On March 27, 2003, the ICANN (The Internet Corporation for Assigned Names and Numbers) board voted to adopt the four recommendations of its GNSO (Generic Names Supporting Organization) council to amend Whois policy. ICANN is the non-profit, non-governmental body established by the U.S. Department of Commerce under a memorandum of understanding to regulate name and number structure of the Internet.
Whois is an Internet look-up service built on and maintained by service provider TCP query/response servers that provides an inquirer with network information on other users. Thus, for example, if I wanted to know if the domain www.infotoday.com were available, I might query Whois. In sum, Whois is a system directory of who has registered what "property" on the Internet. And to date, it has been a relatively open and searchable directory.
The four recommendations that ICANN voted to adopt are:
- Accuracy of Whois Data: This requirement calls for registrars (ISPs) to at least annually provide an accurate list of Whois information to their registrant. Recall that since the deregulation of the Internet, there are now Internet wholesaler "registrants" and retailer registrars. This raises two interesting issues. The first has to do with abandoned or inaccurate registrations. These "unused" names and numbers can then be reused and resold to someone else. Some might ask, is an annual requirement for Whois update adequate? Perhaps the cycle should be more frequent? Most if not all registrations are for at least a year, although it is true they do not all expire on the same date. The second, and perhaps much more interesting aspect is the use of bulk access to Whois. Bulk access is used to fuel spam and other mass vehicles. The new rules seek to place limits on bulk access to include sale rights to third parties.
- ICANN takes it upon itself to help develop accuracy standards and formats for Whois. Sanctions against non-cooperating registrars may be considered.
- Perform a cost/benefit analysis of the new policy. Establish a committee to that end.
- Public comments were reviewed and incorporated.
(For further elaboration, see the ICANN report at: http://www.icann.org/gnso/whois-tf/report-19feb03.htm#I)
On their face, these policy changes may appear benign. We can probably shrug off points three and four as standard and procedural. Points one and two are more important. The Whois regime has long been criticized as anti-privacy in that not only was it relatively easy to access information about domain name owners, but the information was fairly extensive and detailed, including names, addresses, telephone numbers, and so on. Moreover, it was often possible to harvest Whois data en masse, thereby creating instant databases. Those databases could be used for any number of purposes, from telephone solicitation and e-mail spam to identity theft.
On the other hand, these changes have the potential of limiting access for the searcher community to, for example, the Dialog Domain Names Database (File 225), or perhaps closing some of the fields in 225 and thereby restricting its usefulness. Indeed since no doubt File 225 is built via bulk access, it could be that, should this part of the proposal be implemented, 225 could be doomed. (See the NewsBreak about the file's launch: http://newsbreaks.infotoday.com/nbreader.asp?ArticleID=17036.) While it is unclear whether the ICANN/GNSO point 1 will, in fact, (a) work to limit bulk access to Whois data or (b) prompt registrars to report regularly to their registrants, these are policies we need to weigh to assess the impact on the searcher community.
As for point 2, information scientists tend to support standardization but not for its own sake. Too much standardization or standardization in the wrong direction can be stifling. (I seem to recall once hearing Z39.50 described as the ultimate patchwork.) Keep it very simple so that it supports the aims of point 1, and it would probably evolve as a workable standard.
For more on: