Lawyers for DomainTools and .NZ’s Domain Name Commission
(DNCL) slugged it out for another round in the US courts recently as
DomainTools appealed a preliminary injunction that prevented them from creating
a shadow database of .nz registrant data. The case is likely to have wide
ranging implications on registrant data collected by top-level domain
registries and how that data can be used by third parties such as DomainTools.
It’s believed the DNCL is the only TLD registry to initiate proceedings against
a company like DomainTools since the introduction of the European Union’s
General Data Protection Regulation (GDPR) in May 2018.
The case has revolved around whether DomainTools should be
able to access .nz registrant data with the DNCL saying they are expressly
prohibited from a mass harvest of registrant data, while DomainTools have
claimed when they downloaded the registrant data there were no restrictions,
and DNCL should not be able to retrospectively stop them.
DomainTools recently appealed the preliminary injunction awarded in February to the United States Court of Appeals for the Ninth Circuit. In the hearing last week, the DomainTools lawyer said that while DNCL “absolutely has the right to cut off prospective access as it has done and we have respected that, but what they cannot do is retrospectively apply that new concept they have of shuttering port 43 to information that they already sent us for over a decade in response to Whois queries.”
DomainTools have claimed the registrant data is a publicly
available database, accessed via port 43, for free, and is necessarily so
available for cybersecurity purposes. DomainTools in response to a question
from Judge Marquez said there’s no evidence the Whois data has been abused
through registrants receiving spam. They also noted the case revolves around harm
to DNCL, not to registrants. Judge Nguyen said “it does affect the reputation
of DNCL to the extent that they are not able to effectively enforce the terms
of use, and that is the link to the customer complaints about privacy.” Judge
Marquez was also concerned that once the registrant data is publicly available,
there was no way of retrieving it. DomainTools also claimed that Whois data for
all top-level domain registries is meant to be publicly available to everyone,
no matter what the purpose of those who access the data.
In response the DNCL lawyer said that “DNCL sought an
prohibit. What the record shows is that DomainTools surreptitiously downloaded
94% of DNCL’s database. It created a shadow database in clear violation of the
use flatly prohibit and it’s here today because it wants to resume doing those
a very fundamental question, which is who controls the use of the registrant
data for .nz … is it DNCL … or is it DomainTools.”
In the original case heard by Judge Lasnik, Lasnik was
concerned with the irreparable harm done to DNCL through the Whois data that
had been downloaded by DomainTools, which is 94% of the .nz registrant
database. Lasnik specifically found that DomainTools was sabotaging the efforts
to implement a means for protection of privacy advertising registrant data,
undermining one of DNCL’s central missions: to protect the security of the data
in the register from unauthorised or abuse of use. Lasnik was also concerned with
how DomainTools accessed the data – it didn’t ask for the registrant data as
they knew their request would be refused. DomainTools therefore took steps to
circumvent controls that DNCL put on Port 43 by creating a distributed network
so DNCL wouldn’t recognise the repeated searches.
The 3 judges are currently considering the appeal with a
decision expected anytime in the next few months.
To watch the appeal, published by the United States Court of Appeals for the Ninth Circuit, case 18-35850 Domain Name Commission Limited v. DomainTools, LLC, see https://www.youtube.com/watch?v=wXwmyWUmpGU
This latest Domain News has been posted from here: Source Link