[ALAC] [At-Large] Fwd: A million domains taken down by email checks

Holly Raiche h.raiche at internode.on.net
Mon Jul 7 05:04:54 UTC 2014


This is really interesting feedback - and thank you for it.

So the problem is NOT LEAs - or may not be.  It is about - at least partly - registrants and their lack of awareness of their responsibilities for their domain name.  The issue is still about accurate Whois Information, but it is also about education - and probably best - at least in part - from the organisation they would have at least some contact with: the registrar;reseller.

Holly
On 7 Jul 2014, at 2:18 pm, Vittorio Bertola <vb at bertola.eu> wrote:

> Il 06/07/14 19:41, Kerry Brown ha scritto:
>> I can speak from the end user point of view on this issue. As a
>> consultant to small businesses I have seen several clients suffer
>> business hardship because of this issue (invalid contact email). It
>> is not uncommon for a small business owner to not want to deal with
>> "the internet". They hire someone to get them "the internet". This
>> usually means a domain, a web site, email, etc. Someone sells them a
>> package that includes all this. Often the contact email will be the
>> person that sells them the package. Some of these resellers are
>> unscrupulous, some are just incompetent, some for whatever reason
>> leave the business. The domain may not even be registered in the
>> small business name but in the name of the reseller who has
>> disappeared. When the domain goes dark the business loses email,
>> their website, and possibly more. By the time the small business
>> owner contacts someone like me to fix their internet a few weeks to a
>> month may have gone by. Small business owners are busy running th e
>> day to day things and thought they had "the internet" covered, after
>> all they have been paying someone to deal with it. By the time they
>> figure out they don't have someone to deal with it and find someone
>> who will they may have lost the domain. There is almost aways a
>> charge from the registrar to reinstate the domain. They have not had
>> email or a web site for long enough that it has cost them business.
>> They end up with a very sour taste for "the internet" and the people
>> that "run" it. They equate internet governance with the people that
>> run the internet. They have no idea how things happen so they they
>> are on "the internet". They mostly think of Al Gore when they even
>> think about how the internet works. We who have built this ecosystem
>> have not built it for people that are not intimately involved in it.
>> It is up to us to fix it. We can't simply blame registrants.
> 
> This is just so true... When, several years ago, I used to make websites for small companies and non-profits in Italy, most of the people in charge at the customer had no idea of what "Whois" was. I had the choice of either listing as the main contact the actual registrant, who would not be able to understand any communication about this matter, or myself, which I did. Later, I stopped doing that job, but I could not convince almost any of my former customers that they needed to put someone else as a contact, also because they didn't have anyone able to assume the role. Now, I am a nice guy and continue watching over their domain names for free, but in any other case those domains would now be stuck with the contact information of someone who does not care anymore about them, let alone update the information as it changes.
> 
> This is also because, you know, the only thing people usually expect from their domain name is for it to point to their website and/or mail server. They don't expect their domain name to be a point of contact for their company or themselves, nor to have to waste time on updating a wondrously complex set of contacts. Actually, even if their Whois contacts are not up to date, usually you could just go to their website and find an e-mail address and/or phone number that works, and that they keep up-to-date. In case something bad happens with their domain name, it takes you ten seconds to google their name and find their contacts - it actually takes less than using Whois. So why should registrants lose time to update contact information that no one uses (actually, no one even knows that it exists) except a small community of techies and lawyers, when they already provide valid contact information in a page on their website?
> 
> Moreover, among the few registrants who actually know what Whois is, I know many here in Italy who provide bogus contact information on purpose: the registrant's name is correct, but the address and phone number are not, and the e-mail address either does not work at all or, more likely, is a specific "spammable" e-mail address that they use for situations in which they don't know how the information will be managed (e.g. obscure websites that require a registration to allow you to do something which you only need to do once), and which is so full of spam that it is never read except at the time when you register somewhere and need to click on a confirmation email.
> 
> People would be much more likely to submit real contact information if they knew that it wouldn't be made public to anyone who would want to abuse it, e.g. spammers, phishers, bully lawyers and the likes. I don't think that ICANN has any right to blame anyone not providing valid contact information if it is not providing any protection for the privacy of that information, and I would expect the ALAC (at least its European members) to point out just that.
> 
> Ciao
> -- 
> vb.                   Vittorio Bertola - vb [a] bertola.eu   <--------
> -------->        now blogging & more at http://bertola.eu/   <--------
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
> 
> At-Large Official Site: http://atlarge.icann.org




More information about the ALAC mailing list