[At-Large] [NA-Discuss] Community Input Requested on Two Draft Statements from ALAC to the ICANN Board

Blogs.pn namecritic at blogs.pn
Mon Apr 7 12:45:00 EDT 2008 

I say leave privacy as an option for each individual user and enforce the 
accuracy of the information either way.

Chris McElroy


----- Original Message ----- 
From: "Derek Smythe" <derek at aa419.org>
To: "Wendy Seltzer" <wendy at seltzer.com>
Cc: <alac at atlarge-lists.icann.org>
Sent: Sunday, April 06, 2008 6:29 PM
Subject: Re: [At-Large] [NA-Discuss] Community Input Requested on Two Draft 
Statements from ALAC to the ICANN Board


>   Wendy Seltzer wrote:
>
>> Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way to
>> preserve privacy, it's better than forced accuracy.
> ...
> ...
>>
>>     * WHOIS Accuracy and Reporting. We all know that WHOIS is very
>> inaccurate. This is a very serious problem and considerable effort needs
>> to be made to improve this situation. Multiplying the number of gTLDs as
>> is proposed when the existing database is inaccurate is just asking to
>> make a big problem worse – and the existing reporting system is already
>> not fit for purpose. ICANN is not living up to its obligations with
>> respect to WHOIS – fixing this should be a headline compliance activity
>> in the Operational Plan for 2008/2009. Whilst we are limiting our
>> comments here to compliance activities related to the operational
>> planning cycle, this should not be understood to mean that our concerns
>> related to WHOIS are limited to data accuracy. Our previous statements
>> on the policy aspects of WHOIS remain valid.
>>
> Wendy
>
> I respectfully disagree. Whois accuracy severely impacts end users in
> enforcing their legal rights and hampers effective .
>
> I am also sticking my neck out here, but not all inaccurate whois is
> submitted in an attempt at pure privacy. Many domains that are abused
> to spam, scam and phish etc end users, have fake whois. This is by
> design. This issue is also briefly mentioned in ICANN advisory dated 3
> April 2003, http://www.icann.org/announcements/advisory-03apr03.htm ,
> which is sadly hardly ever enforced.
>
> I have a lot of evidence of how existing WHOIS privacy mechanisms are
> being abused to simply prolong a fraudulent domain's existence
> endangering more clueless end users. Under the privacy protection we
> find more fake whois details fort many domains. WHOIS privacy is a
> very sharp two sided sword.
>
> As an example of why we need whois details currently: Right now a big
> corporate is giving away free domains. At AA419.org we noticed a
> disproportionate large number of registrants from small towns across
> America shown in domains spoofing banks, government agencies and other
> businesses. We contacted numerous of these registrants who in turn had
> no knowledge of these domains; 4X year old teachers, estate agents
> etc. We have contacted the big corporate and registrar in an attempt
> to address this issue. The domains are "disabled" in the corporate's
> system. However the result of the ID theft is clearly visible in WHOIS
> without the victims' permission. Without verifiable whois this problem
> would have been denied (as was originally attempted) and the problem
> invisible. This situation is still ongoing. I am talking far in excess
> of a thousand domains in a year! Yet this is just the tip of the
> iceberg ...
>
> To really represent end users, current issues and procedures should be
> fixed first. If not, the problem is merely disguised and we would all
> be worse off at the end of the day. It is a sad fact that much more
> money is lost due to internet fraud and abuse than merely WHOIS being
> visible.
>
> Long term I would love general WHOIS privacy, however not at the price
> of partially disarming those currently doing what they do to make the
> Internet a safer place - it is not only LEA's I am referring to,
> though they would have the same problem.
>
> Personally I have numerous domains with whois protection, but my whois
> details are 100% correct for those domains and I am using an available
> acknowledged privacy mechanism. I accept responsibility for them.
> These mechanisms are available to other users as well, if privacy is a
> concern to them - with the exception of the initially much abused .us
> TLD. However nobody is forced to use a .us domain. We do have choices.
>
> In a nutshell, there is also a reason why whois is sometimes not
> accurate on many domains: To evade responsibility illegal activities.
> How do you protect against that?
>
> To fix, we have to fully understand the implications of each action.
> Sadly not all internet registrants are as honorable as we would wish.
> Whatever WHOIS system emerges has to acknowledge this fact.
>
> Best regards,
>
> Derek Smythe
> http://www.aa419.org
>
>
> _______________________________________________
> ALAC mailing list
> ALAC at atlarge-lists.icann.org
> http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
>
> At-Large Official Site: http://atlarge.icann.org

More information about the At-large mailing list