nc-whois / Ghana meetings

DRAFT

whois-ghana-020310-6.html




Domain Name
Supporting Organization


Preliminary Report



of the Names Council's



WHOIS Task Force



to be presented at



The ICANN Meeting In Accra (Ghana)

March 10-14, 2002



NOTE: THIS DOCUMENT IS THE CURRENT STATE OF A WORK IN PROGRESS, AND MAY NOT REPRESENT THE TASK FORCE'S FINAL FINDINGS.


I.   Introduction



By Marilyn Cade, Tony Harris, Tim Denton, and YJ Park

(Business, ISP, Registrars, and Non-Commercial Constituencies)



A   Preface



The WHOIS Task Force (WHOIS TF) announces our Preliminary Report, Version 1.0, as an update to the Domain Name Supporting Organization Names Council and General Assembly, and the broad Internet community.



The Preliminary Report, Version 1.0, is a "work in progress" which serves as a status report and update on the work of the WHOIS Task Force of the Domain Name Supporting Organization (DNSO). The purpose of our preliminary report is to provide initial information to the community on the WHOIS Survey and the preliminary findings of the Task Force, focused in Version 1.0 of the Preliminary Report on the tabulated quantitative responses to the WHOIS Survey. Although this is a preliminary report and is incomplete in many ways, we are also forwarding an advisory of the availability of the preliminary report to the ASO and PSO. The draft Preliminary Report will be posted to the ICANN site following the Ghana meeting, however, in the interim, it is available at <http://www.able-towers.com/ghana/>.

The Preliminary Report is a "work in "progress and will be enhanced and built on during a series of updates, culminating in a Final Report, which is targeted for publication in late May to very early June, for community feedback and further comment. Version 1.0 is primarily focused on the quantitative responses; further updates will provide further elaboration on the Task Force's further analysis of the narrative responses, and whether they signify disparities with the quantitative responses, and an analysis of Question 20's narrative responses. In addition, later versions will include preliminary Draft Final Conclusions and Recommendations, published for community feedback so that public comment by the community can be taken into consideration in the development of the final report to the NC and to the Board.



The WHOIS Survey is one work product of the WHOIS Task Force, and has been its primary focus for the past several months, since the conclusion of the survey. The Task Force mission is described below.



Limitations of the Survey

It is important to ensure that there is clarity on what the survey was intended to accomplish and to acknowledge its limitations. The survey was intended to get as much input as possible from users, providers and other groups who use WHOIS and who would respond to a web based survey. In no way should this survey be considered statistically valid; and that was not its intent.



The original members of the TF worked hard to develop a broad survey; we did not employ the assistance of a professional survey team for a variety of reasons, including the purpose of our outreach. The survey was intended as a "snapshot" in time which could be used as input along with other mechanisms for input and consultation which the TF plans to undertake, to guide the development of policy recommendations related to WHOIS.

In hindsight, with the benefit from weeks of reading hundreds of narrative responses to surveys, and examining whether the narrative responses are consistent with the quantative responses, and searching for trends, anomalies, and other useful observations, it is evident that some of the questions and choices for answers could have been designed better.



For example, question 5 asks about the purposes of WHOIS, but fails to offer "technical problems" as a possible option in the response. There are other illustrations, and these limitations are being identified and documented; some are discussed in this version of the report in more detail in the section by section analysis.



Status on the analysis

The Task Force is finalizing a work plan which will complete quantitative analysis first, with a follow on validation of a representative group of responses to those questions where a significant number of narrative responses were received. As appropriate, this preliminary analysis of narrative responses will be expanded to the full set of responses, as the data indicates appropriate. At present, from the analysis completed by the members of the TF, it appears that the narrative responses are unlikely to change the key findings and messages supported by the quantitative responses. However, the TF plans to validate those assumptions and will be issuing interim updates as their work proceeds in the analysis of narrative responses.



Key Example

This report includes one area, as an illustration, where the Task Force feels generally comfortable with issuing a preliminary recommendation. This is described in Section IV, Resale/Marketing and Bulk Access to WHOIS Data. The preliminary report suggests a finding in this area, that respondents to the survey greatly prefer opt-in or more restrictive data access policies over opt-out approaches, and unregulated third party access to data. A majority of the Task Force representatives have supported this preliminary finding. The Task Force offers this detailed example as an illustration of the intent of the scope of our work in other sections.

In addition to its original mission, the Task Force recently received an additional work referral from the Names Council related to the Verio appeal involving marketing uses of WHOIS data. In undertaking a further discussion regarding this referral, the Task Force discussed the applicability of the Survey responses, and agreed that Questions 16, and 17 are directly applicable to this referral.1



While the majority of the Task Force supports this finding, we note that all comments contained in this report are preliminary, and we do caution all readers again that our survey was not statistical, but should be viewed as a snapshot of the perspectives of those who chose to respond. Nevertheless, we believe that the findings of the Task Force substantially support the preliminary findings in Section IV.



Obviously, only the final report will be a total picture, and we urge all readers to note that and to maintain an open mind about the final recommendations. One can take any piece of a puzzle and forecast an outcome; if the only puzzle pieces one is looking at are images of trees, the assumption might be that the puzzle is about a forest. If on the other hand, the pieces include parts of a castle, a forest, and a field, then one might realize that one is beholding a landscape. In short, the total picture, when the puzzle is assembled might look very different. Nevertheless, pieces of the puzzle are critically important in considering the whole.



We express our appreciation to the initial chair of the Task Force, Paul Kane, who shouldered a significant leadership role in launching the Task Force and it's initial work. We offer our thanks to several members whose "terms" have expired with the NC or GA, and therefore have moved on, to be replaced with new representatives of their respective entities. We also thank the ICANN staff for their administrative support and counsel during this initial work period. The work of the Task Force has been significantly enhanced through the volunteer leadership of the GA members of the Task Force, and a special word of appreciation is due to each of them. And, we thank those in the community who completed the survey.



We are pleased to present this preliminary picture to the community, and welcome your questions and comments, and we look forward to delivering further updates on our work in analyzing the survey results.



We look forward to receiving your comments on this Preliminary Report.



History and Mission

The WHOIS Task Force of the DNSO grew out of the initial work of the .com/.net/.org WHOIS Committee convened by the ICANN staff to give advice on the implementation of WHOIS service for the .com/.net/.org domains as required under the Registrar agreement. The committee addressed implementing questions. The committee's work was concluded in April, 2001. The implementation of the committee's work included the establishment of a WHOIS Committee on domain-name-system policy, chaired by Paul Kane. This Preliminary report does not address the history of the creation of the TF further, since the archives include relevant postings which led to the establishment of the TF by the DNSO.



The Task Force was discussed and approved in the DNSO Names Council meeting, February 8,20012. In summary, Paul Kane proposed that the DNSO set up a Task force to consider the policy issues arising from the ICANN WHOIS report. The Terms of Reference for the TF are provided in the archival materials posted at <http://www.dnso.org/clubpublic/nc-whois/Arc00/msg00193.html>, <http://www.dnso.org/clubpublic/nc-whois/Arc00/msg00190.html>, and <http://www.dnso.org/clubpublic/council/Arc04/msg00817.html>.

A paraphrased version of the terms of reference is: "To consult with the community with regard to establishing whether a review of any questions related to ICANN's WHOIS policy is due and if so to recommend a mechanism for such a review."



During the time it took for the ICANN staff to publish their report, members were also being identified by the Constituencies. The initial members of the TF were:



Paul Kane, Chair

Y.J. Park, Non Commercial

Axel aus der Muhlen, IPC

Theresa Swinehart, BC

Oscar Robles-Garay, ccTLD

Antonio Harris, ISPCP

Miriam Sapiro, Registry

Danny Younger, GA Chair



The membership of the task force was changed for various reasons, and at various points of time. A list of current task force members can be found in the end of this document.



From the beginning, to support their broad mission, the TF members were committed to gaining an understanding of how WHOIS affects users, and how the community is using it today, rather than relying on the perspectives of the members of the TF. They quickly came up with the concept of a survey, which would web based, and therefore, while not statistically valid, would provide a uniform "snapshot" of what those who chose to respond, cared about, who they were, and what their concerns and issues were.



The survey was developed and published in June, with one extension in responses. the survey closed in August, 2001. 3035 responses were received. The details of the responses follow, along with a preliminary analysis.





B   Participation in the Survey

By Kristy McKee, Thomas Roessler, and Abel Wisman

(General Assembly)




Question 1 - Categories of Respondents

In the very first question, participants were asked to classify themselves into one of several categories:



1. Which of the following terms best describes your status as a respondent to this survey?

o Commercial business user
o Non-commercial organization user
o Governmental organization user
o Individual or household user
o Domain name registrar and/or registry
o Internet access provider or network operator
o Other:



Respondents were also asked (where applicable) what size their organization is. An overview over the categories of respondents can be found in the table below. The data is also represented in the pie chart below.







Clearly, commercial and individual/household users dominated the population of respondents to the survey. It should, however, be noted that only 35 participants mentioned "governmental organization user" as their category.



Question 2 - Participation of Domain Name Holders

The second question of the survey asked whether participants were domain name registrants themselves:



2. Have you registered any domain names? o yes o no

(The question also asked for details, such as number and purpose of ccTLD and gTLd domain registrations. These parts of the question will be looked at in a later report.)






Results vary strongly across categories of respondents: While, for instance, 92% of commercial respondents are domain name holders, only 71% of individual respondents, and 57% (with s = 8%) of governmental respondents have registered any domain names.



Question 3 - Use of WHOIS

Question 3 asked participants how frequently they use the WHOIS service themselves:



3. How often do you use the Whois service on average?
o never
o occasionally
o weekly
o once or twice a day
o
many times a day















It should be noted that results of this question once again vary strongly across categories of respondents. Clearly, among the participants of this survey, ISPs are the heaviest WHOIS users, while governmental and individual respondents make the weakest use of the service.



Question 4 - Use of WHOIS

Question 4 asked about respondents' use of the WHOIS system:



4. Which of the following most accurately describes the use of WHOIS that is most important to you or your organization:

o To determine if a specific domain name is unregistered/
available?

o To find out the identity of a person or organization who
is responsible for a domain name or web site I have
encountered while using the Internet
o To support technical operations of ISPs or network
administrators, including tracing sources of spam or
denial of service attacks

o To identify the owner of a domain name for consumer protection or intellectual property protection purposes

o To gather names and contact information for marketing
purposes

o To support government law enforcement activities
(other than intellectual property)
o Other (please briefly describe)



Multiple responses to this question were accepted.








The percentages in the following table use the total population of respondents for any given category as the 100% reference totality. Since multiple responses were accepted, percentages will generally add up to more than 100%. In each row, the dominant use of WHOIS is marked in boldface.








The dominant use of the WHOIS system among respondents is, in the commercial, individual, and registrar-registry categories, "to find out the identity of a person or organization who is responsible for a domain name or web site". Governmental respondents generally mention WHOIS as a means to find out about the availability of a domain, as do non-commercial, "not stated", and "other" respondents. ISP respondents mostly use WHOIS "to support technical operations of ISPs or network administrators".

It's worth noting that non-IP law enforcement use is most frequently mentioned by governmental respondents (20%), followed by ISPs (9%) and non-commercials (6%). Also, almost 90% of respondents which did not assign any category to themselves mention "availability" as their most important use of WHOIS.



C   Statistical Considerations

By Thomas Roessler

(General Assembly)


The multiple choice questions were evaluated for the full set of 3035 submitted responses. This analysis is also broken down by respondent's category (as given in question 1).

The number of participant per category of respondent (question 1) is, in particular, important since they give a rough indication of the precision of the numbers in this report. In the table below, we give standard deviations (s) to be expected for various results, when derived from various categories of respondents.3 Note, however, that for some categories of respondents the total number of possible respondents is of the same (or a similar) order of magnitude as the number of respondents observed with this survey: For instance, there are 1514 registrars accredited with ICANN, and (with a total of 243 governments in the world) 35 governments particiate in the GAC. With other categories, the number of respondents is small when compared with the total population of these categories.

From a (possibly simplistic) statistical point of view, the best results can be expected from the commercial business user and individual user categories, where we have standard deviations between 1% and 2%. Statistical significance is worst with the governmental users category. We shall occasionally mention error margins explicitly where they are important in order to correctly interpret the result of a particular question.








Approximating the binomial distribution by a Gaussian normal distribution, it can be assumed that a result has a probability of about 68.3% to lie within a ±1s margin around the real value, and with a probability of 95% it can be assumed that a result lies within a ±1.96s margin around the true value.



It should also be noted that, unless stated otherwise, percentages given refer only to those who elected to answer a particular question, but not to the entire set of respondents from any given category.



D   Method of Evaluation of Free-Form Questions

By Thomas Roessler

(General Assembly)



The free-form part of questions 8.1, 10, and 17.d were evaluated manually for a pseudo-random set of 303 responses.5 The selected set of 303 responses contained 10% of the responses received in each category. An analysis of the full set of answers to these and other free-form questions may be undertaken after the Ghana meeting.

Generally, in order to derive some statistics from free-form questions, the members of the task force agreed upon "baskets" which were used to classify responses.

During the course of the investigation of these free-form questions, it turned out that only 25 out of the 303 responses investigated had a free-form answer to question 8.1, and that 9 of these 25 responses did not fit into any baskets agreed upon. For this reason, no evaluation of the free-form part of question 8.1 is found in this report. The question will be revisited at a later point of time.


II.   User Requirements and Experience (qq. 5-10)



By Steve Metalitz, Laurence Djolakian, and Ken Stubbs

(Intellectual Property and Registrars Constituencies)



A   Questions Asked



5. What should be the purpose of the Whois service? (place in order 1-7 where 1 is most important):

Rank: to identify the availability of a particular name in
which someone is interested

Rank: to determine if there are similar names already in use

Rank: to identify and verify online merchants

Rank: to identify online infringers for enforcement of
intellectual property rights

Rank: to source unsolicited email

Rank: to identify contacts in the investigation of illegal
activity

Rank: other (specify):



6. Which of the following best describes your attitude towards access to the data contained in the Whois service?

o I am most concerned about protecting the privacy of domain
name registrants

o I am most concerned about effective identification of who is
behind a specific domain for consumer protection or
intellectual property protection purposes

o I am most concerned about ensuring that Whois supports
the resolution of technical problems on the Internet

o No opinion

o Other



7. Have you ever been harmed or inconvenienced because the Whois data you received was inaccurate, incomplete, or out of date?

o Yes, I have experienced inaccurate data.

o No, the data has been accurate

What percentage of the Whois records you relied on proved to be inaccurate, incomplete, or out of date on average:

o Less than 5 percent

o 5 - 25 percent

o 25 - 50 percent

o More than 50 percent



If appropriate, please describe the harm or inconvenience caused by the inaccurate data:



How do you think an improvement can best be achieved?





8. Currently, Whois records in .com, .net, and .org are composed of the following data elements:

A. The name of the second-level domain being registered and the top-level domain it is under;
B. The IP addresses of the primary and secondary name servers for the registered domain;
C. The host names of the name servers;
D. The identity of Registrar;
E. The date of the original registration;
F. The expiration date of the registration;
G. The name and postal address of the registrant;
H. The name, postal address, e-mail address, voice telephone number, and (where available) fax number of the technical contact for the SLD; and
I. The name, postal address, e-mail address, voice telephone number, and (where available) fax number of the administrative contact for the SLD.



Would you describe these data elements as

o Adequate for your purposes
o Inadequate for your purposes
o nnecessary for your purposes



8.1 If you answered "Inadequate," what other data elements would you like to see included to promote public confidence in Internet activities?



8.2 If you answered "Unnecessary," what other data elements would you like to see suppressed from public disclosure?



9. Please indicate which of the data elements listed in A-I above are, in your view, of valueless, essential, or desirable:



A. The name of the second-level domain being registered and the top-level domain it is under;

o essential o desirable o valueless



B. The IP address of the primary and secondary name servers for the registered domain;

o essential o desirable o valueless



C. The domain names of the name servers;

o essential o desirable o valueless



D. The identity of Registrar;

o essential o desirable o valueless



E. The date of the original registration;

o essential o desirable o valueless



F. The expiration date of the registration;

o essential o desirable o valueless



G. The name and postal address of the registrant;

o essential o desirable o valueless



H. The name, postal address, e-mail address, voice telephone number, and (where avilable) fax number of the technical contact for the SLD; and

o essential o desirable o valueless



I. The name, postal address, e-mail address, voice telephone number, and (where avilable) fax number of the administrative contact for the SLD.

o essential o desirable o valueless





Searchability

10. Should the publicly accessible WHOIS database allow for searches on data elements other than domain name?

o Yes
o No



If yes, please specify from fields A-I above that you think should be usable as search keys.

o A o B o C o D o E o F o G o H
o I



Should other enhancements to searchability (e.g., Boolean searching on character strings) be provided?

o Yes
o No

If "Yes", how should the cost associated with such enhancements be paid for?





B   Methodology of Evaluation



Question 5

Question 5 asked respondents to assign ranks to various uses the WHOIS system possibly should have. In this report, we'll only present the raw tabulation data received from ICANN staff. It would certainly be possible to produce more interesting results by investigating the full set of answers to this question with various kinds of statistical approaches. The task force will investigate these possibilities after ICANN's Ghana meetings. Also, the "other" purposes mentioned by participants have not yet been investigated by the task force. (XXX - Laurence Djolakian has done something on this; the baskets seem to be still missing. Results are there, though.)



Question 7

The free-form part of this question was not yet evaluated.



Question 8.1

For question 8.1, a set of baskets was defined in order to perform an analysis of free-form responses on the set of 303 questionnaires described in the introduction to this document. However, this set contained only 25 free-form answers. Out of these 25, 9 did not find into any baskets the members of the task force had agreed upon. No quantitative results of the evaluation of this question shall be presented in this report since (1) the statistical validity of any results would be rather questionable, and (2) the basketing criteria will have to be revisited by the task force.

For reference purposes, we list the baskets which had been agreed upon:

However, it should be emphasized that these baskets have not proven to be a suitable tool for the analysis of responses to this question, and will be subject to further discussion among the task force's members.



Question 8.2

Question 8.2 was not yet investigated by the members of the task force. It should, however, be noted that this question (although supposed to be answered in free-form) partially overlaps with question 9, where respondents can assign levels such as "essential", "desirable", or "valueless" to individual data elements currently contained in the whois database.

Question 8.2 will be investigated in the course of the post-Ghana work of the Task Force.



Question 10

The free-form part of question 10 was investigated on the subset of 303 questionnaires described in the introduction to this document. In order to classify responses, the members of the task force agreed upon the following set of "baskets":

Note that there is a well-defined mapping from the baskets defined here onto the choices given to respondents in question 15, which also deals with funding issues.



C   Results of Evaluation



By-category analysis of multiple-choice questions



Question 5



Summary of rankings of availability of a domain name as the purpose of WHOIS:






Summary of rankings of finding out if similar domain names are alredy in use:








Summary of rankings of identification and verification of online merchants:






Summary of rankings of identifying online infringers for enforcement of intellectual property rights:






Summary of rankings of sourcing unsolicited e-mail:






Summary of rankings of identifying contacts in the investigation of illegal activity:






Summary of rankings of other purposes:






The respondents were asked what the purpose of the « whois » should be. It clearly appears that for all categories of respondents the purpose should be to check whether a domain name is available, closely followed by the search for similar domain names. Individuals particularly support the need to identify on-line merchants and to source unsolicited commercial communications. In addition, many respondents amongst all categories (not only commercial and governments but also non-commercials, and "others") stated that the purpose should also be to identify on-line intellectual property infringements. In the free text responses, the majority of respondents underlined the following elements: the need to know with whom they are dealing with, the ability to access technical contacts, to know the names owned by a company, to deter irresponsible behavior and track spammers, to identify suspicious IP addresses.


Question 6



In contrast to the preceding questions, question 6 asked respondents to choose among three statements in identifying the issue about which they were "most concerned" with respect to Whois data.











A plurality of respondents (43% of the total) agreed that they were "most concerned about effective identification of who is behind a specific domain for consumer protection or intellectual property protection purposes." This was the leading choice among all categories of respondents, except among ISPs, 60% of whom felt that "ensuring that Whois supports the resolution of technical problems on the Internet" was the most important concern, and among governmental respondents, for whom the technical problems response tied with the effective identification response. "Protecting the privacy of domain name registrants" was not identified as the main concern of any group of respondents, and was chosen less often than "effective identification" by every group, although among respondents who identified themselves as individuals the privacy concern (29%) placed a close second to effective identification (34%). Overall, about 6% of respondents rejected the three choices and identified an "other" "main concern" regarding Whois data; these responses have not yet been reviewed.







Question 7






Question 7 asked whether respondents had been harmed or inconvenienced by inaccurate, incomplete, or out of date Whois data.



44% of respondents said they had experienced this and 56% had not.















Similarly, more than half of the respondents thought that less than 5% of the Whois records they had relied upon had been inaccurate, while 27% estimated inaccurate records to be in the 5-25% range, and about 8% thought that more than one-quarter of the records were inaccurate. Individual respondents were most likely to report very low estimates (68% in each category chose "under 5%"), while registrars/registries were most likely to report the highest estimates (21% of these respondents thought that 25% or more of the records were inaccurate). The free-text responses, in which respondents were asked to describe the harm or inconvenience caused by the inaccurate data and to state how they thought an improvement in accuracy might best be achieved, have not yet been analyzed.



Question 8






This question listed the data elements currently provided by Whois with regard to registrations in .com, .net and .org, and asked whether respondents considered these adequate, inadequate, or unnecessary for their purposes. A strong majority of respondents in every category (ranging from 67% to 89%) stated that the current list of data elements is adequate. Overall, about 11% of respondents thought that additional data elements should be provided in Whois, while approximately 16% considered some of the elements unnecessary. These data strongly suggest an overall high level of satisfaction among these respondents that Whois in the original gTLD environment collects and makes available the right kinds of data. The level of satisfaction did vary somewhat across categories, however, with 16% of non-commercial respondents believing that more data elements should be included, while 26% of individual respondents thought some data elements were unnecessary.


Questions 8.1 and 8.2 invited respondents to identify specific data elements they would like to see added to, or subtracted from, those currently made available to the public in Whois. As noted above, systematic analysis of these responses has just begun, and no summary can be provided at this point.







Question 9

Building on the general attitudes expressed in response to question 8, this question sought to elicit more specific answers about the perceived value of each specific data element within the com/net/org Whois. Respondents were asked to label each data element as essential, desirable, or valueless.









































Not surprisingly in light of the responses to question 8, more than half of respondents found each individual data element now in the com/net/org Whois to be essential. Perhaps more remarkably, this held true for nearly every category of respondent with respect to nearly every data element. The lowest proportion of "essential" responses to any part of this question was 39%, by individual respondents with regard to the date of registration data element; and even there, 48% of the same individual respondents called this data element "desirable," with only 12% deeming it "valueless." The clear trend of satisfaction among these respondents with the information currently provided to the public by Whois is evident in the responses to question 9 as well as 8.



Question 10








The first question was whether "whois" databases should allow the search of data elements other than domain names. It should be noted that most respondents in every category (between 53 and 76%) are willing to conduct searches on data elements other than domain names.



Respondents were also asked to select fields which should be usable as search keys. Multiple fields could be checked by respondents. In the first table below, we list the number of respondents from each category who checked a particular search key.






For the percentages, note that the total number of respondents in each category is used as the 100% totality. Since multiple fields could be selected, percentages will generally add up to more than 100%.






A plurality (commercial respondents but also governmental, non- commercial and "others") underlined that the name, postal address of the registrants should also be used as search keys. Governmental and individual respondents underlined the need to search information on the registered domain by using the IP addresses of the primary and secondary name servers; ISPs, non commercial and registrars/registries underlined their will to use as search keys the name of the second level domain registered.



Respondents' answers when asked whether other enhancements to searchability (such as Boolean searches) should be provided can be found in the table below.








A plurality (commercial respondents but also governmental, non- commercial and "others") underlined that the name, postal address of the registrants should also be used as search keys. Governmental and individual respondents underlined the need to search information on the registered domain by using the IP addresses of the primary and secondary name servers; ISPs, non commercial and registrars/registries underlined their will to use as search keys the name of the second level domain registered.



Analysis of free-form responses



Question 8.1

As mentioned in the section of methodology, we can not, at this point of time, present any reasonable quantiative findings from the basketing performed so far on a subset of 303 questionnaires. For this reason, we shall only mention that additional contact information was the most popular category of response observed. Non-basketed responses included suggestions such as a non-binding purpose of the domain registration, statements on registrant privacy, data accuracy, and the like.



Question 10

In this case, 214 out of 303 respondents did not answer the question. One response was garbled, 15 could not be easily classified, and two await translation.

Out of the remaining 71 responses, 18 said the registrar or registry should pay, 29 said the registrant should pay, and 21 said that search users should pay. 2 respondents suggested that some kind of donation should be used, and 1 respondent mentioned ICANN. Among those who could not easily be classified under the current basketing system, several mentioned advertising, the free software community, or alleged that there is no cost.

The task force may adjust the basketing system used for this question before the full set of submissions is attacked.


III.   Uniformity and Centralization (qq. 11-15)



By Miriam Sapiro, Ram Mohan, and Karen Elizaga

(gTLD registry constituency)



A   Summary

The Task Force concludes that a majority of respondents to Questions 11 through 15 of the Whois Survey support the idea of uniformity and centralized access of Whois data. What is less clear is who or what entity should bear the costs of implementing such a system.



Note that these conclusions are made without the benefit of having reviewed the free text responses within Questions 11 through 15 to the extent that respondents indicated such responses.



B   Questions Asked

Questions 11 through 15 generally cover the concept of providing Whois information in a uniform manner so that the data elements within any Whois database generally would correspond with the data elements in another, as well as the concept of universal access to Whois data, obviating the need for a data requestor to seek Whois data from several sources. In particular, some of the questions address the conformity of information within the ccTLDs to other gTLDs, in particular .com, .net and .org. With respect to centralization of Whois information into one universal database, the survey asks to what extent universal Whois should indeed be universal.


For reference, the survey included the following questions 11 through 15:



11. Do you use WHOIS in ccTLDs?

o Yes
o No



12. Do you think that the data elements used in .com, .net, and .org should be available uniformly in country code top-level domains?

o Yes
o No

Why or why not?



Uniform data format to WHOIS

13. Do you support the concept of uniformity of WHOIS data format and services?

o Yes
o No



What, in your view, is the best way to achieve uniformity both in format and search capability across Whois services?



Centralized portal access to WHOIS

14. Do you support the concept of centralized public access to WHOIS - e.g., a "one-stop" point of WHOIS to access information:

o Yes
o No



a. Across .com/.net/.org?

o Yes

o No



b. Across all gTLDs (i.e., including the new TLDs)?

o Yes

o No



c. Across all TLDs? (i.e., including country code TLDs)?

o Yes

o No



If appropriate, what, in your view, is the best way to achieve the level of centralized public access that you support?



15. Who should bear the cost burden of implementing centralized public access?

o Those who use the service should pay for it.

o It should be paid for by ICANN.

o Registrars should support it as a public service

o Should be part of the domain registration fee as it is today.

o Other.



C   Results of Evaluation



To the extent that responses were provided, the Task Force evaluated the entire set of 3,035 responses, with the analysis being broken down by respondent category, as specified in Question 1.


Question 11








With a total of 2,743 respondents answering Question 11, roughly 54% of these respondents indicated that they used Whois within ccTLDs. It is interesting to note that roughly 70% of these respondents were commercial or individual respondents. Of the commercial respondents, 59% indicated that they used ccTLD Whois databases, while only 41% of individual respondents use such databases. It is clear that notwithstanding the low number of ISP respondents, ISPs indicated the highest use of ccTLD Whois databases, while individuals form the largest percentage of those who do not use ccTLD Whois (59%). Although the number of respondents in the registrar-registry category was low in comparison to the number of the other respondents, a majority of that category indicated use of the ccTLD Whois databases.



Question 12

The free-form part of question 12 has not yet been evaluated by the members of the task force.








Roughly 87% of the respondents to question 12 (2,742) indicated that the Whois data elements in .com, .net and .org also should be available uniformly in ccTLDs.

Responses to question 12 within each category indicated more of a clear trend in line with the overall percentage of respondents responding that Whois elements should be uniform. Across all categories, the vast majority of respondents within each category indicated that uniformity should exist across all TLDs (the average of those respondents answering yes to question 12 across all eight categories was 87%).

Question 13

The free-form part of question 13 has not yet been evaluated by the members of the task force.






Responses to question 13 indicate a general desire for uniformity across Whois data format and services, with 92% of 2,801 respondents answering yes to the concept. Across all categories, the responses were overwhelmingly in favor of uniformity, with most categories reaching the 90% threshold or higher - no category of respondents opposed in any significant numbers the concept. The defect in this question, however, is that it is not entirely unambiguous as to what "data format and services" are meant to be.


Question 14

The free-form part of question 14 has not yet been evaluated by the members of the task force.






For question 14, a majority of the 2,832 respondents (86%) indicated that they supported centralizing access to the Whois databases, which would obviate the need for data requestors to search Whois databases within various registrars or across TLD registries (including both gTLDs and ccTLDs). The categories of respondents in which the largest minority rejected centralized access were the governmental, ISP and registrar-registry respondents, with 21%, 20% and 22%, respectively, answering that they did not support such a concept.






Responses to question 14(a), addressing the idea of centralized public access across .com, .net and .org, elicited more support, with almost 90% of 2,725 respondents indicating their support. There was not much variation in responses as between the respondent categories.






The responses to question 14(b), inquiring about support for centralized access to Whois across all gTLDs indicated that roughly 87% of the 2,686 respondents replied yes. This concept garnered the least support from the governmental category, with 23% of those respondents objecting to such centralized access.






The question 14(c) regarding centralized access to all TLDs, including ccTLDs, generated a majority response in support of such a concept, with roughly 84% of the 2,696 responses indicating support for centralized access. The strongest opposition of centralized access reaching across all TLDs came from the governmental and registrar-registry categories, with 26% and 29% of those respondents answering no.


Question 15













When asked who should bear the cost burden of implementing a centralized Whois, the majority of respondents (just under 80%) indicated that either the cost should be incorporated into the domain registration fee (roughly 55%), or that the registrars should support it as a public service (around 25%). Just under 8% of the respondents thought that users should pay for such a service.


IV.   Resale/Marketing and Bulk Access
(qq. 16, 17)



By Kristy McKee, Thomas Roessler, and Abel Wisman

(General Assembly)



A   Summary



Based on preliminary analysis, the Task Force believes that cross-category consensus among respondents can be identified with respect to the following points:

As opposed to these clear, but contradictory signals, there is a strong signal of indecision when respondents were asked whether or not to change the bulk access provisions. Free-form responses of those who suggested a change mirror the results from the "resale and marketing" question.

Since there is at least some clear evidence (in the responses to question 16) that the kind of third party data access policy favored by respondents appears to be different from the one currently implemented in the Registrar Accredtation Agreement, a review of that policy which keeps the survey's results in mind may be in order.



B   Questions Asked



The bulk access issue was covered by questions 16 and 17 of the survey. For your reference, we include the questions' text:



Sale and marketing of customer data

16. Should registrars be allowed to engage in resale or marketing use of the registration contact information?

o Yes
o Yes, but only with the express permission of the registrant (opt-in)
o Yes, but only after the registrant had the opportunity to opt-out.
o No



Bulk access/mandatory sale of customer data/manipulation and adding value to customer data

The current provisions with regard to the mandatory sale of Whois data, and uses that can be made of the data obtained through bulk access, are contained in the Registrar Accreditation Agreement at sections 3.3.6 and following6, Third Party Bulk Access to Data.

These provide for the mandatory sale of customer data on certain specific conditions. These conditions are discussed in terms of a contract between the registrar and a third party seeking access to the data. The data may not be used for mass unsolicited emailing, but can by inference be used for mass mailing (3.3.6.3), "other than such third party's own existing customers". In addition, the "Registrar's access agreement shall require the third party to agree not to use the data to enable high-volume automated electronic processes that send queries or data to the systems of any Registry Operator or ICANN accredited registrar, except as reasonably necessary to register domain names or modify existing registrations". (3.3.6.4)

The agreement says that the registrar "... may enable Registered Name Holders who are individuals to elect not to have Personal Data concerning their registration available for bulk access for marketing purposes based on Registrar's 'Opt-Out' policy, and if Registrar has such a policy Registrar shall require the third party to abide by the terms of that Opt-Out policy; provided, however, that Registrar may not use such data subject to opt-out for marketing purposes in its own value-added product or service." (3.3.6.6)

The text allows the Registrar discretion

the use of the registrants' data

but unless the registrar takes positive steps to have a privacy policy different from the Registration Agreement, the registrant's personal data is available as the Agreement prescribes. "Personal data" refers exclusively to data about natural persons.



17. Do you think that:

a. These provisions should be maintained in the gTLD environment?

o Yes
o No



b. These provisions should be extended to apply to other TLDs (subject to any comments in 12)?7

o Yes
o No



c. As a user would you welcome information from your chosen service provider introducing you to the additional services they may be able to provide?

o Yes
o No



d. These provisions should be changed?

o Yes
o No



If so, how?



C   Method of Evaluation



The multiple choice questions were evaluated for the full set of 3035 submitted responses. This analysis is also broken down by respondent's category (as given in question 1).

The free-form part of question 17.d was evaluated manually on the pseudo-random set of 303 responses described in the introduction to this report. An analysis of the full set of answers to question 17.d may be undertaken after the Ghana meeting.

In order to derive results from the free-form answer to question 17.d the following set of "baskets" was agreed upon by the members of the task force:



D   Results of Evaluation

Overall analysis of multiple-choice questions

The table below summarizes the results from the multiple-choice parts of questions 16 and 17.a-d. For each question, we list the number of respondents for each choice, and the corresponding percentages. This is done both for the full set of questionnaires, and for the selected subset of 303 responses which are used in the next section of this analysis






It can be noted, that, with the exception of question 17.c ("As a user, would you welcome information from your chosen service provider?"), the results from the full set of responses lie within the 1s-neighborhood of the results from the selected 303 questionnaires.



By-category analysis of multiple-choice questions

We now give by-category numbers of the answers given to multiple-choice questions.

Question 16
















For question 16, a by-category tabulation shows that individuals participating in the survey had the strongest demand for opt-in or stricter protection of their data, with 92%. This desire was lowest in the non-commercial category of survey participants, where 80% demanded such protection. Opt-out approaches were most popular with non-commercial respondents (18%), and most unpopular with individual and ISP participants in the survey (6%). Permitting marketing and sales (the "yes" answer to this question) was most popular among governmental participants (9%), and most unpopular among non-commercial and individual participants.





Question 17.a






Between 62% and 73% of respondents suggest that bulk access provisions should be maintained in the gTLD environment. This demand is strongest in the registrar-registry communities, and weakest with participants from the "not stated" category.



Question 17.b






Between 62% and 71% of respondents suggest that bulk access provisions should be extended to apply to other TLDs. This demand is strongest with the registrar-registry communities, and weakest with the non-commercials.



Question 17.c






Distribution of responses varies stronger than usual with this question: The registrar-registry group of respondents states with a statistically significant majority of approximately 60% that they would welcome information from the chosen service provider. Commercial respondents have a significant majority against receiving such material, as do governmental (70%; s=8%), individual, and ISP users. The statistical value of the majority in the non-commercial group is questionable.



Question 17.d

For this question, results are listed including error margins, so readers can better understand where valid majorities may be constructed from the results, and where not.






It does not seem possible to derive any results with strong validity from these results. Basically, all we can say is that half of the respondents suggest a change of bulk access provisions, and half of the respondents don't.



Analysis of free-form responses to question 17.d

The free-form part of the question was answered on 99 out of the 303 questionnaires whose free-form responses were investigated by the task force's members. Of these responses, 2 could not be easily classified, and 2 more responses were garbled. Of those which could be classified according to the baskets listed above, 37 ended up in the "no bulk access or sale" basket, and another 43 were classified as "opt-in before any sale or bulk access". 7 respondents more specifically suggested no bulk access for marketing, and 2 respondents were categorized as "opt-in before marketing use". 9 respondents asked for improved opt-out, 7 generally asked for better privacy protection, and a no respondent suggested to relax the current restrictions.8




Calculating percentages, we find that 89% of the 99 free-form responses looked at ask for opt-in or stricter protection of their data when marketing use is suggested. When those answers which specifically mention marketing use are left out of the picture, we still have 80% of responses looked at which ask for opt-in or stricter protection of their data.

An analysis of free-form answers to this question by category of respondent has not yet been performed. (Note that the statistical value of any conclusions derived from such an analysis would be fairly limited.)



E   Findings and Discussion of Results



Question 16

With the exception of the "other" and "not stated" categories of respondents, prohibiting resale or marketing use is preferred over an opt-in approach to that use. Across all categories, opt-in is in turn preferred over opt-out and a plain allowance for registrars to engage in such use.

Across categories, those who suggest opt-in or stricter protection (answers "opt-in" or "no") represent between 79% and 92% of those who respondend to this question.



Question 17.a

Question 17.a suggests that there is consensus across categories of respondents that bulk access provisions should be maintained in the gTLD environment.

During task force discussions, doubts were raised about how the question should be interpreted: One member understood it to mean that some kind of bulk access provisions should be maintained, while another member suggested that the question referred to the specific bulk access provisions described on the questionnaire. However, the latter interpretation may lead to a contradiction with question 17.d. Also, it was questioned whether the analysis of the responses to this question is consistent with the results from question 16.



Question 17.b

It appears that there is consensus across categories of respondents that, whatever bulk access provisions are agreed, if any, these should be extended to other TLDs. The same caveats as with question 17.a apply.



Question 17.c

As a preliminary finding, it can be stated that majorities of the registrar-registry (and "not-stated") groups of respondents have a tendency to welcome advertising from the chosen service provider. On the other hand, majorities of governmental, commercial, individual, and ISP respondents stated that they would not welcome such advertising. While there is certainly no consensus across categories, it is worth noting that majorities of most of those groups of respondents who would receive the advertising material would not welcome it, while majorities of those groups who would send out the material say that they would indeed welcome it "as a user".



Question 17.d

Taking error margins into account, the yes-no part of this question leads to an undecided result, or to thin majorities in some of the categories.

The result of the evaluation of the usual selection of free-form responses which were given by those who do suggest a change of bulk access provisions look very similar to the results from question 16: Approximately 90% of these respondents favor opt-in policies, or no access over opt-out approaches, or unlimited access.




V.   Third Party Services (qq. 18, 19)



By Troy Dow, Bret Fausett, and Oscar Robles-Garay

(Business and ccTLD Constituencies)





A   Questions Asked



Question for registrars, ISPs, and hosting companies

18. Where non-disclosure of the name and address is requested by the Domain Registrant, the ICANN Accreditation Agreement allows for a name and address of a third party to be used where the third party has an agreement with the Registrant, does your company offer this service to its customers?

o Yes

o No



Question for the public

19. To protect your privacy if you were offered the opportunity to use the name and address of a third party to act as your agent, would you register domains in the name of the third party rather than your own name.

o Yes

o No







B   Results of Evaluation



Question 18








Question 19









VI.   Other Comments (q. 20)





A   Questions Asked



Question 20 asked respondents for free-form answers to a variety of questions.



Please consider the following:



20a. What, in your view, is the most important personal privacy interest applicable to the WHOIS database?



20b. What, in your view, is the most important consumer protection interest applicable to the WHOIS database?



20c. What, in your view, is the most important law enforcement interest applicable to the WHOIS database?



20d. What, in your view, is the most important interest with respect to protection of minors applicable to the WHOIS database?



20e. What, in your view, is the most important network operational interest applicable to the WHOIS database?



20f. What, in your view, is the most important competitive or economic interest applicable to the WHOIS database?



20g. What, in your view, is the most important interest with respect to intellectual property rights that is applicable?



20h. What other interests, besides those listed above, should be considered with regard to the WHOIS database?



Free text area for any other comments:



B   Method of Evaluation



The evaluation of the results from this question (which obviously requires human attention) has not yet been undertaken by the members of the task force, and is on the Task Force's post-Ghana agenda.






VII.   Final conclusions



Final conclusions will be drawn during the Task Force's post-Ghana work.


VIII.   Task Force Members; Contact



A   Authors of This Report



Those raw numbers in this report which concern the total set of responses received were prepared by ICANN staff. The numbers which concern the set of 303 statistically selected responses were generated by the General Assembly's representatives to the task force, Kristy McKee, Abel Wisman, and Thomas Roessler. Kristy, Abel and Thomas also produced the skeleton of this report.



Individual sections were worked on by the following individuals:



B   Archives and Contact



The whois task force's public discussions are archived at http://www.dnso.org/clubpublic/nc-whois/Arc00/. The task force can be reached by contacting its co-chairs, Marilyn Cade <mcade@att.com> (Business Constituency), and Tony Harris <harris@cabase.org.ar> (ISPCP).



C   Members of the Task Force



Co-chairs:

Marilyn Cade, BC

Antonio Harris, ISPCP



Members



Troy Dow, BC

Bret Fausett, BC



Oscar Robles-Garay, ccTLD



Thomas Roessler, GA

Abel Wisman. GA

Kristy McKee, GA



Laurence Djolakian, IPC

Steve Metalitz, IPC



Y.J. Park, Non Commercial

Gilbert Lumantao, Non Commercial

Hakikur Rahman, Non Commercial



Philip Grabensee, Registrar

Tim Denton. Registrar

Ken Stubbs, Registrar



Miriam Sapiro, Registry

Karen Elizaga, Registry

Ram Mohan, Registry



Former Members:



Paul Kane, Registrar and original chair

Danny Younger, former GA Chair

Axel Aus der Muhlen, IPC

Theresa Swinehart, BC

1http://www.dnso.org/clubpublic/council/Arc09/msg00061.html

2http://www.dnso.org/dnso/notes/20010208.Nctelecon-minutes.html

3The standard deviations are the ones of a binomial distribution, which models answers to simple yes-no questions.

4As of March 10, 2002. Source: http://www.icann.org/registrars/accredited-list.html

5http://www.dnso.org/dnso/notes/20011221.Whois-survey-result.doc

6http://www.icann.org/registrars/ra-agreement-17may01.htm#3.3.6.3

7Question 12 asks whether respondent thinks that the data elements used in .com, .net, and .org should be available uniformly in country code top-level domains, and asks for reasons for respondent's opinion. This question is evaluated in chapter III (Uniformity and Centralization).

8http://www.dnso.org/clubpublic/nc-whois/Arc00/msg00214.html

53/53