As usual, as we prepare for ICANN81, here are our updated statistics for our Tiered Access Compliance and Operations (TACO) portal along with some interesting factoids. Rather than going in-depth on one specific topic, we’re providing updates on a few topics discussed in prior posts.
Requests from Security Researchers
Requests from the security community are typically low compared to requests from other groups, usually around 1-2% of the total for a given period. In this most recent period, however, these requests made up 15.7% of the total. The spike was primarily driven by a single volunteer cybersecurity researcher, unaffiliated with any identifiable cybersecurity group, who claimed that around 30 domains were part of a distinct phishing campaign. We treated the request as a phishing report, investigated the allegations, and took appropriate action based on our findings; we did not, however, see the patterns claimed by this volunteer. This independent researcher’s requests for whois data were denied because the balance of rights did not weigh in favor of disclosure of personal data for each of these different private parties.
Tucows is aware that certain patterns may only be visible to security researchers in the aggregate. Because of this, we engage in open dialogue with reputable security researchers about how to best work together to identify patterns and address and reduce DNS Abuse while protecting registrants’ right to privacy.
This chart shows the outcome for requests submitted by members of the security community since we began tracking:
Use of RDRS
ICANN’s RDRS now accounts for around half (44% this period, 58% last) of all registration data disclosure requests we receive. Tucows has participated in the RDRS pilot project since it started in November 2023 in order to contribute to this important data-gathering exercise. That said, using the RDRS increases inefficiencies in the data request-review-disclosure process for a number of reasons.
RDRS changed how requests could be submitted. It did not change what information was necessary for a request. In fact, a full 30% of all requests Tucows has received through RDRS remain open and awaiting additional information we have requested. ICANN allows for three response options: “approved,” “denied,” and “information public.” All requests are “pending” until a decision is made. When we review an RDRS request that is incomplete, we reach out to the requestor directly and leave the request as “pending.” These types of pending requests may account for the large “open” or “unanswered” rates in ICANN’s reporting of RDRS metrics (visible at the bottom of this page).
Another large category of RDRS requestors is domain investors who want to purchase a domain from its current owner and aren’t aware they can reach them through the publicly available contact form—or perhaps they just don’t want to use it.
We also see registrants attempting to use the RDRS to contact us, typically not to prove ownership of their domain but rather for technical support. This tells us that the RDRS is known, popular, and easy to find—contrary to complaints many have levied against the RDRS.
LEA Location
Our updated world map reflects that we have received a disclosure request from law enforcement in a new-to-us country: Estonia. The top five requesting countries in this reporting period were (in order of request rate) India, Switzerland, Spain, France, and Costa Rica—all of which are considered foreign law enforcement. For our local jurisdictions, the USA ranked sixth, Germany twelfth, and Canada and Denmark came in at #17 and #21, respectively.
Tiered Access Statistics: 1 May – 31 August 2024
The new period covers May through August 2024. We received 236 requests in this period, bringing the total since we began tracking it up to 5998.
As we mentioned above, of those 236 requests, 103 (44%) came in through RDRS, while the remaining 133 (56%) were submitted to us directly through TACO.
Data disclosure request outcomes: new period (May – August 2024)
In this new reporting period, close to half of the requests (44%) resulted in disclosure, while 10% were incomplete or abandoned. That second figure is still higher than we’d like but a good drop from last period’s 20%. The denial rate came in at 37%, while requests for domains which use our Whois Privacy service made up 6% of the total this period.
Requests by requestor category
Requests by category: new period (May – August 2024)
As mentioned, the number of requests from security community members increased significantly compared to previous periods.
Requests by category since 2018
Requests by category (total)
Abandoned requests by requestor category (May – August 2024)
Total requests over time
To read our past Tiered Access blog posts, please see:
- OpenSRS’ Tiered Access Directory: a Look at the Numbers (May 2018 – mid-February 2019)
- Tiered Access Data Disclosure Update (mid-February – mid-October 2019)
- Privacy and Lawful Access to Personal Data at Tucows (mid-October 2019 – end of February 2020)
- Whois History and Updated Tiered Access Statistics (March – end of August 2020)
- Tiered Access request review process and updated statistics (September 2020 – end of August 2021)
- Tiered Access update: refreshed statistics and law enforcement processes (August – December 2021)
- Tiered Access update: registration data accuracy, and updated statistics (January – April 2022)
- Tiered Access update and thoughts on due process (May – August 2022)
- TACO Platform Updates
- Tiered Access update: policy check-in and updated statistics (September – December 2022)
- Tiered Access update: centralized system development, and updated statistics (January – April 2023)
- Tiered Access update: “urgent” disclosure requests and updated statistics (May – August 2023)
- Tiered Access update: RDRS first experiences and updated statistics (September – December 2023)
- Tiered Access update: law enforcement (foreign and local) and fresh 2024 statistics (January – April 2024)