How reliable and accurate is the WHOIS Database ?
Law Enforcement very often starts cyber investigation by looking for information on WHOIS DATABASE. It is noticed that in many cases where enquiry are required, registrants’ information are not accurate or not sufficient to help investigations. Many domain registrars grant domain names without validation of applicant’s data furnished at time of registration; things happen at mouse clicks and payments effected for the domain name requested electronically. Each domain registrar keeps their own WHOIS database which doesn't include domains registered by competing registrars. Putting all this together makes it a big question; How reliable and accurate is the Whois Database ?
Representatives of Law Enforcement Authorities ( LEA) started discussions with ICANN (Internet Corporation for Assigned Names and Numbers) on the subject matter. Consultations and discussions were held at the International ICANN 44 meeting in Prague, Czech Republic in June 2012 on how ICANN may revisit the policies in place for Domain Name Registrars worldwide. The discussions were taken again with ICANN Security and Stability Advisory Committee (SSAC) at the International ICANN 45 meeting in Toronto in October 2012. The SSAC very conscious of the issue is working on the subject matter. Representations are also being carried out at other forums within ICANN on the WHOIS DATA VALIDATION issue. Though very complex, LEA is looking forward for a very pragmatic approach for the validation of registrants at all Domain Name Registrars. Cyber crime detection and cyber security is what matters for us all !!!