ICANN Board Director and EWG Member to ag-IP-news Agency: By Creating an Aggregated RDS instead of the Current WHOIS, Access to Data can be Controlled and Monitored
02-Jul-2013
|
Source :
|
Visits : 28287
By Ibtisam Awadat
MARINA DEL REY, CA - ag-IP-news Agency conducted an interview with Mr. Chris Disspain, a member of the Internet Corporation for Assigned Names and Numbers (ICANN)’s Expert Working Group (EWG). The interview focused on the recommendation of the Group for replacement of WHOIS which provides public access to data on registered domain names. Since 2006 Chris has been a member of the United Nations Secretary-General's Internet Governance Multi-stakeholder Advisory Group.
Chris was selected by the ccNSO to join the Board of ICANN in June 2011 and his term will expire at the Annual General Meeting in 2014.
Extracts of the Interview are as follows
How is the Next Generation gTLD Directory Services Model intended to streamline the way data is retrieved and validated?
The new model creates a “one stop shop” for data, where a centralized database would receive registrant data updates from the various registries. By creating a unified system, data will be treated in a uniform manner and format, and search capability would be enhanced across multiple TLDs. The system would also be designed to be user-friendly in multiple languages, scripts and characters. Inaccuracy reports would be handled in a more efficient manner, and the centralized system would make accuracy checks more effective. Each aspect of the proposed model improves upon the current system in place.
You mentioned in ICANN’s circulation that that new system will be: Innovative, Effective Balance between Accuracy, Access and Privacy of Registration Data for Generic Domain Names. How will this, in your opinion, be guaranteed?
By creating an aggregated RDS, access to data can be controlled and monitored, unlike the current WHOIS system. One of the most important aspects of the proposal is its ability to restrict access to registrant data to what the EWG considers legitimate uses. Under today’s system, access to data is unfettered and has few protections against abusive uses. The new ARDS is able to allow access to those with a legitimate need, and also track, audit, and penalize requesters who abuse the system. It also offers extra data safeguards for registrants who need heightened security.
Some talk about possible pitfalls of the aggregated registration data service (ARDS) approach including possible latency and the security issues posed by having a centralized store of domain data (including increased risk "of insider abuse and external attack"). Is this evident?
The EWG is aware of the potential disadvantages to this ARDS model. In the initial report, it states “Creation of a ‘Big Data’ source of highly valuable data with potential misuse if not properly audited and maintained.” The key to preventing misuse of this data is placing a great deal of attention to the implementation of security policy, its enforcement, and ongoing auditing of the system to prevent weak points. The report also recognizes that data latency may be an issue with the new model. These are both issues that will be discussed significantly by the group, and feedback from the community on what they believe to be the best solutions to these issues is encouraged.
Cost is also a significant issue. How the ARDS will be funded?
The EWG is still discussing the issue of funding, but it is a very important aspect of the RDS. EWG wants to explore what the costs of both developing and operating will be, and how these expenses might be borne – whether it is by funding, or offset by value-added service fees.
From an IPR perspective, don’t you think this might raise the number of Domains cyber squatters, and what are the steps taken to be sure this do not happen?
This proposed system does not completely restrict access to registrant data. This new model allows for access to it when the need is legitimate, such as instances where the legality of a domain is in question. The EWG does not foresee an increase in cybersquatting if the current WHOIS model is replaced by this new gTLD Directory Services Model, as access to registrant data would still be available in an instance of alleged cybersquatting.