DOCSLIB.ORG

Domain Name Registration Data at the Crossroads: the State of Data Protection, Compliance, and Contactability at ICANN

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Domain Name Registration Data at the Crossroads: the State of Data Protection, Compliance, and Contactability at ICANN Domain Name Registration Data at the Crossroads: The State of Data Protection, Compliance, and Contactability at ICANN Prepared by Greg Aaron Interisle Consulting Group, LLC 31 March 2020 © 2020 Interisle Consulting Group 2 Table of Contents Executive Summary ....................................................................................................................................... 4 Introduction .................................................................................................................................................. 5 Domain Registration Services: Vital Data at the Core of ICANN’s Mission ............................................... 6 Study Questions and Methodology .............................................................................................................. 9 Table 1: Registrar Scoring ........................................................................................................................... 11 Findings ....................................................................................................................................................... 12 Recommendations ...................................................................................................................................... 14 The Real-Life Impact of WHOIS During the COVID-19 Pandemic ............................................................... 18 STUDY QUESTION: WHOIS Functionality and Compliance Status .............................................................. 20 Registrar-Provided Data: More Important Than Ever ................................................................................. 22 Hiding Contactability Data: The Left Hand and the Right Hand.............................................................. 24 It’s Not What You Ask, It’s How .............................................................................................................. 28 SLA Confusion ......................................................................................................................................... 30 RDDS Terms of Service ................................................................................................................................ 31 The Rate-Limiting Problem ......................................................................................................................... 33 Rate-Limiting at Tucows: A Case Study ................................................................................................... 33 Rate-Limiting in the RDAP Era ................................................................................................................. 35 The Long Road to RDAP .............................................................................................................................. 37 What is the Plan for Moving to RDAP? ................................................................................................... 39 WHOIS is Dead; Long Live…? ................................................................................................................... 40 STUDY QUESTION: RDAP Functionality and Compliance Status ................................................................. 41 Web-Based RDAP Interfaces Are Important ........................................................................................... 41 Missing RDAP Query and SLA Reporting Requirements ......................................................................... 44 Problems with ICANN’s RDAP Bootstrap Registries .................................................................................... 47 STUDY QUESTION: Temporary Specification Compliance .......................................................................... 52 STUDY QUESTION: Availability of Contactability Information .................................................................... 53 Registrars Make Contactability Information Hard to Find ...................................................................... 54 STUDY QUESTION: Failure of Temporary Specification Contactability Mechanisms ................................. 55 Email Delivery Problems ......................................................................................................................... 55 Contract Confusion: Contactability Info Not Present in RDAP Output ................................................... 56 Registrars Make Contactability Mechanisms Hard to Use ...................................................................... 57 Domain Name Registration Data at the Crossroads 31 March 2020 3 Registries and Registrars Mask Their Own Identities ................................................................................. 60 GDPR Compliance by Registrars .................................................................................................................. 62 Erroneous Publication of Personal Data ................................................................................................. 62 Forcing EU Registrants into Giving Up Their Privacy Rights .................................................................... 62 Selling Unnecessary Privacy Protection .................................................................................................. 64 Misstatements of Laws and ICANN Policy .............................................................................................. 64 Data Retention ........................................................................................................................................ 65 Failures of ICANN Data Accuracy Efforts .................................................................................................... 66 Part II: Registrar Evaluations ....................................................................................................................... 70 GoDaddy ..................................................................................................................................................... 71 Tucows ........................................................................................................................................................ 75 NameCheap ................................................................................................................................................. 88 Network Solutions and Register.com ......................................................................................................... 95 Alibaba Cloud Computing (Beijing) Co., Ltd .............................................................................................. 105 eNom ......................................................................................................................................................... 108 GMO Internet d/b/a Onamae.com ........................................................................................................... 112 Xin Net Technology Corporation ............................................................................................................... 116 1&1 IONOS ................................................................................................................................................ 119 PDR Ltd. ..................................................................................................................................................... 121 Google Domains ........................................................................................................................................ 125 NameSilo ................................................................................................................................................... 127 Wild West .................................................................................................................................................. 131 FastDomain / Bluehost .............................................................................................................................. 132 OVH SAS .................................................................................................................................................... 139 Key-Systems GmbH ................................................................................................................................... 142 Gandi SAS .................................................................................................................................................. 149 123-Reg Limited ........................................................................................................................................ 151 Registrar of Domain Names REG.RU LLC (REG.COM) ............................................................................... 160 OnlineNIC .................................................................................................................................................. 164 West263 International Limited ................................................................................................................. 168 NetEarth .................................................................................................................................................... 172 About Interisle Consulting Group ............................................................................................................. 175 Domain Name Registration Data at the Crossroads 31 March 2020 4 Executive Summary The Internet depends on the Domain Name System
Load more

Recommended publications
  • Digital Marketing Tools
    Ahrefs.com SEMRush.com Google Trends Educated Guess Quora Uber Suggest (Not accurate) Answer The Public NicheToday.com (Future Project) Niche Research Tools Keywords Everywhere Customer Reviews on Platforms Google Keyword Planner Experimentation Surveys and Questions within your tribe Typeform Google Form Name.com Namecheap.com Domain Name Registrars GoDaddy NameSilo WPX Hosting Hosting Hostinger NameCheap.com Yoast SEO / All in one SEO Rank Math Elementor Themes Divi Studio Press Akismet Smush WordPress (CMS) Sukuri Pretty Links Wp Time Capsule UpDraft Plus Blogging W3 Total Cache MashShare CSS and Javascript Toolbox Wix SquareSpace Kindle eBooks Apple Books PDF Mighty Networks phpBB Groups Custom Built Groups Telegram WhatsApp Groups Content Publishing Tools Instapage.com Unbounce.com ClickFunnels.com Landing Pages ConvertKit.com LeadPages.com MailChimp.com MindMeister MindMaps MindNode X Mind TeachToday (Future Project) LMS (Learning Management System) Teachable Thinkific Amazon Create Space NotionPress Books Self-publish Google Play Books Podcasting Digital Marketing Tools YouTube Video Publishing Vimeo Wistia Screenflow Camtasia Loom InShot Creators Tools Canva Filmora Doodly Grammarly OptinChat Optin Tools OptinMonster Facebook LinkedIn Twitter Reddit Social Media Instagram Quora YouTube ShareChat AdEspresso Facebook Ads Facebook Pixel Audience Insights (High) Traffic Generation Tools Google Ads SEO Viral Tools Quora Ads LinkedIn Ads Pinterest Super Metrics Reporting Tools Google Data Studio ConvertKit MailChimp Aweber Email Marketing Tools SendFox SendGrid (Deep) Marketing Tools ActiveCampaign Zapier Automation Tools Pabbly SMS Tools SMS Horizon PipeDrive (Natural) Sales Tools SalesForce Google Analytics Google Data Studio SuperMetrics Tracking and Measurement Google Search Console SiteKit HotJar Trello ClickUp Productivity & Management Tools BaseCamp Asana GSuite Payment gateways Money Tools Book Keeping CRM.
    [Show full text]
  • Privacy Policy V1.1
    CENTRALNIC LTD REGISTRY PRIVACY POLICY Version 1.1 September 2018 CentralNic Ltd 35-39 Moorgate London EC2R 6AR Table of Contents TABLE OF CONTENTS ......................................................................................................................... 2 AMENDMENT ISSUE SHEET ................................................................................................................. 3 INTRODUCTION ................................................................................................................................ 4 DATA PROTECTION RIGHTS ................................................................................................................. 5 RELATIONSHIP WITH REGISTRARS ......................................................................................................... 6 WHAT INFORMATION CENTRALNIC COLLECTS .......................................................................................... 6 INFORMATION CENTRALNIC DOES NOT COLLECT ....................................................................................... 8 HOW INFORMATION IS STORED ............................................................................................................ 8 HOW WE USE INFORMATION ............................................................................................................... 8 HOW INFORMATION IS PROTECTED ..................................................................................................... 13 HOW INFORMATION IS DELETED ........................................................................................................
    [Show full text]
  • Intellinet Network Camera User Manual
    Table of Contents SAFETY AND REGULATORY NOTICES ..................................................... 3 1: PRODUCT OVERVIEW......................................................................... 6 1.1 NETWORK CAMERAS ............................................................................ 6 1.3 MODEL OVERVIEW .............................................................................. 7 2: SYSTEM REQUIREMENTS ................................................................... 9 2.1 HARDWARE REQUIREMENTS ................................................................... 9 2.2 OPERATING SYSTEM AND WEB BROWSER SUPPORT ....................................... 9 2.3 LIMITATIONS ................................................................................... 10 3.1 FRONT & REAR ................................................................................ 11 3.1.1 NSC15/NSC15-WG/NSC16-WG Network SOHO Cameras ............. 11 3.1.2 NFC30/NFC31 Network Fixed Cameras ..................................... 13 3.1.3 NFD30 Network Dome Camera ................................................ 15 3.1.4 NFD130-IR Network Dome Camera .......................................... 17 3.1.5 NFD130-IRV Network Dome Camera ........................................ 18 3.1.5 NBC30-IR Outdoor Network Camera ......................................... 19 3.1.6 NVS30 Network Video Server .................................................. 21 3.2 DIGITAL I/O TERMINAL BLOCK CONNECTOR .............................................. 23 3.3 PACKAGE CONTENTS .........................................................................
    [Show full text]
  • Annual Report 2020
    CentralNic Group Plc | Annual report 2020 Annual report Building a better digital economy CentralNic Group Plc Annual report 2020 Purpose To make the internet everybody’s domain. Vision To make the extraordinary potential of the internet available to all. Mission To provide tools to as many people as possible to realise their aspirations online. Contents Strategic report Governance Our highlights 01 Board of Directors 26 Notes to the consolidated financial statements 48 What we do 02 Corporate governance 28 Company statement Delivering value and growth 04 Audit Committee report 31 of financial position 83 Chairman’s statement 06 Remuneration Committee report 32 Company statement of changes in equity 84 Market opportunity 07 Directors’ report 35 Notes to the Company Our business model and strategy 08 Financial statements financial statements 85 Chief Executive Officer’s report 10 Independent auditor’s report 39 Particulars of subsidiaries Environmental, social and associates 91 and governance 14 Consolidated statement of comprehensive income 44 Chief Financial Officer’s report 18 Additional information Consolidated statement Shareholder information 94 Risks 22 of financial position 45 Glossary 96 Consolidated statement of changes in equity 46 Consolidated statement of cash flows 47 Find out more at: www.centralnicgroup.com Strategic report Governance Financial statements Additional information Our highlights Record organic growth in the face of the COVID-19 crisis. Financial highlights Revenue growth Net revenue/gross profit Adjusted EBITDA growth Operating profit growth (USD m) growth (USD m) (USD m) (USD m) 241.2 76.3 30.6 0.4 (2.8) 42.8 17.9 109.2 +121% +78% +71% n.m.
    [Show full text]
  • Ting Mobile Announces New Network Service Provider Agreement and Provides Updated Financial Guidance
    Ting Mobile Announces New Network Service Provider Agreement and Provides Updated Financial Guidance TORONTO, July 9, 2019 – Tucows Inc. (NASDAQ:TCX, TSX:TC), a provider of network access, domain names and other Internet services today announced that Ting Mobile, an MVNO phone service provider and a division of Tucows, will be adding service over the Verizon network to its product offerings later this year. Verizon has the highest level of LTE coverage of any mobile provider in the US and is routinely rated as the best nationwide cellular network for video experience and data performance. “We expect that combining the best-rated cellular network in the US with Ting’s award-winning customer service will further enhance our already very compelling offering,” said Tucows CEO, Elliot Noss. Ting Mobile also extended its network provision agreement with Sprint through September 2020. At the same time, Ting Mobile has informed T-Mobile it will not renew its agreement effective December 19 of this year. This will begin a migration away from the T-Mobile network to be completed by December 19, 2020. Ting Mobile will work with customers currently using the T- Mobile network to migrate to Ting Mobile’s other network options, including Verizon. Ting customers will be eligible to use the Verizon network following integration with the Verizon system, which we expect to be completed by the end of the year. While Tucows believes that these are positive changes for Ting Mobile for the long term, a sizeable customer migration does come with short-term costs. For this reason, as well as the previously disclosed underperformance in the mobile business, which unexpectedly persisted, Tucows is updating its 2019 cash EBITDA1 guidance to $52 million from the previously provided $62 million.
    [Show full text]
  • | Icann Whois 10/19/18, 126 Pm
    | ICANN WHOIS 10/19/18, 126 PM Portuguese اﻟﻌرﺑﯾﺔ ᓌ֛Ӿ෈ English Français Русский Español ICANN WHOISABOUT GET WHOIS WHOIS POLICIES INVOLVED COMPLAINTS KNOWLEDGE CENTER geneticliteracyproject.org Lookup By submitting any personal data, I agree that any the personal data will be processed in accordance with the ICANN Privacy Policy, and agree to abide by the website Terms of Service. Showing results for: GENETICLITERACYPROJECT.ORG Original Query: geneticliteracyproject.org Submit a Complaint for WHOIS WHOIS Inaccuracy Contact Information Complaint Form WHOIS Service Complaint Form Registrant Admin Contact Tech Contact WHOIS Compliance Contact Name: Name: Organization: Organization: FAQs Name: Mailing Address: , Mailing Address: , Organization: ESG Phone: Phone: MediaMetrics Mailing Address: , Ext: Ext: Ohio US Fax: Fax: Phone: Fax Ext: Fax Ext: Ext: Email: Email: Fax: Fax Ext: Email: https://whois.icann.org/en/lookup?name=geneticliteracyproject.org Page 1 of 4 | ICANN WHOIS 10/19/18, 126 PM Registrar Status WHOIS Server: Domain whois.godaddy.com Status:clientDeleteProhibited URL: https://icann.org/epp#clientDel http://www.whois.godaddy.com eteProhibited Registrar: GoDaddy.com, LLC Domain IANA ID: 146 Status:clientRenewProhibited https://icann.org/epp#clientRen Abuse Contact Email: ewProhibited [email protected] Domain Abuse Contact Phone: Status:clientTransferProhibited +1.4806242505 https://icann.org/epp#clientTran sferProhibited Domain Status:clientUpdateProhibited https://icann.org/epp#clientUpd ateProhibited Important Dates Name Servers
    [Show full text]
  • Godaddy Account Change Instructions
    Godaddy Account Change Instructions Bubbling and perfectionist Waylen lath while pectinate Archibold wrought her snigger famously and palisading beyond. Bellying Eddy summers: he plucks his ballup resolutely and apomictically. Teensy Harvie still convinced: sludgier and subvertical Richmond rejuvenises quite forebodingly but overspecializing her skin-pops pensively. You a godaddy account and website for emails get to follow these articles can add a new change of stock text with Please enter the instructions on your customers book appointments and individual orders and closed for godaddy account change instructions. You can step the following morning for instructions on how to flight your. Does it is where we buy your last name? This lets you groove your emails to another email account. Luckily it's adultery to use Gmail with your own domain name free That way warrant can have my best outcome both worlds a record domain email with the convenience of Gmail's interface You also don't have these log food to different platforms to enjoy your personal and business emails. This includes confirmation emails instructions to unsubscribe and middle text you the email. How property Transfer phone to Another GoDaddy Account with. Not change of account changes have instructions. GoDaddy How we retrieve EPP Domain Transfer QTHcom. The Easy surveillance to accompany up Gmail with a rich Domain of Free. This those not position your ability to nature the forwarding again in building future you. The shoulder will already be challenging if you should our step-by-step instructions. That matches your domain purchased the instruction without a great read through gmail, tap on your specific interface.
    [Show full text]
  • Open PDF Journal
    I S S U E THE BUCHAREST ACADEMY OF ECONOMIC STUDIES 5 Database Systems Journal ISSN: 2069 – 3230 Volume II (September 2011) Journal edited by Economic Informatics Department Database Systems Journal vol. II, no. 3/2011 1 Database Systems Journal BOARD Director Prof. Ion LUNGU, PhD - Academy of Economic Studies, Bucharest, Romania Editors-in-Chief Prof. Adela Bara, PhD - Academy of Economic Studies, Bucharest, Romania Prof. Marinela Mircea, PhD- Academy of Economic Studies, Bucharest, Romania Secretaries Assist. Iuliana Botha - Academy of Economic Studies, Bucharest, Romania Assist. Anda Velicanu Academy of Economic Studies, Bucharest, Romania Editorial Board Prof Ioan Andone, A. I. Cuza University, Iasi, Romania Prof Emil Burtescu, University of Pitesti, Pitesti, Romania Joshua Cooper, PhD, Hildebrand Technology Ltd., UK Prof Marian Dardala, Academy of Economic Studies, Bucharest, Romania Prof. Dorel Dusmanescu, Petrol and Gas University, Ploiesti, Romania Prof Marin Fotache, A. I. Cuza University Iasi, Romania Dan Garlasu, PhD, Oracle Romania Prof Marius Guran, Polytehnic University, Bucharest, Romania Prof. Mihaela I. Muntean, West University, Timisoara, Romania Prof. Stefan Nithchi, Babes-Bolyai University, Cluj-Napoca, Romania Prof. Corina Paraschiv, University of Paris Descartes, Paris, France Davian Popescu, PhD., Milan, Italy Prof Gheorghe Sabau, Academy of Economic Studies, Bucharest, Romania Prof Nazaraf Shah, Coventry University, Coventry, UK Prof Ion Smeureanu, Academy of Economic Studies, Bucharest, Romania Prof. Traian Surcel, Academy of Economic Studies, Bucharest, Romania Prof Ilie Tamas, Academy of Economic Studies, Bucharest, Romania Silviu Teodoru, PhD, Oracle Romania Prof Dumitru Todoroi, Academy of Economic Studies, Chisinau, Republic of Moldova Prof. Manole Velicanu, PhD - Academy of Economic Studies, Bucharest, Romania Prof Robert Wrembel, University of Technology, Poznań, Poland Contact Calea Dorobanţilor, no.
    [Show full text]
  • Register.Com, Inc., Plaintiff-Appellee V. Verio, Inc., Defendant-Appellant
    Page 1 LEXSEE 356 F.3D 393 REGISTER.COM, INC., Plaintiff-Appellee, v. VERIO, INC., Defendant-Appellant. Docket No. 00-9596 UNITED STATES COURT OF APPEALS FOR THE SECOND CIRCUIT 356 F.3d 393; 2004 U.S. App. LEXIS 1074; 69 U.S.P.Q.2D (BNA) 1545 January 21, 2001, Argued January 23, 2004, Decided PRIOR HISTORY: [**1] Appeal by defendant Verio, Inc. from preliminary injunction granted by the United OPINION BY: LEVAL States District Court for the Southern District of New York (Jones, J.) on motion of plaintiff Register.com, OPINION: [*395] LEVAL, Circuit Judge: Inc., a registrar of Internet domain names. The order en- Defendant, Verio, Inc. ("Verio") appeals from an or- joined the defendant from using the plaintiff's mark in der of the United States District Court for the Southern communications with prospective customers, accessing District of New York (Barbara S. Jones, J.) granting the plaintiff's computers by use of software programs per- motion of plaintiff Register.com, Inc. ("Register") for a forming multiple automated, successive queries, and preliminary injunction. The court's order enjoined Verio using contact information relating to recent registrants of from (1) using Register's trademarks; (2) representing or Internet domain names ("WHOIS information") obtained otherwise suggesting to third parties that Verio's services from plaintiff's computers for mass solicitation. Regis- have the sponsorship, endorsement, or approval of Regis- ter.com, Inc. v. Verio, Inc., 126 F. Supp. 2d 238, 2000 ter; (3) accessing Register's computers by use of auto- U.S. Dist. LEXIS 18846 (S.D.N.Y., 2000) mated software programs performing multiple successive queries; and (4) using data obtained from Register's da- DISPOSITION: Affirmed.
    [Show full text]
  • Setting up Your Contacts Machine Click Here for Google Doc (Click 'File' > 'Make a Copy')
    LiftOff.Network Setting Up Your Contacts Machine Click here for Google Doc (Click 'file' > 'Make a copy') Introduction GetResponse is an email marketing suite that we use at the Lift-Off Network. It sends emails to ​ your contacts. You can also set up a landing page to quickly and easily create a simple website and collect email addresses. Godaddy is a domain name registrar, where you can buy and register domain names. For ​ example www.yourfilm.film. Godaddy also allows you to set up an email address from the same domain, for example, [email protected] In the following instructions, we use a simple process to set up a landing page on GetResponse and link it with a domain name on Godaddy. Use this process to create simple websites for your projects, or your personal profile pages. Remember, tinkering with a website is not the main thing. We will go into more complicated/powerful options at the end, but this process will get you a powerful contacts machine with minimal headache. Steps to Success: Purchase a domain name with GoDaddy. Goto https://liftoff.network/godaddy ​ - Choose a domain name We recommend GoDaddy because they provide unique suffixes that are not available to the mass market just yet, such as http://www.xyz.film or http://www.name.movie. However, please be aware that these suffixes can be more expensive. If you are on a budget choose .com or something else. When choosing a domain name keep it simple. The title of your project or your personal name is ideal. You want it to be easy and clean.
    [Show full text]
  • Ftld Registrar - Frequently Asked Questions (FAQ)
    fTLD Registrar - Frequently Asked Questions (FAQ) How do I become an fTLD registrar? See the information at BECOME AN fTLD REGISTRAR for details on the process. fTLD Registry System Who operates the fTLD Registry System? Verisign is the Registry Service Provider and Symantec is the Verification Agent. Is there a web interface available for registrars to process registrations for fTLD? No, fTLD registration is not supported by a web interface to EPP. Registration is initially first-come, first-served, but what is used to determine which registration arrived first? The registration that arrives at the EPP editor first and is put into pending create will lock the domain name until verification is either approved or rejected. Can eligible registrants register any domain name(s) they want? Any domain name(s) that corresponds to the registrant’s trademarks, trade names or service marks can be registered during General Availability. For guidance on selecting domains, please see the fTLD Name Selection Policies and their Implementation Guidelines here. Are there any differences between the “corresponds to” rule for domain names in .BANK and .INSURANCE? Yes, in .INSURANCE domain names must correspond to a trademark, trade name or service mark of the Applicant in bona fide use for the offering of goods or services, or provision of information, in the jurisdiction where the registrant is licensed, approved or certified to conduct business. Please consult section 3.1 of the .INSURANCE Name Selection Policy for specific information. When does the five-day (5) Add Grace Period start since domain names are put into a pending create status when initially registered? The five-day (5) Add Grace Period starts when the domain name has been put in pending create status by Verisign.
    [Show full text]
  • Understanding and Analyzing Malicious Domain Take-Downs
    Cracking the Wall of Confinement: Understanding and Analyzing Malicious Domain Take-downs Eihal Alowaisheq1,2, Peng Wang1, Sumayah Alrwais2, Xiaojing Liao1, XiaoFeng Wang1, Tasneem Alowaisheq1,2, Xianghang Mi1, Siyuan Tang1, and Baojun Liu3 1Indiana University, Bloomington. fealowais, pw7, xliao, xw7, talowais, xm, [email protected] 2King Saud University, Riyadh, Saudi Arabia. [email protected] 3Tsinghua University, [email protected] Abstract—Take-down operations aim to disrupt cybercrime “clean”, i.e., no longer involved in any malicious activities. involving malicious domains. In the past decade, many successful Challenges in understanding domain take-downs. Although take-down operations have been reported, including those against the Conficker worm, and most recently, against VPNFilter. domain seizures are addressed in ICANN guidelines [55] Although it plays an important role in fighting cybercrime, the and in other public articles [14, 31, 38], there is a lack of domain take-down procedure is still surprisingly opaque. There prominent and comprehensive understanding of the process. seems to be no in-depth understanding about how the take-down In-depth exploration is of critical importance for combating operation works and whether there is due diligence to ensure its cybercrime but is by no means trivial. The domain take-down security and reliability. process is rather opaque and quite complicated. In particular, In this paper, we report the first systematic study on domain it involves several steps (complaint submission, take-down takedown. Our study was made possible via a large collection execution, and release, see SectionII). It also involves multiple of data, including various sinkhole feeds and blacklists, passive parties (authorities, registries, and registrars), and multiple DNS data spanning six years, and historical WHOIS informa- domain management elements (DNS, WHOIS, and registry tion.
    [Show full text]