[At-Large] I: [ALAC-Announce] ICANN News Alert -- Notice of Preliminary Determination To Grant Registrar Data Retention Waiver Request for Ascio Technologies, Inc. Danmark - filial af Ascio Technologies, Inc. USA

John R. Levine johnl at iecc.com
Thu Dec 17 17:44:43 UTC 2015

> years to focus on what it is supposed to be doing. Yet it is still
> fixated on imposing terms that are neither legally required in US and in
> cases even illegal elsewhere.

People with no experience with large networks, which includes pretty much 
everyone on the ALAC, often seem to believe that collecting less 
information about domain registrants always improves the privacy of 
Internet users.  The reality is much more subtle.

The vast majority of users have never registered a domain and never will, 
so WHOIS doesn't affect them, while the vast majority of domains are 
registered for commercial purposes, and a dismaying number for criminal 
purposes.  A large registrar often turns off 10,000 domains a day for 
malware, phishing, and other malevolent behavior.

The WHOIS information that most of the waivers concern is very useful for 
identifying and dealing with criminals.  That is so even though a lot of 
it is faked, since the crooks tend to have patterns when they fake stuff. 
I'm not guessing about this, I talk to people every day at network 
operators who are protecting their users and law enforcement who are 
protecting their citizens.

Registrars should certainly comply with their national laws, and I agree 
that some of ICANN's rules are silly, e.g., when they grant a waiver, it 
should automatically apply to other registrars or registries in the same 
jurisdiction.  But when you make it harder to tell who's behind a domain, 
you're also making it easier for criminals to siphon the money out of your 
grandmother's bank account.  That may be a reasonable tradeoff, but it's a 
tradeoff and one that deserves better than the kneejerk reeactions we 
always see here.


More information about the At-Large mailing list