[dow1tf] Markmonitor and Alldomains cooments to Whois task force 1

["gnso.icann" <gnso.secretariat@xxxxxxxxxxxxxx>]

Please find the comments from Markmonitor and Alldomains  to Whois task
force 1 
GNSO Secretariat
 
July 5, 2004
 

Via  Email

 
ICANN WHOIS Taskforce I
 
Attn:     Chairman
 
            Re:       WHOIS Taskforce I Preliminary Report on
Restricting Access of 
                        WHOIS For Marketing Purposes
 
Gentlemen:
 
I am writing to provide comments to the report issued by the WHOIS
Taskforce I regarding policy recommendations to restrict access of WHOIS
for Marketing Purposes.  
 
I.                    Background.  
 
I represent  eMarkmonitor, Inc. ("Markmonitor") and Alldomains.com, Inc.
("Alldomains"), each of which are ICANN accredited registrars.  As you
may know, Markmonitor and Alldomains offer corporate domain name
registration services to the world's largest corporations and
collectively serve over 33 of the U.S. Fortune 100.   Their businesses
include the provision of reports and services to its customers that
incorporate WHOIS records, including various reports distributed by
Lexis-Nexis, a long-time alliance partner of Markmonitor.  
 
The Markmonitor and Alldomains  reports are used by their customers to
protect against infringement, and by law enforcement agencies to combat
illegal online activity, such as the ever growing "phishing" scams that
attempt to steal the private financial information of consumers.  These
reports, which typically include reverse-registrant look-ups and
multi-field searching, are used by companies for many legitimate
purposes such as to identify cybersquatters in preparation for UDRP
proceedings, to support civil litigation, and to assist companies in
managing their domain name portfolios.
 
In general, we are concerned that the report published by Taskforce I
may make it more difficult for service providers such as Lexis-Nexis and
Markmonitor to continue to provide these types of reports which are used
for non-marketing purposes.  It is important to the legal and law
enforcement communities that WHOIS records be made available to service
providers on an unlimited, bulk basis in order to ensure that these
reports and services continue to be available in the marketplace.  In
order to provide meaningful reports in a timely manner, one-field or
one-record queries simply do not provide sufficient access to service
providers.  Bulk access licenses and unlimited access to Port 43 are
needed so that service providers such as Markmonitor and Lexis-Nexis can
apply their sophisticated searching methodologies to provide their
customers with accurate and relevant search results.
 
II.        Specific Comments to the Report.
  
A.        Recommendations are Overly Restrictive of WHOIS for
Non-Marketing Purposes.  The Report makes recommendations that exceed
the intended scope of Taskforce 1.   Instead of focusing on proposing
limitations that limit WHOIS only for "marketing purposes," its
recommendations affect all other legitimate purposes of WHOIS.  As a
result, the Taskforce I's recommendations adversely affect the ability
of persons to access WHOIS for legitimate purposes.   
 

B.        Data Mining for Non-Marketing Purposes should not be
Prohibited.  The Report takes the policy position that all, not just
marketing related data mining, should cease.   Underlying each of these
recommendations is an assumption that only "one off" searches should be
allowed and that "bulk" searches should be prohibited.  While "bulk"
searches for marketing purposes should not be allowed, "bulk" searches
are often needed to provide legitimate value added services, such as
those that serve the law enforcement or intellectual property
communities.  

 

For example, Taskforce 1 cites the growing number of "phishing"
incidents that are targeting consumers.  Markmonitor's reports and
services are used by many large financial institutions to identify the
individuals perpetrating the phishing attacks against their customers.
These financial institutions, as well as the government agencies that
prosecute phishing related crimes, rely on value added services like
those offered by Markmonitor.  These services are dependent upon access
to WHOIS records in unlimited quantities in order to provide the
multi-field searches necessary to provide these much needed reports.  As
a result, unlimited access to WHOIS, through Port 43 and Bulk Access
Agreements, needs to be permitted for research purposes by value added
service providers.

 

C.        Proposed restriction of Access by Registrars to sensitive
information in Port 43 is overbroad.   If the intent is to address past
problems associated with a few registrars that have engaged in wrongful
data mining for marketing purposes, this recommendation unfairly
restricts all registrars, including those registrars who have not
engaged in such conduct.  Registrars should be able to access Port 43 to
support its registrar business and any other permissible non-marketing
purpose.  To the extent that registrars violate these rules, ICANN
should undertake enforcement procedures that address noncompliance.

 

D.        Access to sensitive information should be reasonably available
on an automated basis.  The Report assumes that sensitive information
should not be accessed on an automated basis.  If this recommendation is
meant to address the privacy concerns of individuals, query whether the
restriction is necessary for those registrants, such as commercial
interests, that may not be interested in privacy protections.  For
example, some individuals may chose to consent to the disclosure of
information deemed "sensitive" in the same way that they may chose to
allow their information associated with their telephone number to be
listed in public directories.  Consequently, there should be a mechanism
to allow publication and access on an automated basis of sensitive
information so long as the privacy concerns are appropriately addressed
to protect only those who desire privacy.

 

E          A cost benefit analysis and feasibility study should evaluate
the impacts of changes to WHOIS policy on the current market.   We
believe that a cost benefit analysis of the type suggested by Taskforce
1 is advisable.  However, we propose that this analysis should also
evaluate how ICANN policy changes would affect the market that relies on
current WHOIS policies.  Many legitimate value added service providers
access WHOIS through Port 43 and bulk access agreements to develop their
reports and services that incorporate this information.  Eliminating
their access to WHOIS would likely have an anticompetitive effect on
this marketplace. 


 


F.         Requiring Registrant Notice of Access is Problematic.
Providing a registrant notice that its WHOIS record has been accessed
would be problematic for a number of reasons.  Given the overwhelming
public sentiment against receiving unwanted e-mail, there is no basis
for adopting a policy that could affect millions of users if ICANN were
to require email notification of such access.   Imposing such a
requirement would also impose significant costs on registrars who would
be required to develop programs that would store and report on  the
number of times a WHOIS record is accessed.  Furthermore, providing such
notice to registrants engaged in wrongful conduct could be detrimental
to the individuals investigating the wrongful act, since the registrant
is likely to respond by transferring the ownership of the domain name
before a UDRP can be commenced or by changing the WHOIS record to make
it less likely that they would be identified.

 
G.        The Need for Bulk Access Agreements. Taskforce 1was generally
silent on the need for continued access to WHOIS records on a bulk
basis.  Other than an introductory observation that the data mining
problems that plague the industry are not related to the bulk access
agreements, the report generally did not make any recommendations on
bulk access requirements.   Bulk access requirements are an important
method of providing WHOIS records to value added service providers such
as Markmonitor, Thomson & Thomson and Lexis Nexis.  ICANN should affirm
its bulk access requirements when it evaluates the WHOIS issues
presented by Taskforce 1.  Without assurances that bulk access will
continue to be available, service providers will be forced to rely
solely on Port 43 for access, which would likely impose burdens on the
registrar's computing resources due to the volume and magnitude of
searches necessary to perform their services.  In affirming the bulk
access requirements, ICANN should attempt to define "marketing purposes"
and propose a standard form of a Bulk Access Agreement to be adopted by
all registrars.   This would prevent registrars from imposing burdensome
requirements in an effort to discourage legitimate licensees of WHOIS
data on a bulk basis.  For example, in the past, registrars have
attempted to impose a $1,000,000 penalty in their bulk access agreements
in order to discourage legitimate licensees of the bulk access WHOIS
data.  By standardizing the Bulk Access Agreements, registrars would be
unable to impose burdensome contractual terms on legitimate licensees.
 
 
 
 
In conclusion, we encourage the TaskForce to recognize the need for
service providers to have unlimited and immediate access to WHOIS
through Port 43 and bulk license arrangements.   In addition, any new
ICANN WHOIS policies should be coupled with appropriate enforcement
safeguards in the event that any registrars or other parties fail to
comply with the new policies.
 
If you have any questions regarding the foregoing, please feel free to
contact the undersigned. 
 
Sincerely,
 
 
 
Margie Milam,
General Counsel of 
EMarkmonitor, Inc.
And Alldomains.com, Inc.