[At-Large] [ALAC] Fwd: A million domains taken down by email checks

[Vittorio Bertola]

Il 06/07/14 19:41, Kerry Brown ha scritto:
> I can speak from the end user point of view on this issue. As a
> consultant to small businesses I have seen several clients suffer
> business hardship because of this issue (invalid contact email). It
> is not uncommon for a small business owner to not want to deal with
> "the internet". They hire someone to get them "the internet". This
> usually means a domain, a web site, email, etc. Someone sells them a
> package that includes all this. Often the contact email will be the
> person that sells them the package. Some of these resellers are
> unscrupulous, some are just incompetent, some for whatever reason
> leave the business. The domain may not even be registered in the
> small business name but in the name of the reseller who has
> disappeared. When the domain goes dark the business loses email,
> their website, and possibly more. By the time the small business
> owner contacts someone like me to fix their internet a few weeks to a
> month may have gone by. Small business owners are busy running th e
> day to day things and thought they had "the internet" covered, after
> all they have been paying someone to deal with it. By the time they
> figure out they don't have someone to deal with it and find someone
> who will they may have lost the domain. There is almost aways a
> charge from the registrar to reinstate the domain. They have not had
> email or a web site for long enough that it has cost them business.
> They end up with a very sour taste for "the internet" and the people
> that "run" it. They equate internet governance with the people that
> run the internet. They have no idea how things happen so they they
> are on "the internet". They mostly think of Al Gore when they even
> think about how the internet works. We who have built this ecosystem
> have not built it for people that are not intimately involved in it.
> It is up to us to fix it. We can't simply blame registrants.

This is just so true... When, several years ago, I used to make websites 
for small companies and non-profits in Italy, most of the people in 
charge at the customer had no idea of what "Whois" was. I had the choice 
of either listing as the main contact the actual registrant, who would 
not be able to understand any communication about this matter, or 
myself, which I did. Later, I stopped doing that job, but I could not 
convince almost any of my former customers that they needed to put 
someone else as a contact, also because they didn't have anyone able to 
assume the role. Now, I am a nice guy and continue watching over their 
domain names for free, but in any other case those domains would now be 
stuck with the contact information of someone who does not care anymore 
about them, let alone update the information as it changes.

This is also because, you know, the only thing people usually expect 
from their domain name is for it to point to their website and/or mail 
server. They don't expect their domain name to be a point of contact for 
their company or themselves, nor to have to waste time on updating a 
wondrously complex set of contacts. Actually, even if their Whois 
contacts are not up to date, usually you could just go to their website 
and find an e-mail address and/or phone number that works, and that they 
keep up-to-date. In case something bad happens with their domain name, 
it takes you ten seconds to google their name and find their contacts - 
it actually takes less than using Whois. So why should registrants lose 
time to update contact information that no one uses (actually, no one 
even knows that it exists) except a small community of techies and 
lawyers, when they already provide valid contact information in a page 
on their website?

Moreover, among the few registrants who actually know what Whois is, I 
know many here in Italy who provide bogus contact information on 
purpose: the registrant's name is correct, but the address and phone 
number are not, and the e-mail address either does not work at all or, 
more likely, is a specific "spammable" e-mail address that they use for 
situations in which they don't know how the information will be managed 
(e.g. obscure websites that require a registration to allow you to do 
something which you only need to do once), and which is so full of spam 
that it is never read except at the time when you register somewhere and 
need to click on a confirmation email.

People would be much more likely to submit real contact information if 
they knew that it wouldn't be made public to anyone who would want to 
abuse it, e.g. spammers, phishers, bully lawyers and the likes. I don't 
think that ICANN has any right to blame anyone not providing valid 
contact information if it is not providing any protection for the 
privacy of that information, and I would expect the ALAC (at least its 
European members) to point out just that.

Ciao
-- 
vb.                   Vittorio Bertola - vb [a] bertola.eu   <--------
-------->        now blogging & more at http://bertola.eu/   <--------