whether to make the Whois directory, a primary tool for flushing out typo squatters and phishers, unavailable to the public.
The Whois directory can be a critical tool for companies to identify and shut down typo squatters, cyber squatters and phishers. The immediate access it grants to a site registrant's information, brand stewards say, can reduce the time it takes to shut down a harmful Web site from days to hours.
A working group within ICANN is now reviewing proposals to determine whether to allow Whois, which houses the contact details of domain owners and administrators, to remain open to the public or to restrict access to only a few parties. Brands themselves may be left out of the loop, which would give typo squatting sites more time to make money and tarnish a company's image before being shut down.
Brand monitoring firms such as MarkMonitor or CitizenHawk use the Whois database, along with other tactics, to shutter sites run by typo squatters; and some are concerned about the implications of reduced access to it.
"We think of the Whois system as a critical component of what we do," Graham MacRobie, CEO of Citizen Hawk told ClickZ News.
"We have automated systems that go out and find misspelled names, collect screenshots and conduct analysis, collect the Whois record, and use all of that information to prioritize" how to handle cases of infringement, he said.
Once a threat is identified, the Whois directory also helps Citizen Hawk and other companies identify patterns to find other sites owned or operated by the same individuals.
Whois was never meant to serve such purposes. It started as more of a buddy list, a way for system administrators to contact other IP addresses and Webmasters. Years later, as commercial and corporate activity began to overshadow the Web's roots in academia, spammers began scraping Whois for working e-mail addresses. Additionally, some expressed concern about the privacy and safety of registrants.
"If you register a domain name, if you answer the questions honestly, you find that your home telephone and home address is posted for everyone in the whole world to see," said David Maher, SVP of law and policy for the Public Interest Registry. "It seems to me that a private individual should be able to keep his home address off the Internet."
ICANN has been debating the issue for four years, and is now considering two proposals. The first makes only a subset of data public and restricts access to an assigned party in order to prevent bad faith or fraud. ICANN would relay information to the registrant, reveal retained data only under specified conditions, and remedy certain circumstances in order to prevent harm. The second proposal would suppress Whois data for registrants who demonstrate a need for special treatment. An example commonly discussed is the registrant for a battered women's shelter. Previous versions of proposals have suggested limiting access to the Whois directory to law enforcement; these are considered unlikely to succeed.
"When phishing sites get shut down, it takes hours. Law enforcement doesn't get involved for a few weeks," said Dr. Laura Mather, senior scientist at MarkMonitor and managing director of operational policy for the Anti-Phishing Working Group. "ICANN listened and understands; it is well represented that third-party entities need access."
The fine line between transparency and privacy is on the agenda of an ICANN meeting in Los Angeles slated for October. While the summit is for members of ICANN and Internet stakeholders to meet, it is open to the public and will offer the opportunity for attendees to comment. The ICANN task force assigned to come up with a proposal for the Whois directory is expected to reach a decision in October at that meeting. While brand monitoring companies are concerned about the outcome, it is possible no changes will be made.
"That process has reached the point that it looks like the community may decide to shelve further discussions on Whois," said ICANN's executive vice president of corporate affairs, Paul Levins. "The community is clearly divided. Those in favor of changes restricting access point to privacy concerns for individual domain name registrants. Those against -- primarily law enforcement and trademark lawyers -- want to keep the current level of access to Whois."
On the heels of a fantastic event in New York City, ClickZ Live is taking the fun and learning to Toronto, June 23-25. With over 15 years' experience delivering industry-leading events, ClickZ Live offers an action-packed, educationally-focused agenda covering all aspects of digital marketing. Register today!
Want to learn more? Join us at ClickZ Live San Francisco, Aug 10-12!
Educating marketers for over 15 years, ClickZ Live brings together industry thought leaders from the largest brands and agencies to deliver the most advanced, educational digital marketing agenda. Register today and save $500!
Gartner Magic Quadrant for Digital Commerce
This Magic Quadrant examines leading digital commerce platforms that enable organizations to build digital commerce sites. These commerce platforms facilitate purchasing transactions over the Web, and support the creation and continuing development of an online relationship with a consumer.
Paid Search in the Mobile Era
Google reports that paid search ads are currently driving 40+ million calls per month. Cost per click is increasing, paid search budgets are growing, and mobile continues to dominate. It's time to revamp old search strategies, reimagine stale best practices, and add new layers data to your analytics.
June 10, 2015
12:00pm ET/9:00am PT