ICANN’s Generic Names Supporting Organization (GNSO) works to address these and other gTLD WHOIS data and access issues by recommending changes to related policies.
For example, the GNSO often engages in activities to evaluate and document the importance of WHOIS to stakeholders. In 2006, a GNSO task force re-examined the purpose of WHOIS, detailing intended and actual uses of registrant contact information. Based on that work, ICANN approved recommendations to improve WHOIS usage notification and consent. At the same time, the RAA (the agreement ICANN has with its accredited registrars) was amended to require registrars to restrict bulk access to WHOIS data for marketing.
The GNSO also takes steps to make recommendations to improve WHOIS accuracy. For example, a GNSO policy recommendation was adopted by the ICANN Board to require registrars to provide each registrant at least annually with an opportunity to review and correct their domain name’s WHOIS data, accompanied by a reminder that false data can be grounds for registration cancellation. In addition, registrants that submit false data or fail to respond to registrar inquiries were given a grace period during which the domain name is temporarily held by the registrar until the registrant provides updated WHOIS data. Contractual compliance efforts to improve WHOIS data accuracy and accessibility are also underway, based in part on the findings of ICANN-sponsored studies which measured WHOIS data inaccuracies and trends.
ICANN continues to work to address concerns regarding potential conflicts between privacy laws or regulations and provisions of ICANN contracts relating to the collection, display and distribution of personal data via the gTLD WHOIS service. For example, ICANN adopted a procedure which details how it will respond to any situation where a registrar/registry can demonstrate that it is legally prevented by privacy laws or regulations from complying with the aforementioned contract requirements.
Recognizing concerns that the current WHOIS service might decrease in reliability and usefulness over time, the GNSO compiled a comprehensive set of technical requirements for WHOIS intended to address both known deficiencies in the current service and possible enhancements that may be needed to support various on-going policy initiatives. This inventory does not suggest policies or operational rules, but instead provides technical guidance to standards bodies and other organizations such as ARIN that are currently working on possible WHOIS successor protocols and services. ICANN recently adopted a new 2013 RAA that included many amendments to deal with WHOIS data, including validation and verification of certain WHOIS elements, service level agreements for WHOIS availability, circumstances requiring registration cancellation for false WHOIS data, and a verification process registrars might be required to undertake after receiving report of false WHOIS data. In addition, an Interim Specification was adopted defining policies for Privacy and Proxy services offered by Registrars and their affiliates – services currently used by some domain name registrants to avoid publishing their own contact information and/or identity in WHOIS data.