REGISTER.COM, INC. v. VERIO INC., 00-Civ-5747 (BSJ) REGISTRY SERVICES In connection with the lawsuit entitled Register.Com v. Verio Inc., 00 Civ 5747(BSJ), pending in the United States District Court, Southern District of New York, the Hon. Judge Barbara Jones requested that the Internet Corporation for Assigned Names and Numbers ("ICANN") file an amicus curiae brief regarding its position as to, inter alia, the propriety of certain marketing practices by the defendant, Verio, Inc. ("Verio"). In response to this request, ICANN, by its Vice President and General Counsel, Louis Touton, Esq., expressed its concern that "Verio Inc. may be using zone file data to enable high volume, automated, electronic processes directed at the Whois servers of Register.com and perhaps other registrars." Accordingly, ICANN has requested that Verisign Global Registry Services, ("the Registry") as the registry for the .com, .net and .org Top Level Domains ("TLDs"), investigate "with reference to the various agreements, the circumstances under which Verio is obtaining the zone-file data". Mr. Touton's request to the Registry is annexed hereto as Exhibit "A". On or about August 3, 2000, an action was commenced by Register.Com, Inc. ("Register.Com") in the United States District Court for the Southern District of New York against Verio. Register.Com is an ICANN accredited registrar for second level domain names ("SLDs") in the .com, .net and .org TLDs. Verio is not an accredited registrar and has chosen to remain free from contractual oversight by ICANN. Register.Com alleges that, by its "unauthorized and wrongful" access and use of Register.Com's computers and computer networks, Verio has transmitted to customers of Register.Com unsolicited commercial electronic mail, telephone calls, and direct mail, which Register.Com claims constitutes unfair competition, false designation of origin, service mark dilution, violation of the Computer Fraud and Abuse Act, trespass to chattel, breach of contract, tortious interference with business relations and tortious interference with prospective economic advantage. The factual predicate for Register.Com's complaint is that, beginning in late 1999 and continuing through July 2000, Verio accessed and used Register.Com's Whois database in order to identify and obtain contact information regarding Register.Com's customers within a short time period after the customer's registration of a domain name. It is alleged that this information was used to make unsolicited sales contacts through (1) e-mail, (2) telephone solicitations and (3) commercial direct mail. Verio did this in order to sell to Register.Com's customers such services as web site development, web hosting and URL forwarding and other Internet services that are also offered by Register.Com and others. It is further alleged that Verio made these contacts soon after registration, in some cases as soon as 12 - 24 hours after the domain names had been registered with Register.Com. Verio has denied that anything that Verio has done amounts to wrongdoing. Indeed, Verio admits having done what is alleged. Verio has also responded that Register.Com has imposed additional anticompetitive terms on the use of Register.Com's Whois database, above and beyond those permitted by its Accreditation Agreement with ICANN.1 Register.Com sought a preliminary injunction prohibiting Verio's contested actions by Order to Show Cause, returnable August 4, 2000. On or about August 4, 2000, a Temporary Restraining Order Upon Consent, was stipulated to by the parties and so ordered by the Court, a copy of which is annexed hereto as Exhibit "B". The Consent Order provided that Verio would suspend its challenged practices until a full hearing was held on the motion, that the parties would have an opportunity to conduct some discovery and set a briefing schedule and a hearing date. By the Consent Order, the parties likewise agreed to limit their statements to the press concerning this case. Discovery was conducted by the parties. However, pursuant to a separate Agreement, negotiated between the parties and so ordered by Magistrate Judge Andrew J. Peck, the parties were permitted to designate as "confidential" materials that they contend should be protected from public disclosure. Accordingly, the record regarding this matter, including sworn statements by the parties, are only available for this investigation in limited, "redacted" form.2 On December 8, 2000, the Court issued a forty-page decision preliminarily enjoining Verio under all claims alleged by Register.com, pending a final decision on the merits of the case. The Court's Order is annexed as Exhibit "C". Particularly relevant to the Investigation Report is Paragraph 3 of the Court's injunction. Verio is enjoined under Paragraph 3 (p. 39) from:
The Order does not, on its face, address Verio's access of the Registry's TLD Zone files or WHOIS databases. In fact, the Order states that the Court does not consider the issue of Verio's access of the Registry's computer system to be before it. Verio characterizes this case as one of "Register.com's attempt to enforce improper use restrictions on its [Register.Com's] Whois data." (See Verio's Response to Submission of Amicus Curiae, hereinafter, "Verio's Response," p.1.) Verio, in effect, seeks to use Register.Com's alleged "violation of its Accreditation Agreement" as a defense for Verio's own actions. Thus, Verio argues:
(Verio's Response, p.1, emphasis added.) However, Register.Com is not obliged to provide access to its Whois data "free of use restrictions," although some restrictions may be authorized and others not.3 What is and what is not "authorized" as a registrar's restriction is set forth in the Registrar Accreditation Agreement between ICANN and each accredited registrar, at Section II(F)(5).4 The focus of Verio's Response shifts in the next sentence, as Verio abruptly switches its discussion of databases and contracts, from registrar Register.Com's Whois database to the Registry's central files:5
(Verio Response, p.1.) Verio then describes the content of the TLD Zone files but never discusses the contractual obligations of the respective parties: NSI [as a Registry] provides access to the registry database, which contains all the .com, .net, and .org top level domain names [i.e., the TLD Zone file], free of charge through the Zone File Access Agreement. Eden Decl. ¶ 35.6 (Verio Response, p.1, fn 1.) A TLD Zone file access Agreement, however, is an entirely different agreement from Register.Com's Whois database or the NSI Registry Agreement with ICANN. Under Paragraph 19 of the ICANN-NSI Registry Agreement:
Appendix D, the standard bulk TLD Zone file access Agreement, grants a user a limited right to access an Internet host server and to transfer a copy of the described data. The standard form agreement allows the user to use the data "for any legal purpose, not prohibited under Section 4 below." Section 4, in turn, lists only two prohibited uses:
Section 4 also states that the Registry reserves the right, "with the approval of the U.S. Department of Commerce," to designate additional specific categories of prohibited uses. Paragraph 19, above, also requires that "any such changes must be approved in advance by ICANN." When the contractual terms contained in the standard TLD Zone file access Agreement are examined in the context of Verio's uncontested conduct, Verio seemingly admits that it does use the TLD Zone files, to engage in the complained of conduct:
(Verio Response, pp. 1-2.)7 However, Verio's violation of contractual provisions contained in the standard TLD Zone file access Agreement is not justified by the absence of bulk access to Register.Com's Whois database. Even in its redacted form, the sworn declaration by Verio employee, Eric Eden, in opposition to Register.Com's request for a preliminary injunction provides additional relevant information. The redacted, public version of that declaration is contained in Exhibit "D" hereto. As relevant to this investigation, Eden stated the following: From 1995 through August 1998, Eden was employed by Network Solutions at which time his duties included "clearing the root server of domain names that had been registered by customers who had failed to pay their fees." (Eden Declaration ¶ 2.) In August 1998, Eden took a job with Verio as Director of Operations for Verio's Web Services. By the time of the Declaration in this matter, his title was Director of Sales & Channel Operations for Web Services. (Eden Declaration 3.) Eden claims to have extensive knowledge, familiarity and involvement with the evolution of the "domain name registration industry" and the various public documents and private contracts that are its foundation. (Eden Declaration ¶ 4-15, 17-22.) Based upon his familiarity with Internet protocols, relevant documents and agreements and his employment and experience at Network Solutions, Eden was aware that other "services [i.e., various outside entities] performed multiple queries on NSI's WHOIS database (when NSI was both registry and registrar) using computer programs to search for names 'on hold' These companies monitor the WHOIS database using computer programs to scoop up domain names that may have value ." (Eden Declaration ¶ 23.) Eden continued by stating:
(Eden Declaration ¶ 25.) The next paragraph is allegedly "confidential" and redacted from Eden's declaration. Nevertheless, given the content of the immediately proceeding paragraphs and his statement that the Registry's WHOIS database can be used to avoid accessing an accredited registrar database, we infer that a description of the method in which the Registry's database was accessed and/or used may be set forth in ¶ 26. Moreover, the Registry's staff believes that, based upon Verio's submissions and unredacted statements, and the technology involved, that process may be reconstructed as follows. Each of the Registry's TLD Zone files is compared to itself, (every few days or even daily) in order to produce a "dif" (or "difference") file, which shows all changes between the versions compared. That "dif" enables Verio to make inquiry, in automated fashion to the Registry's WHOIS database, to determine the identity of the registrars involved. The identity of the involved registrars enables Verio, in turn, to access each registrar's Whois database to find the new (and matching) domain names and the corresponding new registrants. It thus appears that Verio makes automatic process to not one, but three separate systems other than Verio's own, in order to enable Verio's collection of the end-user registrant information. In its December 8, 2000 Order (at p. 7), the Court confirms the Registry's staff's conclusion:
During the time period in question, access to the Registry's WHOIS database differed significantly from the limited access afforded to registrars' Whois databases.8 Although each registrar is required, by its Accreditation Agreement, to maintain a publicly available Whois database, the registrars are permitted to impose "rate limiters" on Whois inquiries. These rate limiters define the number of applications within a specific time span that an individual source (Internet "IP" address) may make to a registrar's Whois database. These rate limiters prevent high volume, automated electronic queries, which could overwhelm registrar capabilities, destabilize the system or permit monopolization of computer resources by large, technologically dominant entities and deprive the general public of access to registration information and ultimately registration capability. Since the Registry did not, itself, register SLDs, no effective rate limiter was previously placed on the Registry's WHOIS database. There is therefore no effective rate limit on the number and speed at which Verio, for example, could access the Registry's WHOIS database, which is correspondingly vulnerable to the same system abuse and over use and domination as was previously foreseen for registrars' Whois databases. Although Verio originally applied for ICANN accreditation as a registrar, it withdrew its application and made a business decision to "partner" with an already accredited registrar, Melbourne IT, for the registration of domain names. (Eden Declaration ¶ 59, 61.) Since that "partnership," Verio has registered through Melbourne IT an undisclosed number of SLDs in the .com, .net and .org TLDs. (Eden Declaration ¶ 61.) On May 4, 1999, Verio, by Robert Mesnard, entered into a TLD Zone file access Agreement with Network Solutions. According to Eden, that agreement expired by its own terms on September 16, 1999 and it is Eden's claim that since that expiration "Verio has, to the best of my knowledge, not entered into a revised agreement with NSI." (Eden Declaration ¶ 50.) He further states that in lieu of a TLD Zone file access Agreement, "NSI" has allegedly proposed a bulk access agreement to the Registrar's WHOIS database for a fee, "which remains under legal consideration by Verio." (Eden Declaration ¶ 51-53.) However, bulk access to any registrar's Whois database does not provide access to the Registry's TLD Zone files or Registry's WHOIS database. Nevertheless, Eden does not offer any identification of the Agreement under which Verio continues to access the TLD Zone files. Eden describes the Verio marketing program at issue, which Verio itself nicknamed "Project Hen House." Its goal, according to Eden, was to identify and contact new domain name registrants in order to promote Verio's web hosting services soon after the domain name's registration. The procedure and goals of Project Hen House are set forth in Eden's Declaration ¶ 27-34. Nevertheless, little can be learned from Eden's redacted Declaration as to how Verio downloads data from the Registry's TLD Zone files and then the Registry's WHOIS database. The discussion begins with a description of the Registry as the source of all SLD names registered in .com, .net and .org. "The list of these domain names are published on thirteen root servers and frequently updated." (Emphasis added.) He is, of course, wrong.9 Then he goes on to describe that NSI provides a Registry-level WHOIS service that displays the domain name, the nameservers' I.P. numbers and the sponsoring registrar for all second level domain names in the Registry's database. Each accredited registrar, including NSI, provides registrar level Whois service, "giving additional details such as the SLD holder's name and technical contacts." (Eden Declaration ¶ 35.) Once again, the next several paragraphs of Project Hen House's (probable three step) methodology for downloading the data are redacted. (Eden Declaration ¶ 36, 37, 38.) Nevertheless, it would be a reasonable inference that Verio likewise begins its downloading procedure for Project Hen House with the Registry's TLD Zone files, does a "dif" of each of the TLD Zone files, then does an automated search of the Registry's WHOIS database to obtain the identity of the registrar. As a third step, Verio mines the registrar's Whois database to obtain the end-user registrant identity and contact information. The data obtained through Project Hen House is downloaded into another database which Verio has aptly named the "Fox," which thereafter provides the information used by Verio to solicit via e-mail, telemarketing and direct mail, the domain name registrants who registered their SLD names through those registrars. (Eden Declaration ¶ 41-48.) Pursuant to the negotiations between Network Solutions and the Department of Commerce, surrounding the amendment of the Cooperative Agreement, Network Solutions, as the Registry, was required to make its TLD Zone files available for legitimate use.10 Although a password was necessary to access the TLD Zone files, Network Solutions did not initially refuse any application for a password. Literally hundreds of passwords were issued as of January, 1999 without regard to the propriety of the applicant's intended use of the data. However, based upon information supplied during the application process, it became clear that the data was being used for a variety of functions. Some simply used the data to provide a local cache of the TLD Zone files or as a database for trademark searches. Others, however, made use of the TLD Zone files to operate "robots" that "hammered" the WHOIS database for information that allowed them to build customer lists and lists of e-mail addresses for unsolicited bulk solicitations, while imposing on system resources. Because of the exponential growth of the Internet and the concern for stability and operational system capacity and availability, in particular, it was determined that some kind of control of access to the TLD Zone files was necessary. In its first step to address the problem, Network Solutions sent a notice to each of its TLD Zone file password holders, dated February 3, 1999, advising them that effective February 19, 1999, their old password would not be valid and that application for new license would need to be made to obtain a new password. As set forth in that notice, the reason that this step was initiated was the increased "abuse" of the system by using the information to promote spamming, domain name speculation and denial of service attacks. Accordingly, the TLD Zone File Access Program was formalized to provide a consistent level of service to customers, as well as to protect their privacy. The Notice is annexed hereto as Exhibit "E". The first form TLD Zone file access Agreement, available in February, 1999, was effective for 90 days and automatically renewed, unless terminated by the parties. This Agreement permitted access of the data "for the sole purpose of providing local DNS server caches for your customers and for no other purpose." A sample of this Agreement is annexed hereto as Exhibit "F". For those prior password holders who were unable, for various reasons, to timely enter into the first form of Agreement, Network Solutions provided a temporary agreement that commenced on or about February 4, 1999. The temporary agreement required the applicant to make specific disclosure of the limited use to which they proposed to use the data, and it expired by its terms on February 23, 1999, although it could be renewed by agreement of the parties. A sample of this Agreement form is annexed in the accompanying Appendix as Exhibit "G". In May, 1999, a new form of the TLD Zone file access Agreement was made available. The May version of the TLD Zone file access Agreement required the licensee expressly to identify the specified purpose to which the data from the TLD Zone files would be put and to agree to use it for only that lawful purpose and that
See, Section 4, Grant of Access, Agreement, a sample of which is annexed hereto as Exhibit "H". This Agreement expired by its terms on July 16, 1999, but Amendments 1 and 2 thereto extended its term, first to September 16, 1999 and thereafter indefinitely on an automatic month by month basis unless either party elected to send notice of non-renewal. See, Exhibits "I" and "J". All other terms of the Agreement, including Network Solutions' right to terminate the licensee's access to the TLD Zone files if the licensee violated the terms of the Agreement, were continued in full effect. 11 Finally, Appendix D to the ICANN-NSI Registry Agreement (approved November 4, 1999) provides the latest form TLD Zone file access Agreement. Under the latest form Agreement, a User may access the data for "any legal purpose not prohibited under Section 4 " Section 4, in turn, provides that:
The expanded, current clause 2 contains the identical prohibition from the earlier version and was intended to incorporate the prohibitions contained in clause 3 of the earlier Network Solutions' TLD Zone file access Agreement. Verio, however, has suggested in its pleadings before the Court that current clause 2 applies only to "applying for registrations." ICANN has expressly rejected Verio's interpretation of current clause 2.12 In its amicus curiae submission to the Court (at p. 9), ICANN has stated that
As a party to the TLD Zone file access Agreements, the Registry concurs in ICANN's analysis. To the extent that any confusion or argument may arise in the future, clause 2 should be amended to remove any doubt between the parties. Additionally, Section 12 of the latest form TLD Zone file access Agreement provides the Registry the right to terminate the Agreement upon breach of any of its terms or conditions by notice to the User. See Exhibit "K". Initially, Verio was not receptive to the TLD Zone File Access Program. Verio claimed that the TLD Zone File Access Program would "drastically increase the time required for Verio to process end user requests for domain names," thereby implying that its desire for TLD Zone file access related to domain name registration. See Exhibit " L". As will be discussed more fully, below, at no time did Verio disclose its intention to access the TLD Zone files for the purposes which are at issue here and its later representations as to its intended use of the data were to the contrary. In connection with this investigation, certain statistics regarding licensing and usage were obtained to explore the ramifications of continued access to the Registry's TLD Zone files. Exhibit "M" is a chart and accompanying graph demonstrating, using the best data available, the number of online applications for the Registry's TLD Zone file access Agreement from the program's inception in February 1999 through August 2000. It demonstrates that after the initial volume of applications at the program's inception, in the first year of the program the rate of monthly applications was never over 76 and generally much lower. Conversely, the Registry received a constantly growing number of applications through July and August, 2000, when access was sought by 161 and 190 applicants respectively. Thus, this exhibit demonstrates the exponential growth of applications for access to the server hosting the TLD Zone files following introduction of the current and least restrictive Agreement and corresponding potential demands on that server. Access to the TLD Zone files was reviewed by the Registry's staff, for the period August 28, 2000 through November 18, 2000. "Access" is defined as when an authorized user logs into the rz.nsiregistry.net server operated and maintained by the Registry. "Access", as used here, does not include information concerning: (1) the amount of time the user spends while on the site, (2) which TLD Zone files (i.e., .com, .org or .net) the user downloads, or (3) the number of times the user downloads a particular file. There are presently approximately 530 users who have entered into agreements with the Registry for access to the TLD Zone files. Of those agreement holders, approximately 400 of them accessed the TLD Zone files at least once during the period reviewed. Approximately 130 users abide by the access frequency limitations of their agreements. Approximately 100 other users exceed their frequency limitations, and access the system between 3 and 50 times per day. An additional small number of users access the system over 50 times per day (up to 500 times per day). The following chart sets forth the users that accessed the server 50 times or more per day during the period investigated.
The foregoing statistics confirm the potential for abuse and danger to system stability if improper use of the data is permitted, which encourages additional and unanticipated high volume use of the Registry's TLD Zone files, the Registry's WHOIS database and, potentially, the registrars' Whois databases. In response to the ICANN request that the Registry perform an investigation of the manner in which Verio has obtained access to the Registry's TLD Zone files, Registry staff analyzed active access accounts that are, on their face, attributable to Verio and the terms of the Agreement(s) under which such access is licensed. Eden's sworn Declaration that Verio does not have any active "Zone File Access Agreement" since the alleged expiration of the Agreement entered into by Bob Mesnard on Verio's behalf (Eden Declaration ¶ 50) is particularly disturbing, in light of the active use made by Verio of its open accounts to access the TLD Zone files, his discussion of the potential use of the information in those files in the public portions of his Declaration, and his position in the Verio company which would necessitate his actual knowledge of these access agreements. Verio held the temporary form of the TLD Zone file access Agreement between February 19, 1999 through February 23, 1999. This Agreement permitted Verio access to the TLD Zone files under the limited terms set forth therein, and was held in the name of Eric Eden. ("Eden account") See Exhibit "G". That access Agreement was not renewed and the Registry investigation did not disclose any recent use of this account for purpose of access to the TLD Zone files. On February 26, 1999, K. Kent Millington signed an access Agreement on behalf of Verio. Verio, through Seth Lon, was assigned UserID SLON, Password [OMITTED], permitting Verio access to the TLD Zone files through Internet host machine bearing IP address 192.41.0.2. The Agreement is annexed as Exhibit "F". ("slon account") That Agreement had an initial term of 90 days and automatically renewed for successive one month renewal terms until terminated by either party. The Agreement grants a non-exclusive, non-transferable limited license to access the TLD Zone files no more than twice per 24 hour period "for the sole purpose of providing local DNS server caches for your customers that include .com, .org and .net TLDs and for no other purpose." The Agreement provides that either party may terminate the Agreement and that Network Solutions specifically has the right to terminate the Agreement if the licensee fails to comply with any term or condition of the license. The Registry's investigation into this matter has concluded that this account remains active and that it has recently been used to access the Registry's TLD Zone files. Additionally, by Agreement signed on May 7, 1999, by Robert Mesnard on behalf of Verio, Verio obtained another non-exclusive, non-transferable, limited right to access the TLD Zone files. See Exhibit "H". ("rmesnard Account") This Agreement permits Verio to access the TLD Zone files, no more than twice each 24 hour period. Under this Agreement, Verio agreed to use the data "only for the Specified Purpose" identified by Verio as "DNS cacheing"13 and in no case would the data be used to "(1) allow, enable or otherwise support the transmission of unsolicited commercial e-mail (spam) to entities other than you own existing customers; (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its systems) for large numbers of domain names; or (3) enable high volume, automated electronic repetitive queries against Network Solutions WHOIS database or Whois databases of third parties." Network Solutions reserved the right to cancel the agreement should Verio violate these terms. The Agreement expired by its own terms on July 16, 1999, unless extended by the parties. As a result, Verio was assigned a UserId (rmesnard) and Password [OMITTED] to permit its access to the TLD Zone files under the Agreement. An IP address of 209.1.144.167 was provided. On or about July 27, 1999, Mr. Mesnard, on behalf of Verio, executed Amendment No. 1 to the aforementioned Agreement which extended the initial term of the Agreement from July 16, 1999 through September 16, 1999. All other terms and conditions of the Agreement remained the same. See Exhibit "I". On or about September 16, 1999, Mr. Mesnard, on behalf of Verio, executed Amendment No. 2 to the Agreement. Amendment No. 2 provided that upon conclusion of the initial term of the Agreement, it would automatically renew for successive one month periods unless notice of non-renewal was given by other party as set forth in the Agreement. Once again, all other terms and conditions of the Agreement remained the same. See Exhibit "J". No notice of non-renewal under the Agreement has been sent. The Registry's investigation into this matter has disclosed that Verio also continues to access the Registry's TLD Zone files under this license. The rmesnard account is by far the more frequent user. In response to the request for this investigation by ICANN, the Registry's staff examined the records regarding the three accounts referred to above, i.e., the Eden account, the slon account and the rmesnard account. The Registry's staff has confirmed that only two, the slon (Agreement No. 2) and rmesnard (Agreement No. 3) accounts, are active. At least one of the accounts accessed the TLD Zone files at least once a day between August 7, 2000 through November 18, 2000. Access to the Registry's TLD Zone files by these accounts is done using the FTP protocol to Registry host rz.nsiregistry.net. The Registry's staff thereafter reviewed the FTP server logs for the host machine between August 7, 2000 - September 22, 2000.14 The review showed that the accounts (principally rmesnard) have been used to download the Registry's TLD Zone files on a daily basis during that time period, between once and twice per day. A printout of the FTP server logs in regard to these accounts during that time period is annexed as Exhibit "O". Once again, further investigation confirmed this practice continued through November 18, 2000. It does not appear, therefore, that Verio violated its agreements as to the frequency of TLD Zone file access. Typically, the user of the rmesnard account would thereafter transfer the Registry's TLD Zone files to "Verio NTT"15 hosts 209.1.144.132 and 209.1.144.167. These hosts appear to consist of servers supporting various Verio NTT Internet services. These services are offered by Verio under the names "ntx.net", "securecommerce.com", "netannounce.com", "Whois.net" and "tabnet.com". See Exhibit "P". The second listed host machine, 209.1.144.167, specifically resolves to the hostname "Who0is.net". It appears to be Verio's principal mechanism for supporting a variety of domain name search services that are publicly offered by Verio at its website, "http://Whois.net". The Web home page describes it as offering "domain name research services". However, in light of the download of the Registry's TLD Zone files to this host machine on a daily basis, the Registry's staff has concluded that it would be a trivial matter to generate a "seed file" for subsequent high volume queries against the Registry's WHOIS database. To do so, Verio would merely be required to execute a standard operating system command - "dif" - which would thereafter automatically extract the changes that occurred between different TLD Zone file copies. The difference between the two copies would, of course, disclose any new registrations in the prior 12 or 24 hour period since the last download by Verio. This information could, in turn, enable Verio to query the Registry's WHOIS database for the identity of the registrar, which would enable Verio to then query the identified registrar's Whois database for the end-user registrant. Once the contact information for each new registrant is obtained and collected, the "Fox" database is complete and marketing efforts apparently begin under "Operation Hen House." It is the opinion of the Registry's staff that this is the most technically feasible and likely mechanism by which Verio has obtained the data necessary for its attack on the "Hen House."16 The Registry staff's opinion is corroborated by the Court's similar description of the "Operation." Absent some voluntary disclosure by Verio of the methodology it has utilized, a methodology redacted from its pleadings in the court case as being allegedly "privileged," the Registry's staff has concluded that Verio is depending on unlimited access to the Registry's TLD Zone files that it downloads and compares on a daily basis under the above-mentioned accounts in order to enable high volume, unlimited, automated electronic processes directed at the Registry's WHOIS database, which in turn enables high volume, automated electronic process to the servers of Register.Com and perhaps other accredited registrars to discover and approach those registrars' customers. It is noteworthy that the Registry staff's investigation has demonstrated that Verio continued its daily access of the TLD Zone file data, at least through November 18, 2000, despite the Consent Order on August 4, 2000, in which Verio agreed to suspend it challenged practices as they relate to Register.Com. It is, therefore unknown whether Verio persists in using TLD Zone file data for similar purposes in order to enable Verio to mine other registrars' databases. Accordingly, the Registry's staff is unable to determine whether the "Hen House" is continuing to be stocked by data obtained from the Registry or registrars, including Register.Com. It is likewise plain in the Court's December 8, 2000 Order, that the Court did not reach the issue of Verio's access to the Registry's computer systems (See, Court Order, Footnote 5), so that the Order may not be relied on to shut down "Operation Hen House" as to the Registry and other registrars without further action by ICANN or the Registry. Based upon the foregoing investigation, Verisign Global Registry Services offers the following summary of findings: 1. Verio is not a domain name registrar accredited by ICANN and is not subject to the terms and requirements of the Registrar Accreditation Agreement. 2. Verio, however, has entered into two agreements with what is now the Registry in order to access the Registry's TLD Zone files, pursuant to which it agreed to certain clear terms and conditions. 3. Verio has used and regularly uses two accounts to access the Registry's TLD Zone files. 4. In the Agreement regarding the first, active slon account, Verio agreed to use the Registry's TLD Zone file data "for the sole purpose of providing local DNS server caches for Verio's customers that include .com, .org and .net TLDs and for no other purpose." 5. In the Agreement regarding the second and more active rmesnard account, Verio agreed to use the Registry's TLD Zone files "only for the Specified Purpose" identified by Verio as "DNS cacheing" and that in no case would the data be used to "(1) allow, enable or otherwise support the transmission of unsolicited commercial e-mail (spam) to entities other than Verio Inc.'s existing customers; (2) enable high volume, automated, electronic processes that apply to Network Solutions (or its systems) for large numbers of domain names; or (3) enable high volume, automated electronic repetitive queries against Network Solutions' WHOIS database or the Whois databases of third parties". 6. The Agreements regarding both accounts permit access to the Registry's TLD Zone files to be rescinded if Verio violates the terms or conditions set forth therein. 7. Neither Agreement is identical to the Registry's Zone file access Agreement form annexed as Appendix D to the ICANN-NSI Registry Agreement. Nevertheless, that latest form of the Agreement prohibits the User, under that Agreement, from using data to 1) allow enable or otherwise support the transmission of unsolicited, commercial e-mail, (spam) to entities other than its own existing customers; or (2) enable high volume, automated, electronic processes that apply to any .com, .net or .org registrar (or their systems) for large numbers of domain names, except as reasonably necessary to register domain names or modify existing registrations. 8. On a daily basis, Verio, through one of these two accounts, downloads the Registry's latest TLD Zone files. It would appear that Verio next compares the latest TLD Zone files to Verio's current version of the Registry's TLD Zone files, creating "difs" for each TLD. The "dif" files are then used by Verio for unlimited automated, high volume queries against the Registry's WHOIS database to determine the identity of the registrar and further automated, high volume queries are made to the respective registrars' Whois databases to discover the contact information of new end-user registrants. 9. Verio's use of the Registry's TLD Zone files is not a use granted by the Registry under Verio's two current Agreements with the Registry because:
10. Verio's use of the Registry's TLD Zone files is likewise not a use that is permissible under the most recent form of the Registry's Zone file access Agreement annexed as Appendix D to the ICANN-NSI Registry Agreement because Verio's use enables high volume, automated, electronic processes that apply to the system of Register.Com and perhaps other registrars' systems for large numbers of domain names, for uses that Verio admits are unnecessary and unrelated to the registration of domain names or modification of existing registrations. 11. Verio asserts the following response (Verio's Response, p.5.):
12. Access can be denied if the use to which the Registry's TLD Zone files is put violates the limited use licenses. 13. Verio may respond to a denial of access with the position that Verio is "entitled" to the terms of the latest form bulk access agreement, which "permits access for any legal purpose" not otherwise prohibited under the agreement. However, that Agreement does prohibit Verio's conduct, which enables Verio to make high volume, automated, electronic processes that apply to the systems of registrars for purposes unrelated to domain name registration or modification. 14. Although the Registry's staff's research shows that Verio is continuing to download the Registry's TLD Zone files, it is unknown whether Verio is continuing to "mine" the data for new second level domain names and to mine the Registry's WHOIS database to determine the identities of the sponsoring registrars. Further, it is unknown whether Verio is continuing to mine those registrars' Whois databases to discover the contact information of new end-user registrants. The Registry's staff has implemented or recommends the following corrective actions: A. Verio has been notified by the Registry that any further use of the Registry's TLD Zone files or high volume, automated electronic queries against the Registry's WHOIS database will be considered a violation of Verio's current bulk access Agreements between the parties and will result in termination of those Agreements. See Exhibit "Q". B. Verio will be permitted to transition to the latest form TLD Zone file access Agreement ("Appendix D") subject to Verio's acknowledgement that its conduct is precluded by the current language of the Agreement. C. The Registry's TLD Zone file access Agreement should be amended to clarify that the conduct at issue in this investigation is and always has been prohibited under the Agreement. D. A fee should be imposed for bulk access to the Registry's TLD Zone files` based on access frequency. E. Verio
should cease high volume, automated, electronic queries against
the Registry's WHOIS database. Respectfully submitted,
By: _________________________________
By: _________________________________
By: _________________________________
By: _________________________________ Notes: 1 ICANN, however, has not requested that the Registry investigate or comment on this aspect of the controversy. 2 ICANN was offered an opportunity to access confidential materials prior to its amicus curiae submission if it agreed to be bound by the terms of the Confidentiality Agreement, but declined based upon the likelihood that this investigation would be necessary. Had ICANN acceded to the strictures on disclosure contained in the Confidentiality Agreement between the parties, it would have been difficult, if not impossible, for ICANN or the Registry to disclose facts later, either as part of investigation findings or in subsequent contractual modifications with the Registry or accredited registrars to correct the problem. 3 The Registry staff is unaware of any registrar, among the over 70 that are presently accredited and active, that offer Whois service free from use restrictions. Compare Network Solutions' registrar restrictions (Exhibit "E") to those of Register.Com (Exhibit "F"), which are nearly identical with the exception (inclusion by Register.Com) of the following language: " via direct mail, or by telephone; ." 4 Section II(F)(5) states: In providing query-based public access to registration data as required by Sections II.F.1 and II.F.4, Registrar shall not impose terms and conditions on use of the data provided except as permitted by an ICANN-adopted policy. Unless and until ICANN adopts a different policy, Registrar shall permit use of data it provides in response to queries for any lawful purposes except to: (a) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail (spam); or (b) enable high volume, automated, electronic processes that apply to Registrar (or its systems). The Registrar Accreditation Agreement is available, in full, at http://www.icann.org/nsi/icann-raa-04nov99.htm#IIF. 5 Although Verio repeatedly refers to the "Root Zone" file, it would appear that either Verio does not know the difference between that file and the files truly in contention - the TLD Zone files - or is deliberately obfuscating the issue for the Court. The "Root Zone" file, referred to by Verio, is the file only 1800 lines long, containing the list of TLDs such as .com, .jp, .uk, and .us and the Domain Name Server IP numbers for those servers. That is the only information contained in the "Root Zone file" and as such, could not be used by Verio to obtain information at all relevant to new SLD registrations and their registrants. In contrast, a TLD Zone file is the list of all active SLD names in its respective TLD. The TLD Zone files for .com, .org and .net are propagated, separately from the Root Zone file, on the Registry's own constellation of servers, which are paid for and maintained worldwide under contract by the Registry. Each registrar has agreed that a certain limited portion of its registrants' data will be submitted to the Registry, under a limited license, only "for propagation of and the provision of authorized access to the TLD zone files." Registry-Registrar License and Agreement, 2.6. It is that portion of data from each registrar to the Registry that become the TLD Zone files. 6 In actuality, the TLD Zone files list not "all" domain names in a given TLD, but only those that are active. At any given time there may be thousands of names that are registered in the .com, .net and .org TLDs, but are not active for a variety of reasons. 7 Because Verio could then compare each new version of Register.Com's entire Whois database to the earlier version to discover any changes. 8 This must, in turn, be distinguished from bulk access, which permits bulk access to a registrar's Whois database, but with less frequency, only at certain times to avoid compromise to the public system, for a fee, and under specific terms and conditions. 9 When Eden was employed with Network Solutions, the Root Zone file was co-located on the same servers as the TLD Zone files for .com, .org, and .net. They are now on separate constellations of servers. 10 Recall that registrars, in their grant of the limited license to their data elements provided to the Registry, also agree that the Registry may use the data for propagation of the TLD Zone files and for "the provision of authorized access to the TLD Zone files." (Registry-Registrar License and Agreement, 2.6.) 11 Recall that registrars, in their grant of the limited license to their data elements provided to the Registry, also agree that the Registry may use the data for propagation of the TLD Zone files and for "the provision of authorized access to the TLD Zone files." (Registry-Registrar License and Agreement, 2.6.) 12 Verio's interpretation of contractual language in an agreement to which Verio is not a party should be irrelevant. 13 The fax cover page from Verio underlines their proposed use of the data stating "Please expedite - WE need TLD Zone access for DNS cacheing". Exhibit "N". 14 The Court, in its Order (at p. 26), refers to the fact that "Verio contemplated cloaking the origin of its queries [presumably, to the registrar's Whois database] by using a process called IP aliasing." The Registry's staff has made no investigation into whether Verio downloads the TLD zone files or queries the Registry's WHOIS database under "IP aliasing." 15 Registry information indicates that Verio identifies itself as Verio NTT for purpose of Internet and domain name services. 16 Verio's predatory characterization of itself as "the Fox" and the demeaning characterization of the Registry and ICANN accredited registrars as "the Hen House" sums up the situation. ICANN accredited registrars are required by the technology and contract to provide the Registry with data for propagation over the constellation of DNS servers maintained by the Registry. This system - the "Hen House" - was not set up for the benefit of the "Fox." Yet under the current bulk access agreement form, the Registry must provide this data at no cost to the Fox. Fables, including Aesop's, date to the sixth century B.C., and cleverly present human problems through the dilemmas of animal characters. Fables, however, teach a lesson and have a moral to the story. 17 The Registry's staff has no knowledge whether Verio has specifically targeted Register.com alone or one or more other registrars. No data on the occurrence or frequency of "Fox attacks" on other registrars was sought and such information, if disclosed by Verio in the Court proceedings, was not made available. It is reasonable to assume, however, that Verio did not use the entire process only to obtain the identity of one registrar's customers.
Comments concerning the layout, construction and functionality of this site should be sent to webmaster@icann.org. (c) 2001 The Internet Corporation for Assigned Names and Numbers All rights reserved. |
