No WHOIS, No Problem, cept for the ICANN community problem

The ICANN community has spent the last 12 months an insane amount of effort to keep the current WHOIS preserved or rescue as much as possible.

It seems the ICANN community is fearing, fear itself as there is no logic.
The most used reason; is if there is no public WHOIS the world is doomed because: <fill in random reason>

The community is, however, forgetting a few simple facts.

FACT

There are 331 million domain names.

144.7 million domain names are so-called ccTLDs, the majority operated by Registries in Western Europe. The majority GDPR compliant, and no personal data available in the WHOIS.

There are 186.3 million gTLDs.
According to an ICANN issued WHOIS study, 24.7% of the registrants use a privacy service. This study was composed in 2012, so we can safely assume that 24.7% is now much higher.

The math?

We can safely conclude that over a 100+ million domain names do not contain personal data from the registrant. And this is a very conservative estimate.

So what problem does the ICANN community want to solve here? A lot of personal data has not been available in the public WHOIS for years. The argument that a WHOIS blackout will cause the end of the world, I doubt it very much. The sooner folks get used to it, the sooner we can end the debate and work on solutions.

What is a problem though, is the ICANN community, or at least significant parts of them have zero risk awareness. It seems the community is okay with the contracted stakeholders to face huge fines and instead spent time on telling contracted parties they were/are wrong. Or in extreme cases deny that there are data protection laws, and if they even would exist do not apply to WHOIS.

More troubling is the fact that the same stakeholders seem to be cool with the ICANN organization to face enormous fines. Putting, the entire organization at risk.

 

Some more math

There are 241 ccTLDs.

When you run a WHOIS port 43 WHOIS query on those 241 ccTLDs, 114 either give no response or ping back a message there is NO port 43 WHOIS server. 50 ccTLDs publish full WHOIS data similar to gTLDs, the rest either gave back restricted info or no personal data at all.

Abuse

The argument that without WHOIS, abuse will increase is often used.
The fact is with WHOIS; abuse levels are still increasing year after year. Demonstrating that WHOIS is not a reliable system to combat abuse and a better solution has to be created.

But the community instead spends time on defending ineffective ancient systems as we clearly cannot live without them……………

Rinse and repeat arguments, no email in the WHOIS is the end of the world?

Large ccTLD registries (Nominet, SIDN, etc.) do not publish an email address in the WHOIS.
Back in 2016 when the SIDN stopped publishing the registrant email address, Dutch Registrars feared the end was nigh.
It was doom and gloom; support load would go through the roof, overloading registrar support desks. The entire .NL zone would descent into darkness according to most folks.

March 2016
The SIDN stopped publishing the email address…. and nothing happened. In fact, most of us were more pre-occupied with the summer Olympics in Rio and the quality of the water in Rio.

Sure now and then someone calls and wants to buy a domain name.
Every so often a copyright or trademark holder contacts a registrar regarding some issue, most of it which can be solved by either the hosting company or the SIDN, or through other contractual agreements, or other legal means.

Abuse? SIDN works with netcraft.com and offers a more reliable solution to combat abuse compared to gTLDs. Registrants, registrars, hosting companies get notified instantly as soon the abuse has been confirmed. The uptime of phishing is very low.

SIDN also has NDEW to combat abuse in real-time. Available for free for .NL registrars.

 

Update:

Godaddy, the largest registrar in the world is no longer displaying personal data through the port 43 WHOIS server:

http://domainincite.com/22510-godaddy-and-domaintools-scrap-over-whois-access

 

Leave a Comment

Your email address will not be published. Required fields are marked *