2003-08 - WHOIS Policy

PDF version

Policy No: 2003-08
Publication Date: 22/09/2003
Status: Replaced by
Policy No 2006-06 

1. BACKGROUND

1.1 This document sets out auDA's policy on the collection, disclosure and use of WHOIS data in the open .au second level domains (2LDs). At the time of publication, the open 2LDs are asn.au, com.au, id.au, net.au and org.au.

1.2 auDA's Registry Licence Agreement and Registrar Agreement impose certain conditions on the registry operator and registrars in relation to the collection and use of WHOIS data. This policy operates to clarify some of those conditions.

2. WHOIS POLICY PRINCIPLES

2.1 The public WHOIS service is a standard feature of domain name systems around the world. The purpose of the WHOIS service is to allow users to query a domain name to find out the identity and contact details of the registrant.

2.2 auDA has drafted this policy with the aim of striking an acceptable balance between:

a) the rights of registrants, under Australian law, in relation to how their personal information is handled;

b) the role of auDA to promote a competitive and efficient domain name industry; and

c) the interests of law enforcement agencies in accessing information about domain names for consumer protection and other public interest purposes.

3. COLLECTION OF WHOIS DATA

3.1 Data about each domain name registration is collected from the registrant by the registrar, and submitted to the registry in accordance with the procedural requirements of the registry. The registry provides a public WHOIS service for all 2LDs under its control, which displays a subset of the full registry data for each domain name (known as the "WHOIS data").

3.2 Under the Registrar Agreement, and in accordance with Australian privacy legislation, registrars must inform registrants of the fact that some of their personal information will be disclosed on the WHOIS service. Under the domain name licence agreement, registrants grant to the registry the right to disclose information for the purposes of maintaining the WHOIS service.

3.3 Due to the policy requirements in the .au domain, the WHOIS data that is collected by registrars at the time of registration is highly accurate and reliable. However, the integrity of the WHOIS database is undermined if the data is not kept up-to-date.

3.4 In order to maintain the integrity of the WHOIS database, registrants are required to notify their registrar of any changes to WHOIS data for their domain name(s) and the registrar must update the WHOIS database on receipt of new information from the registrant.

4. DISCLOSURE OF WHOIS DATA

4.1 The table in Schedule A lists the data fields that will be disclosed on the public WHOIS service for all domain names in the open 2LDs.

4.2 In order to comply with Australian privacy legislation, the street address, telephone and facsimile numbers of registrants will not be disclosed.

4.3 It is necessary for the WHOIS data to include a contact email address for the registrant, for purposes of contacting the registrant in relation to their domain name. The registrant does not have to nominate their own personal email address, but they must nominate an email address at which they can be contacted at any time.

4.4 In the past, it was possible to use WHOIS to find out the creation and/or expiry date of a domain name. This enabled some members of the domain name industry to send unsolicited renewal notices to registrants with whom they did not have a prior business relationship, causing significant levels of customer confusion. As a result of these problems, auDA has determined that creation, renewal and expiry dates will not be disclosed on the WHOIS service. Registrants who wish to check the creation, renewal or expiry date of their own domain name can do so through their registrar or reseller.

5. USE OF WHOIS DATA

5.1 In the interests of protecting the privacy of registrants, the following activities are strictly prohibited:

a) use of WHOIS data to allow, enable or otherwise support the transmission of unsolicited communications to any person, by any means;

b) use of WHOIS data to support an automated electronic query process; and

c) bulk access to WHOIS data (ie. where a user is able to access WHOIS data other than by sending individual queries to the database).

5.2 In order to prevent the abuses listed in paragraph 5.1, auDA will impose restrictions on the number of queries that a user can send to WHOIS. The level of restriction will be clearly displayed on the WHOIS web site. auDA may vary the restriction at any time.

5.3 auDA recognises that it may be necessary for law enforcement agencies to access the full record of a particular domain name or names as part of an official investigation. auDA will deal with requests from law enforcement agencies on a case-by-case basis.

6. REVIEW OF POLICY

6.1 auDA will closely monitor the use of the WHOIS service, and hold a public review of this policy 12 months after implementation.

SCHEDULE A

WHOIS FIELDS FOR .AU OPEN SECOND LEVEL DOMAINS

Field Name Field Description
Domain Name Registered domain name
Last Modified Date the domain name record was last modified
Registrar ID Registry code used to identify the registrar
Registrar Name Name of the registrar of record
Status Status of the domain name (eg. ok, pending transfer, pending delete)
Registrant Name of the registrant
Registrant ID ID number associated with the registrant, if any (eg. ACN for company)
Registrant ROID Registry code used to identify the registrant
Registrant Contact Name Name of a contact person for the registrant
Registrant Email Email address for the registrant
Tech ID Registry code used to identify the technical contact
Tech Name Name of the technical contact
Tech Email Email address for technical contact
Name Server Name of computer used to resolve the domain name to Internet Protocol (IP) numbers (minimum of 2 name servers must be listed)