Setting Limits for WHOIS Data
August 4, 2000
A dispute between a domain name registrar and a Web hosting company could set legal limits on accessing and using personal information on Internet whois databases. The issue at stake is whether one company can prevent another from taking information from a publicly available database and using it for direct marketing.
On Thursday, register.com, a New York company that registers Internet domain names, filed suit against Web hosting and services firm Verio Inc., claiming the latter illegally used contact information from its online database to deluge its customers with unsolicited email and phone calls.
Whois databases, which are compiled by domain name registrars, contain contact information such as names, phone numbers, and emails - for millions of Internet domain-name owners. The information is public but is intended primarily for use by network administrators.
The suit, which seeks a court order preventing Verio from marketing to register.com's customers, will test the legality of a practice that has been a source of complaints from domain name holders who have contact information stored in whois databases.
"We've been sort of worried for some time that you've got this massive database wide open for use in spam and other purposes," said John Mozena, vice president and co-founder of the Coalition Against Unsolicited Commercial Email.
Major registrars, such as Network Solutions and register.com, have policies that stipulate how outside parties can use information in their databases. They also ask that emails and phone numbers not be harvested for mass marketing.
However, it's uncertain whether these policies are enough to win a lawsuit charging abuse of the database, said David Kramer, an attorney at Wilson, Sonsini, Goodrich, and Rosati. There is little precedent to suggest which way a court may rule.
In the past, a backlash from spam recipients, rather than the threat of a lawsuit, prevented many marketers from tapping into the whois database, Mozena said.
"The tradition and anecdotal practice has always been that you don't use the whois database for marketing purposes, because that creates an impetus for people not to put correct information into their domain name database," Mozena said.
Still, it's not unusual for domain name holders to get calls and emails from purveyors who found their contact information in the whois database.
"I received enough solicitations just based on the domains I own to know that there are a lot of people harvesting these for direct marketing and spam," said David Sorkin, a professor at John Marshall Law School in Chicago
In the Verio case, the spam-related charges are twofold. First, registrar.com charges that Verio illegally used its site to view masses of contact listings for its customers. Second, the suit claims that Verio made reference in its sales pitches to the fact that its prospective clients had just signed up domain names at register.com. These references led customers to believe that register.com had authorized the sales calls, the suit said.
Verio officials declined to comment on the suit, saying they preferred not to discuss pending litigation.
The suit is one of several recent disputes concerning how outside parties can access and use information on publicly available Websites.
In another pending case, eBay is seeking to prevent automated agents known as spiders from crawling its site for information. The company claims the practice is a form of trespassing.
Joanna Glasner, Wired News