Canadian Domain Name Registrants To Get More Privacy

An anonymous reader writes "The Canadian Internet Registration Authority, which manages the dot-ca domain, plans to change its WHOIS policy to better protect domain name registrants. Quoting the Canadian Press: '[Law Professor Michael] Geist said the changes have raised the ire of law enforcement and intellectual property lawyers, who have used the Whois search to track down sexual predators and copyright violators.' Despite this, the organization seems committed to following through with the reforms." Geist also gave a talk recently about digital advocacy; the effectiveness of using modern technology to raise concerns and share ideas about issues such as privacy and copyright law.

Privacy....

[zappepcs]

It's not just for the police anymore.

A day without privacy is like... well, like a day living in a police state.

As for the reaction to this.... waaaaaa fucking waaaaahhh

While it's still part of the law, you police people will just have to do your jobs the way you were meant to... investigate, get warrants, follow the procedures laid out in the law. Remember, protect and serve? It hasn't changed. You are still charged with those roles in society. If you forget that, or ignore that, you are no better than warlords in mogadishu.

Get over it.

Spams and scams

[telchine]

From my experience, WHOIS details are mostly used by spammers and scammers. I get a steady stream of snail mail from scammers trying to pretend that they are my registrar and want me to renew with them (for a significant sum of course).

I've never had any legitimate mail sent to the snail mail address that I use to register my domains.

I get a torrent of spams to my registered email addresses. Ocassionally I get offers to buy my domains or just people wanting to contact me but that's may 1 or 2 emails a year.

I think having contact details in WHOIS is an archaic system left over from the days were everyone on the Internet was polite to each other (or something). It should be scrapped and only law enforcement agencies with a warrant should be able to access my contact details.

Re:Spams and scams

[argent]

From my experience, WHOIS details are mostly used by spammers and scammers.

And spamfighters, since spammers have to have reachable domains for their "customers" to locate them. Even if they disguise them, they still need to have some kind of web presence that the "customers" will find credible, and that provides a hook to locate them.

Re:Spams and scams

[ratboy666]

Why thank you!

I have domains -- all of them are .org, and ALL have valid whois information. The downside? I get spam (20 to 50 a day) that I suspect comes through the registry. But, I use my name at hotmail dot com with a forwarder for email (GetLive) and I have set the hotmail up with maximum aggressive spam filtering. I get 5 to 10 requests to "renew" my domains per year via snailmail.

All in all, not bad for 3 domains. Personally, I don't believe that fake information in the whois database should be allowed. I believe that the whois registry is like a phone book, or address list, and, because dns addresses are public, the registrants should be listed.

But maybe that's just me.

Re:Think of the children!

How is this a "think of the children" mindset? If anything, it shows that us Canadians have a "think of our right to privacy" mindset, and I fail to see how that is a bad thing.

Re:Think of the children! We do

[arthurpaliden]

No, thankfully as a rule we are smarter and realize that our children are at higher risk of meeting a pedophile at the park, on a bus, at the mall, at an after school activity than on line.

Falsification ought to be criminal

[Teancum]

For myself, I believe that falsification of information on domain registration (aka the "whois") ought to be criminalized instead of swept under the table as it is right now. There are legitimate reasons for being able to identify specific pieces of equipment and domains ranging from technical (I'm getting a whole bunch of packets from you... would you roll back that software update you just did and fix the bugs) to criminal activity... most of which is mentioned in the parent article.

Or more to the point, if a domain has false information listed, the domain ought to be invalid and can be revoked. I dare any bona fide business to apply for a business license from a government agency giving the kind of information I've seen on most whois databases... especially the dot com types. Business license information is public information and often even published in network accessible databases as well... many even on the web interestingly enough.

Unfortunately, the domain registrars themselves have been allowed to be lax in the kind of information they expect, and is IMHO an example of ICANN and its corruption and mis-management.

For those individuals who are worried about privacy, this isn't to say that you can't communicate and use the internet for private communications. But a domain name was never meant to be private. Insisting upon privacy for what should be public information is a mis-use of the resource.

This is also a situation where a free and just society is required so you can have the freedom to be able to publish your name in a public forum and not fear retribution from those who may want to do harm to you. The real reasons for the desire for privacy is protection from criminal behavior... and it is the criminals who mis-use this information (aka sending spam, threating letters, or abusive prosecution) that should be punished severely. In other words, the desire for privacy stems from a break-down of government in establishing order and consistently prosecuting genuine criminal behavior that most people would consider to be criminal.

Re:Falsification ought to be criminal

[value_added]

But a domain name was never meant to be private. Insisting upon privacy for what should be public information is a mis-use of the resource.

And I'm still moaning that email was never meant to be anything but text. ;-)

The purpose of the legislation is to address the continuing increase in personal domain registrations. It's entirely conceivable that one day, everyone will be required or will otherwise want to register in some form. That leaves us in a difficult position where the traditional approach of making everything public must be balanced with the privacy needs of millions of new registrations by ordinary individuals.

Resolving that conflict by admitting no one anticipated this state of affairs, or saying this isn't how things are supposed to work, is hardly satisfactory. And when you mix in the changing interests or requirements of all the parties involved, ranging from the various internet authorities, to law enforcement, ISPs, network administrators, all the way down to Dick and Jane, I can't see how anyone could say let's just leave it alone.

Hell, it wasn't too long ago that ATT would routinely publish whois info for their fixed IP accounts. Makes perfect sense, until you realise it doesn't.

One approach, or workaround, would be to advise (require) everyone to hire a personal lawyer to handle everything; the registration info would be public, but the personal information would remain personal. Another would be what the Canadian government is doing. Personally, I expect all this will work itself out in time, but I worry that we'll find ourselves in a very different world than when we first started.

Why not get a court order to get whois?

[urbanriot]

Why is this such a big deal for law enforcement? They should have to get a court order to view this information, and I don't see that being a big deal if they're actively pursuing an investigation.

Re:Epic Fail?

[Wrath0fb0b]

How can you say canada gets the epic fail when it comes to technology? I have 20/5 Mbit unshaped fiber optic internet to my home for $50/month (Verizon FIOS) and unlimited 1Mbit/256 EVDO mobile internet to my phone for another $20US/month (Sprint SERO).

I buy all my music (and not very much of it) so I don't have to worry about the RIAA. As far as free speech, I think it's sufficient to note that the Supreme Court of Canada has interpreted freedom of speech as subservient to some of the other goals in the Charter of Rights:

The effect of this type of material is to reinforce male-female stereotypes to the detriment of both sexes. It attempts to make degradation, humiliation, victimization and violence in human relationships appear normal and acceptable. A society which holds that egalitarianism, non-violence, consensualism, and mutuality are basic to any human interaction, whether sexual or other, is clearly justified in controlling and prohibiting any medium of depiction, description or advocacy which violates these principles (R. v. Butler, 1992] 1 S.C.R. 452, at p. 494, citing the MacGuigan Report of 1978). In Keegstra, the Supreme Court of Canada upheld convictions for similarly vague "hate speech", e.g. ""promoting hatred against an identifiable group". More broadly, a report summarizes it thusly:

The Supreme Court has ruled that the government may limit free speech in the name of goals such as ending discrimination, ensuring social harmony, or promoting gender equality. It also has ruled that the benefits of limiting hate speech and promoting equality are sufficient to outweigh the freedom of speech clause in the Charter of Rights and Freedoms, which is the country's bill of rights incorporated in the country's constitution. . . . The US is not having a good decade (ok, that's an understatement) but at least we are free from the coercive power of a government that insists on furthering multiculturalism agenda by force (not that I oppose multiculturalism or tolerance, but even good ideas ought not to be coerced). Despite my abiding hatred of racism, I am proud to live in a country were it is legal to burn a cross to make your point of view, no matter how odious that POV is. http://en.wikipedia.org/wiki/R._A._V._v._City_of_St._Paul.

I should make clear that I regard both Canada and the US as at the forefront of modern liberty and well ahead of the rest of the world in that respect. Disagreements between us are disagreements on common values -- they demonstrate that we are closer than further (in a manner of speaking).

See also:
http://en.wikipedia.org/wiki/R._v._Butler
http://en.wikipedia.org/wiki/R._v._Keegstra
http://en.wikipedia.org/wiki/R._v._Andrews

Re:Epic Fail?

[dryeo]

Data CDs also have the levy. http://en.wikipedia.org/wiki/Private_copying_levy#Canada

a little perspective pls

[doppiodave]

i'm the proud owner of a gaggle of .ca domains, going back to the days when they were administered as a labor of love out of the university of british columbia by one dedicated soul - John Demco. he was rewarded by having abuse heaped on him for being way too particular about whether applicants were stealing trademarks, or were otherwise out to make trouble. unsurprisingly, he was a volunteer working under the de facto authority of Jon Postel. many Canadians, esp those in business, wanted a system more like .com, so anybody could get registered in 2 minutes flat - a great system until we had to endure years of cybersquatting, reverse-cybersquatting and the like. when CIRA took over 8 years ago, they had far more resources to throw at the .ca domain, yet have built a system very much in the spirit of the old one - fair, secure and extremely well administered. the decision to pull .ca data out of whois is just another step along that path. why anybody is surprised or upset by this decision is a mystery to me. law enforcement officials everywhere will always be disappointed if they're not allowed to stick a probe up your ass to see what you've had for lunch. as for privacy on the Internet, it's long gone - in so many ways it's hard to count 'em. if "officials" are pissed about CIRA, it ain't because they're pulling whois out from under them. it's because CIRA operates at arm's length from the government, which is a lot more than you say for ICANN and the Dept of Commerce.