The Domain Name Registration Data Directory Service (WHOIS) is an Internet standard mechanism for providing public access to identity and contact information about domain name registrants. ICANN-accredited domain name registrars are contractually obligated to provide accurate information about all registrants via WHOIS, either directly or through a generic top- level domain (gTLD) registry. Some registrars and third-party service providers offer registrants the opportunity to limit the public disclosure of their personal contact information by offering privacy services that publish alternative contact information. Other providers act as "proxies" by registering domain names for another user, who may access and use the domain name through a separate arrangement with the proxy service provider. A recent study by the National Opinion Research Center suggested that some or all of the public contact information for at least 18% of the domain names registered under the five largest generic top-level domains might be shielded from WHOIS by a proxy or privacy service.
Over time, the public-information requirement and the use of proxy and privacy services have become a battleground on which privacy and data protection advocates have squared off against law enforcement and intellectual property interests over access to domain name registrant data. This battle has often been highly charged and emotional, and in the absence of accurate and authoritative information about the way in which registrant contact information access is affected by the use of privacy and proxy services the debate has been driven more by anecdote than by data. Recognizing this as an impediment to resolving the issue, ICANN's Generic Names Supporting Organization (GNSO) Council has commissioned several studies to collect reliable data on WHOIS deployment and use, including a study of the effect of proxy and privacy services on access to domain name registrant data.
ICANN asked Interisle Consuƒlting Group to conduct a survey to determine whether or not the study of proxy and privacy services contemplated by the GNSO Council would in fact be feasible, and if so how such a study should be designed in order to secure the greatest possible participation from potential information sources and thereby deliver the most useful data to the WHOIS debate.
Interisle gathered information from three broadly defined constituencies: initiators of relay/reveal requests; proxy/privacy service providers; and registrars involved in processing relay/reveal requests and responses. An initial multi-lingual online survey collected 168 responses from 73 request initiators, 25 proxy/privacy service providers, and 36 registrars. Sixteen follow-up interviews were conducted with a representative sample of stakeholders, including 5 request initiators, 3 proxy/privacy service providers, and 4 registrars. The remaining interviews were conducted with individuals who had insights into the use of WHOIS proxy and privacy services but were not directly involved in making or processing relay or reveal requests.
This report presents the results of our analysis of the survey responses and interview data, which demonstrates that:
a full study of WHOIS privacy and proxy could, if defined in such a way as to resolve identified barriers, provide some—but not all—of the data anticipated by the GNSO Council;
such a study (specifically by ICANN) would be well received by people on all sides of the WHOIS information access debate;
attention to issues including confidentiality and convenience in the design of the study would improve the quantity and quality of the data that it would deliver, but would not entirely overcome the asymmetric reluctance of potential participants from different constituencies to contribute; and
the results of a full study thus encumbered might not satisfy the expectations of the GNSO Council or the ICANN community with respect to statistical validity or independent verifiability.
The data show that roughly 40% of the principal constituencies (relay and reveal request initiators, proxy/privacy service providers, and registrars) would be interested in participating in a full study. These participants would be able to provide only summary or incomplete data concerning the incidence, processing, and disposition of relay/reveal requests. For the most part they would not, however, be able to provide data concerning specific individually identifiable instances of relay or reveal requests. Several potential full study participants said that additional non-aggregate data could be obtained from the public records of legal and arbitration proceedings, and that they would actively assist in their discovery.
Specifically, in their responses to the online survey 47% of request initiators, 40% of proxy/privacy service providers, and 39% of registrars said that they would be interested in participating in a full study; 77% of request initiators, 72% of proxy/privacy service providers, and 75% of registrars said that strong privacy guarantees for data contributed to a full study would be important; and 77% of request initiators, 40% of proxy/privacy service providers, and 47% of registrars said that the results of a full study would be valuable either to their organization or to the Internet community as a whole (or both). A full study should be designed to overcome the two most important barriers to participation that were cited by survey respondents as either critical or very significant: the time and effort required to participate (46%) and the confidentiality of client information (44%). 75% of survey respondents said that strong confidentiality guarantees would be significant, very significant, or critical to their ability to provide data to a full study. Follow-up interviews revealed, however, that most potential participants would be willing to provide only anonymized and aggregated data to a full study regardless of how strong the confidentiality guarantees might be.
These findings suggest that a full study would have to be designed and carried out in a way that did not require participants to disclose specific details of domain names or identify registrants using privacy/proxy services. A full study that depended on the ability to track and correlate individually identifiable requests and responses would therefore be impractical. A study designed to work with anonymized or aggregated request data would be acceptable to at least some potential participants if strong assurances were provided that their data would be protected and their participation would not require substantial time and effort. Anonymized or aggregated data, however, might not support the type of detailed analysis expected by the GNSO Council. Careful consideration of this tradeoff should precede any decision to invest in a full study.