Whois Record Falsification Closer To Illegality

PipianJ writes "Reuters is reporting that the House of Representatives has recently passed the bill that would approve of penalties for those using fraudulent WHOIS records (H.R. 3632). Interestingly however, this does not directly outlaw it, instead extending the penalty by seven years for felonies performed using such fraudulent websites. The Senate has not yet passed their version (S.2242). The bill as originally written, however, focuses primarily on penalties for promoting counterfeit music, computer programs, and other media with identical labeling."

Several more years on top of existing penalties?

[ShatteredDream]

I will confess that much my knowledge of federal penalties is second hand, having lived with two former federal agents most of my life, but what good does this do, really? The federal penalties for most crimes seem to already be aimed at simply "crushing the perp and ruining him/her forever" rather than anything resembling pursuit of justice.

Yet another good reason to vote for Michael Badnarik in November. He wants to move us toward a system based on restitution, not simply locking the perp away and throwing away the key.

Doesn't outlaw anonymity now, but...

[anthony_dipierro]

"The government must play a greater role in detecting those who conceal their identities online," said Texas Republican Rep. Lamar Smith, a sponsor of the bill.

Scared yet?

Hide your info with...

[BobSutan]

http://domainsbyproxy.com/

Nuff said.

Re:What about those concerned with privacy?

[justkarl]

So when you use false information to avoid SPAM or protect your privacy are you committing fraud?

Yes. The problem lies within the reality that the gov't has the spammers' back-we're talking the economy here. Providing false information-whether it be for registration info or for good prices on canadian viagra and whatnot- is still fraud. Spammers just have enough money to get the gov't to "look the other way".

I don't get it...

[LostCluster]

Would somebody please show us where exactly the law prohibts registering with 555-555-5555 as a phone number?

I think we've got the wrong bill associated with this story.

How ridiculous...

[DroopyStonx]

Flat out and to the point: I have a right to privacy.

My domain is a personal one. It's not meant to be a high profile public site... I get maybe 5 anonymous visitors a month.. why should I provide valid whois info? I don't feel comfortable with doing that and I will NEVER provide real info.

Instead, how about making sites that involve monetary transactions register valid names?

I don't give a rat's ass if "this is the internet, it's public," my right to privacy is my own. If you don't like it, tough shit. If they wanna make it illegal, then bring it on - I still won't provide valid info.

What are they gonna do?

Re:How ridiculous...

[Jah-Wren+Ryel]

I fail to see why everyone gets so pissy about publishing whois info, and yet doesn't seem to care about having their phone number publish in the phone book. In both cases, you can pay to have it unlisted.

We do get pissy. The defaults should be for privacy and if you want it to be public you need to take action to make it so.

Just because the current system is fucked up doesn't mean we should quietly accept it when things get worse. I want my domain info to be private by default and I want my telephone and address info to be private by default too. Just like some states have figured out that our driver's license info should be private by default too - of course it took the murder of an actress to change that law in California. I sure hope it doesn't take the murder of a domain owner for congress to pull their collective head out of their collective ass.

So...

[NoMoreNicksLeft]

Set up some public keys for federal agencies, and let us post our info in encrypted form... they can read it whenever they want, and no worry of it being harvested by spammers.

I confused myself

[kongit]

I don't know whether this is good or bad. I could possibly gain security from the gov't's attempts to stop users from using WHOIS records falesly...ie. they might be using my name or phone number or etc. to do something devious. Or, will I be losing privacy because internet anonymity is slowly becoming illegal?

the whole system is perveted...

[SuperBanana]

The federal penalties for most crimes seem to already be aimed at simply "crushing the perp and ruining him/her forever" rather than anything resembling pursuit of justice.

It's also massively perverted. While the popular example is pot- I'll give you the reverse. In Massachusetts, if you're caught drunk driving, you get a MAXIMUM of 2.5 years, $5k, license suspension for one year (unless you need to get to work- then you're eligible for a limited license after just 3 months, and if you have "hardships" you're allowed to get a limited license in 6 mo).

Keep in mind drunk driving is a HUGE cause of vehicle-related fatalities in the US; about 40%, and I believe that puts it at #1. 1.4 million people are arrested and charged with DUI every year. That is a -staggering- number; almost 1 in every 100 people has been charged with DUI.

I provide real contact info..

[lpontiac]

domain sullust.net
status production
owner Andrew Francis
email locust@bur.st
title Mr
address PO Box 5009
city Dalkeith
state WA
postal-code 6009
country AU
admin-c locust@bur.st#0
tech-c locust@bur.st#0
billing-c locust@bur.st#0
nserver ns1.bur.st
nserver ns2.bur.st
nserver ns3.bur.st
nserver ns4.bur.st
registrar JORE-1
created 2002-03-25 12:35:22 UTC JORE-1
modified 2004-03-01 14:21:26 UTC JORE-1
expires 2008-03-25 06:35:06 UTC
source joker.com

i investigated it a little bit

[JeanBaptiste]

as it stands, 1st of all, it is _not_ illegal to use fake WHOIS records, even under the provisions of the legislature being discussed. All this does is to add jail time (up to 7 years according to the wording of the bill) to those that then go on to use the fraudulent domain for spamming,fraud,con activities. It just makes the punishment for those that are already doing illegal things worse.

i run an internationally political website, and if I used my real name, phone, address, etc, I would have been physically attacked, at best. This law does not affect me in any way as I am not doing any fraud, spam, con-games, nigerian emails, or what have you.

I would add that other laws that have been struck down HAVE made what I am doing illegal, fortunately nothing like that has stuck. In summary, the discussed law is not a problem for anyone, as long as they are not spammers, fraudsters, nigerians, etc.

Agreed, its a step in the wrong direction. But as for now, as long as you are not engaged in other illegal activities, you (should not) dont have to worry.

this merely adds penalties onto already illegal activities if you fake your WHOIS records.

I am not a lawyer, but I play one on /.

Most of my records are false

[macdaddy]

I don't use valid records in most of my WHOIS records. I use one domain for posting to usenet, talking mainly about anti-spam stuff. I have another for mailing lists subscriptions. Yet another couple for seeding to spammer's "remove" forms. Then I have a number of personal domains. They all have common DNS records. I don't want spammers getting ahold of my personal information via my other domains. Spammers have a bad habit of attacking anti-spammers. I have also used the proxy registration options of my registrar, Godaddy. Unfortunately that doubles the cost of my domains and isn't very practical. Is there a solution that doesn't cut into your wallet?

Why does our address have to be public?

[Tablizer]

I don't really care if the domain manager knows my home address and e-mail, but why the hell to does the whole goddam world have to see it?

No need to falsify, just obfuscate

Here's my solution. First, I pay for a PO Box. It's not too expensive and it's a legal address to register domains. So whois returns the PO Box as the contact address. I also use the PO Box for other things like the university after finding they sometimes "accidently" publish your home information even if you've requested it to be private. In order to get a PO Box, you give your real street address to the post office, so should the feds breathe down your neck, they can't claim you did this to avoid being tracked down. All they'd need to do is get your PO Box registration from the post office to find out your street address and I'm sure they have routes for this.

Second, for phone number, use areacode-555-1212. This is a directory service similar to 411 but localized by area code. If you have a listed number, the interested party would have to pay to use this number to get your listed number. This cuts down greatly on telemarketers who do not wish to pay the fee very often. Also, if you have an unlisted number, this service will just say that. Again, the feds can request even unlisted numbers directly from the phone company so using this phone number does not prevent them from getting your real phone number.

So really all you need to reveal is your real name when you register the account. Some may be a bit leery of even this I know. But my point is in the context of this proposed law. IANAL, but it seems to me that as long as you register using your real name, a PO Box and the 1212 number, the feds would not have a claim to say you falsified your registration. To do so, they'd have to outlaw all anonymizing registatration services that put a middle-man address/phone number into the whois record as this method is basically a free way to achieve the same effect.

Does this make the RIAA's activities illegal?

[waxxie]

"The bill as originally written, however, focuses primarily on penalties for promoting counterfeit music, computer programs, and other media with identical labeling." So promoting (ie spreading/sharing/p2p'ing) files that are not what they appear to be is illegal? Does this make the RIAA's activities of spreading fake files on p2p networks, illegal?

One step removed from the real problem

[maximilln]

The real problem isn't false information in WHOIS databases. The real problem was allowing every stock broker with a geek relative to set up a registrar. I don't remember there being a Constitutional right to have a domain name.

In the beginning the internet was ruled (for the most part) by technology people, for technology people. The technology people did a reasonable job keeping their own arena in check. Wall Street showed up when they saw potential dollar signs. The technology people held back, forcing Wall Street to jump through hoops and hurdles to come up with funding and learn the jargon and the ways of computer science. This was wholly unacceptable to Wall Street as it was standing in the way of the technology bubble which would make them extraordinarily rich. Wall Street worked diligently through Congress to use public tax money (namely 401k funding) to subsidize the explosion of companies in the internet sector who both provided the equipment (personal computers, Windows support), the services (ISPs), and the content (web sites) for the web. As more people swamped to the network they learned about domain name registration and everyone wanted to be cool and have one. Domain name registration was no longer NSF subsidized and Wall Street quickly realized that being a registrar was a profitable endeavor. I feel that domain name registration should have remained subsidized to force the politicians to consider the result of their actions. I pay tax money. What's changed between now and '92?

The real problem is not the pollution of WHOIS databases. The real problem was the underhanded pillaging of public tax money to bring everyone, good/bad/indifferent, to the open network. If left to its own methods the computing industry would have evolved much more productively. There would never have been a complete sanitation (USENET trolls, a little spam) but the signal to noise ratio would have been preserved as much higher.

Re:You Misunderstand what Whois Records Are

[Brandybuck]

Yes, I understand what WHOIS is. That doesn't change the fact that I think you shouldn't be lying to them. At the same time, I do support the right of everyone to seek a different solution if WHOIS won't accept "mind your own business" as a contact.

This story isn't about criminalizing false WHOIS information, it's about taking false information into account during sentencing for a SEPARATE act. If you want to argue about the morality of extenuating circumstances and other acts accessory to a crime, you may do so. But that's a much wider topic than merely WHOIS.

Where are all the Slashdotters upset that robbery with a firearm incurs more penalty than robbery with a knife? Does this mean that firearms have been criminalized? No! It merely means that crimes committed with a firearm gets a higher penalty. In the very same way, this law means that crimes committed by falsifying WHOIS records get a higher penalty than crimes that don't.