Testimony of John M. R. Kneuer
Acting Assistant Secretary for Communications and Information
United States Department of Commerce
Before the
Subcommittee on Financial Institutions and Consumer Credit
of the Committee on Financial Services
July 18, 2006
Mr. Chairman,
Thank you and the members of the Committee on Financial Services for inviting me to testify today. I am pleased to have this opportunity to address recent developments related to WHOIS databases, and to share information about the work undertaken by the Department of Commerce in this critical issue area.
The Department of Commerce strongly supports continued, timely access to accurate and publicly available WHOIS data contained in the databases of information identifying registrants of domain names. We believe that WHOIS data is critical to meeting a variety of public policy objectives, including enforcement of laws and consumer protection, and have been pro-actively advocating this position at the meetings of the Internet Corporation for Assigned Names and Numbers (ICANN).
ICANN and WHOIS
The Department of Commerce is committed to preserving the stability and security of the Internet domain name and addressing system (DNS). There exists a Memorandum of Understanding (MOU) between the Department and ICANN, the private sector entity responsible for the day-to-day technical management of the DNS. The MOU contains provisions where ICANN has agreed to continue to assess the operation of WHOIS databases and to implement measures to secure improved accuracy of WHOIS data.[1] In accordance with those specific provisions, ICANN has published three annual reports (as of April 2006) that provide information on community experiences with the InterNIC WHOIS Data Problem Reports system.[2] ICANN has reported that the data collected is being used to ensure that individual registrars are complying with their obligations toward ensuring WHOIS data accuracy.[3] ICANN has also published reports in 2004 and 2005 regarding the implementation of the WHOIS Data Reminder Policy, which requires ICANN-accredited registrars to formally contact domain name registrants on an annual basis to review and update their contact information.[4] Again, the underlying purpose of this policy is to improve the accuracy of WHOIS data.
ICANN’s Generic Names Supporting Organization (GNSO) has
initiated a policy development process, which among other things, seeks to
define the purpose of WHOIS data in the following contexts: ICANN’s mission and core values; laws
protecting individual privacy; laws specifically addressing WHOIS; and the
changing nature of registered name holders.
In April 2006, the GNSO Council voted in favor of a new definition of
the purpose of WHOIS data that is to “resolve issues related to the
configuration of the records associated with the domain name within a DNS
nameserver.” This definition is considered
by many, including the U.S. Government, to reflect a narrow, technical
definition. The
This definition is, however, guiding the subsequent work by the GNSO WHOIS Task Force, which is turning its attention to three specific concerns: 1) determining what data should be available for public access; 2) improving the process for notifying a registrar of inaccurate WHOIS data; and 3) establishing a process for investigating and correcting inaccurate data. When the work of the task force is completed, it will be forwarded to the GNSO Council for review and approval. If approved, it will be forwarded to the ICANN Board for adoption.
The Department’s Role and Perspective
I would like to now turn to the work of the Department of Commerce, and specifically to the work of the National Telecommunications and Information Administration (NTIA) regarding this important issue. NTIA serves as the representative for the United States Government to ICANN’s Governmental Advisory Committee. Composed of government representatives from over 100 countries, this advisory committee provides advice to the ICANN Board on the activities of ICANN as they relate to the public policy concerns of governments.
ICANN’s Governmental Advisory Committee has had several
discussions on this topic. In preparation
for each advisory committee meeting, NTIA convenes an interagency Working Group
that develops and coordinates
As a reflection of that consensus among
In developing this consensus position among
NTIA has also actively engaged foreign governments on this issue through ICANN’s Governmental Advisory Committee. NTIA serves as the chair of the advisory committee’s Working Group on GNSO issues. This working group has identified the public policy aspects of access to WHOIS databases as a priority. NTIA has facilitated information exchanges between the advisory committee and the GNSO to discuss consumer protection and law enforcement perspectives of continued access to accurate WHOIS data. NTIA is working closely with other national governments represented on this committee to develop more formal public policy advice on the purpose and use of WHOIS data.
Finally, I would also note that the ICANN Board passed a Resolution regarding the WHOIS policy process during its June meeting that acknowledges the open dialogue between the Governmental Advisory Committee and the GNSO regarding the issues covered by the WHOIS Task Force terms of reference, as well as the opportunity for public comment from that advisory committee as a whole and from individual member governments. We see this as a positive development that recognizes the important public policy aspects related to access to WHOIS data.
I thank you for this opportunity to update you on this
important issue and the progress the Department is making in meeting the needs
of
Attachment:
[1] See Section II.C.10 of Amendment 6 to the Memorandum of Understanding between the U.S. Department of Commerce and the Internet Corporation for Assigned Names and Numbers, available at http://www.ntia.doc.gov/ntiahome/domainname/agreements/amendment6_09162003.htm.
[2] These reports are available at www.icann.org/whois/wdprs-report-final-31mar04.htm; www.icann.org/whois/wdprs-report-final-31mar05.htm; and www.icann.org/announcements/wdprs-report-final-31mar06.pdf.
[3] All ICANN agreements with generic top level domain name registries and registrars include requirements that domain name registrant contact information be collected, maintained, and publicly posted through WHOIS databases.
[4] These reports are available at www.icann.org/whois/WDRP-Implementation-30Nov04.pdf, and at www.icann.org/whois/wdrp-survey-report-30nov05.pdf.
[5] The Interagency Working Group is comprised of representatives from the Department of Commerce, the Justice Department, the Federal Trade Commission, the State Department, the Patent and Trademark Office, the Federal Bureau of Investigation, the Internal Revenue Service, and the Department of Homeland Security.