Whois Directory, a Tool for Brand Defenders, May Be Veiled

The Whois directory can be a critical tool for companies to identify and shut down typo squatters, cyber squatters and phishers. The immediate access it grants to a site registrant’s information, brand stewards say, can reduce the time it takes to shut down a harmful Web site from days to hours.

A working group within ICANN is now reviewing proposals to determine whether to allow Whois, which houses the contact details of domain owners and administrators, to remain open to the public or to restrict access to only a few parties. Brands themselves may be left out of the loop, which would give typo squatting sites more time to make money and tarnish a company’s image before being shut down.

Brand monitoring firms such as MarkMonitor or CitizenHawk use the Whois database, along with other tactics, to shutter sites run by typo squatters; and some are concerned about the implications of reduced access to it.

“We think of the Whois system as a critical component of what we do,” Graham MacRobie, CEO of Citizen Hawk told ClickZ News.

“We have automated systems that go out and find misspelled names, collect screenshots and conduct analysis, collect the Whois record, and use all of that information to prioritize” how to handle cases of infringement, he said.

Once a threat is identified, the Whois directory also helps Citizen Hawk and other companies identify patterns to find other sites owned or operated by the same individuals.

Whois was never meant to serve such purposes. It started as more of a buddy list, a way for system administrators to contact other IP addresses and Webmasters. Years later, as commercial and corporate activity began to overshadow the Web’s roots in academia, spammers began scraping Whois for working e-mail addresses. Additionally, some expressed concern about the privacy and safety of registrants.

“If you register a domain name, if you answer the questions honestly, you find that your home telephone and home address is posted for everyone in the whole world to see,” said David Maher, SVP of law and policy for the Public Interest Registry. “It seems to me that a private individual should be able to keep his home address off the Internet.”

ICANN has been debating the issue for four years, and is now considering two proposals. The first makes only a subset of data public and restricts access to an assigned party in order to prevent bad faith or fraud. ICANN would relay information to the registrant, reveal retained data only under specified conditions, and remedy certain circumstances in order to prevent harm. The second proposal would suppress Whois data for registrants who demonstrate a need for special treatment. An example commonly discussed is the registrant for a battered women’s shelter. Previous versions of proposals have suggested limiting access to the Whois directory to law enforcement; these are considered unlikely to succeed.

“When phishing sites get shut down, it takes hours. Law enforcement doesn’t get involved for a few weeks,” said Dr. Laura Mather, senior scientist at MarkMonitor and managing director of operational policy for the Anti-Phishing Working Group. “ICANN listened and understands; it is well represented that third-party entities need access.”

The fine line between transparency and privacy is on the agenda of an ICANN meeting in Los Angeles slated for October. While the summit is for members of ICANN and Internet stakeholders to meet, it is open to the public and will offer the opportunity for attendees to comment. The ICANN task force assigned to come up with a proposal for the Whois directory is expected to reach a decision in October at that meeting. While brand monitoring companies are concerned about the outcome, it is possible no changes will be made.

“That process has reached the point that it looks like the community may decide to shelve further discussions on Whois,” said ICANN’s executive vice president of corporate affairs, Paul Levins. “The community is clearly divided. Those in favor of changes restricting access point to privacy concerns for individual domain name registrants. Those against — primarily law enforcement and trademark lawyers — want to keep the current level of access to Whois.”

Related reading