ICANN Reports On WHOIS Inaccuracies

The Internet Corporation for Assigned Names and Numbers (ICANN) Wednesday published the first in what will be an annual report on the steps being taken to wipe out bogus or incomplete information found in domain registrations.

The findings? Nearly 5,000 of the 24,148 complaints dealt with domains containing incorrect or incomplete contact information -- telephone numbers, email addresses, street addresses -- of known or suspected spammers.

The WHOIS database is a list of registered owners for every top-level domain (TLD) name governed by the Marina del Ray, Calif., organization -- .com, .net, .org, .aero, .biz, .coop, .info, .museum, .name and .pro. Registrars, the companies who sell the domain names, are under contract to ensure the contact information regarding the domain registration is correct.

But for years, the WHOIS database has been plagued with inaccuracies, likely thanks to people with quasi-legal or illegal enterprises headquartered on the Internet who are trying to avoid detection. While registrars automate the forms to get people signed up and on the Internet, there is no automated process to ensure the information is correct.

The situation came to a head in May 2002, when Federal Trade Commissioner J. Howard Beales III, director of the Bureau Of Consumer Protection, said the many inaccuracies were preventing his agency from stopping illegal operations being conducted through the Internet.

"We cannot easily sue fraudsters if we cannot find them," he complained to a House panel at the time.

What the FTC and others found was that while the owners of Internet fraud sites were leaving legitimate emails, the contact information that would lead to a real-world arrest was being left out. The report confirms that: It said that 54 percent of the complaints dealt with missing or incorrect mailing addresses; another 49 percent had bogus phone numbers.

As a result, ICANN instituted the WHOIS Data Problem Report System (WDPRS) in September 2002 to let individual users report incorrect domain registration information. In the following 18 months, the organization received 24,148 confirmed WHOIS inaccuracies, with 16,045 unique domain names listed (8,103 complaints were duplicates).

Individuals fill out an online form at the InterNIC Web site maintained by ICANN, which is then sent on to ICANN staffers. Once they receive the report and confirmed it, ICANN sends it on to the registrar to investigate. However, one glaring hole in the process is that registrars are not required to report back to ICANN on the status of their investigations.

"ICANN's experience has been that accredited registrars by and large do conscientiously comply with their contractual obligations by acting promptly to correct incomplete or inaccurate data that is brought to their attention," the report stated. The report went on to say registrars reported back on 36 percent of the total number of reports sent.

Of the 10 domain extensions, 82 percent of complaints were about incorrect contact info supplied in the .com space. .Net lagged a distant second, with 13 percent of the complaints.

An interesting find in the report is that no particular registrar was more deficient than its competitors in the number of incorrect WHOIS entries. The report stated, "The number of complaints sent to each registrar was generally proportional to each registrar's relative market share."

Each of the 192 ICANN-accredited registrars is under contract to provide "accurate and reliable contact details and promptly correct and update them during the term of the registered name registration," the boilerplate contract reads. Failure to take adequate steps to correct the errors would result in a material breach of contract. What this means for the registrar community remains to be seen.

ah, ha! FR DNS problems explained.

Here is a link to the place you can report incorrect information: http://wdprs.internic.net/

Yup. Keep in mind FR has had the domain since 1996, well before the czar came to town. It still ticks me off they (the registrar) didn't bother to initiate contact with the Administrative contact nor the Billing contact nor the Technical contact (albeit all three are the same, but the info there is good.)

I see this whole thing as the first step in discouraging independent (read: home-based) Internet publications. Who wants every wacko in the world to have your telephone number and worse street address. What if you publish something somebody really finds offensive?

I suppose so. Someone could always create an answering service that would provide the address and phone number information for websites so as to act as a buffer between the site owner & the site visitors.

5 posted on 04/01/2004 9:56:31 AM PST by NotQuiteCricket (10 kinds of people in the world us and them.)

There may already be a service like that.

But I have to ask, why have this information public at all? It should be made available to "law enforcement" officials (loosely defined) but otherwise the information isn't required by the general public. By having it out there it opens up an avenue for abuse (spammers, telemarketers, stalkers, etc.)

7 posted on 04/01/2004 7:40:28 PM PST by Bogey78O (I voted for this tagline... before I voted against it.)

Ring-a-ding-ding. There's nothing a PO Box and a never-turned-on cell phone can't fix, though.

8 posted on 04/17/2004 4:16:23 AM PDT by steveegg (Radical Islam has more in common with Islamic populations than the mainstream media has with America)

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.