AppDetex WHOIS Requestor System (AWRS)2019-03-05T19:29:21-06:00

AppDetex WHOIS Requestor System (AWRS)

Managing the complex WHOIS request process

The AWRS was developed for and is used by our customers to obtain non-public WHOIS data following implementation of GDPR. Following customer review, the AWRS sends customer-verified, non-public WHOIS data requests for cybersecurity, consumer protection, and IP enforcement activities. Over the life of the AWRS, the period from June 1, 2018 to January 31, 2019, the AWRS data for all customer non-public WHOIS requests1 shows:

  • AWRS submitted a total of 10,656 requests to 406 ICANN-accredited registrars;
    • 188 registrars, 46% responded with an acknowledgement of some type;2
    • 218 registrars, 54% did not respond;  
    • 38 registrars, 9.36% provided compliant data.
  • Of these 10,656 requests:
    • 343 requests, 3% resulted in responses with compliant data.

Following discussions with registrars, resulting in modifications to process,3 the requests for the period November 1, 2018 through January 31, 2019 improved as noted below:

  • AWRS submitted a total of 798 total requests to 102 registrars;
    • 56 registrars, 55% responded with an acknowledgement of some type;
    • 46 registrars, 45% did not respond;
    • 8 registrars, 7.84% provided compliant data.
  • Of these 798 requests:
    • 49 requests, 6% resulted in responses with compliant data.

Collaboration with registrars, yielded 20% improvements in registrars’ response rates and nearly doubled the rate of registrars providing compliant data in response to requests. If a standardized WHOIS request process is adopted, either via the ICANN ePDP working group, a universal access model, or some other mechanism, we believe that registrars will more readily provide compliant data to help abate cybersecurity, consumer protection and IP enforcement.

AWRS History

The background on the AWRS begins before implementation and enforcement of the EU GDPR on May 25, 2018. AppDetex’s customers believed they would be unable to acquire WHOIS data for legitimate uses after GDPR. After ICANN Puerto Rico in Spring 2018, several major brands discussed with AppDetex about building a workflow process for submitting WHOIS requests until ICANN approved a unified WHOIS request process governing all registrars.

On June 2, 2018, AWRS became operational to enable customers to obtain non-public WHOIS data for cybersecurity, consumer protection, and IP enforcement uses through submission of customer-reviewed and verified requests to registrars. At its core, AWRS is a workflow management tool in which customers initiate WHOIS requests on customer-identified domains for verified legitimate uses. Data is maintained for each individual customer in accordance with applicable data protection requirements and is not shared with other customers or third parties.

Following several months of use, the AWRS was significantly modified to address communicated concerns from registrars regarding the format and content of WHOIS data requests. For example, the AWRS was modified to include language specifically required by individual domain registrars. To the extent certain registrars required subpoenas or other legal requirements, AppDetex sought to find other solutions as opposed to sending repeated requests.  AppDetex made efforts to have its IP address whitelisted with registrars to the extent that such an option was offered by them to facilitate the WHOIS request process. AppDetex also modified AWRS notices to remove requests for associated domains and began WHOIS requests for single domain names only. Finally, AppDetex made personal contact, including calling registrars directly, in an effort to conform the AWRS to the registrars individual data domain request processes.

 

____________________
1 The AWRS uses customer-verified non-public WHOIS requests for the legitimate purposes of cybersecurity, consumer protection, and IP enforcement activities.
2 “Compliant”: sufficient non-public WHOIS data provided to carry out the legitimate purposes identified in Footnote 1;

“Non-Compliant”: insufficient non-public WHOIS data provided to carry out such legitimate activities;
“Responsive”: “acknowledgment” to AWRS request received from registrar, but “compliant” data may not have been provided;
“Non-Responsive”: registrar reply confirming either: (a) receipt, (b) denial of request, (c) compliant data provided, or (d) other form of reply.
3AppDetex took significant steps to address the communicated concerns of the ICANN registrars:
(1) AppDetex adapted the AWRS to meet the diverse, individualized requirements for each registrar and, in some instances, included language specifically requested by particular domain registrars;
(2) AppDetex incorporated into the AWRS the suggested minimum requirements of the ICANN Registrar Stakeholder Group;
(3) If a registrar required subpoenas or other legal requirements, AppDetex sought to find other solutions;
(4) AppDetex made efforts to have its IP address whitelisted with registrars to the extent that option was offered; and
(5) AppDetex made personal contact with registrars to ensure the AWRS complied with individualized registrar request processes.