The Federal Trade Commission today told a meeting of the Internet Corporation for Assigned Names and Numbers that access to the Whois databases is “critical to the agency’s consumer protection laws, to other law enforcement agencies around the world, and to consumers.” Whois databases are online information directories that contain contact information about website operators. Access to the databases is in question because one of ICANN’s advisory bodies recommended limiting access to Whois data to “technical purposes only.”
Commissioner Jon Leibowitz told the group that FTC attorneys and investigators have used the Whois databases for 10 years to conduct investigations of Internet scams. “Whois databases often are one of the first tools FTC investigators use to identify wrongdoers,” he said. In one case, the agency alleged scammers were using drive-by downloads to install spyware that barraged consumers with pop-up ads and caused some computers to crash. “Using Whois data, the FTC found the defendants, stopped their illegal conduct, and obtained a judgment for millions of dollars in consumer redress. It is uncertain whether the FTC would have been able to locate the defendants without the Whois data,” Leibowitz said.
In another case, the FTC cracked down on seven companies illegally exposing unwitting consumers to graphic sexual content in violation of federal laws that require warning labels on e-mail containing sexually-explicit content. “In these cases, accurate Whois information helped the FTC to identify the operators of Web sites that were promoted by the illegal spam messages,” the statement says.
Leibowitz noted that “Information in Whois databases is most useful when it is accurate. Indeed, the Commission has advocated that stakeholders work to improve the accuracy of such information, because inaccurate data has posed significant obstacles in FTC investigations.” But he noted that even inaccurate Whois information can be useful, and pointed to a case where FTC investigators tracked defendants who used common phony names.
“In short, if ICANN restricts the use of Whois data to technical purposes only, it will greatly impair the FTC’s ability to identify Internet malefactors quickly – and ultimately stop perpetrators of fraud, spam, and spyware from infecting consumers’ computers,” the statement states.
The statement notes that consumers also benefit from access to Whois data and cites an Organization for Economic Cooperation and Development policy paper that states that “easy identification of online businesses is a key element for building consumer trust in the electronic marketplace. This OECD paper represents an international consensus about the importance of Whois data for consumers,” it states.
“There are other businesses, financial institutions, non-governmental organizations, and intellectual property rights owners, all of which heavily rely on access to accurate Whois data,” it states.
“In sum, the FTC believes that improvements need to be made to the current Whois database system and is committed to working with others toward a solution. In the meantime, Whois databases should be kept open, transparent, and accessible so that agencies like the FTC can continue to protect consumers, and consumers can continue to protect themselves.”
The Commission vote to approve the statement was 5-0.
Copies of the legal documents associated with these cases are available from the FTC’s Web site at http://www.ftc.gov and also from the FTC’s Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to thousands of civil and criminal law enforcement agencies in the U.S. and abroad.
(FTC File No. P03 5302)