Home / Blogs

WHOIS Redux: Demand Privacy in Domain Name Registration

Doc’s post and the impending comments deadline for the next iteration of ICANN’s never-ending WHOIS saga finally pushed me to write up my thoughts on the latest iteration of ICANN debate.

As Doc points out, much of the current debate is very inside baseball, tied up in acronyms atop bureaucratic layers. Small wonder then that ordinary domain name registrants and Internet users haven’t commented much, while the fora are dominated by INTA members turning out responses to an “urgent request” to “let ICANN know that Whois is important to the brand owners I represent”: see the call reproduced in this response.

So what is at stake? Everyone who registers a domain name is required to enter name, address, email, and telephone numbers in a publicly accessible database. When the Internet was a group of computer scientists testing new connection protocols, this might have been a helpful directory, but now, it’s filled with a hodgepodge: corporations, individuals, non-profits, fraudsters who fake their information no matter what the rules, and people who have no idea they’re exposing their personal info to the world (possibly because they think that their own national data protection (privacy) laws will keep them safe).

ICANN has mandated collection and display of this information as a legacy of old practices, not because there has been any agreement that it should be so. There’s no reason one should have to give up privacy in order to get a stable identifier for online speech. There has never been consensus on the status quo.

That’s important because ICANN is supposed to be a consensus-driven organization. Yet intellectual property interests, who see WHOIS as their own data-mine, have managed to stall any movement away from the status quo. As they’re trying to do again now.

The specifics of the current debate, apart from the substanceless comments filling the forums, is a proposal to allow domain registrants to substitute an “Operational Point of Contact,” or OPOC, in the public listing. While all their private information would still be collected, it need not be published. Instead, the OPOC would route messages to the right recipient, for operational, technical, or legal inquiries. Thus OPOC would simultaneously make WHOIS a better technical contact resource and improve domain registrants’ privacy options. Even OPOC doesn’t go so far as I would like—I’d allow anonymous registrations, rather than insisting that data be collected if not displayed—but it’s better than the status quo.

I therefore strongly support the OPOC proposal. But ICANN’s GNSO Council is filled with constituencies, none representing individual Internet users and domain registrants. If the OPOC motion fails, then the best solution would be, as Ross Rader of the Registrar constituency (Tucows) has proposed, for the GNSO to acknowledge its lack of consensus and recommend that ICANN drop the current WHOIS requirements from its registry contracts.

If this sounds tired, it’s because we’ve been here before. Many times, from as early as 2002, 2003, and 2004. Help break the deadlock:

Public comments are invited via email until 00:00 UTC (17:00 PDT) on 30 October
2007 on the GNSO Council’s WHOIS reports and recommendations.

Submit comments to: [email protected].

View comments at http://forum.icann.org/lists/whois-comments-2007/.

BLACK FRIDAY DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By Wendy Seltzer, Law professor

Filed Under

Comments

Larry Seltzer  –  Oct 26, 2007 1:15 AM

How can anyone stand ICANN anymore? The organization is unbearable. And they act like they want to be the United Nations, as if that’s a good thing.

Wendy is right that intellectual property interests have thrown the biggest monkey wrench in the effort to put some privacy where privacy is warranted in domain name registration. IP holders are probably the most successful consitituency in dealing with ICANN. I have a lot of sympathy for them usually, but this is a good example of how it can go too far.

When arguing for privacy we usually hear the example of the web site for a battered women’s shelter or some other entity obviously deserving of privacy, but anyone can be a victim of privacy violations through whois. We all know that many a spammer’s address database has been harvested trhough the whois database, and some even send spam snail mail to harvested postal addresses.

Suresh Ramasubramanian  –  Oct 26, 2007 4:33 AM

OPOC - the so-called “operational” model - has enough operational issues in it to make it very non operational indeed. And the people who are making common cause here are doing so for entirely different reasons -

IP lawyers and law enforcement on one side (brand protection, rather more serious law enforcement tracing scams and frauds), a huge group of “civil society” that can’t trust each other or work together, registrars who point out that it will eat into their margins when they’ve already driven down prices to the point of being loss leaders ..

In other words, there’s no consensus. And attempts to achieve any are doomed to failure because the basic motivations here predate the Internet or even the ARPANET, let alone icann, domain names or whois.  And because most of the actors in this have been at loggerheads often enough not to trust any other actor in this mess an inch farther than they can throw them.

As for INTA’s template driven signature campaign, astroturf is nothing new and has been tried across the political spectrum. Why, Milton Mueller was doing just the same thing on circleid, with his “Send A Message To the NTIA” not too long back.  What’s sauce for the goose, etc etc.

No, I confidently expect status quo (aka full whois) to be the norm for the next decade or three.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

Cybersecurity

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

DNS

Sponsored byDNIB.com