The WHOIS database, which holds contact information for the individual or organisation behind every domain name registration, is increasingly used by law enforcement agencies to investigate breaches of copyright, or cases of internet fraud. It can also help in identifying the source of spam email, and aid ISPs in sorting out technical problems.
But the usefulness of the database is compromised if the data held in it is inaccurate.
The GAO was therefore asked to determine how much of the .com, .org and .net data held on the WHOIS database was obviously false or incomplete.
In a report to the House Subcommittee on Courts, the Internet, and Intellectual Property, published on Wednesday, the GAO revealed that around 2.31 million domain names (5.14%) have been registered with obviously false data and 1.64 million (3.65%) have been registered with incomplete data.
The GAO also assessed how quickly ICANN – the internet’s governing body – acts to correct patently false data. According to the report, 30 days after submitting error reports to ICANN, 33 of the 45 error reports remained uncorrected, while domain name registrants had updated the inaccurate information in 11 cases. The remaining domain was deleted.
The GAO also found that ICANN and the US Department of Commerce (which has oversight responsibility for ICANN) had taken some steps to ensure that the data held on the database was accurate.
These included the creation of a Registrar Accreditation Agreement, requiring registrars to investigate and correct reported inaccuracies, and the imposition of a requirement upon ICANN to continually assess the database operation and to implement measures to ensure the accuracy of data held on it.
