Slashdot Mirror
Exposing Personal Information in the Whois Database
rocketjam writes "In a letter to U.S. Representatives Lamar S. Smith and Howard L. Berman, the Center for Democracy and Technology has raised the issue of privacy problems with the Whois Database. Acknowledging the database is uncontroversial for commercial registrations, the letter points that private individuals who register a domain name expose their names, home addresses, home phone numbers, and home e-mail addresses to the world. The letter warns, 'The current Whois regime is on a collision course with public sensitivities and international law. In an era of concern about identity theft and online security, it is unwise to require millions of individual registrants to place their home phone numbers, home addresses, and personal email accounts into a publicly available database that places no restrictions on the use of that data.' Additionally, the letter points out the current policy violates the privacy laws of some nations."
I've had a domain for 3 years.. Ive gotten 3 pieces of junk mail from it. I was surprised to get it, and thought it more funny than an annoyance.
Here in Denmark, DK Hostmaster A/S is the administrator for the Danish top level domain. You can have your personal contact details hidden from the public WHOIS database - in accordance with Danish Law on protection of personal data, blah blah blah.
I would recommend it!
zWhat would an EWOULDBLOCK block, if an EWOULDBLOCK could block would? -- me
The inventors' home addresses are generally listed which, IMHO, is not something that should be broadcast to the entire world.
Yeah, but the spammers harvest those email addresses.
The UK WHOIS database (run by Nominet UK) has recently considered this too. Now, private individuals who opt-out can have their personal details removed (obviously Nominet still has access to them). I'm not sure that companies are allowed to do this, it's private individuals only.
.NET services as they don't follow EU data laws. To be honest, it's about time the US caught up.
Britain and the EU have always had stronger data protection laws than the rest of the world. This is part of the reason the EU are looking at Microsoft's
You can incorporate for under $500, get a p.o. box and a cheesy voicemail account somewhere. You'll then be prepared to moonlight, which you should be anyway, and you can give out the business info.
Vote Quimby!
I imagine for most people who just want to run a regular website without the hassle of spam/telemarketers, this is the way to go.
I never vote for anyone. I always vote against.
-- W.C. Fields
There's a lot of info here too:
Arin
Ripe Ncc
Apnic
Lacnic
If you are concerned about privacy, use a registrar who will anonymize your info in the whois database.
2 B& from%5Fapp=&authGuid=&mscssid=2435121
Is $9 worth it? It's your call. Check this out.
https://registrar.godaddy.com/dbp.asp?isc=&se=%
I use Domains by Proxy so my info isn't displayed in a WHOIS; theirs is in it's place. They keep all my info private and serve as a 'proxy' between me and anyone needed to contact me. They'll email if they need me to do something in regards to my domains, it's so nice not having all of my personal details out there. I buy my domains from GoDaddy, and they've partnered with Domains by Proxy and offer it as an option when you're buying domains, that's how I found out about it, but everyone should check it out.
CB
free ipod and free gmail!
Placing your email address in your whois information will ensure that you get at least 100 penis enlargement mails pr day to that account. Which is why all email adr. that I need to publish like in the whois or on websites, are on mail servers that use just about every rbl list and antispam program available.
If anyone's interested, I wrote to the Information Commissioner (formerly the data protection office) in the UK about this, since our data protection laws forbid sharing information with countries with incompatible data protection laws
Their response summarised:
(a) We don't care
(b) We don't care
(c) Domain registration is done in america anyway, where they don't have data-protection law
(d) It's not up to Nominet to inform its customers of their lack of data protection
I could probably find the actual letter somewhere...
(Nominet should have got into trouble because (a) they unilaterally changed their terms and conditions, leaving people with a choice of publishing their home address, or losing their domain name, (b) they have monopoly on UK domain names, (c) anybody who's running a business is obliged by business law to publish their address anyway, and (d) any accusation of illegal activity associated with the domain should wait upon a court-order to disclose a person's home address.
Information commissioner doesn't seem to think so. Some might wonder what he does do.
I should have been more specific. I didn't register it with Register.com. Thanks for the useful comment.
-----
Web Hosting @ HostForADollar.com
... it is required by law that anyone who publishes even a single web page on the Web (in Germany) enclose an "Impressum", an imprint that notifies visitors whom to contact or hold accountable for the content. I wish this would also be implemented for Whois as a security measure or a basis for trust.
Anyone who still wants to publish anonymously could still do it abroad, of course, as there will always be registrars who and nations that don't care about trust.
I mention trust here, because I can trust a company's products (i.e. a shop selling goods) if I know where I can go, or what number I can call: currently too many (some) web shops (at least locally) do not even mention a telephone number I can call to have an order confirmed or more product information detailed. The same holds for web sites that provide information: if the e-mail address is left out, how can I get any confirmation, more detailed information, conversation or feedback going?
JeR
I'm sorry, but you have *NO* right to an anonymous domain, nor should you because the opportunity for fraud on the internet is too high. Having everything out front at least keeps a modicum of openness and honesty (although admittadly not a lot).Besides, if I remember properly, you can update the e-mail address to be admin@your-new-domain if you don't want spam going to your personal email.
If you want relative anonymity, get a hotmail or yahoo account.
You could always use GoDaddy for domain registrations, which gives you the option of keeping registration info private. Not to mention their prices are a hell of a lot better than going through Verisign.
Trolls lurk everywhere. Mod them down.
I'm in the UK, and I have a couple of domain names registered through uk2.net. A whois search reveals my name as registrant, but "UK2 Limited" is listed as the "Registrant's Agent". Hence no personal data.
UK2 have a pretty clear policy on disclosing personal data: from the page listing their generic response to domain name disputes, I found the following:
"UNDER THE DATA PROTECTION ACT 1984 WE CANNOT DISCLOSE INFORMATION ABOUT OUR CLIENTS WITHOUT BEING LEGALLY OBLIGED TO DO SO. UK DOMAIN NAMES HAVE NO REGISTRANT ADDRESS LISTED IN THE NOMINET DATABASE AND UK2 LTD APPEARS AS THE ADMIN/TECH/BILLING CONTACT. WE WILL DISCLOSE THE REGISTRANT DETAILS IF A WRIT IS FILED WITH THE HIGH COURT AGAINST THE REGISTRANT ON OUR ADDRESS"
Sigs are so 1990s. No way would I be seen dead with one.
om were businesses, .org were non-profit orgs and individuals, and .net were ISPs. *sigh* The good old days 10 years ago.
.net was intended for services necessary to the internet - things like the root servers and internic. .org was "intended as the miscellaneous TLD for organizations that didn't fit anywhere else.", not, as it is so often claimed, for non-profits.
.org come from? It has no basis in reality, as anyone who had bothered to read the standards would know.
Sorry, that "ideal" never existed (fortunately). You obviously don't understand the original intentions behind each of the original gTLDS.
Read the RFC.
Where did the myth of the non-profit
Just type a US phone number into Google and up comes the name and street address, just like in that local copy of the White Pages. So they might as well be global.
No I get it.. I administrate quite a few domains.
Yeah.. I get spam on my contact info.. but I get a lot more from people finding my domains and emailing all possible addresse.
Do I disconnect abuse and postmaster too? Or do I go install spamassassin to catch most of it.
Spamassasin works btw... it filters over a hundered junk mails a day leaving only 4 or 5 for me to deal with.
Works for me correctly and I have both mine and the emails of several customers all set to my email address.
From RFC 2050:
-- I have a private email server in my basement.