FBI contracting for access to global DNS, Whois information

The FBI is soliciting vendor proposals to provide one-stop, turn-key access to Internet Zone files, domain WHOIS and DNS records. Posted July 22, with responses due yesterday, the solicitation details a system that would aggregate the data and provide it to the FBI for up to the next 5 years.

Specifically, the request stipulates that:

1) The vendor will make the data available for download via the authenticated https, scp protocols, or other secure protocol;
2) The vendor will provide daily registry zone files. In your response, include a list of top level domains for which you can provide registry zone files;
3) The vendor will provide domain whois records for newly identified domains in the zone files for thick registries. In your response, include a list of top level domains and the average time to initial availability;
4) The vendor will provide domain whois records for newly identified domains in the zone files for thin registries. In your response, include a list of top level domains, registrars, and the average time to initial availability;
5) The vendor will provide periodic domain whois records for domains in thick registries. In your response, include a list of top level domains and average requery interval;
6) The vendor will provide periodic domain whois records for domains in thin registries. In your response, include a list of top level domains, registrar and average requery interval;
7) The vendor will provide forward, reverse, and canonical DNS response records for newly identified domains, name server, mail server, and www server in the zone files. In your response, include a list of top level domains, response records and time to initial availability;
8) The vendor will provide forward, reverse, and canonical DNS response records for active domains. In your response, include a list of top level domains, response records and requery interval;
9) The FBI shall be entitled to use the data in perpetuity for its internal purposes and share the data with other government agencies provided that the data is not resold or otherwise receive any compensation or remuneration of any kind for the data. Please agree to this statement.

On one hand, the open nature of the DNS makes this request mostly just a large data collection exercise, but it has some interesting wrinkles and obvious implications for civil liberties.

First, the scope of the request includes all TLDs, including presumably ccTLDs. Why cast such a wide net? We know that ICANN's Whois non-decision and the obligation of certain country code registries to follow their own domestic privacy laws has recently made life more difficult for law enforcement interested in snooping Internet identifier information. The proposed system is likely in part a response to those increased costs. In addition to being more technically capable, it's probably much easier for a private vendor, rather than a law enforcement agency, to negotiate a contract providing access to potentially sensitive data. Registries and registrars should be asking its potential customers (and telling their registrants) for what purposes the data they are sharing will be used.

Second, and somewhat more troubling, is that the response time frame for the solicitation is short, just two weeks. And, furthermore, the proposed service is “to become effective on or about 08/20/08” i.e., next week. The solicitation looks suspiciously like a formality, with the creation of FBI's global monitoring system a forgone conclusion and the selection of a specific vendor already made, without any public debate.

Comments are closed.