For Release: May 22, 2002
The Federal Trade Commission today highlighted the importance of accurate information in the Whois database, saying that law enforcers fighting fraud on the Internet rely on the integrity and accuracy of the database's registration information about Web site operators.
J. Howard Beales, III, Director of the FTC's Bureau of Consumer Protection, told the House Judiciary Committee's Subcommittee on Courts, the Internet, and Intellectual Property that when the information is accurate, it can ". . . help law enforcers quickly identify wrongdoers and their location, halt their conduct and preserve money to return to defrauded consumers. Inaccurate Whois data, however, help Internet scam artists remain anonymous and stymie law enforcement efforts."
The number of adults with access to the Internet has grown from approximately 88 million in mid-2000 to more than 174 million by March 2002, according to the testimony. The growth in e-commerce has created "fertile ground" for fraud. "There is real danger that the benefits of the Internet may not be fully realized if consumers identify the Internet with fraud operators," Beales said. "We need to act quickly to stop fraud, both to protect consumers and to protect consumer confidence in e-commerce."
The FTC has brought more than 225 Internet-related law enforcement actions against 688 defendants since 1994, stopping consumer injury estimated at more than $2.1 billion, according to the testimony. Tools the FTC has used in fighting Internet fraud include:
The testimony notes that another critical element in pursuing Internet fraud is the Whois database.
"It is hard to overstate the importance of accurate Whois data to our Internet investigations," Beales said. "In all of our investigations against Internet companies, one of the first tools FTC investigators use to identify wrongdoers is the Whois database. We cannot easily sue fraudsters if we cannot find them. We cannot even determine which agency can best pursue them if we are unable to figure out the country in which they are located."
Beales cited examples of FTC and international law enforcement efforts that were hampered because of inaccurate names, addresses, and telephone numbers listed in the Whois database. He noted that the FTC has called on the Internet Corporation for Assigned Names and Numbers, the body that governs assignment of Internet names, ". . . to work with registrars to implement and enforce the provisions of its Registrar Accreditation Agreement that ensure the completeness and accuracy of Whois data." The FTC endorses the elimination of blank or incomplete registration forms and false information, and requiring registrars to suspend domain registration for failure to correct inaccurate contact information. Noting that Web sites operating from the two-letter code domains, such as .uk for the United Kingdom and .jp for Japan, are not subject to uniform rules on the collection and publication of contact information, the testimony states it would be useful for law enforcement purposes if country code domain registry managers would implement measures to improve the accuracy and accessibility of Whois data.
During the testimony, Beales noted that there are tradeoffs between the transparency of domain registration information and personal privacy. For commercial Web sites, Beales noted that ". . . the balance weighs in favor of public disclosure of basic registrant contact information." There are different considerations to balance, however, for Web sites registered by individuals or Web sites registered for non-commercial purposes. On the one hand, these individuals and Web site operators have legitimate privacy concerns. On the other hand, a fraudster should not be permitted to hide from law enforcement authorities simply by claiming registration as an individual or by claiming registration for non-commercial purposes," he said. In conclusion, Beales noted that the FTC is continuing to work ". . . through international organizations, businesses, and consumer groups to develop workable solutions that balance the privacy interests with the interests in transparency of Whois data."
The Commission vote to approve the testimony was 5-0.
Copies of the testimony are available from the FTC's Web site at http://www.ftc.gov and also from the FTC's Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive and unfair business practices in the marketplace and to provide information to help consumers spot, stop and avoid them. To file a complaint, or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
(FTC File No. P99-4101)