Slashdot Mirror
Whois Record Falsification Closer To Illegality
PipianJ writes "Reuters is reporting that the House of Representatives has recently passed the bill that would approve of penalties for those using fraudulent WHOIS records (H.R. 3632). Interestingly however, this does not directly outlaw it, instead extending the penalty by seven years for felonies performed using such fraudulent websites. The Senate has not yet passed their version (S.2242). The bill as originally written, however, focuses primarily on penalties for promoting counterfeit music, computer programs, and other media with identical labeling."
Fine spammers who use information in whois records, it might be more acceptable. As it is now, my choices are to do a domain by proxy or falsify (oops, typo!) some of my information.
I'm sick of getting mail from "registrars" charging $40 and up for two year renewals and so forth. People wouldn't have to falsify records if ICANN did not require registrars to sell their records to whoever wants them. On that note, I'll probably move all my domains to Gandi as they begin to expire because of this (they allow me to exclude my records from the stuff they sell).
Also, will this penalize people who use their real names but false addresses? From the sound of it, it looks like it would.
US businesses that currently accept chip and PIN/signature
..watching them try to enforce it. It appears that the U.S, like other countries, has still not gotten the idea it's going to be nearly impossible to legislate the internet. I have a feeling this is going to be used more as one of those charges they use when they need an excuse to do a raid, and dont have enough evidence for what they're going for.
Disagree? Lemme hear it.
Before you mod me funny, think, perhaps I was insightfully funny?
How are they going to enforce it when a large portion of those registrants are actually non-US?
This will only become acceptable if you cut down on the fraudulent abuse of WHOIS. For example the Domain Registry of America garbage. You also have to take into account annoyances. I remember originally having my authentic WHOIS info and getting called by people wanting to "buy" my domain, for a good price; and various other crap.
How about enforcing fines, penalties, and heck jailtime for all the fuckhead spammers (both V.AGRA and Register.com) who abuse the whois registry data? Or who want to charge you $10 to "protect your privacy" on top of your $10 registration per month? It's a shell game. I wish we still lived in some magical utopian internet bubble where only good geeks(tm) were on the net, but fact is we're up to our elbows in fuckheads and if I have to put in (555) because I don't want to be telemarketed.. well.. do something about the fuckheads and I'll put a good number in.
Mmm... now that's a mature reply.. "Congressmen, it's a principle of fuckheads. Take that to the floor!"
"The government must play a greater role in detecting those who conceal their identities online," said Texas Republican Rep. Lamar Smith, a sponsor of the bill.
With all due respect to the Representative from Texas, I call bullshit.
I can understand the problems deliberately fraudulent registration information can be when trying to track down the owners of a malfeasant commerce site, but what about the option to reveal no information to the public?
I wonder exactly what makes a record false. My registrar provides (free) forwarding accounts. For example, the record for foundonp2p.com is showing D-23108frrb@usersa3.domainsatcost.ca right now, but within a week or so, it will change. The email is forwarded to my real address, so it is a legitmate address to email if you want to get a hold of me.
Why?
What are they gonna do?
Well, if they do make it illegal, they'll put your insurgent ass in jail. It's called the American way. Yes, you have a reasonableright to privacy, but part of having an "internet(read: public) presence" is being accesible to someone that you probably don't want. Live with it.
I'm really tired of you trolls posting this... just stop.
As they demostrated by their voice (anonymous) vote. Not wanting to be accountable for thier actions. The "Voice Vote" itself should be outlawed.
We have two bills -- one of the two linked-to ones makes writing software like Daemon Tools, no-CD patches, and bnetd (a libre open source battle.net implementation) a federal crime.
The second bill makes not providing identifying information to let the feds track you down if they know what your website is illegal. (What if I want to speak freely, without fears of being harassed? I can post papers anonymously, but not be anonymous on the Web?) Add in the next obvious thing, a requirement for webmasters to log and be able to provide information for who posted something, and federal law enforcement can track anyone down.
Combine this with the fact that Cat Stevens just fell under the eye of the Homeland Security Watch List, had his plane diverted to Maine and was kicked out of the United
States. As far as I can tell, his main crime was criticizing US involvement in Iraq.
And Bush's polls are looking better than ever.
It's an authoritarian next few years for all of us...
May we never see th
Yes, and no. If you want U.S. Mail service, your address is published by the USPS and sold to marketing agencies and city directories. If you want phone service, your phone number and name (or initials) are published in the phone book. Why should it not be the case that if you want your own domain, you provide correct information?
Contrary to popular belief, you can in fact live without having your own domain. It is not one of the fundamental rights guaranteed to people. If you needed it to live, that would be different. If the grocery store required you to publish contact info to buy food, that would be different.
my right to privacy is my own. If you don't like it, tough shit.
And their right to refuse to sell you a domain is their own. And if you don't like it, tough shit.
I fail to see why everyone gets so pissy about publishing whois info, and yet doesn't seem to care about having their phone number publish in the phone book. In both cases, you can pay to have it unlisted.
There is no sig, there is only Zuul.
Not this particular service necessarily, but this method in general seems to be the standard method to hide ownership (maybe, IANAL). Big corporations get their law firm to incorporate a shell company in the Bahama's or Cayman, and the shell company then buys the property anonymous from the real source of the money. Add more levels of indirection and blind trusts for fancier schemes to hide assets from bankruptcy, lawsuits, divorce settlements, etc. Maybe even legally.
For a little privacy, all you need is money. Same should work for domain name "ownership".
Yet.
Funny - a few years ago it was legal to to reverse engineer things, and post the results. Now we have the DMCA.
I guess you can continue in your mistaken belief that what you do now won't potentialy be held against you later.
It's a crazy world, run by people who want to keep what they have, and gather more. If they think you or your 'innocent' doings threaten their way of life, your ass will be legislated to illegality in the blink of an eye.
After all, it's far easier to do what you want to people when they're all criminals.
Wait and see.
To the best of my knowledge (and yours, I'm sure), the person against whom you are leveling these (unfounded) copyright infringement claims has not unlawfully copied any movie, game, or music. That person does, however, have a personal domain, as have I. The general public does not have a right to that information. My whois info shows an address where I lived some year ago. It's in another country. I have no intention of updating it. My registrar contacts me by my email address. That is sufficient. The general public has neither a right nor a need to know.
Look at it this way: I have a wife and two young children. Placing valid whois information on the Internet potentially puts them in danger. I will not provide valid whois information to the pubic even if that becomes a federal crime. Nor will I relinquish my domain. I will use a service such as Domains by Proxy, I will get an overseas friend to register it with my friend's business address, or I will just plain lie. But I will not put that information in whois.
I keep an unlisted phone number for the same reason: no one to whom I do not personally choose to provide my address or phone number has either a right or need to know that, and freely providing that information puts you at greater risk of identify theft or worse. If the government has a need to know, they can find out without using whois. Or if they can't, all they have to do is email me and ask me. After verifying that it really is a representative of the government and finding out why they want to know, I will be happy to provide that information.
To further illustrate just how shallow - and what a red herring - your argument is, surely you must know that a registered domain is not necessary to either distribute or receive illegally copied music, movies, or games. You do realize, don't you, that P2P has nothing to do with having a domain name? All you need to do P2P file exchange is Internet access and some software. Heck, you can even run a warez FTP site without a domain name; all you need is an IP address on a zombie somewhere.
Your claim, that we do not have a right to privacy is just plain wrong, and none of your arguments support it, not even tangentially. All you have done is to throw out a bogus claim (maybe you were even just trolling, in which case I apologize to everyone for feeding a troll) with no support whatsoever.
We do have a right to privacy. A law banning unlisted phone numbers would probably be easily overturned. Whois information is no different, and a law forbidding it to be private is equally likely to be overturned. And even if it is not, enforcing a law that millions of people refuse to obey is pretty much impossible. The copyright infringement you cite is a good case in point; copyright infringement is against the law and has been for centuries, and despite the passage of even stricter laws against it, enforcement has never been more difficult because of the tens of millions of people who are violating those laws. If every holder of a vanity domain tells them to take their accurate whois info and shove it, well, they can't arrest us all.
You don't need your real name on your mail or in the phone book, and there's no law against listing false ones that I'm aware of. Maybe providing false info to a govt agency (the PO), but that's a tangent. I can have my mail addressed to Occupant and have an unlisted phone number.
Obviously they have your phone number or address (PO Box), but then anyone who has your WHOIS has your IP address. There's only a certain amount of privacy you have to give up.
If you aren't committing an act of fraud then it's not illegal.
I don't need no instructions to know how to rock!!!!
I seem to recall having explained it before, but maybe it was too complicated for you (BTW, scarecrow, it's amusing that you should accuse me of raising strawmen), but I'll take another shot at it:
You do not need a domain name to do P2P. This it not about P2P. It is about whois information.
No one - repeat, NO ONE - has a right to my whois information. The whois information associated with my domain is invalid and has been for several years. I am not going to do anything about that because the public does not have a right to know. Clear now?
To burn *your* strawmen even further, Miranda:
1) Has nothing to do with the public's right (or lack thereof) to know anything; it is about the individual's right to privacy;
2) Miranda specifically *upholds* the individual's right to privacy. In case you don't remember, allow me to refresh your memory. When the police Mirandize a suspect, they recite (from a card, if they are being very careful) boilerplate text that begins with the words "You have the right to remain silent." You don't have to tell them anything, get it? That's enshrined in the Constitution (Fifth Amendment).
To torch your final strawman, about the police looking at my face and using facial recognition to find out information about me, no, that is not a violation of privacy. Why? Because when you walk out in public, your right of privacy is significantly diminished. Pretty much anyone can observe you, photograph you, whatever, and there's not much you can do about it. That's how papparazzi make their living.
However, this was never about the government's right to know anything, or about law enforcement agencies' right to know anything. This is about the general public. Whois (do you even know what that is?!) is like a phone book. The general public does not have a right to know my phone number. The general public does not have a right to know my address. The general public does not have a right to know what state or even what country I live in. As I am not a public figure, they don't even have a right to know my true name. The general public has no right to know anything about me. I may choose - or not - to reveal information about myself, but the public has no right to know anything.
The unlisted phone number principle which I previously presented was most illustrative, it's a shame you apparently missed it (OK, I know you really just chose to ignore it because you have no counter). I keep my phone number unlisted. I will keep my whois info unlisted, too. Law or no law. The government can always find out, with a court order, my unlisted phone number. Heck, they can probably just call up my telco and the telco will spill the beans. I have no problem with that. If they want to pass a bill requiring registrars to have that information and hold it in escrow, I will support it. Then the registrars can just keep everyone's whois info secret directly. Will this make whois as a tool (a tool which I use in my work as an email security analyst) useless? Yes, it will. That's a price I'm willing to pay, though.
By the way, my condolences that your clexler dried up. A crying shame. Especially tragic that your brain appears to have dried up along with it.
The thing is I registered 22 domain names with bulkregister.com and 2 with stargate.com. Thing where good for about 2 years and then I moved into a new house, new town, same state. we where in the house for about 2 months (November 2003). Then all hell broke lose as a markiting target I became a hotspot for email, and now telephone marketers and most of it was due to 2 of my domain names. when I moved I had to chase down passwds and account names for 3 different registrars and I changed the contact info for all of them and luckily I had everything available and not in boxes.
o is/Arc01/msg00028.html
So to get to the point here with a law that makes fraudulent whois records a crime at what point dose not updating records make you a criminal?
And I didn't sigh on to opt in on every email list selling sex, drugs, or rock and roll or any other possible thing in the world that's hitting my spam filters
Domain names are not merely the objects of trademark disputes, they are also important facilitating elements for online speech. Just as it is legal to publish a book or broadsheet with no indicia of authorship or publisher, it should be legal and possible to publish a website or other Internet communication without such identification. Indeed, in the United States, anonymous speech is a constitutionally protected right. Most domain names do not conflict with trademark rights, and ICANN would be overreaching its mandate to subordinate broad free speech interests to this relatively narrow concern.
Above taken from: http://www.dnso.org/dnso/dnsocomments/comments-wh
Support Free Trade Campus
get a free account Now!
some how this got posted to a wrong artical a bit ago I hope it's going to the right place now? I don't need the bad karma if it's not
I'd Tell you all my secrets but I lie about my past
You're free to withhold all the information you want from the domain name registry- and not have a domain name. This will not impede your use of the Internet or operation of servers in any way; you'll just have to use your IP instead of an easier-to-remember character string when you want to link someone to your server. Think of it as the Internet equivalent of an unlisted phone number.
You have a right to privacy, but you don't have a right to a domain name.
The WHOIS records aren't a legal declaration of your True Name, True Legal Domicile, Phone number you agree to be reached at 24 hours a day by anyone who wants, ICBM address, Subpoena Acceptance Address, Mother's Maiden Name, Fingerprints, and RIAA pre-approved guilty plea that you give The Authorities in exchange for permission to speak on the Internet. They're simply administrative contact information people can use to try to reach you if your system is having trouble. There's a billing address there so that the Registrars can reach you if they want more money. There's a technical address to reach you if things are broken. There's an administrative address for general administrative requests. If somebody can't reach you because your information is out of date or incorrect, that doesn't mean you're an evil miscreant, it just means that you won't get proactive billing notices, and if your DNS isn't working right, people can't reach you to let you know.
It is possible to give the registrars fraudulent information - if you're impersonating someone else who really exists, but that's adequately covered by existing fraud laws. But if you give your name as "Johnny Smith" and put your address as "111 Main Street, Bogustown, USA" or "1600 Pennsylvania Ave, Washington DC 90210", that's nobody's business, that's just not a very useful contact handle you're giving somebody. If your payment to the registrar works, it works. And here in California, it was common-law right to use any name you wanted to except for purposes of fraud, though apparently the DMV got that changed a decade or so ago and insists that you need papers from some government or other to have a name.
ICANN seems to have been one of the early prime movers in True Name Whois Information, in spite of the damages to privacy that it causes (e.g. spammers hitting your published admin address.) The "IP" that they're interested in has always been "Intellectual Property", not "Internet Protocol", and they're really grouchy about the concept that anybody could ever use a domain name without agreeing to provide an always-updated True Name and Legal Process Server Address so that trademark owners can find you and sue you if they think they've got a claim on a domain name you're using. More recently, though, the RIAA/MPAA have taken up the cause, because they want to be sure that if you ever even think about sharing copyrighted music on line, they want to be able to drop handcuffs on you. If there's a dispute about domain name ownership, and your Registrar is unsuccessful in contacting you using the contact information you provide, for some reasonable period of time, it's reasonable for them to bounce your domain name.
On the other side of the argument, while I strongly value privacy, most of the time when I try to track down spammers using whois records, the information is bogus, which is annoying, and it's almost always either obviously bogus or else some foreign address that looks hard to track down. The main exceptions are in-your-face spammers like Spamford or Scotty Richter, and spammers with corporate shells to hide behind (e.g. one spammer had a mailbox at the street address of The Company Corporation, which is in the business of setting up cheap Delaware corporations), so they're effectively untraceable.
Meanwhile, if you're a "hardcore libertarian", you need to think about what rights mean. Saying somebody doesn't have the right to do something isn't just a statement about ethics - its equivalent to saying that you have the right to beat them up if they do it. Falsifying your personal resume is attempting to deceive somebody about your skills so they'll give you something that they wouldn't if you'd been honest, and of course that's wrong.
But "Trav
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Contrary to popular belief, you can in fact live without having your own domain. It is not one of the fundamental rights guaranteed to people. If you needed it to live, that would be different. If the grocery store required you to publish contact info to buy food, that would be different.
[...]
I fail to see why everyone gets so pissy about publishing whois info, and yet doesn't seem to care about having their phone number publish in the phone book. In both cases, you can pay to have it unlisted.
Necessity of accessability has no bearing on ones right to privacy. You don't need lawyers, but there is such a thing as attorney/client privilege. One certainly doesn't need the church, but they do listen to confessions.
By your definition, lawyers have every right to tell a friend or the press about their client's personal information, and priests should be exposing every juicy bit of gossip that comes their way.
Also, you're also making a bit of a ridiculous claim there in that last paragraph... you're making the assumption that people who complain about whois info don't care about their number being listed.
Does that really make sense?
Odds are, if they care about domain info being public, they probably also have unlisted numbers. Don't make up things to try and win your already weak and selfish argument.
Just because you don't seem to care about your privacy, and can build up all these lame bullshit excuses, doesn't mean others shouldn't have it.
Have you ever thought that your view of world history might be a little American-centric?
For your information, chopsticks were not invented "in California 200 years ago" but in China at least five THOUSAND years ago.
I find it a bit curious and well ludicrous that our overpaid legislators would be so concerned over incorrect or false information on whois records but allow for the falisification of caller ID on our telephones.
Hmm, maybe it's just me but I would think MORE people in America would benefit from non-fradulent CallerID (Darn them telemarketers) than from what the heck a whois record says. Most internet users (even if they own a domain) don't know what WHOIS records are anyhow.
..the law in no way requires you to PROVIDE information. It simply requires that information that is PROVIDED must be accurate. From the actual bill:
(6) the term `counterfeit documentation or packaging' means documentation or packaging that appears to be genuine, but is not.
If I list my Address as "1234 Testing Lane," I'm in violation. But if I list it as "Not Disclosed", I don't believe (IANAL) that I am. Same goes for name, or listing the name as "System Administrator." E-mail could be listed as "whois@mydomain.com," which would be legit if that was a real e-mail address...
I don't know a way areound the phone number issue, however. I believe that listing "not disclosed" as a phone number would be within the law, but I'm not sure a registrant will accept that if they validate phone numbers...
OTOH if you try to sell me tractor parts, claiming to represent John Deere, when you are in fact John Doe and have no relationship with the company, that *is* the business of the government that I support for my protection.
I wonder what libertarians did in the premodern world, when it was impossible for anyone other than a hermit to establish anonymity, and even few hermits could achieve it.
I run several sites, some of which contains information that some people do not like. I provide true information in my WHOIS record, but I am considering changing it to protect my privacy (WITHOUT HAVING TO PAY EXTRA FOR IT). I think I should have a RIGHT to privacy, not the ability to pay for a service to provide the privacy that I have a right to. The problem is that with valid information in my WHOIS record, anyone who doesn't like the content of my site (no, nothing about WAREZ or piracy or terrorism or anything like that) can call me up and harrass me about it.
I have gotten calls at 2 in the morning and people who mess with me simply because they have access to my information. I have a right to not be harrassed or attacked. Calling the police or phone company is a waste of time. I just want the RIGHT to privacy that our forefathers established for us.
Is that really so much to ask?
--- The revolution will be digitized! - http://www.binrev.com/ ---
Really simple solution for the registrars:
I give them my real info, they provide fake info. Or I get to continue to fake mine.
IF SOMETHING GOES WRONG the authorities can leave a message with the registrar who will contact me and tell me to check my messages. I will gladly talk to them if I hear of any problems. In the meantime, sorry Dotster, your monthly newsletters don't even show up in my Inbox anymore.
If the authorities want, they can yank the website after two weeks of no response from the owner. Or the registrar can choose to give up the owner's info at any time. Who would you register with? Someone that promised to keep your info private or someone that handed it over the very second the feds asked for it?
However, there are also people that are doing things online that, if they were done on a streetcorner, would get them arrested. They "know" that they cannot be caught, punished or prosecuted in any way because "online" is a law-free zone.
Why should this be the case? This means that not only spammers and the like can hide in plain sight, but also people that are actively making the Internet truely horrible are allowed to continue. Their actions are decried by governments and corporations alike and, unfortunately, those are the folks that can actually do something to change the nature of the Internet in ways that will be worse for everyone. For example, what would it serve if in order to register a domain you had to be registered as a business? Well, for one thing it would cut out kiddy-porn vendors and 19 sorts of scammers. But, it would also affect a lot of individuals.
I'm all for people protecting their privacy, but owning a domain and being private are not necessarily the same thing. Being able to hide your identity while posting on various dicussion boards is fine. Being able to set up a store where people can buy perscription drugs without a prescription for 10x the normal price isn't fine - but it is almost impossible to track these people down given the current system. Warez boards can be considered a true benefit to society - until you are a software developer with your sole income from sales of software.
I think the best example of this is where someone decides in a vindictive moment to register a domain "johnsmithsucks.com" and puts up pictures of John Smith and his family. Photoshopped pictures. Obscene photoshopped pictures. And amusing stories about John, his children and their dog. Try getting such a thing shut down if you have only "N.B." as the name on the domain registration. Yes, you might be able to track down the hosting, but maybe they are unhelpful or a bargin hosting company in Korea. You might be able to get it shut down, but I doubt it without an incredible amount of work. It would probably be better if you just left down quietly and changed your name.
Is this fair? It can happen today. Would you laugh if it happened to your neighbor? Sure you would, admit it.