Group sends our RFP for whois abuse study.
ICANN, through Generic Names Supporting Organization (GNSO), is seeking proposals from qualified companies to study whois abuse. One of its proposed mechanisms for studying abuse is to set up a number of test domain names to see what happens to the whois data created for them.
A similar study (pdf) was conducted in 2007, but only to research whois harvesting for spam. In the new study, GNSO will also check for postal/phone solicitations, phishing, and identity theft.
A number of scams are perpetrated using e-mail addresses harvested from whois. Two popular ones are the renewal scam — which seeks to get you to transfer your domain to another registrar — and the domain appraisal scam. Whois data is also used for marketing. Even large companies have used whois data for marketing in the past; I once received a mailing from Yahoo addressed using whois contact information.
I have long proposed having a registry, or even ICANN-level domain masking service. This would mask all registration email addresses as email@example.com or similar, and would forward all mail to the domain owner. This would allow the registry or ICANN to shut down scams. (Although this probably isn’t a responsibility they’d like). Doing this would require a thick-whois model.
More information on ICANN’s RFP is here.