About ICANN
- Acronyms and Terms
- Courses and Learning
- ICANN for Beginners
- Participate
- President's Corner
- ICANN Management Organization Chart
- Staff
- Careers
- In Focus
- Media Resources
Board Activities and Meetings
Accountability
- Accountability Mechanisms
- Reviews
- Expected Standards of Behavior
- Employee Practices and Resources
- Enhancing ICANN Accountability – Work Stream 2 Implementation
Governance
- Governance Documents
- Evolving ICANN’s MSM
- Agreements
- Annual Reports
- Financials
  - Financial Reports
  - Policies, Guidelines and Procedures
- Planning
  - Strategic Plan
- Presentations
- RFPs
- Litigation
- Newsletter
- Correspondence
  - 2022
  - 2021
  - 2020
  - 2019
  - 2018
  - 2017
  - 2016
  - 2015
  - 2014
  - 2013
  - 2012
  - 2011
  - 2010
  - 2009
  - 2008
  - 2007
  - 2006
  - 2005
  - 2004
  - 2003
  - 2002
  - 2001
  - 2000
  - 1999
  - 1998
- Quarterly Reports
Groups
- 2023 ICANN CEO Search Committee
- RSSAC
  - Charter
- SSAC
- GAC
- At-Large
- ASO
- ccNSO
- GNSO
- Technical Liaison Group
  - Technical Experts Group (TEG)
- NomCom
  - Past NomComs
- Customer Standing Committee
- Root Zone Evaluation Review Committee (RZERC)
Business
Civil Society
Complaints Office
- Complaints Report
Domain Name System Abuse
Contractual Compliance
- About
- Programs
- Complaint Submission & Learn More
- Reporting & Performance Measurement
Registrars
- Accreditation Agreement
  - Global Amendments
    - 2024 Global Amendment to the RAA
    - 2023 Global Amendment to the RAA
- Registrar Library
- News & Communications
- How to Become a Registrar
- Changes to Existing Accreditation
- Privacy and Proxy Service Providers
- Registrar Resources
Registry Operators
- Advisories & Consensus Policies
  - Advisories
  - Consensus Policies
    - Registry Service Evaluation Policy (RSEP)
- News & Events
- Registry Agreements
  - Global Amendments
- Registry Resources
- Services for Registry Operators
Domain Name Registrants
- About Domain Names
- ICANN Policies
- Registration Data Policies
  - WHOIS and Registration Data Directory Services
    - The Domain Name Registration Process
      - Using Domain Name Registration Data
      - Keeping Registration Data Accurate
    - Access and the Evolution of the WHOIS System
- Domain Name Industry
- Registering Domain Names
- Managing Domain Names
  - Contact Information and WDRP
  - Securely Managing Your Domain Name
- Transferring Domain Names
- Renewing Domain Names
- Rights and Responsibilities
- Spam, Phishing, and Website Content
- Trademark Infringement
GDS Metrics
Identifier Systems Security, Stability and Resiliency (OCTO IS-SSR)
- IS-SSR Team Blogs
- Security Terminology
- Document Archive
ccTLDs
- Background Materials
- Agreements
- Delegation
- Root Zone Database
- Model MOU
- Workshops
- ICANN and ISO
Internationalized Domain Names
- Root Zone Label Generation Rules (LGR)
- IDN Variant TLD Implementation
- LGR Toolset
- IDN ccTLD Fast Track
- IDN Implementation Guidelines
- Second-Level LGR Reference
- Resources
- Announcements and Blogs Posts
New gTLD Program Next Round
Universal Acceptance Initiative
- Make your systems UA-ready
- Universal Acceptance Steering Group (UASG)
- UA Training
- UA Day
- UA Readiness Evaluations
- Announcements and Blogs Posts
Policy
- Policy Mission
- Policy Staff Goals
- Presentations
- Global Addressing
- Policy Updates
Operational Design Phase (ODP)
Implementation
Public Comment
- Open
- Upcoming
- Archive
Root Zone KSK Rollover
Technical Functions
- Tech Day Archive
ICANN Locations
- Report Security Issues
- PGP Keys
- Certificate Authority
- Registry Liaison
- Ombudsman
I Need Help
- Dispute Resolution
- Domain Name Dispute Resolution
- Name Collision
- Registrar Problems
- Whois Data Correction
- Independent Review Process
- Request for Reconsideration
- Document

Contractual Compliance Monthly Update | Issue 7

01 Dec 2008

In this issue

WDPRS Compliance Reviews
Contractual Compliance Department Welcomes New Staff
Recent AIPLA Conference in Washington, D.C. and Whois Accuracy Compliance
Update regarding WDPRS Redesign
Summary of Whois Data Accuracy Study Developments
2008 Whois-Related Enforcement Statistics
Upcoming Events

This Newsletter aims to inform readers and encourage community dialogue regarding contractual compliance matters.

To ensure the continual improvement of the Contractual Compliance Program and the Contractual Compliance Newsletter, please provide your comments at compliance@icann.org. To subscribe to this Newsletter, simply click on the link below and provide the requested information:

http://www.icann.org/newsletter/

1. WDPRS Compliance Reviews

In an effort to improve Whois accuracy, ICANN will undertake a review of Whois Data Problem Report System (WDPRS) claims and the follow-up actions taken. The WDPRS was implemented in 2002 to assist registrars in complying with their Registrar Accreditation Agreement (RAA) obligation to investigate and correct Whois inaccuracies pursuant to Section 3.7.8. This system allows the public to register domain name Whois inaccuracy reports and those reports are forwarded to registrars for investigation. After a 45-day period, reporters are asked to provide information on whether the Whois data has been corrected or remains unchanged.

After consulting with representatives from ICANN's Registrar Constituency and Intellectual Property Constituency regarding the proposed methodology for such reviews, ICANN will begin reviewing all reports 45 days after submission. Of particular interest are those reports indicating “no change” to the Whois data. It is ICANN's objective to assess whether registrars receiving these reports are taking reasonable steps to investigate Whois inaccuracy claims. As part of ICANN's review, ICANN proposes to initially examine Whois inaccuracy claims to ensure that the claims identify a Whois data field where accuracy is required in the RAA (i.e., administrative contact, technical contact, registrant name and e-mail address). ICANN will then examine the current Whois records associated with Whois inaccuracy reports filed by reporters that indicate “no change” in the Whois data to determine if the Whois record was changed in some way, i.e. the data was corrected. This second examination will also assess whether the registrars of record have taken action by placing the domain names on some type of “hold” status or if they have cancelled the registration.

If there is clear indication that registrars took action, those reports will not be forwarded to registrars. Registrars will be sent a request for information only in cases where:

The Whois inaccuracy claim pertains to Whois data inaccuracy in a field required by agreement;
The Whois data remains unchanged after 45 days; and
The registrar has not taken any action to change the Whois data, place the domain name on “hold” or cancel the registration.

Registrars will be asked to provide evidence that they took reasonable steps to investigate these claims. If they do not satisfy ICANN that such steps were taken, the issue will be escalated. Changes to the proposed methodology will be considered following further input from the Registrar Constituency and the Intellectual Property Constituency.

CANN encourages registrars to timely investigate all Whois inaccuracy claims as required by Section 3.7.8 of the RAA.

2. Contractual Compliance Department Welcomes New Staff

The Contractual Compliance Department welcomed two additions in the month of November, David Giza and William McKelligott. David Giza joined ICANN as Senior Director, Contractual Compliance Programs.

David is working in ICANN's Marina del Rey office. In this new, senior level position he will be responsible for the strategic leadership and continuing development of ICANN¹s global contractual compliance program. Most recently David served as Director, Global Compliance for Hewlett-Packard where he was responsible for the development and implementation of worldwide compliance programs. His work included new contractual, public sector business, privacy and data protection risk assessments and related compliance programs implemented inside multiple global business units. Previously David was responsible for the operation and management of the corporate Ethics and Compliance Program for Snap-on Inc. He began his career with W.W. Grainger Inc. in a variety of legal positions, up to and including, Assistant General Counsel.

David holds a J.D. from The John Marshall Law School and a Bachelors degree from DePaul University.

William McKelligott joined ICANN as an Auditor within the Contractual Compliance Department. William brings a solid track record of conducting audit and evaluation work for a variety of organizations including the U.S. Government Accountability Office (GAO) in Washington, DC, the United Nations Educational, Scientific and Cultural Organization (UNESCO) in Paris, France, and the National Institutes of Health (NIH) in Bethesda, MD. He has also had contractual assignments for the United Nations Children's Fund (UNICEF) and BearingPoint (formerly KPMG Consulting). William was born and later lived in Bogotá, Colombia for over 16 years, where graduated with a degree in Political Science from the Universidad de Los Andes. He attended graduate school at the University of Chicago where he studied Political Economy (A.M.) and Public Policy (M.P.P.).

William is currently receiving training at ICANN's Marina del Rey office. William will be permanently working from ICANN's Washington, D.C. office beginning January 2009.

3. Recent AIPLA Conference in Washington, D.C. and Whois Accuracy Compliance

ICANN's Contractual Compliance staff participated in the American Intellectual Property Law Association's (AIPLA) annual conference in Washington, D.C. on 23-24 October 2008. In a session titled, “Is the Domain Name System Working? Current ICANN-Related Issues” Stacy Burnette, ICANN's Director of Contractual Compliance, made a presentation entitled, “Whois Behind the Domain Name? Insuring the Integrity of Registrant Identification and Contact Data.” Ms. Burnette shared information with conference attendees concerning ICANN's structure, the scope of its authority and the organization's efforts to improve Whois accuracy, including details regarding a Whois accuracy investigation audit, ICANN's Whois Accuracy Study, recent Whois related enforcement actions and the hiring of additional staff to focus on Whois projects.

Other conference session speakers included Steven J. Metalitz, Mitchell Silberberg & Knupp, LLP, who spoke about new gTLDs; Elisabeth Roth Escobar, Marriott International, Inc., who spoke about cyber squatting and recent trends such as domain name kiting, tasting and front-running; and Simone Bittencourt de Menezes, Momsen Leonardos & Cia, who spoke about the proliferation of domain name infringement in Brazil. Approximately 100 conference attendees attended this session and several conference attendees asked questions following the presentations.

It is ICANN's aim to participate in a variety of domain name related events to provide information to the public and to encourage participation in ICANN's bottom-up, transparent, consensus building process.

4. Update Regarding WDPRS Redesign

ICANN has undertaken a redesign of its WDPRS to accommodate bulk problem report submissions, to improve functionality and to incorporate a compliance review component. The redesign plans are being vetted by Registrar Constituency and Intellectual Property Constituency representatives and other interested parties to ensure that the redesign meets community needs. ICANN anticipates that the new system will be available for public use by December 2008.

5. Summary of Whois Data Accuracy Study Developments

For the past five months, ICANN has collaborated with a renowned research institution, the National Opinion Research Center, to design the most comprehensive Whois Accuracy study to date. ICANN and NORC representatives (the team) set out to design a sample methodology and a methodology to verify registrant information.

To date, the team has designed a multistage sample intended to yield a 95% confidence level and 5% error bar. The sample methodology balances the cost of conducting the study with maintaining the statistical integrity of the study. On 10 October 2008, the team pulled a Whois study sample (selected domain names for testing) from the five gTLDs that contain 98% of all domain name registrations. Next, ICANN will attempt to determine whether registrant names and addresses in the sample are accurate.

Prior to moving forward, ICANN seeks to ensure that the verification methodology provides the most defensible accuracy estimate of Whois information to date. The methodology must measure how non-responders will ultimately affect the final accuracy estimate and anticipate other statistical flaws.

Unlike the Government Accountability Office (GAO) study and similar proposed studies, ICANN seeks to employ a verification methodology that focuses on verifying the accuracy of registrant information in the sample. The GAO study determined whether a percentage of Whois information appeared patently false on its face. Other studies attempted verify Whois information against publicly available U.S. databases (i.e. phone records, etc.). ICANN's study will determine whether registrant names and addresses are accurate.

ICANN continues to vet the verification methodology. Thus far, the team has identified key areas, which the team will work to strengthen. Prior to finalizing the verification methodology, ICANN will seek input from various constituencies.

6. 2008 Whois Related Enforcement Statistics

When ICANN identifies potential non-compliance, Contractual Compliance staff: (i) establish the facts and relevance to ICANN's contracts; (ii) attempt to resolve the issue, where possible; (iii) escalate when necessary; and (iv) follow up in all cases. The following statistics reflect compliance actions taken from 1 January 2008 through 30 September 2008 regarding one area of the contractual compliance -- Whois accuracy. As reflected in the statistics below, most registrar non-compliance matters are resolved informally without the need for escalated compliance action by ICANN.

Action Taken by ICANN	Reason for Action	Total
Enforcement Notices	Non-Compliance regarding Whois Matters	72
Notices of Concern	Whois Accuracy Investigation	10
Notices of Breach	Whois Accuracy Non-Compliance	2

As reflected above, two registrars were sent breach notices regarding Whois accuracy non-compliance in October 2008, DNS.com.cn and Joker.com. ICANN analyzed both registrars' responses to ICANN's notice of breach and found that Joker.com appeared to take reasonable steps to investigate the Whois inaccuracy claims provided. Conversely, DNS.com.cn was found non-compliant, as it failed to take reasonable steps to investigate the Whois inaccuracies indentified by ICANN. Consistent with RAA requirements, DNS.com.cn cured the cited breach within 15 days to avoid termination by ICANN. However, in an effort to ensure that DNS.com.cn complies with the registrar Whois accuracy requirements set forth in Section 3.7.8 of the RAA, ICANN developed a remediation plan that requires DNS.com.cn to provide monthly reports indentifying, among other things, exactly what steps were taken to investigate each Whois inaccuracy claim sent to DNS.com.cn via the WDPRS. DNS.com.cn has agreed to remain on ICANN's remediation plan for six months.

7. Upcoming Events

ICANN's Contractual Compliance program will be discussed at the following events:

ICANN's Registrar/Registry Regional Gathering, Rome, Italy, 22-23 January 2009.

International Trademark Association's 2009 Trademark Law and the Internet conference, San Francisco, CA, 9-10 February 2009.

International Quality & Productivity Center's 2nd Annual Trademark & Copyright Protection conference, New York City, NY, 26-28 January 2009.