[NCUC-DISCUSS] Draft comments on Misuse of Whois Study - timely

Poomjit Sirawongprasert poomjit at gmail.com
Sat Jan 18 20:04:15 CET 2014

I like Kathy's comment.


Poomjit Sirawongprasert (Moui)
ภูมิจิต ศิระวงศ์ประเสริฐ (หมวย)
twitter: @Moui <http://twitter.com/moui>
facebook: PoomjitS <http://facebook.com/PoomjitS>

On Fri, Jan 17, 2014 at 5:52 AM, Kathy Kleiman <kathy at kathykleiman.com>wrote:

>  Hi All,
> I need your help. There is an amazing study done by two researchers (a PhD
> and an almost-PhD) at Carnegie Melon University.  They tested the
> hypothesis of whether "public access to WHOIS data leads to a measurable
> degree of misuse of certain kinds of gTLD domain name Registrant identity
> and contact information."  They did both a descriptive study (surveys of
> law enforcement and privacy people, registrants and registrars) and an
> experimental study (registering domain names with no other traceable source
> and seeing how much spam, and unsolicited phone calls and emails they
> received).
> They found what we have been telling ICANN for years: "there is a
> statistically significant occurrence of WHOIS misue affecting Registrants'
> email addresses, postal addresses, and phone numbers, published in Whois."
> Great and let's tell them so! I've drafted some comments that not only
> support the findings (and review the great effort dedicated to the study),
> but also draw on abuse cases we have discussed and shared from the NCUC
> over many years, including political persecution, chilling effects,
> anti-competitive activity, and stalking.
> Since these are Reply Comments, it is traditional to not only share your
> own views, but comment on those of others.  Our views are, in many way,
> close to those of ALAC on this issue. ALAC's comments note that the Study's
> results "align with individual experience of At-Large constituents" and
> also research ALAC has done.  So the noncommercial and individual
> registrant groups are aligned on this issue - and that is key.
> Below and attached please find the draft comments. Please feel free to
> send me edits with Track Changes (if you use the attached file). To avoid a
> flood on the list, feel free to share small edits with me privately.  Big
> edits and changes are probably up for discussion.  DEADLINE: SATURDAY (but
> I am judging my son's debate team, so tomorrow if possible).
> Best and tx,
> Kathy
> *[DRAFT] Comments of the Noncommercial Users Constituency of ICANN*
> *Study on Whois Misuse*
> *Due: January 18, 2014*
> The Noncommercial Users Constituency of ICANN submits this document in
> response to the call for public comments on the *Study on Whois Misuse*posted on the ICANN website. We respectfully submit that this Study is a
> very important one for ICANN and for the GNSO policy work ahead.
> We note that the study seems thorough and professionally done. Its named
> researchers were Dr. Nicolas Christin and Nektarios Leontiadis. Dr.
> Christin received his PhD in Computer Science from the University of
> Virginia, and is an Assistant Research Professor of Electrical and Computer
> Engineering at Carnegie Mellon University.  Nektarios Leontiadis is a PhD
> candidate at Carnegie Mellon University, in the department of Engineering
> and Public Policy, with research focused on the economic modeling of online
> crime. Both are affiliated with CMU's *CyLab* security lab.
> This study stayed close and tight to the Terms of Reference set out for it
> --  terms set and designed by members of the GNSO and approved by the
> GNSO Council.
> The key question of the study was: *Does public access to WHOIS-published
> data lead to a measurable degree of misuse?*  The answer was an
> unequivocal yes:
> The main finding of the descriptive study is that there is a *statistically
> significant occurrence of WHOIS misuse affecting Registrants' email
> addresses, postal addresses, and phone numbers, published in WHOIS* when
> registering domains in these gTLDs.  *Overall, we find that 44% of
> Registrants experience one or more of these types of WHOIS misuse.*  [Emphasis
> added, WHOIS Misuse Study, p. 6]
> We appreciate the extensive efforts the CMU team undertook to test the
> hypothesis it was given by ICANN and the GNSO.  First, it conducted a
> descriptive study reaching out to Experts, Registrants and
> Registries/Registrars. Specifically, the team surveyed a "diverse group of
> experts in the fields of security and privacy affiliated with research
> institutes, academia, law enforcement agencies, Internet Service Providers
> (ISPs), and national data protection commissioners." [Study, p. 13]
> The team surveyed Registrants for a "better understanding of their direct
> experiences with Whois misuse" and found that 43.9% reported "some kind of
> misuse of their WHOIS information," including *postal address misuse,
> email address misuse *and *phone number misuse* tied to the Whois data,
> as well as *Identity theft, unauthorized intrusion to servers *and*
> blackmail * to which publicly-published Whois data may have been a
> contributing factor.
> Then the team surveyed Registrars and Registries about Whois harvesting
> attacks, and the deployment and effectiveness of WHOIS anti-harvesting
> techniques.
> Second and perhaps most interestingly, the CMU team conducted its own
> experimental study in which they registered a set of domain names in the
> top five gTLDs through a representative set of Registrars, with unique
> Registrant identities. Over the course of six months, they tracked emails,
> voicemails and postal mail received by the registrants of these
> experimental domain names. The purpose of the study was to eliminate "any
> extraneous variables," e.g. the publication of a postal address in both the
> Whois and an outside directory.
> The conclusions of the study are Striking - and answer questions floating
> in the GNSO for over a decade.  *Yes, there is abuse of
> publicly-published Whois data. Yes, that abuse is statistically
> significant.* We share again the main finding of the Study for additional
> review in this comment period:
> The main finding of the descriptive study is that there is a statistically
> significant occurrence of WHOIS misuse affecting Registrants' email
> addresses, postal addresses, and phone numbers, published in WHOIS when
> registering domains in these gTLDs.  Overall, we find that 44% of
> Registrants experience one or more of these types of WHOIS misuse.  [Emphasis
> added, WHOIS Misuse Study, p. 6]
> We thank CMU for the extensive efforts it devoted to this study, and the
> extra efforts made and extra time spent to expand studies to include more
> experts from Latin America and overall go above and beyond the requirements
> for a  rounded and complete study.
> *Reply to Other Commenters:*
> *ALAC Comments:  *
> ALAC published the following comment in their comments: "We note the study
> has returned findings that align with individual experience of At-Large
> constituents plus the evidence of widespread occurrence has validated
> similar research undertaken by At-Large connected researchers."
> We note that NCUC, too, has directly experienced deeply concerning misuses
> of WHOIS data. In particular, attorneys in NCUC have directly experienced
> and directly worked with clients who have experienced:
> -          Stalking, for which the Whois was the only published source
> for the location of an online, home-based business by which an ex-spouse
> found his wife and stalked her.
> -          Political persecution, by which Whois data was used not only
> to track dissenters (some located in the US and protected by the First
> Amendment), but also their families located in the countries about whose
> corruption the websites were devoted (and who were not similarly
> protected);
> -          Chilling effects, by which Whois data was used to track down
> and intimidate or silence those who have a different political, religious
> or moral view;
> -          Anticompetitive activity - by which competitors used Whois
> data to track down entrepreneurs and small businesses owners and seek to
> intimidate them to set businesses plans and services aside.
> We further share with ALAC the deep concern that "WHOIS misuse is factual
> and widespread, as the evidence from 44% of sampled registrants across the
> several domains attest."  We further agree that this  poses a "continued
> threat" to the "security and confidence in the use of the Internet, [and]
> the public interest demands measures to address and abate its impact."  ALAC
> Comments,
> http://forum.icann.org/lists/comments-whois-misuse-27nov13/msg00006.html
> We have the evidence, and measures must now be taken to protect
> Registrants, and the speech, work, expression, hobbies, research, business,
> education and communication they conduct using their domain names.
> Respectfully submitted,
> [if approved]
> _______________________________________________
> Ncuc-discuss mailing list
> Ncuc-discuss at lists.ncuc.org
> http://lists.ncuc.org/cgi-bin/mailman/listinfo/ncuc-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20140119/9f08192b/attachment-0002.html>

More information about the Ncuc-discuss mailing list