ICANN authorized a study conducted by the National Physical Laboratory (NPL) in the United Kingdom, to analyze gTLD domain names to measure whether the percentage of privacy/proxy use among domains engaged in illegal or harmful Internet activities is significantly greater than among domain names used for lawful Internet activities.
Furthermore, this study compares these privacy/proxy percentages to other methods used to obscure identity – notably, Whois phone numbers that are invalid.
These findings will help the community understand the role that privacy and proxy service abuse plays in obscuring the identities of parties engaged in illegal or harmful activities, including phishing, cybersquatting, hosting child abuse sexual images, advanced fee fraud, online sale of counterfeit pharmaceuticals, and more.
ICANN has opened a Public Comment period for the community to consider the study results detailed in this report, provide feedback and request further clarifications. In parallel, ICANN and NPL will conduct Webinars to facilitate feedback by summarizing this study’s purpose, methodology, key findings, and conclusions.NPL will consider all comments submitted to this Public Comment forum during the comment period, incorporate any needed clarifications, and then publish a final version of this Whois Privacy and Proxy Service Abuse study report. It is expected that this report will inform future GNSO policy development in relation to the Whois system.
If you wish to comment you need to emails your comments to: [email protected] You will get a confirmation email from ICANN which you must click on or your comments will not be accepted The comment period closes on October 22, 2013 at 23;59 UTC Here is the 58 page studyHere are the conclusions of the study:
The people who maliciously registered domains for phishing chose privacy and proxy services somewhat more than people who registered domains for legitimate purposes. However, when a privacy or proxy service was not chosen for a malicious registration a workable contact phone number was seldom given – and even if the number was apparently valid, we almost never managed to make contact with the registrant for our survey.
Conversely, even entirely legitimate ‘third party’ businesses that provide services to the law- abiding public – and occasionally for malicious purposes – use privacy and proxy services to a certain extent, and for almost half of the domains these businesses use there is no possibility of using the phone to reach the domain registrant. Of course there are many other ways of making contact with such businesses, and they would doubtless want people to use the information about contact pathways on their websites, rather than consulting Whois
The compromised website category falls between the two extremes – these domain registrants use privacy and proxy services a quarter of the time (a higher proportion than the NORC study measured).…
