Out-Law News 1 min. read

Nominet warns on Whois data mining


Nominet has issued a warning about commercial companies that are swiping copyrighted information on domain name owners from its Whois database.

By Kieren McCarthy for The Register.

This article has been reproduced with permission.

Several weeks ago, the UK internet registry owner noticed a sharp increase in the number of people accessing its Whois service, an online searchable database that provides ownership details for individual .uk internet addresses, including the name of the individual and sometimes their home address.

Nominet director of IT Jay Daley said in one 24-hour period there were an additional 50,000 look-ups appearing to come from 5,000 different internet addresses. Thanks to careful monitoring and analysis, however, Nominet was able to trace the source of the requests to a single company – US security company Intrusion.com.

Nominet blocked Intrusion.com and sent an email to the company requesting an explanation, but heard nothing back. A week later, it phoned the US firm and sent another email before finally speaking to its co-founder, vice-president and vice-chairman T Joe Head, who confirmed the company had been building a database of .uk domain ownership in order to help its products perform better.

According to Daley, Head claimed to have a database of 130m domain names across the world, with Whois data on 70m of them. When the company identifies a domain name that is being used for nefarious purposes it runs a search across its database for any other domains run or owned by the same organisation and reviews their status.

The company's use of the information is immaterial, however, as under European law the Whois database is the copyrighted property of Nominet.

Nominet is particularly sensitive about its database after Australian scammers tricked 50,000 Nominet customers into paying imaginary renewal fees when they were contacted through their Whois details, stolen from the Nominet website by an automated request program.

Brad Norrish and Chesley Rafferty were found guilty in January this year and fined AU$2.3m (£980,000) by an Australian court after a Nominet chase lasting nearly three years. Nominet has since provided all customers with the option to opt-out of providing anything but their name on the public Whois database, and carefully monitors access to the database.

© The Register 2006

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.