Marina del Rey, California USA (3 September 2002) – ICANN today announced additional steps to improve the accuracy of the "Whois" data that ICANN-accredited registrars have agreed, in their contracts with ICANN, to publish about the domain names they register. The additional steps consist of (a) improved facilities for receiving and handling reports from the public about incomplete or inaccurate Whois data and (b) commencement of formal contract-enforcement steps against one large registrar (Network Solutions/VeriSign) based on a broad, longstanding pattern it has exhibited of failing to abide by its agreement to provide complete Whois data, and to take steps to correct reported inaccuracies in that data.
Enhanced Reporting Facilities for Whois Data Inaccuracies. As detailed in an Advisory ICANN issued to registrars on 10 May 2002, ICANN's contracts with accredited registrars require registrars to provide specified registration data through a public Whois service and to take steps to investigate reports of inaccurate Whois data and to correct any inaccuracies they find. To assist registrars in complying with these contract obligations, ICANN is implementing a set of tools to streamline the process for receiving and tracking complaints about inaccurate and incomplete Whois data. These include a new, centralized online form, available at http://www.internic.net, for reports about Whois data for names ending in .com, .net, and .org (soon to be extended to .biz, .info, and .name). Reports that are received will be forwarded to the responsible registrar for handling. A tracking mechanism will be implemented to provide registrars with periodic summaries of outstanding reports about inaccurate or incomplete Whois data and to allow them to record when reported problems have been resolved. The vast majority of registrars have responded to reports about inaccurate or incomplete Whois data in a cooperative manner, and the new tools should boost the ability of registrars to correct Whois data quickly.
Formal Enforcement of Agreement with Network Solutions (VeriSign) Registrar. All registrars on occasion experience incomplete or inaccurate Whois data. Although nearly all of the 150 ICANN-accredited registrars comply with their contract obligations by acting promptly to correct incomplete or inaccurate data that is brought to their attention, over the past eighteen months Network Solutions Registrar (a unit of VeriSign, Inc., commonly known as "VeriSign Registrar") has exhibited a pattern of persistent violations of its contractual obligations to take reasonable steps to correct inaccurate or incomplete Whois data in spite of repeated requests and reminders by ICANN.
While ICANN strives to promote cooperative compliance by registrars with their agreements (the goal is, after all, compliance rather than termination), where cooperative efforts are not effective ICANN stands ready to take formal steps to require compliance with the agreements. VeriSign Registrar's nonresponsiveness to reports of Whois inaccuracy – in many cases it appears that it simply ignores the complaints – set it apart from the more responsible conduct of other registrars. Accordingly, today ICANN has given VeriSign Registrar formal notice of breach of its accreditation agreement, based on seventeen specific episodes of violation of its obligations to provide complete Whois data and to investigate and correct reported inaccurate Whois data. These include:
- Despite repeated notifications over the past eighteen months, VeriSign Registrar has failed to correct a Whois entry that shows a domain name registered to “Toto”, with an address "the yellow brick road, Oz, KS."
- As reported last January in the Los Angeles Times, in one case VeriSign Registrar told a customer to submit a made-up address. Despite the receiving from ICANN a prompt inquiry about this article and notification of the data inaccuracy (address “000 Blank St., No city, XX 00000 US” and telephone number “123-123-1234”), VeriSign Registrar has failed to correct the data.
- In another case, VeriSign Registrar did not even take steps to contact the registrant to correct the data for nearly six months after it was notified of incomplete Whois data.
- Numerous instances of obviously invalid telephone numbers or e-mail addresses which remain uncorrected, with no explanation provided, for many months.
Under its registrar accreditation agreement, VeriSign Registrar has fifteen working days to cure the breaches described in the formal notice. ICANN hopes that the inaccuracies will be cured in that period and that VeriSign Registrar will become more responsive to future reports of inaccuracies. If the breaches are not cured in that period, then ICANN may give notice of termination of the accreditation agreement, after which VeriSign Registrar may initiate arbitration to determine the appropriateness of termination.
About Whois Services. Whois data, which includes information about the registrant, administrative contact, technical contact, and nameservers associated with each domain name, is used for a variety of important purposes, including identifying and verifying online merchants, investigations by consumer protection and other law enforcement authorities, determining whether a domain name is available for registration, identifying the source of spam e-mail, enforcement of intellectual property rights, and addressing cyber-attacks and otherwise resolving technical network issues. Whois services have been available on the Internet since the early 1980s, and continue to be broadly used. According to an online survey of over 3000 participants (businesses, governments, ISPs, registrars, individuals, and non-commercial organizations) conducted in 2001 by the ICANN Domain Name Supporting Organization, Internet users broadly consider accurate Whois data to be important and support measures to improve its accuracy.