Home / Blogs

She Gave Me a Fake Phone Number!

Antony Van Couvering

The Intellectual Property Constituency, meeting at the ICANN conference in Vancouver, was interested in increasing ICANN's budget not because they thought they deserved it, but because they wanted ICANN to actually enforce the rules on the books about fake registrations. Now there's some evidence about how prevalent that is. If there's any surprise here, it's that the numbers are so low.

The General Accountability Office (GAO) supplied a report (abstract, full report [PDF]) to Congress, showing that 3.9 million domain names were registered. Said the GAO:

Based on test results, GAO estimates that 2.31 million domain names (5.14 percent) have been registered with patently false data–data that appeared obviously and intentionally false without verification against any reference data–in one or more of the required contact information fields. GAO also found that 1.64 million (3.65 percent) have been registered with incomplete data in one or more of the required fields. In total, GAO estimates that 3.89 million domain names (8.65 percent) had at least one instance of patently false or incomplete data in the required Whois contact information fields.

The GAO actually went through the ICANN process of reporting the "bad" registrations. They had as much luck as anyone else who has wasted their time with this. Of the 45 reported domain names, 11 were corrected within 30 days, 1 was deleted, and the remaining 33 paid as much attention to it as New Yorkers do to jaywalking tickets.

Meanwhile, sensing publicity, Lamar Smith, R-Tex., hurried out a stern letter just hours after the story broke. In a stirring example of American due process, Smith declared that "vendors unwilling to identify themselves publicly are more than likely fraudulent," and accused ICANN of "failing to weed out fraudulent identifications."

The IP constituency, and brand owners generally, are obviously unhappy about this situation, (as are groups concerned about phishing) because it makes it harder to recover domain names under the UDRP process, although it is possible using the (more expensive) "secret weapon" of suing the domain name itself, the so-called in rem proceeding. Just wait until they run into the conflict with European privacy laws

By Antony Van Couvering

Related topics: DNS, Domain Names, ICANN, Law, Privacy, Security, Whois

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

Re: She Gave Me a Fake Phone Number! Christopher Parente  –  Dec 14, 2005 10:44 AM PDT

Antony:

Nice to see your name! Brian Krebs of WPost has a conversation on this going in his Security blog:

http://blogs.washingtonpost.com/securityfix/2005/12/govt_fake_web_s.html

Re: She Gave Me a Fake Phone Number! Michele Neylon  –  Dec 15, 2005 2:46 PM PDT

I would think that the figures are significantly higher. The methodology employed in this "study" seems to be flawed in my opinion.
I posted on this at my blog

The phishers are the more visible infringers, but they are anything but alone in their abuse.

Re: She Gave Me a Fake Phone Number! Juan Golblado  –  Dec 19, 2005 7:20 PM PDT

Any estimate as to what percentage of fake or missing domain name registration data would be filled in properly — at least on new registrations — if protection of that data from spammers, etc. was mandatory?

You might be left with only frauds.

Re: She Gave Me a Fake Phone Number! Roy B Law  –  Dec 22, 2005 4:02 PM PDT

I used to give the number of Gamblers Anonymous to anyone whose attentions at parties I deemed unwelcome ...

Didn't realise there was such a big Registrant data problem; surely it's the responsibility of the Reseller to ensure data integrity.

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Afilias Announces Relaunch of .GREEN TLD

Encrypting Inbound and Outbound Email Connections with PowerMTA

New .PROMO Domain Sunrise Period Begins Today

US Court Grants DCA Trust's Motion for Preliminary Injunction on .Africa gTLD

Minds + Machines Group Announces Outsourcing Agreements, Web Address Change

.STORE Opens its Doors to Brands

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

What Holds Firms Back from Choosing Cloud-Based External DNS?

United States Court Has Granted an Interim Relief for DCA Trust on .Africa gTLD

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

February Biggest Month to Date for Radix, Over 750K Domain Registrations

Best Practices from Verizon - Proactively Mitigating Emerging Fraudulent Activities

Radix & WHMCS Offer Free .HOST Domains to All WHMCS Customers

New .BET Domain Now Available to the Public

Radix and SnapNames Announce Exclusive Partnership

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

Radix Gives Its TLD .SPACE a Makeover

The Framework for Resilient Cybersecurity (Webinar)

New .PET Domain Available to the Public

Priority Access Program for Verisign's First IDN New gTLD, .コム

Sponsored Topics

Afilias - Mobile & Web Services

Mobile

Sponsored by
Afilias - Mobile & Web Services
Port25

Email

Sponsored by
Port25
Verisign

Security

Sponsored by
Verisign
Afilias

DNS Security

Sponsored by
Afilias