When a brand goes so far as to ask a domain name registrar for Whois (the registration contact details) of a potentially abusive domain name, there’s likely a lot at stake. Most often, the request is prompted by consumer safety concerns, such as the risk to consumers posed by a malicious site. Other times, the demand has a simple goal: to have a dialog with the registrant about the use of trademarks or other intellectual property in order to avoid extreme action.
To be sure, a brand must be very clear and confident about its request for contact data. Brand representatives need to specify why they are requesting the data, affirm they’ll protect the data, and attest that the request is made in good faith. Yet 55% of requests are denied, and another 43% of requests are left unanswered, leaving a scant 2% of requests for registrant data fulfilled according to the Cybersecurity Tech Accord.
As a result, it’s no surprise that brands are taking other actions. Often brands resort to requests for a hosting provider to block a site, file an administrative action like the Uniform Domain Name Dispute Resolution Policy (UDRP), or, in very extreme cases, start civil litigation. These blunt actions can be fast, in the case of blocking or content removal requests, or painfully slow with UDRPs or civil court filings.
In any of these cases, without registrant contact data, the result is usually suboptimal. For example, content removal often leaves a well-meaning small site operator who is at-odds with copyright or trademark law providing negative user experiences as its visitors experience a site outage or missing pages and graphics. In some of these cases, matters could have been resolved with a quick exchange between a brand and the domain name registrant -- if only a registrar had cooperated and complied with a request. In other instances, important investigations of egregious acts and actors are delayed due to registrar inaction.
As a result, UDRP filings are at an all-time high, as are ISP blocking requests, respectively costing millions of dollars and causing inconvenience for internet users. With toothless policy efforts from ICANN, it’s obvious why the European Union, the US, and others are contemplating legislation to protect consumers from bad actors exploiting ICANN, the DNS, and lack of cooperation by domain name registrars.