[comments-whois] Bulk Whois and abuse of Public Whois
Title: Bulk Whois and abuse of Public Whois
To the Whois Task Force - while we commend the Task Force Report's recognition of the abuse of bulk Whois requirements, it is important to note the equal - if not worse - abuse that occurs of the public Whois. Spammers and unscrupulous marketers continuously download contact data from the publicly available and Port 43 Whois and use it for unauthorized communications. In a critical way, this is a worse practice than the abuse of bulk Whois in that registrars are not aware until after the harmful impact on consumers that the information has been accessed and taken without permission. This makes it that much more difficult to protect and warn customers or to stop the abusers. A recent example is the DROA taking of Register.com's and other registrars' Whois data. We know that they did not get it through a bulk Whois license. By the time we found out, many customers had received misleading solicitations, but it took us some time and resources in judicial proceeding before the courts issued an injunction last week.
We appreciate the good public policy reasons for publicly available Whois - including access for IP attorneys, law enforcement, intra-registrar transfers. But, we believe that we can find a solution that meets these legitimate needs while protecting customers - particularly indviduals' personal contact information - from public disclosure that is subject to abuse. Until we address this gap, there is little use in changing bulk Whois requirements. In fact, doing one without the other could be detrimental as potential bulk licensees may move to abuse of public Whois.
We hope that in its next steps, the Task Force reviews potential solutions regarding public Whois.