What is Registrar Data Escrow (RDE)?

Registrar Data Escrow (RDE) is an ICANN mandated process that registrars must follow to store a copy of the customer’s whois information with a third party. Smaller registrars will deposit the information weekly (larger registrars in higher frequencies) on the server of the RDE provider in an encrypted format. Should your registrar go out of business, this would be the information passed on to the new registrar who takes over the domains and your clients. Going forward, registrars offering whois privacy services will be obliged to deposit the underlying whois information (without privacy) with the escrow provider.

ICANN had initially selected Iron Mountain as a Registrar Data Escrow provider. As of March 2018, DENIC e.G. also offers Registrar Data Escrow services through DENIC Services GmbH & Co. KG, a sister company of the German registry. If the registrar uses Iron Mountain or DENIC, there are no additional charges to be paid as ICANN is paying for their fees. Some registrar system providers might, however, charge fees to enable the deposit service on their end. Registrars are also able to choose from other approved providers but will have to pay those directly.


Iron Mountain to Offer Additional Audit Services for Registrar Data Deposits

When ICANN introduced the mandatory Registrar Data Escrow (RDE) for registrars in 2007, the program was a direct result of the problems experienced with the registrar RegisterFly. ICANN requires all registrars to deposit a copy of their whois information with an approved RDE provider in order to protect registrants from the loss of their domain. The system is trying to encourage registrars to deposit the underlying whois information for domains under whois privacy (which was one of the issues at Registerfly, since some of the ownership data was lost). Registrars under the old Registrar Accreditation Agreement (RAA) can still deposit whois proxy information, but the new RAA forces registrars to inform their registrants if this is the case.

In November of 2007, ICANN selected Iron Mountain as the preferred provider for RDE services. While registrars are free to select another (ICANN approved) provider, most, if not all, chose to go with Iron Mountain, also since there would be no additional cost involved. Today Iron Mountain announced in a press release, that it now offers an audit service for the submitted information.

With the ICANN Deposit Audit Service (IDAS) application, Iron Mountain systematically audits registrar escrow deposits, measures the integrity of those deposits, and reports the results to ICANN. The new application supplements Iron Mountain’s Registrar Data Escrow service. With this service, domain name registrars periodically escrow their registration information records to safeguard these intellectual property assets. Because the registration data is placed in an escrow account with Iron Mountain and verified through the IDAS application, it can be effectively retrieved by ICANN in the event of a technical, operational, or business failure of a registrar.

The additional reports will be used by ICANN to audit compliance of registrars. Details on how the audit works were not provided, but it can be assumed that the deposited data would be verified and compared with zonefile and registry records, since bulk querying the whois-servers of registrars would be against their terms of use.

“The goal of the data escrow program is to help ensure the security and stability of the Domain Name System by protecting the data associated with registered domain names in a secure escrow account,” said Mike Zupke, ICANN’s registrar liaison manager. “Iron Mountain’s Deposit Audit Service is the next step in a full range of programs and procedures that will work to safeguard registrants and maintain Internet stability.”

The new service underlines how important it is for registrars to comply with the RDE requirements and deposit accurate data. If you have yet to set up your RDE deposits and need help, you can contact DomainCocoon for assisting you with the process.


Does your Hosted Registrar Provider Charge you more to comply with ICANN requirements?

We’ve received word that some technology providers for hosted registrar systems are charging their clients (who are often on long term contracts) up to $7,000 in order to comply with ICANN requirements, such as the Registrar Data Escrow (RDE) .

While we feel that all mandated services should be part of a standard solution, there may be a cheaper work-around available to at least smaller size registrars trying to avoid those additional charges: They may pull the information through the API of their solution provider and then deposit the information directly with Iron Mountain. Another option of course would be to check your contract and see if the term commitment you made does still apply when new charges are added to the offering.


Registrar Data Escrow Deadline looming

Especially for those registrars that currently rent their Verisign Batch Pool connections to Drop-Catching systems such as Snapnames or eNom a looming deadline may have dropped of their radar screen. ICANN has now notified a number of registrars that has ignored previous requests to sign up for the Registrar Data Escrow program and will be naming some of the registrars publicly and may terminate them for non-compliance with the Registrar Accreditation Agreement (RAA).

The timing of the deadline is set individually on a per registrar basis and at this point mostly affects those registrars that had several extensions of the deadline before.

What is the Registrar Data Escrow Program?

Registrar Data Escrow (RDE for short) was established after Registerfly failed to be able to present registrant and domain ownership data for a number of domains under their management. Apparently the contact information for a large number of registrants had been lost and replaced with Registerfly’s own “whois privacy” information instead.

The RDE requires registrars to provide ICANN with contact information for all of the domains registered through their registrar on a regular basis in order to prevent difficulties should a registrar become non-operational.

Registrars need to sign up for RDE by signing a joint contract with ICANN and Iron Mountain, the escrow provider picked by ICANN or any other ICANN approved Escrow provider. Once that contract is approved, a sign-up form will need to be completed, encryption keys will need to be generated and then the data exports will need to be deposited.

Drop Catching Registrars and RDE

Most drop-catching registrars are either managed by eNom or Answerable/Logicboxes in the case of SnapNames.

eNom provides their registrar with an export of the RDE required data available via FTP. The registrar will then need to add any data for their own domains (if any) and encrypt & sign the data and provide it to Iron Mountain via Secure FTP.

LogicBoxes apparently offers the RDE participation at at a charge to the registrars using their system, but it may also be possible to extract the data from their system using API calls.

Not set up for RDE participation?

If you own a registrar and have received a letter of warning for your non-compliance with the RDE regulations from ICANN, act as quickly as possible in order to ensure compliance. If you need help setting the reports up, please make sure to contact your registrar operator or contact us if you need help. DomainCocoon can work with ICANN, Iron Mountain and your technical operator on your behalf in order to ensure compliance.