[At-Large] [NA-Discuss] Community Input Requested on Two Draft Statements from ALAC to the ICANN Board

Robert Guerra lists at privaterra.info
Mon Apr 7 13:58:51 EDT 2008 

I would agree with our European colleagues, that being that the  
default should be consistent with the high level of privacy mandated  
at the EU and Canadian level.

WHOIS information  should should not be seen as a data mine, to be  
used by spammers, law enforcement and the Intellectual property  
constituency. It is a key database, one that should .. that must.. be  
adequately protected against abuse .

regards

Robert

On 7-Apr-08, at 12:45 PM, Blogs.pn wrote:

> I say leave privacy as an option for each individual user and  
> enforce the
> accuracy of the information either way.
>
> Chris McElroy
>
>
> ----- Original Message -----
> From: "Derek Smythe" <derek at aa419.>
> To: "Wendy Seltzer" <wendy at s org eltzer.com>
> Cc: <alac at atlarge-lists.icann.org>
> Sent: Sunday, April 06, 2008 6:29 PM
> Subject: Re: [At-Large] [NA-Discuss] Community Input Requested on  
> Two Draft
> Statements from ALAC to the ICANN Board
>
>
>>  Wendy Seltzer wrote:
>>
>>> Trade WHOIS accuracy for WHOIS privacy. When inaccuracy is the way  
>>> to
>>> preserve privacy, it's better than forced accuracy.
>> ...
>> ...
>>>
>>>    * WHOIS Accuracy and Reporting. We all know that WHOIS is very
>>> inaccurate. This is a very serious problem and considerable effort  
>>> needs
>>> to be made to improve this situation. Multiplying the number of  
>>> gTLDs as
>>> is proposed when the existing database is inaccurate is just  
>>> asking to
>>> make a big problem worse – and the existing reporting system is  
>>> already
>>> not fit for purpose. ICANN is not living up to its obligations with
>>> respect to WHOIS – fixing this should be a headline compliance  
>>> activity
>>> in the Operational Plan for 2008/2009. Whilst we are limiting our
>>> comments here to compliance activities related to the operational
>>> planning cycle, this should not be understood to mean that our  
>>> concerns
>>> related to WHOIS are limited to data accuracy. Our previous  
>>> statements
>>> on the policy aspects of WHOIS remain valid.
>>>
>> Wendy
>>
>> I respectfully disagree. Whois accuracy severely impacts end users in
>> enforcing their legal rights and hampers effective .
>>
>> I am also sticking my neck out here, but not all inaccurate whois is
>> submitted in an attempt at pure privacy. Many domains that are abused
>> to spam, scam and phish etc end users, have fake whois. This is by
>> design. This issue is also briefly mentioned in ICANN advisory  
>> dated 3
>> April 2003, http://www.icann.org/announcements/advisory-03apr03.htm ,
>> which is sadly hardly ever enforced.
>>
>> I have a lot of evidence of how existing WHOIS privacy mechanisms are
>> being abused to simply prolong a fraudulent domain's existence
>> endangering more clueless end users. Under the privacy protection we
>> find more fake whois details fort many domains. WHOIS privacy is a
>> very sharp two sided sword.
>>
>> As an example of why we need whois details currently: Right now a big
>> corporate is giving away free domains. At AA419.org we noticed a
>> disproportionate large number of registrants from small towns across
>> America shown in domains spoofing banks, government agencies and  
>> other
>> businesses. We contacted numerous of these registrants who in turn  
>> had
>> no knowledge of these domains; 4X year old teachers, estate agents
>> etc. We have contacted the big corporate and registrar in an attempt
>> to address this issue. The domains are "disabled" in the corporate's
>> system. However the result of the ID theft is clearly visible in  
>> WHOIS
>> without the victims' permission. Without verifiable whois this  
>> problem
>> would have been denied (as was originally attempted) and the problem
>> invisible. This situation is still ongoing. I am talking far in  
>> excess
>> of a thousand domains in a year! Yet this is just the tip of the
>> iceberg ...
>>
>> To really represent end users, current issues and procedures should  
>> be
>> fixed first. If not, the problem is merely disguised and we would all
>> be worse off at the end of the day. It is a sad fact that much more
>> money is lost due to internet fraud and abuse than merely WHOIS being
>> visible.
>>
>> Long term I would love general WHOIS privacy, however not at the  
>> price
>> of partially disarming those currently doing what they do to make the
>> Internet a safer place - it is not only LEA's I am referring to,
>> though they would have the same problem.
>>
>> Personally I have numerous domains with whois protection, but my  
>> whois
>> details are 100% correct for those domains and I am using an  
>> available
>> acknowledged privacy mechanism. I accept responsibility for them.
>> These mechanisms are available to other users as well, if privacy  
>> is a
>> concern to them - with the exception of the initially much abused .us
>> TLD. However nobody is forced to use a .us domain. We do have  
>> choices.
>>
>> In a nutshell, there is also a reason why whois is sometimes not
>> accurate on many domains: To evade responsibility illegal activities.
>> How do you protect against that?
>>
>> To fix, we have to fully understand the implications of each action.
>> Sadly not all internet registrants are as honorable as we would wish.
>> Whatever WHOIS system emerges has to acknowledge this fact.
>>
>> Best regards,
>>
>> Derek Smythe
>> http://www.aa419.org
>>
>>
>> _______________________________________________
>> ALAC mailing list
>> ALAC at atlarge-lists.icann.org
>> http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
>>
>> At-Large Official Site: http://atlarge.icann.org
>
>
> _______________________________________________
> ALAC mailing list
> ALAC at atlarge-lists.icann.org
> http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org
>
> At-Large Official Site: http://atlarge.icann.org

More information about the At-large mailing list