Subscribe to RSS Feed

03|22|2010 02:09 pm EDT

Iron Mountain to Provide Additional Audit Services for Registrar Data Deposits to ICANN

by Frank Michlick in Categories: ICANN / Policy

When ICANN introduced the mandatory Registrar Data Escrow (RDE) for registrars in 2007, the program was a direct result of the problems experienced with the registrar RegisterFly. ICANN requires all registrars to deposit a copy of their whois information with an approved RDE provider in order to protect registrants from the loss of their domain. The system is trying to encourage registrars to deposit the underlying whois information for domains under whois privacy (which was one of the issues at Registerfly, since some of the ownership data was lost). Registrars under the old Registrar Accreditation Agreement (RAA) can still deposit whois proxy information, but the new RAA forces registrars to inform their registrants if this is the case.

In November of 2007, ICANN selected Iron Mountain as the preferred provider for RDE services. While registrars are free to select another (ICANN approved) provider, most, if not all, chose to go with Iron Mountain, also since there would be no additional cost involved. Today Iron Mountain announced in a press release, that it now offers an audit service for the submitted information.

With the ICANN Deposit Audit Service (IDAS) application, Iron Mountain systematically audits registrar escrow deposits, measures the integrity of those deposits, and reports the results to ICANN. The new application supplements Iron Mountain’s Registrar Data Escrow service. With this service, domain name registrars periodically escrow their registration information records to safeguard these intellectual property assets. Because the registration data is placed in an escrow account with Iron Mountain and verified through the IDAS application, it can be effectively retrieved by ICANN in the event of a technical, operational, or business failure of a registrar.

The additional reports will be used by ICANN to audit compliance of registrars. Details on how the audit works were not provided, but it can be assumed that the deposited data would be verified and compared with zonefile and registry records, since bulk querying the whois-servers of registrars would be against their terms of use.

“The goal of the data escrow program is to help ensure the security and stability of the Domain Name System by protecting the data associated with registered domain names in a secure escrow account,” said Mike Zupke, ICANN’s registrar liaison manager. “Iron Mountain’s Deposit Audit Service is the next step in a full range of programs and procedures that will work to safeguard registrants and maintain Internet stability.”

Disclaimer: This article has been syndicated from DomainCocoon’s corporate blog. Frank Michlick, Editor at DNN, also is founder of DomainCocoon.

Tags: , , , , , ,



March 22, 2010 @ 4:57 pm EDT

With regard to proxy information – it’s explicitly covered.
If the registrar is escrowing the proxy data and not the actual data they have to inform the registrant of same.



Frank Michlick

March 22, 2010 @ 5:24 pm EDT

You are correct Michele, I’ll correct it, I was thinking of the old RAA. I wonder if all of the registrars under the new RAA follow that provision:

ICANN RAA 3.4.1:

Registrar shall either (1) include in the database the name and postal address, e-mail address, and voice telephone number provided by the customer of any privacy service or licensee of any proxy registration service offered or made available by Registrar or its affiliate companies in connection with each registration or (2) display a conspicuous notice to such customers at the time an election is made to utilize such privacy or proxy service that their data is not being escrowed.

uberVU - social comments

March 22, 2010 @ 8:13 pm EDT

Social comments and analytics for this post…

This post was mentioned on Twitter by a_Ecommerce: Iron Mountain to Provide Additional Audit Services for Registrar Data Deposits to ICANN #Domains


March 22, 2010 @ 8:44 pm EDT


I’ve no idea if they do or not, but ICANN’s compliance team will probably audit it at some point ..



RSS feed for comments on this post · TrackBack URI

Leave a Reply