Another data leakage has occurred in ICANN corporation. Together with the list of applications for new gTLDs, the non-profit organization has published home addresses and other contact data of hundreds of applicants. The access to the list of applications for new gTLDs is closed for the time being.
Upon publication of the list of applications on June, 13, the applicants discovered that not only names of companies, which had applied for a domain, were in public access. Electronic, corporate, and in some cases home addresses were also divulged in ICANN’s list. This directly contradicts the main regulatory document – guide for an applicant for new gTLD, which states that applicant’s contact data should not be disclosed to the public.
‘It was an oversight, the files are no longer available on the Internet’, says Michel Jourdan, the ICANN manager for new GTLD communications. ‘We are taking measures to publish the list not containing this information’.
The domain applicants have already reported the undesirable effects of the leakage. Thus, within a short period from the moment of publication, the applicants are faced with spam mailings, sales managers’ calls, invitations to conferences and service offers. For those who pretend on ‘disputable’ domains, whose names concern with convictions or religion, such leakage can also entail many risks.
‘Unfortunately, for the second time ICANN allows a leakage of critical information. This clearly does not increase the corporation’s reputation’, says Andrei Kolesnikov, Director of ‘Coordination Center’. ‘And the ’digital archery’ is still to come, a procedure to specify which applications will be in the first batch and which in the next. No one in this case can give assurances that 'target' is round and ‘arrows’ are straight’.
‘It is a flagrant violation of applicants’ rights – the second serious fault related to the system security’, Marina Nikerova, the Deputy Director of ‘Technical Center of Internet’, believes. ‘Since we have to take a lot of actions further with processing of information on applications and their delegation, we have a legitimate concern for applicants’ fate. This time it will be difficult for ICANN to do with mere apologies!’
The access to the list of applications to be restored as soon as ICANN will exclude applicants’ personal data therefrom. It should be recalled that lately another occasional data leakage related to the system of filing applications for new domains occurred in ICANN.
