Background on Whois Implementation (12 November 2000)

Resolutions Approving Agreements
(adopted 4 November 1999)

Upon motion duly made and seconded, the Board approved the adoption of the following resolutions:

WHEREAS, the Board has been presented with proposed agreements among Network Solutions, Inc., the United States Department of Commerce, and ICANN, consisting of a Registry Agreement, a revised Registrar Accreditation Agreement, an NSI registrar Transition Agreement, a revised NSI/Registrar License and Agreement, an Amendment 19 to the NSI/U.S. Government Cooperative Agreement, an Amendment 1 to the Memorandum of Understanding between ICANN and the United States Department of Commerce, and attachments to those documents;

WHEREAS, drafts of these agreements were posted on the ICANN web site and public comments received, both in writing and at a public forum held November 3, 1999;

WHEREAS, based on the comments various changes have been made to the posted documents, resulting in the agreements now before the Board; it is

RESOLVED [99.132], that the President is authorized to sign the agreements to which ICANN is a party in the form presented to the Board, with any minor technical corrections and modifications he determines appropriate;

FURTHER RESOLVED [99.133], the President is authorized to take such actions as appropriate to implement the agreements.

ICANN Bylaws
(as amended through 16 July 2000)

Article VIII, Section 4. PRESIDENT

The President will be the Chief Executive Officer (CEO) of the Corporation in charge of all of its activities and business. All other officers and staff shall report to the President or his or her delegate. The President shall serve as a member of the Board, and shall be entitled to attend any meeting of any committee. The President will be empowered to call special meetings of the Board as set forth herein, and shall discharge all other duties as may be required by these Bylaws and from time to time may be assigned by the Board.

(selected provisions regarding Whois and Privacy)

F. Public Access to Data on SLD Registrations. During the term of this Agreement:

1. At its expense, Registrar shall provide an interactive web page and a port 43 Whois service providing free public query-based access to up-to-date (i.e. updated at least daily) data concerning all active SLD registrations sponsored by Registrar in the registry for the .com, .net, and .org TLDs. The data accessible shall consist of elements that are designated from time to time according to an ICANN-adopted policy. Until ICANN otherwise specifies by means of an ICANN-adopted policy, this data shall consist of the following elements as contained in Registrar's database:

a. The name of the SLD being registered and the TLD for which registration is being requested;

b. The IP addresses of the primary nameserver and secondary nameserver(s) for the SLD;

c. The corresponding names of those nameservers;

d. The identity of Registrar (which may be provided through Registrar's website);

e. The original creation date of the registration;

f. The expiration date of the registration;

g. The name and postal address of the SLD holder;

h. The name, postal address, e-mail address, voice telephone number, and (where available) fax number of the technical contact for the SLD; and

i. The name, postal address, e-mail address, voice telephone number, and (where available) fax number of the administrative contact for the SLD.

2. Upon receiving any updates to the data elements listed in Sections II.F.1.b through d and f through i from the SLD holder, Registrar shall promptly update its database used to provide the public access described in Section II.F.1.

3. Registrar may subcontract its obligation to provide the public access described in Section II.F.1 and the updating described in Section II.F.2, provided that Registrar shall remain fully responsible for the proper provision of the access and updating.

4. Registrar shall abide by any ICANN-adopted Policy that requires registrars to cooperatively implement a distributed capability that provides query-based Whois search functionality across all registrars. If the Whois service implemented by registrars does not in a reasonable time provide reasonably robust, reliable, and convenient access to accurate and up-to-date data, the Registrar shall abide by any ICANN-adopted Policy requiring Registrar, if reasonably determined by ICANN to be necessary (considering such possibilities as remedial action by specific registrars), to supply data from Registrar's database to facilitate the development of a centralized Whois database for the purpose of providing comprehensive Registrar Whois search capability.

5. In providing query-based public access to registration data as required by Sections II.F.1 and II.F.4, Registrar shall not impose terms and conditions on use of the data provided except as permitted by an ICANN-adopted policy. Unless and until ICANN adopts a different policy, Registrar shall permit use of data it provides in response to queries for any lawful purposes except to: (a) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam); or (b) enable high volume, automated, electronic processes that apply to Registrar (or its systems).

6. In addition, Registrar shall provide third-party bulk access to the data subject to public access under Section II.F.1 under the following terms and conditions:

a. Registrar shall make a complete electronic copy of the data available at least one time per week for download by third parties who have entered into a bulk access agreement with Registrar.

b. Registrar may charge an annual fee, not to exceed US$10,000, for such bulk access to the data.

c. Registrar's access agreement shall require the third party to agree not to use the data to allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam).

d. Registrar's access agreement may require the third party to agree not to use the data to enable high-volume, automated, electronic processes that apply to Registrar (or its systems).

e. Registrar's access agreement may require the third party to agree not to sell or redistribute the data except insofar as it has been incorporated by the third party into a value-added product or service that does not permit the extraction of a substantial portion of the bulk data from the value-added product or service for use by other parties.

f. Registrar may enable SLD holders who are individuals to elect not to have Personal Data concerning their registrations available for bulk access for marketing purposes based on Registrar's "Opt-Out" policy, and if Registrar has such a policy Registrar shall require the third party to abide by the terms of that Opt-Out policy; provided, however, that Registrar may not use such data subject to opt-out for marketing purposes in its own value-added product or service.

7. Registrar's obligations under Section II.F.6 shall remain in effect until the earlier of (a) replacement of this policy with a different ICANN-adopted policy governing bulk access to the data subject to public access under Section II.F.1, or (b) demonstration, to the satisfaction of the United States Department of Commerce, that no individual or entity is able to exercise market power with respect to registrations or with respect to registration data used for development of value-added products and services by third parties.

8. To comply with applicable statutes and regulations and for other reasons, ICANN may from time to time adopt policies establishing limits on the Personal Data concerning SLD registrations that Registrar may make available to the public through a public-access service described in this Section II.F and on the manner in which Registrar may make them available. In the event ICANN adopts any such policy, Registrar shall abide by it.

J. Business Dealings, Including with SLD Holders.

7. Registrar shall require all SLD holders to enter into an electronic or paper registration agreement with Registrar including at least the following provisions:

a. The SLD holder shall provide to Registrar accurate and reliable contact details and promptly correct and update them during the term of the SLD registration, including: the full name, postal address, e-mail address, voice telephone number, and fax number if available of the SLD holder; name of authorized person for contact purposes in the case of an SLD holder that is an organization, association, or corporation; and the data elements listed in Section II.F.1.b, c, and h through i above.

An SLD holder's willful provision of inaccurate or unreliable information, its willful failure promptly to update information provided to Registrar, or its failure to respond for over fifteen calendar days to inquiries by Registrar concerning the accuracy of contact details associated with the SLD holder's registration shall constitute a material breach of the SLD holder-registrar contract and be a basis for cancellation of the SLD registration.

Any SLD holder that intends to license use of a domain name to a third party is nonetheless the SLD holder of record and is responsible for providing its own full contact information and for providing and updating accurate technical and administrative contact information adequate to facilitate timely resolution of any problems that arise in connection with the SLD. An SLD holder licensing use of an SLD according to this provision shall accept liability for harm caused by wrongful use of the SLD, unless it promptly discloses the identity of the licensee to a party providing the SLD holder reasonable evidence of actionable harm.

b. Registrar shall provide notice to each new or renewed SLD holder stating:

i. The purposes for which any Personal Data collected from the applicant are intended;

ii. The intended recipients or categories of recipients of the data (including the Registry and others who will receive the data from Registry);

iii. Which data are obligatory and which data, if any, are voluntary; and

iv. How the SLD holder or data subject can access and, if necessary, rectify the data held about them.

c. The SLD holder shall consent to the data processing referred to in Section II.J.7.b.

d. The SLD holder shall represent that notice has been provided equivalent to that described in Section II.J.7.b. above to any third-party individuals whose Personal Data are supplied to Registrar by the SLD holder, and that the SLD holder has obtained consent equivalent to that referred to in Section II.J.7.c of any such third-party individuals.

e. Registrar shall agree that it will not process the Personal Data collected from the SLD holder in a way incompatible with the purposes and other limitations about which it has provided notice to the SLD holder in accordance with Section II.J.7.b, above.

f. Registrar shall agree that it will take reasonable precautions to protect Personal Data from loss, misuse, unauthorized access or disclosure, alteration, or destruction.

8. Registrar shall abide by any ICANN-adopted policies requiring reasonable and commercially practicable (a) verification, at the time of registration, of contact information associated with an SLD registration sponsored by Registrar or (b) periodic re-verification of such information. Registrar shall, upon notification by any person of an inaccuracy in the contact information associated with an SLD registration sponsored by Registrar, take reasonable steps to investigate that claimed inaccuracy. In the event Registrar learns of inaccurate contact information associated with an SLD registration it sponsors, it shall take reasonable steps to correct that inaccuracy.

---

NSI Registry Agreement
(form approved 4 November 1999)

(selected provisions regarding Whois)

9. Publication by NSI of Registry Data.

(A) NSI shall provide an interactive web page and a port 43 Whois service providing free public query-based access to up-to-date (i.e. updated at least daily) registry database data which, in response to input of an SLD name, shall report at least the following data elements in response to queries: (a) the SLD name registered, (b) the TLD in which the SLD is registered; (c) the IP addresses and corresponding names of the primary nameserver and secondary nameserver(s) for such SLD, (d) the identity of the sponsoring Registrar, and (e) the date of the most recent modification to the domain name record in the registry database; provided, however, that if ICANN adopts a Consensus Policy that adds to or subtracts from these elements, NSI will implement that policy.

(B) To ensure operational stability of the registry, NSI may temporarily limit access under subsection (A), in which case NSI shall immediately notify ICANN of the nature of and reason for the limitation. NSI shall not continue the limitation longer than three business days if ICANN objects in writing, which objection shall not be unreasonably made. Such temporary limitations shall be applied in a nonarbitrary manner and shall apply fairly to any registrar similarly situated, including NSI.

(C) NSI as registry shall comply with Consensus Policies providing for development and operation of a capability that provides distributed free public query-based (web and command-line) access to current registration data implemented by registrars providing for capabilities comparable to WHOIS, including (if called for by the Consensus Policy) registry database lookup capabilities according to a specified format. If such a service implemented by registrars on a distributed basis does not within a reasonable time provide reasonably robust, reliable and convenient access to accurate and up-to-date registration data, NSI as registry shall cooperate and, if reasonably determined to be necessary by ICANN (considering such possibilities as remedial action by specific registrars), provide data from the registry database to facilitate the development of a centralized service providing equivalent functionality in a manner established by a Consensus Policy.