Slashdot Mirror
Whois Record Falsification Closer To Illegality
PipianJ writes "Reuters is reporting that the House of Representatives has recently passed the bill that would approve of penalties for those using fraudulent WHOIS records (H.R. 3632). Interestingly however, this does not directly outlaw it, instead extending the penalty by seven years for felonies performed using such fraudulent websites. The Senate has not yet passed their version (S.2242). The bill as originally written, however, focuses primarily on penalties for promoting counterfeit music, computer programs, and other media with identical labeling."
Fine spammers who use information in whois records, it might be more acceptable. As it is now, my choices are to do a domain by proxy or falsify (oops, typo!) some of my information.
...beacuse when you have to change your records, your gonna be swimming in it.
"I use a Mac because I'm just better than you are."
providing "555-555-5555" as a phone number or "Small Wok Way, Chopstick Town, WI" as a street address.
I need to change my phone no. and move now.
I'm sick of getting mail from "registrars" charging $40 and up for two year renewals and so forth. People wouldn't have to falsify records if ICANN did not require registrars to sell their records to whoever wants them. On that note, I'll probably move all my domains to Gandi as they begin to expire because of this (they allow me to exclude my records from the stuff they sell).
Also, will this penalize people who use their real names but false addresses? From the sound of it, it looks like it would.
US businesses that currently accept chip and PIN/signature
..watching them try to enforce it. It appears that the U.S, like other countries, has still not gotten the idea it's going to be nearly impossible to legislate the internet. I have a feeling this is going to be used more as one of those charges they use when they need an excuse to do a raid, and dont have enough evidence for what they're going for.
Disagree? Lemme hear it.
Before you mod me funny, think, perhaps I was insightfully funny?
How are they going to enforce it when a large portion of those registrants are actually non-US?
I will confess that much my knowledge of federal penalties is second hand, having lived with two former federal agents most of my life, but what good does this do, really? The federal penalties for most crimes seem to already be aimed at simply "crushing the perp and ruining him/her forever" rather than anything resembling pursuit of justice.
Yet another good reason to vote for Michael Badnarik in November. He wants to move us toward a system based on restitution, not simply locking the perp away and throwing away the key.
Click here or a puppy gets stomped!
This will only become acceptable if you cut down on the fraudulent abuse of WHOIS. For example the Domain Registry of America garbage. You also have to take into account annoyances. I remember originally having my authentic WHOIS info and getting called by people wanting to "buy" my domain, for a good price; and various other crap.
How about enforcing fines, penalties, and heck jailtime for all the fuckhead spammers (both V.AGRA and Register.com) who abuse the whois registry data? Or who want to charge you $10 to "protect your privacy" on top of your $10 registration per month? It's a shell game. I wish we still lived in some magical utopian internet bubble where only good geeks(tm) were on the net, but fact is we're up to our elbows in fuckheads and if I have to put in (555) because I don't want to be telemarketed.. well.. do something about the fuckheads and I'll put a good number in.
Mmm... now that's a mature reply.. "Congressmen, it's a principle of fuckheads. Take that to the floor!"
"The government must play a greater role in detecting those who conceal their identities online," said Texas Republican Rep. Lamar Smith, a sponsor of the bill.
Scared yet?
http://domainsbyproxy.com/
Nuff said.
"On a scale from 1 to 10, people are stupid"
Some of us prefer to have our names listed as: Anonymous Coward on our website registrations
Flat out and to the point: I have a right to privacy.
My domain is a personal one. It's not meant to be a high profile public site... I get maybe 5 anonymous visitors a month.. why should I provide valid whois info? I don't feel comfortable with doing that and I will NEVER provide real info.
Instead, how about making sites that involve monetary transactions register valid names?
I don't give a rat's ass if "this is the internet, it's public," my right to privacy is my own. If you don't like it, tough shit. If they wanna make it illegal, then bring it on - I still won't provide valid info.
What are they gonna do?
We have secretly replaced these Slashdot mods' sense of humor with a rusty nail. Let's see if they notice!!
"The government must play a greater role in detecting those who conceal their identities online," said Texas Republican Rep. Lamar Smith, a sponsor of the bill.
With all due respect to the Representative from Texas, I call bullshit.
I can understand the problems deliberately fraudulent registration information can be when trying to track down the owners of a malfeasant commerce site, but what about the option to reveal no information to the public?
"Regime change".
Weaselmancer
rediculous.
The Federal Anticounterfeiting Act of 2004, the bill that was *actually* linked to, is some scary stuff.
Writing a program like Daemon Tools (no, not the *IX suite of software, the CD image software) or bnetd (a FOSS Battle.net implementation) would become illegal, with a potential five year federal prison penalty.
Why have I not heard about this before?
May we never see th
We have two bills -- one of the two linked-to ones makes writing software like Daemon Tools, no-CD patches, and bnetd (a libre open source battle.net implementation) a federal crime.
The second bill makes not providing identifying information to let the feds track you down if they know what your website is illegal. (What if I want to speak freely, without fears of being harassed? I can post papers anonymously, but not be anonymous on the Web?) Add in the next obvious thing, a requirement for webmasters to log and be able to provide information for who posted something, and federal law enforcement can track anyone down.
Combine this with the fact that Cat Stevens just fell under the eye of the Homeland Security Watch List, had his plane diverted to Maine and was kicked out of the United
States. As far as I can tell, his main crime was criticizing US involvement in Iraq.
And Bush's polls are looking better than ever.
It's an authoritarian next few years for all of us...
May we never see th
I thought this was illegal, I rem filling out something with some legal stuff when I signed up for my domains, and I was bummed that I would have to put my personal details out there. Then I found Domains by proxy and I didn't have to. So, I didn't break the law, but you can't find my name/address/email with a simple whois!
CB
free ipod and free gmail!
how soon this congress and admin will outlaw that horrible chemical HOH. It is responsible for so many deaths and can hide terrorists activity. Perhaps, we can get this fine group of people to outlaw such a dangerous item. After all, it would be just about as easy to enforce this one as the whois record as well.
I prefer the "u" in honour as it seems to be missing these days.
Yet.
Funny - a few years ago it was legal to to reverse engineer things, and post the results. Now we have the DMCA.
I guess you can continue in your mistaken belief that what you do now won't potentialy be held against you later.
It's a crazy world, run by people who want to keep what they have, and gather more. If they think you or your 'innocent' doings threaten their way of life, your ass will be legislated to illegality in the blink of an eye.
After all, it's far easier to do what you want to people when they're all criminals.
Wait and see.
as it stands, 1st of all, it is _not_ illegal to use fake WHOIS records, even under the provisions of the legislature being discussed. All this does is to add jail time (up to 7 years according to the wording of the bill) to those that then go on to use the fraudulent domain for spamming,fraud,con activities. It just makes the punishment for those that are already doing illegal things worse.
/.
i run an internationally political website, and if I used my real name, phone, address, etc, I would have been physically attacked, at best. This law does not affect me in any way as I am not doing any fraud, spam, con-games, nigerian emails, or what have you.
I would add that other laws that have been struck down HAVE made what I am doing illegal, fortunately nothing like that has stuck. In summary, the discussed law is not a problem for anyone, as long as they are not spammers, fraudsters, nigerians, etc.
Agreed, its a step in the wrong direction. But as for now, as long as you are not engaged in other illegal activities, you (should not) dont have to worry.
this merely adds penalties onto already illegal activities if you fake your WHOIS records.
I am not a lawyer, but I play one on
I don't really care if the domain manager knows my home address and e-mail, but why the hell to does the whole goddam world have to see it?
Table-ized A.I.
The WHOIS records aren't a legal declaration of your True Name, True Legal Domicile, Phone number you agree to be reached at 24 hours a day by anyone who wants, ICBM address, Subpoena Acceptance Address, Mother's Maiden Name, Fingerprints, and RIAA pre-approved guilty plea that you give The Authorities in exchange for permission to speak on the Internet. They're simply administrative contact information people can use to try to reach you if your system is having trouble. There's a billing address there so that the Registrars can reach you if they want more money. There's a technical address to reach you if things are broken. There's an administrative address for general administrative requests. If somebody can't reach you because your information is out of date or incorrect, that doesn't mean you're an evil miscreant, it just means that you won't get proactive billing notices, and if your DNS isn't working right, people can't reach you to let you know.
It is possible to give the registrars fraudulent information - if you're impersonating someone else who really exists, but that's adequately covered by existing fraud laws. But if you give your name as "Johnny Smith" and put your address as "111 Main Street, Bogustown, USA" or "1600 Pennsylvania Ave, Washington DC 90210", that's nobody's business, that's just not a very useful contact handle you're giving somebody. If your payment to the registrar works, it works. And here in California, it was common-law right to use any name you wanted to except for purposes of fraud, though apparently the DMV got that changed a decade or so ago and insists that you need papers from some government or other to have a name.
ICANN seems to have been one of the early prime movers in True Name Whois Information, in spite of the damages to privacy that it causes (e.g. spammers hitting your published admin address.) The "IP" that they're interested in has always been "Intellectual Property", not "Internet Protocol", and they're really grouchy about the concept that anybody could ever use a domain name without agreeing to provide an always-updated True Name and Legal Process Server Address so that trademark owners can find you and sue you if they think they've got a claim on a domain name you're using. More recently, though, the RIAA/MPAA have taken up the cause, because they want to be sure that if you ever even think about sharing copyrighted music on line, they want to be able to drop handcuffs on you. If there's a dispute about domain name ownership, and your Registrar is unsuccessful in contacting you using the contact information you provide, for some reasonable period of time, it's reasonable for them to bounce your domain name.
On the other side of the argument, while I strongly value privacy, most of the time when I try to track down spammers using whois records, the information is bogus, which is annoying, and it's almost always either obviously bogus or else some foreign address that looks hard to track down. The main exceptions are in-your-face spammers like Spamford or Scotty Richter, and spammers with corporate shells to hide behind (e.g. one spammer had a mailbox at the street address of The Company Corporation, which is in the business of setting up cheap Delaware corporations), so they're effectively untraceable.
Meanwhile, if you're a "hardcore libertarian", you need to think about what rights mean. Saying somebody doesn't have the right to do something isn't just a statement about ethics - its equivalent to saying that you have the right to beat them up if they do it. Falsifying your personal resume is attempting to deceive somebody about your skills so they'll give you something that they wouldn't if you'd been honest, and of course that's wrong.
But "Trav
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I hear Dan Rather has a new story brewing on record falsification.
..the law in no way requires you to PROVIDE information. It simply requires that information that is PROVIDED must be accurate. From the actual bill:
(6) the term `counterfeit documentation or packaging' means documentation or packaging that appears to be genuine, but is not.
If I list my Address as "1234 Testing Lane," I'm in violation. But if I list it as "Not Disclosed", I don't believe (IANAL) that I am. Same goes for name, or listing the name as "System Administrator." E-mail could be listed as "whois@mydomain.com," which would be legit if that was a real e-mail address...
I don't know a way areound the phone number issue, however. I believe that listing "not disclosed" as a phone number would be within the law, but I'm not sure a registrant will accept that if they validate phone numbers...