Whois Record Falsification Closer To Illegality
PipianJ writes "Reuters is reporting that the House of Representatives has recently passed the bill that would approve of penalties for those using fraudulent WHOIS records (H.R. 3632). Interestingly however, this does not directly outlaw it, instead extending the penalty by seven years for felonies performed using such fraudulent websites. The Senate has not yet passed their version (S.2242). The bill as originally written, however, focuses primarily on penalties for promoting counterfeit music, computer programs, and other media with identical labeling."
Fine spammers who use information in whois records, it might be more acceptable. As it is now, my choices are to do a domain by proxy or falsify (oops, typo!) some of my information.
I'm sick of getting mail from "registrars" charging $40 and up for two year renewals and so forth. People wouldn't have to falsify records if ICANN did not require registrars to sell their records to whoever wants them. On that note, I'll probably move all my domains to Gandi as they begin to expire because of this (they allow me to exclude my records from the stuff they sell).
Also, will this penalize people who use their real names but false addresses? From the sound of it, it looks like it would.
US businesses that currently accept chip and PIN/signature
..watching them try to enforce it. It appears that the U.S, like other countries, has still not gotten the idea it's going to be nearly impossible to legislate the internet. I have a feeling this is going to be used more as one of those charges they use when they need an excuse to do a raid, and dont have enough evidence for what they're going for.
Disagree? Lemme hear it.
Before you mod me funny, think, perhaps I was insightfully funny?
How are they going to enforce it when a large portion of those registrants are actually non-US?
This will only become acceptable if you cut down on the fraudulent abuse of WHOIS. For example the Domain Registry of America garbage. You also have to take into account annoyances. I remember originally having my authentic WHOIS info and getting called by people wanting to "buy" my domain, for a good price; and various other crap.
How about enforcing fines, penalties, and heck jailtime for all the fuckhead spammers (both V.AGRA and Register.com) who abuse the whois registry data? Or who want to charge you $10 to "protect your privacy" on top of your $10 registration per month? It's a shell game. I wish we still lived in some magical utopian internet bubble where only good geeks(tm) were on the net, but fact is we're up to our elbows in fuckheads and if I have to put in (555) because I don't want to be telemarketed.. well.. do something about the fuckheads and I'll put a good number in.
Mmm... now that's a mature reply.. "Congressmen, it's a principle of fuckheads. Take that to the floor!"
"The government must play a greater role in detecting those who conceal their identities online," said Texas Republican Rep. Lamar Smith, a sponsor of the bill.
With all due respect to the Representative from Texas, I call bullshit.
I can understand the problems deliberately fraudulent registration information can be when trying to track down the owners of a malfeasant commerce site, but what about the option to reveal no information to the public?
I wonder exactly what makes a record false. My registrar provides (free) forwarding accounts. For example, the record for foundonp2p.com is showing D-23108frrb@usersa3.domainsatcost.ca right now, but within a week or so, it will change. The email is forwarded to my real address, so it is a legitmate address to email if you want to get a hold of me.
We have two bills -- one of the two linked-to ones makes writing software like Daemon Tools, no-CD patches, and bnetd (a libre open source battle.net implementation) a federal crime.
The second bill makes not providing identifying information to let the feds track you down if they know what your website is illegal. (What if I want to speak freely, without fears of being harassed? I can post papers anonymously, but not be anonymous on the Web?) Add in the next obvious thing, a requirement for webmasters to log and be able to provide information for who posted something, and federal law enforcement can track anyone down.
Combine this with the fact that Cat Stevens just fell under the eye of the Homeland Security Watch List, had his plane diverted to Maine and was kicked out of the United
States. As far as I can tell, his main crime was criticizing US involvement in Iraq.
And Bush's polls are looking better than ever.
It's an authoritarian next few years for all of us...
May we never see th
Yes, and no. If you want U.S. Mail service, your address is published by the USPS and sold to marketing agencies and city directories. If you want phone service, your phone number and name (or initials) are published in the phone book. Why should it not be the case that if you want your own domain, you provide correct information?
Contrary to popular belief, you can in fact live without having your own domain. It is not one of the fundamental rights guaranteed to people. If you needed it to live, that would be different. If the grocery store required you to publish contact info to buy food, that would be different.
my right to privacy is my own. If you don't like it, tough shit.
And their right to refuse to sell you a domain is their own. And if you don't like it, tough shit.
I fail to see why everyone gets so pissy about publishing whois info, and yet doesn't seem to care about having their phone number publish in the phone book. In both cases, you can pay to have it unlisted.
There is no sig, there is only Zuul.
Not this particular service necessarily, but this method in general seems to be the standard method to hide ownership (maybe, IANAL). Big corporations get their law firm to incorporate a shell company in the Bahama's or Cayman, and the shell company then buys the property anonymous from the real source of the money. Add more levels of indirection and blind trusts for fancier schemes to hide assets from bankruptcy, lawsuits, divorce settlements, etc. Maybe even legally.
For a little privacy, all you need is money. Same should work for domain name "ownership".
Yet.
Funny - a few years ago it was legal to to reverse engineer things, and post the results. Now we have the DMCA.
I guess you can continue in your mistaken belief that what you do now won't potentialy be held against you later.
It's a crazy world, run by people who want to keep what they have, and gather more. If they think you or your 'innocent' doings threaten their way of life, your ass will be legislated to illegality in the blink of an eye.
After all, it's far easier to do what you want to people when they're all criminals.
Wait and see.
You don't need your real name on your mail or in the phone book, and there's no law against listing false ones that I'm aware of. Maybe providing false info to a govt agency (the PO), but that's a tangent. I can have my mail addressed to Occupant and have an unlisted phone number.
Obviously they have your phone number or address (PO Box), but then anyone who has your WHOIS has your IP address. There's only a certain amount of privacy you have to give up.
If you aren't committing an act of fraud then it's not illegal.
I don't need no instructions to know how to rock!!!!
The WHOIS records aren't a legal declaration of your True Name, True Legal Domicile, Phone number you agree to be reached at 24 hours a day by anyone who wants, ICBM address, Subpoena Acceptance Address, Mother's Maiden Name, Fingerprints, and RIAA pre-approved guilty plea that you give The Authorities in exchange for permission to speak on the Internet. They're simply administrative contact information people can use to try to reach you if your system is having trouble. There's a billing address there so that the Registrars can reach you if they want more money. There's a technical address to reach you if things are broken. There's an administrative address for general administrative requests. If somebody can't reach you because your information is out of date or incorrect, that doesn't mean you're an evil miscreant, it just means that you won't get proactive billing notices, and if your DNS isn't working right, people can't reach you to let you know.
It is possible to give the registrars fraudulent information - if you're impersonating someone else who really exists, but that's adequately covered by existing fraud laws. But if you give your name as "Johnny Smith" and put your address as "111 Main Street, Bogustown, USA" or "1600 Pennsylvania Ave, Washington DC 90210", that's nobody's business, that's just not a very useful contact handle you're giving somebody. If your payment to the registrar works, it works. And here in California, it was common-law right to use any name you wanted to except for purposes of fraud, though apparently the DMV got that changed a decade or so ago and insists that you need papers from some government or other to have a name.
ICANN seems to have been one of the early prime movers in True Name Whois Information, in spite of the damages to privacy that it causes (e.g. spammers hitting your published admin address.) The "IP" that they're interested in has always been "Intellectual Property", not "Internet Protocol", and they're really grouchy about the concept that anybody could ever use a domain name without agreeing to provide an always-updated True Name and Legal Process Server Address so that trademark owners can find you and sue you if they think they've got a claim on a domain name you're using. More recently, though, the RIAA/MPAA have taken up the cause, because they want to be sure that if you ever even think about sharing copyrighted music on line, they want to be able to drop handcuffs on you. If there's a dispute about domain name ownership, and your Registrar is unsuccessful in contacting you using the contact information you provide, for some reasonable period of time, it's reasonable for them to bounce your domain name.
On the other side of the argument, while I strongly value privacy, most of the time when I try to track down spammers using whois records, the information is bogus, which is annoying, and it's almost always either obviously bogus or else some foreign address that looks hard to track down. The main exceptions are in-your-face spammers like Spamford or Scotty Richter, and spammers with corporate shells to hide behind (e.g. one spammer had a mailbox at the street address of The Company Corporation, which is in the business of setting up cheap Delaware corporations), so they're effectively untraceable.
Meanwhile, if you're a "hardcore libertarian", you need to think about what rights mean. Saying somebody doesn't have the right to do something isn't just a statement about ethics - its equivalent to saying that you have the right to beat them up if they do it. Falsifying your personal resume is attempting to deceive somebody about your skills so they'll give you something that they wouldn't if you'd been honest, and of course that's wrong.
But "Trav
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
..the law in no way requires you to PROVIDE information. It simply requires that information that is PROVIDED must be accurate. From the actual bill:
(6) the term `counterfeit documentation or packaging' means documentation or packaging that appears to be genuine, but is not.
If I list my Address as "1234 Testing Lane," I'm in violation. But if I list it as "Not Disclosed", I don't believe (IANAL) that I am. Same goes for name, or listing the name as "System Administrator." E-mail could be listed as "whois@mydomain.com," which would be legit if that was a real e-mail address...
I don't know a way areound the phone number issue, however. I believe that listing "not disclosed" as a phone number would be within the law, but I'm not sure a registrant will accept that if they validate phone numbers...