Domains WHOIS

ICANN 79: WHOIS Update

The ICANN 79 meeting in San Juan, Puerto Rico is upon us, and WHOIS data access issues continue to be of significant concern for businesses and other stakeholders.

Background

Tracer has consistently submitted WHOIS requests since 2018, by submitting requests directly to registrars and registries on behalf of our clients. These clients request disclosures to protect their brands, investigate illegal activities, and to mitigate phishing attacks and other types of DNS abuse. In November 2023, ICANN launched a new voluntary intake system, known as the Registration Directory Request System (RDRS), to streamline and facilitate requests for disclosures of WHOIS contact information. The data below reflects only requests made directly by Tracer in 2023, outside of the RDRS, since the numbers of requests made through the RDRS in 2023 were statistically insignificant.

Initial Observations Regarding the RDRS

As we’ve recently started sending requests through the RDRS system, we have seen a very low rate of successful disclosures (only about 7.5% at this time), highlighting some areas of concern.

We’re seeing inconsistent reporting regarding whether a request was successful.  For example, one registrar marked “Approved” to the request, but then only provided proxy/privacy information rather than the data of the customer.  Another registrar simply responded by reciting the types of information we were requesting (i.e. registrant name, email, or phone number) without actually providing us the requested information for the domain name cited in the request. They then clicked Approved. In a separate request, the registrar responded requesting additional information on our RDRS request, much of which was already set forth in the RDRS system. This made us conclude that the initial request was not read or analyzed. 

Based on these preliminary findings, it may be helpful for ICANN to conduct additional training for those registrars that are participating in the RDRS, to create a standard processes and definitions. Registrars should only mark “Approved” when they disclose the contact information of the registrant or of the customer in the case of privacy/proxy services.

2023 Summary Results -Tracer Non-RDRS Requests

Following the implementation of ICANN’s Registration Data Request Service (RDRS) in November, we found that compliance decreased significantly, which may be related.

According to our most recent report, Tracer has submitted 3808 WHOIS requests during the time period January-December 2023. Of those 3808 requests, 909 were compliant (24%), 1050 did not receive a response (28%), and 1849 were non-compliant (48%).

Of the 1849 non-compliant responses, 51% took irrelevant action such as forwarding our request to the registrant, while 29% are still citing legal authority. 12% of requests received an auto-response without follow up, 7% suspended the domain without providing registrant information and 1% required additional action.

Recommendations
It is critical that ICANN continue to address these WHOIS data access issues to enable law enforcement, security, and IP professionals to obtain the critical information they need without compromising the privacy of individuals.

While the RDRS is a step in the right direction, ICANN can improve the usability and uptake of the RDRS by a set of consistent guidelines for the registrars to follow in determining whether they have properly complied with a user request.

Author

Tracer Team