NZ Bankers Association

The New Zealand Bankers’ Association (NZBA) wishes to make the

following submissions in response to the .nz WHOIS Fifth consultation:

NZBA and its members have no comments on the drafting and make the

following general comments.

 

1. As NZBA has previously submitted NZBA and its members consider the

critical component for those requesting the information is that they can

obtain the information urgently so they can act on it – cyber events happen

quickly and the more time taken to respond, the worse the situation gets.

The information should be disclosed urgently so that it can be acted on in a

matter of hours, not days or weeks. In this respect access to a telephone

number can be particularly useful. Our members see it as imperative that

they have this information, for example in order to have domains removed

or servers owned by these domains dealt with. Without this information

phishing sites that target our customers will be difficult to remove, resulting

in increased risk of financial loss by the bank and its customers.

To assist with responding to situations such as outlined above, our members

reiterate that WHOIS should have a facility for trusted

organisations/services, such as banks, to enter into an agreement which

enables information to be released to them quickly without needing an

individual assessment of whether this is appropriate each time. We

understand that the MOU concept is intended to fulfil this function.

 

2. NZBA and its members would expect that any MOUs will include an

expectation/requirement that the entity will:

a) only use the information for a purpose that is stated in the MOU; and

b) hold the information in such a way that it cannot inadvertently be

released to the public.

 

Antony Buick-Constable I Policy Director & Legal Counsel I New Zealand

Bankers' Association