Lately, ICANN has been in the process of determining the fate of domain name ownership information. The proposed change aims to improve the privacy of domain registrants by limiting the information required. However noble, we hope the proposal will be tabled to prevent "bad actors" from flourishing across domains.
Until now, the WHOIS database or the Internet "white pages" has been the primary way to find information about domain registrants as well as to protect Internet users from such risks as sales fraud, brand theft and counterfeit. WHOIS is seen as offering a form of responsibility and lucidity to the Web. Imagine if all of this information suddenly disappeared or was no longer so easily available?
This spring, ICANN created an Operational Point of Contact Proposal (OPoC) where registrants of top level (.com, .net) domains would be required to list only one contact's postal, email and phone info. Currently, domains are listed with the registrant's name, a tech contact and an admin contact. The registrant provides a postal address, while the other contacts provide full postal, email, phone and fax info. In addition, primary and secondary servers are openly listed.
The current method of offering multiple contacts helps many different constituents. Steven Metalitz, president of the Intellectual Property Constituency (IPC) of ICANN's Generic Name Supporting Organization, explained during an Inside Counsel presentation that trademark owners, copyright owners, anti-phishing and anti-cybersquatting interests, corporate transactions, major non-profits, consumers, parents and law enforcement all rely on reaching domain owners and their teams.
At the most recent WHOIS Working Group meeting (transcript here), many questions about OPoC roles and responsibilities were left unanswered. An entire day was spent deliberating about whether new operational contacts should represent domain registrants. Would these new contacts respond quickly to critical matters? Would there be penalties for non-response? Should they assume responsibilities that seem more appropriate for registrars or even ISPs?
The Working Group participants felt that if OPoCs botched the job, these operational contacts could be discredited and at some point no longer exist as an entity – which begs the question of exactly why this intermediary function is needed in the first place.
Somehow, ICANN got this one wrong. We're all for privacy here. The focus should be on accessing the registration information. Do we really need another layer of bureaucracy to intervene in the synergy now available between registrants and their users? I don't think so. Should it continue to be available on WHOIS allowing people to easily look it up? I think so.
Rather than creating a new entity for the sole purpose of cautiously doling out information, perhaps another way to keep some control over the matter is to charge a fee for downloading domain information from registrars. This might be a better path, leading to compromise in this ongoing debate.