Canadian Domain Name Registrants To Get More Privacy

An anonymous reader writes "The Canadian Internet Registration Authority, which manages the dot-ca domain, plans to change its WHOIS policy to better protect domain name registrants. Quoting the Canadian Press: '[Law Professor Michael] Geist said the changes have raised the ire of law enforcement and intellectual property lawyers, who have used the Whois search to track down sexual predators and copyright violators.' Despite this, the organization seems committed to following through with the reforms." Geist also gave a talk recently about digital advocacy; the effectiveness of using modern technology to raise concerns and share ideas about issues such as privacy and copyright law.

Spams and scams

[telchine]

From my experience, WHOIS details are mostly used by spammers and scammers. I get a steady stream of snail mail from scammers trying to pretend that they are my registrar and want me to renew with them (for a significant sum of course).

I've never had any legitimate mail sent to the snail mail address that I use to register my domains.

I get a torrent of spams to my registered email addresses. Ocassionally I get offers to buy my domains or just people wanting to contact me but that's may 1 or 2 emails a year.

I think having contact details in WHOIS is an archaic system left over from the days were everyone on the Internet was polite to each other (or something). It should be scrapped and only law enforcement agencies with a warrant should be able to access my contact details.

Re:Spams and scams

[bsDaemon]

I think having contact details in WHOIS is an archaic system left over from the days were everyone on the Internet was polite to each other (or something). It should be scrapped and only law enforcement agencies with a warrant should be able to access my contact details. Whois, finger, ~/.plan files - all relics of a courteous age before mass commercialization ruined various net services, just like its ruined practically everything else.

Its been a while since I registered a domain, but I do believe that info for the whois was optional. I've whois'd many a site that didn't have any contact info listed.

In fact, I think they only times I've ever gotten any useful and relevant info at all from whois has been for .edu or .org sites.

Re:Spams and scams

That's precisely the problem with Whois. The internet should be anonymous. If you want accountability, there's SSL.

I personally hate the fact that my personal information is listed on every domain I own. I've been targeted by all sorts of scammers, online and off, simply because my information was out there for any half-breed to abuse.

Hell there was this moron a while back. I got this almost legit-looking letter stating I was being sued for defamation of character, but when I called the number I got a very plain sounding voicemail message. I ignored it for about a week until I got another near-identical letter, slightly more threatening.

I use slight variations on my address, so I can tell where people got my info. This one was fishy for several reasons:

1.it was plain old mail, not couriered or registered.

2. it used my mailing address from Whois

3. the "plaintiff" lived hardly 15 minutes away from me.

So I did what anyone with half a brain would do: I looked up the "attorney" and his contact info. Sure enough, the info was bogus and the phone number was the idiot's cell phone. Busted!

Another week passes, I get a third letter. Now he's giving me court dates and settlement options. I rolled my eyes for a few minutes, then drove over to his house, called the number and knocked on his door at the same time. Funny thing is I was so scared of this big mean attorney/out-of-work-roofing-contractor that I didn't notice when he opened the door, and just kept on throwing my hand where the door used to be. I can be such a space cadet sometimes!

Sure enough, I didn't get any more legal threats from that particular address. I do wonder what could have happened if it were someone far away... I guess the real question is: How far am I willing to drive out, to beat the shit out of con artists ?

Re:Spams and scams

[pathological+liar]

Okay, but you can have an unlisted number because (wait for it) ... some people are concerned about privacy. How is hiding/falsifying WHOIS info any different?

Simple change:

When a copyright predators want whois data, make them provide the equivalent information about themselves and give it to the person whose whois data is being queried.

Re:Anonymous Coward

[Insanity+Defense]

When I registered my domain name I went to the company I chose as an ISP filled out forms, handed over cash to pay for the next year. At no point did they check my ID. I could have listed myself as Herman Munster 1313 Mockingbird Lane for all they cared. Yes I am a Canadian and registered a .ca domain name. I was honest but I didn't have to be.

So what was stopping them before this?

Re:Privacy....

I really like the WHOIS registry. It is the only guaranteed form of accountability there is on the internet. If I think an internet business is shady, I can easily get an associated physical address. I don't think domain owners should be anonymous. Especially since linking domains to names does not exclude the kind of privacy that needs to be protected. If you're concerned about bushitler throwing you in guantanamo for expressing your political views, then you can post them anonymously on somebody else's domain.
Much like it is important that we are able to identify owners of physical property, is it important that we know who is behind internet property. For example, if a person bought out a storefront and installed a giant tesla coil that shocked pedestrians as they walked by, most of us would think it important to be able to find the owner of that property. Likewise, we should be able to identify the proprietors of websites that cause people harm.

Re:Falsification ought to be criminal

[value_added]

But a domain name was never meant to be private. Insisting upon privacy for what should be public information is a mis-use of the resource.

And I'm still moaning that email was never meant to be anything but text. ;-)

The purpose of the legislation is to address the continuing increase in personal domain registrations. It's entirely conceivable that one day, everyone will be required or will otherwise want to register in some form. That leaves us in a difficult position where the traditional approach of making everything public must be balanced with the privacy needs of millions of new registrations by ordinary individuals.

Resolving that conflict by admitting no one anticipated this state of affairs, or saying this isn't how things are supposed to work, is hardly satisfactory. And when you mix in the changing interests or requirements of all the parties involved, ranging from the various internet authorities, to law enforcement, ISPs, network administrators, all the way down to Dick and Jane, I can't see how anyone could say let's just leave it alone.

Hell, it wasn't too long ago that ATT would routinely publish whois info for their fixed IP accounts. Makes perfect sense, until you realise it doesn't.

One approach, or workaround, would be to advise (require) everyone to hire a personal lawyer to handle everything; the registration info would be public, but the personal information would remain personal. Another would be what the Canadian government is doing. Personally, I expect all this will work itself out in time, but I worry that we'll find ourselves in a very different world than when we first started.