Yesterday I was having a couple of meetings at the restaurant where the ICANN conference is being held with some RightoftheDot.com clients.
As we were seated a large group walked passed us and sat down at the adjoining table and I couldn’t help but notice their attendee badges.
Homeland Security, ICE, Interpol, FBI, DOJ.
It was a large group of over 10 and all were law enforcement from all around the world.
Its clear to those of who have attended the last few ICANN meetings that law enforcement is insisting that registrars know their customers, the domain holders.
While privacy will still be affording to those desirous of having their personal information not listed on the public whois, its clear law enforcement is going to push registrars into a “know your customer” environment.
Law enforcement has made it pretty clear that registrars are going to “voluntarily” comply with law enforcement’s demands or face legislation or regulation forcing them to do so and that you the domain holder are going to pay the registrars cost of complying.
In part Mr. Corwin states:
“”(In the) ongoing negotiations between ICANN and its Registrar Stakeholder Group to beef up the registrar Accreditation Agreement (RAA), particularly in response to urgent requests from national law enforcement agencies. ”
“And the heart of those negotiations is an increased effort to obtain and confirm valid WHOIS data to confirm that registrants are legitimate and can be readily contacted, and that their identification data is retained. ”
“ICANN staff reported that the negotiations could be concluded within the next few weeks, and that incentives will be offered to encourage quick registrar adoption.”
“We don’t have to look far to estimate the cost of enhanced WHOIS verification.”
“ICM registry already employs such measures for the .XXX domain, and at a session on WHOIS compliance held the previous day the CEO of ICM Registry described the scope of its effort and their price. ”
“ICM expends about $6 per registrant for WHOIS verification; on average, each registrant purchases three domains, bringing the per domain price down to $2.”
“WHOIS compliance will be a much higher percentage of the price for incumbent gTLDs as well as many of the new ones on their way.”
“Of course, registrants may pay for their domains for up to ten years at a time, and it is not yet clear what requirements will be placed on registrars to verify the WHOIS data of existing registrants, and all of that will affect how this enhanced compliance affects domain pricing by registrars.”
“Nonetheless, we suspect that the cost of registrant WHOIS verification for all gTLDs will be similar to what ICM now expends, and it is not trivial.”
“In a highly competitive marketplace registrars will have no choice but to pass this cost on to registrants.”
“So, while we sympathize with the need of law enforcement to have the ability to identify bad actors, and understand that effective WHOIS verification can prevent many ill-intentioned domains from ever being registered, it is also important that these new steps to ensure domain integrity remain feasible in scope and reasonable in cost.”