Received: 5 February 2018
MarkMonitor recently submitted our public comment to ICANN regarding their proposed models for a GDPR compliant Whois. Some of the points made in that comment are applicable to the current scenario and so we ask that you read our comment.
Whilst MarkMonitor can appreciate the concerns of NZRS with respect to the bulk harvesting of data via port 43, it is worth noting that there are a multitude of legitimate reasons for why the bulk access to registry information is both relevant and necessary.
The range of viable and valid reasons for accessing mass volumes of data can range from investigative, to domain purchases, registrant validations or verification, making responses to queries related to domain name content or related matters, and domain sales or internal transfers. The introduction of webpage with captcha security would be adding a manual step to a previously automated process, thus making it more labour intensive. MarkMonitor has been involved with domain names since 1999 and uses port 43 Whois to assist with our Brand, Anti-Piracy, Anti-Fraud, as well as Domain services and enforcements. In 2017 alone, MarkMonitor processed over 400 new .nz registrations and over 300 transfers. Port 43 Whois data was instrumental in the provision of these registrations and transfers.
In order to provide efficient services to MarkMonitor clients, MarkMonitor needs to utilise port 43 lookup services. However, a possible alternative is proceed to create a site purely for public use (whilst retaining port 43 services for registrars, as MarkMonitor is not able to harvest via Registrar Only Access). Whilst you may need to restrict the general public access to the Whois to prevent the mass harvesting of Whois data, Registrar access in bulk is vital to the provision of efficient and practical services and maintaining industry service standards. Creating the dual system, although not ideal, would be able to ensure that you are addressing your security concerns whilst still ensuring that Service providers and other legitimate entities are able to gain the required necessary access.
Another alternative would be to validate organisations on a periodic basis in order to gain access to port 43 Whois data. This can be via an application process based on processes that will be likely outlined by ICANN. Alternatively, a further alternative is an “opt in” scheme for all accredited Registrars for port 43 access. However, MarkMonitor cannot support the complete abandonment of the port 43 Whois, which is pivotal in the provision of our entire product suite for our clients, without a viable and reliable bulk data lookup alternative mechanism being in place. MarkMonitor understands that the situation will require further consultation and idea development. MarkMonitor is willing to actively participate and support you in this process and MarkMonitor is also willing to be available for further discussions and to assist with any testing, development or assistance that may be required in the development of port 43 or the creation of an alternative site platform.
Should you require any further information please do not hesitate to contact me.
Miss Prudence Malinki