Slashdot Mirror
Proposal To Limit ISP Contact Data Draws Fire
An anonymous reader writes "A proposal to let Internet service providers conceal the contact information for their business customers is drawing fire from a number of experts in the security community, who say the change will make it harder to mitigate the threat from spam and malicious software, according to a story at Krebsonsecurity.com. From the piece: 'The American Registry for Internet Numbers (ARIN) — one of five regional registries worldwide that is responsible for allocating blocks of Internet addresses — later this month will consider a proposal to ease rules that require ISPs to publish address and phone number information for their business customers. Proponents of the plan couch it in terms of property rights and privacy, but critics say it will only lead to litigation and confusion, while aiding spammers and other shady actors who obtain blocks of addresses by posing as legitimate businesses.'"
Only for businesses, of course, since they have the money and don't mind paying extra to be untraceable. In fact, why not just go ahead and pass a law that bans popup blockers and mandates every citizen to an hour of forced ad viewing per day?
Job? I don't have time to get a job! Who will sit around and bitch about being broke and unemployed then?
Person A says to cops: "I received spam. Here is copy."
Cop identifies IP.
Cop says to provider "Give me billing info on this IP b/c of spam."
Provider gives billing info. If not, does so after quick court order. If still not, gets shut down.
Cop contacts business. If hijacked computer, refers to techies. If not hijacked, quick court case by DA. IF spam, gets shut down and pays large statutory damages and prohibited from using net again for X years.
Or something like that.
The problem is having a quick, efficient, and intelligent police response in place, and having people know where they can go to get it. We will never stop spam unless we decide to commit sufficient resources to doing so.
We might use civil causes of action, class actions, and/or private atty general statutes. (But have to be careful to limit abuse.)
-- IANAL, this isn't legal advice, and definitely isn't legal advice for you. Also, Squee!
Want to fix the spam problem? Get rid of "private" domain registrations. If the domain isn't registered to a real human being, pull the plug.
This will help stop sites that offer crap like "bullet-proof email services" - spam-on-demand.
If GB is passing laws to cut off file sharers, who do so for personal use only, why can't they move quickly to impede spam?
... oh right. Spam is enterprise, brings in money. Piracy takes it away. Never mind that everyone loves piracy and hates spam ...
Quartz Extreme and Core Image. Are there any other real reasons to spend all that money on generic hardware?
I find the "contact us" facility on some ISPs to be totally lacking, especially if you want to complain about one of their customers abusing their service. I had course to complain to swbell/AT and T about a venonomous message recently and not only did it take ages to find a complaint address, but I never got a reply back. (Also, the police and FBI have been useless too)....
My web domain.
I don't need random people I play online games with and host a website wiki to have my phone number, address or even my real name. If I as doing something wrong, the police still can get access to it. What's the problem?
Everybody should have a right to privacy up to the point they abuse it. That address and contact information, when reflexively made public, can and is happily abused by other unaccountable individuals and businesses.
Our problem is that we don't have an effective system for making abusers face consequences for their actions, and stomping on the privacy of responsible actors on the Internet only makes the problem worse by adding to the pool of people whose information can be used to harass them with spammy communication. Far better to grant privacy automatically in combination with a reasonable system for penetrating it (i.e. make it easy to get through if there's proof of bad actors while instituting legal penalties if people file false reports for the purposes of obtaining private information.)
Want to fix the spam problem? Get rid of "private" domain registrations. If the domain isn't registered to a real human being, pull the plug.
This will help stop sites that offer crap like "bullet-proof email services" - spam-on-demand.
Real question because I don't honestly know: how much spam is actually sent from people with registered domain names who own blocks of IP addresses? How does this number compare to the spam sent from compromised Windows machines that participate in various botnets? If the latter is a much larger source, then this looks more like another ineffective feel-good measure. Though to be honest, even if you shut down every last botnet I don't believe that would stop spam, because spam predates large botnets.
The way I see it, spammers are like drug dealers. You will never run out of them until you remove their profits. Economic forces are that powerful. If one drug dealer gets busted, the rest probably feel like the cops did them a favor by removing some competition. For every dealer busted, another will take his place because there is no shortage of people with no scruples who will do anything for money. The higher the risk, the more they can charge for their products.
You will never win the War on Drugs with force. We've tried that for decades now and it hasn't done anything (not that we're willing to learn from this). Your only hope is to convince the users to give up their habits through education. Education has been phenomenonally successful at reducing the use of tobacco, to make a comparison. Likewise, I don't see how busting spammers is going to stop spam. I don't believe you will ever stop spam until the average Internet user stops buying their products and stops falling for their scams.
It is a miracle that curiosity survives formal education. - Einstein
Contrast this with the provisions of ACTA, which require that the ISPs more strictly monitor citizens for imaginary property infringement.
Looks like you're much better off being a corporation than a person these days. Better privacy. Better health benefits. Better insulation from litigation. And if you get big enough you don't even have to be financially solvent in order to survive, the government will bail you out.
You have a license plate on your car that's publicly viewable, and you don't have the right to obstruct/hide it. What's the problem with that?
You have an address on the door to your place that's publicly viewable. What's the problem with that?
You have a face that's publicly viewable when you go on the street - and you don't have the right to wear a mask to hide it, What's the problem with that?
You have your name, address, bank account number and signature on any cheques you write. What's wrong with that?
You have your medical condition and contact info listed on your MedicAlert bracelet. What's wrong with that?
You want to host something on the net? Fine - be prepared to post valid contact info. Otherwise, make arrangements for someone else to host it, or host it off the net.
Corporations are NOT people. Therefore, they have no "privacy" expectations or rights to such.
They are PUBLIC corporations. I see no reason to extend the rights that individual PEOPLE enjoy to corporations, which by their inherent creation, are PUBLIC entities.
If they have nothing to hide, well, then why are they asking to be hidden? (I know this is a fallacious argument, but when corporations and the government (and their cheerleaders) apply it to people, why can't it be applied similarly to corporations?)
Corporations can't have it both ways, all the rights of actual living people without all of the OBLIGATIONS that actual living people must also comply with, including and up to that final eventuality of dying and ceasing to exist.
There is nobody in the real world that is half as nuts as the people on the Internet can get. I don't know how it's possible, but it is. You make the hosts publish their contact information, then you better make everybody do it, because as much as I loathe spammers and spam it's tame compared to what individuals at home hiding behind their ISP will send if they disagree with you.
In these cases, access is limited (by line-of-sight), or the information does not provide back-tracability. That no longer happens when posted online.
Or would you like to prove this isn't a big issue by posting your phone number, address, license plate number, and check routing/account numbers here for us?
Write your representatives! Repeal the 2nd Law of Thermodynamics!
Person A says to cops: "I received spam. Here is copy."
Cop requests complete copy of spam, waits three days for response, works through forged headers, determines IP is in another country.
Cop answers impatient email from Person A.
Cop requests assistance from local authorities, six months pass. Cop answers several impatient emails from Person A.
Local authorities provide name and street address registered to IP.
Cop researches data and determines the address is a vacant lot in another country. Cop reports this to Person A.
Cop files report, answers several angry emails from Person A until the emails are blocked by department server by policy.
Or;
Person A says to cops: "I received spam. Here is copy."
Cop identifies IP.
Cop says to provider "Give me billing info on this IP b/c of spam."
Provider gives billing info. If not, does so after quick court order. If still not, gets shut down.
Cop contacts business. Contact info results in contact with unrelated business with no knowledge of the info the cop was given.
Cop files report, answers several angry emails from Person A until the emails are blocked by department server by policy.
As if spammers are so easy to get hold of that you just ask for the contact info and someone answers the phone. Or the door. Or a summons. Or even an email.
The naive solutions to spam all are driven by the desire for punishment. We need to consider prevention. reputation-based server authentication, similar to what SpamAssasin did. If your server is regularly reported as a spam spource, it fails to connect to those servers that have higher standards. ISPs complete blocking port 25 for users, forcing them to use servers and thereby participate in the reputation-based authentication scheme. Bots and compromised systems have no way out except through ISPs that permit port 25 traffic, and those get marked up as spammers so that others can choose to accept their connections based on community reports. Rating servers could be a simple as number of unique reports, a ratio of spam reports vs all connections (spammers would send a lot fo spam, on every connection, so the ratio would be low. Nonspammers would send little spam on few connections, ratio is high). Users could, like in SpamAssassin, choose the level at which they block. It would take a little while to establish ratings.
Sadly, this could be defeated by servers hijacking IPs, changing IPs, and such. And would IP blocks be tainted for a long time reputation? And would a spammer survive by having a large enough pool of IPs that they could just move on to one that was unused for a while, crank up its reputation, and then move on and let it lapse? Lowering ratings by relying on the last known connections would help - unused IPs would not change their ratings.
Tell me, how stupid is this idea? The obvious solution is prevention.
Aside from the MOST OBVIOUS SOLUTION, punishing the advertisers. If you can find them. Back to the plan.
deleting the extra space after periods so i can stay relevant, yeah.
I can assure you that many ISPs already do this and have been doing so for at least 10 years. There is no point in placing customer contact information into the whois directory when the customer is not capable of handling technical network issues themselves, so many ISPs just fudge the data in various ways to keep it out of whois.
Some people have set up what amounts to private police forces and since they can't get at the information with a sub-poena like the real police, they are trying to rig the system so that people have no right to privacy.
STRANGELY ENOUGH the people who argue against privacy never seem to want to do that. They aren't terribly committed to their statements after all.
It is a miracle that curiosity survives formal education. - Einstein
At least with this proposal providers could implement their whois servers and actually leave them up and running all the time, rather than only turning them on when working with ARIN to receive another IP allocation (common practice in the industry), which doesn't really help anybody when they are down.
You have a license plate on your car that's publicly viewable, and you don't have the right to obstruct/hide it. What's the problem with that?
A license plate is an indexed key. To actually obtain the data associated with the key, you have to be in a position of authority (e.g. a police officer).
You have an address on the door to your place that's publicly viewable. What's the problem with that?
You're already there.
You have a face that's publicly viewable when you go on the street - and you don't have the right to wear a mask to hide it, What's the problem with that?
You don't? Tell that to Anonymous.
You have your name, address, bank account number and signature on any cheques you write. What's wrong with that?
You can contest things that happen to your bank account. Nonetheless, I don't let just anyone have the information on my checks.
You have your medical condition and contact info listed on your MedicAlert bracelet. What's wrong with that?
No, I don't. :^P Further, even if I did, people have to get close enough to view it. It's not in a publicly accessible database, like WHOIS data for domains.
I like the ability to anonymously post information to the internets. Part of that is the ability to be free from WHOIS spam as part of a domain registration.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Follow the link to today's spammer tracking report, and see how handy the information can be to track down spam. Also, feel free to do a whois. My contact info is on-line. It's been on-line, under various domain registrations, since I registered my first domain in 1994.
Spammers need a legit server to receive those clicks. See how I tracked down one spammer half an hour ago to learn more.
Pay particular attention to the section around the "Directory Listing Denied" segment.
You might also want to help ...
I'm still waiting for the "year of the linux desktop", so I don't hold out much hope for end-user education :-)
The day that all of that crap is in the WHOIS database will be the day when you have a point.
Then use a subdomain on a responsible person's SLD registration.
Proper contact information really is a requirement for registering a domain name.
"Domain by proxy" services are sneaky, the practice should be banned, for among other reasons (due to the fact) that the proxy service is officially the legal owner of the domain name, as far as the internet domain registry is concerned.
Do you want to put money on that? Several states say otherwise (and that doesn't count municipal laws to the same effect)
http://www.anapsid.org/cnd/mcs/maskcodes.html
Now, back to fighting spam by using whois information - here's today's spammer exposed. They keep sending out crap claiming to be from Lennar Homes ... hopefully their host - marliness.net - will do something about it.
That's wonderful, and probably made you feel better, only it misses my point. You can track down 500 more spammers if you want. Even if you manage to get every last one of those 501 taken offline, more will show up to take their place. That will continue so long as spam remains profitable. What you're doing there is more about a visceral feeling of nailing someone for being a pest, and unfortunately nothing else. We will never run out of symptoms like that spammer you tracked down until we address the actual root of the problem.
It is a miracle that curiosity survives formal education. - Einstein
You have your medical condition and contact info listed on your MedicAlert bracelet. What's wrong with that?
A Medic...what??? Of course I do not.
You have your name, address, bank account number and signature on any cheques you write. What's wrong with that?
I have only name, bank account number, and issuing bank. No need for an address on a cheque, that's a security risk.
Also, don't write checks.... paper checks are a security risk, because they are easily forged, and should be kept locked up at all times and not used on a regular basis.
You have an address on the door to your place that's publicly viewable. What's the problem with that?
Some people do. Some people do not have an address printed on the door.
You have a face that's publicly viewable when you go on the street - and you don't have the right to wear a mask to hide it, What's the problem with that?
Huh? Of course you do. Although it may be at your peril
No problem. But first, a demonstration of how useful whois info is for tracking down spammers,
All my info has been on "TeH InnerT00bZ" since I registered my first domain back in 1994.
While I'm a big advocate of privacy rights, I also think that hosting a domain is a public action, and needs to be directly tied to someone who will be physically accountable for their actions.
Should the contact info of a corporation that has 16 or more public IPv4 IP addresses really be considered private?
What is the value in protecting "privacy" of a corporation's identity, and allowing them to use a public shared resource for profit privately without revealing their identity?
Typically there is no more info about a company in a WHOIS listing than can be found through other public records, such as corporate charters, Yellow pages, advertisements.
A license plate is an indexed key. To actually obtain the data associated with the key, you have to be in a position of authority (e.g. a police officer).
At one point in time that might have been correct.
It is no longer true. There are plenty of back channels where a person not in a "position of authority" can very easily get the information indexed to the key, pretty reliably.
Bullshit. Let's see anyone enforce it, if it exists at all.
According to you, it is illegal to wear a veil or burqa in public. It's not.
This is still America, I am still an American, and if there really IS a municipal law like that on the books anywhere lets see how long it lasts against the ACLU. I would be honored to be arrested for such a 'crime' and provide the litigation vehicle to overturn it.
I sure as hell hope you are not promoting it, because it goes against everything we are supposedly fighting for as Americans. My right to privacy being chief among them. If you want to take my right to privacy away you will have to pry it from my cold dead fingers.
The solution to our problems is not less privacy and anonymity. That won't solve diddly squat.
Real question because I don't honestly know: how much spam is actually sent from people with registered domain names who own blocks of IP addresses? How does this number compare to the spam sent from compromised Windows machines that participate in various botnets? If the latter is a much larger source, then this looks more like another ineffective feel-good measure.
You realize, these are not disjoint sets?
There are a lot of Windows machines on the networks of companies that hold IP addresses.
These are business networks, and often they are a source of spam. Often other people need to contact them to give them a friendly alert that some of their machines are sending spam, so they can deal with the infection.
Often residential users who are not on business networks with their own IP addresses, have ISPs that block or filter port 25.
Basically, if you have your own IP addresses, and your own network, then you have a responsibility to be contactable so you can mitigate abuse.
If you are a single user without IP addresses of your own, then your ISP is your network manager (to an extent, obviously they won't come to your house and clean the infection for you, and it's not ISP support's job to walk you through cleaning or fixing your infections, either, although some ISPs will offer this service, probably at substantial additional cost).
Neither WHOIS information nor IP address block allocation (ARIN's remit) should be private. Neither businesses nor anonymous web sites are entitled to anonymity in most of the developed world. Europe, in fact, is tougher on this than the US. Europe has the European Privacy Directive, but that's for individuals acting in their private capacity. Businesses come under the European Directive on Electronic Commerce.
"Service provider" here means web site owner/operator. So even in an area with strong privacy laws, businesses don't have the right to run anonymous web sites.
California has a similar law for sites that accept credit cards. It's a criminal offense in California to accept credit cards from an anonymous web site.
At SiteTruth, our demo search site, we use this requirement to filter out "bottom-feeder" sites from search results. If it looks commercial, and we can't figure out who owns the site after trying about five different approaches, it's down-rated, and we move this down in search results. This puts teeth into fighting "search engine spam".
Sites can put up phony address info, of course, but that's a felony in many jurisdictions. It's generally treated as fraud, and if it's someone else's address, identity theft. That's a line most "bottom feeders" don't want to cross. Also, much such fraud is reported to sites like PhishTank, so there are red flags to check.
If you want to put up a personal site to express your political opinions, fine. But if it's selling something, it can't be anonymous. Deal with it.
Here, let me fix that for you:
The root problem is that spammers are anonymous. Strip them of their anonymity, and watch how spam goes from 95% of all email to 5%.
You're the one who mentioned municipal ordinances, so that can also apply to cities. Your link is worthless. Hardly any data is available for the states, or so few states have enacted such laws it is similar to anal sex being outlawed in Rhode Island.
A law that everyone thinks is ridiculous and ignores.
I am willing to be a test case because I am not a coward and I am STRONGLY against the dilution and elimination of my rights to privacy and anonymity. So you betcha! I have no problem being an activist, getting arrested, and going to court.... all for people like you. All through this countries history people have fought for your rights. The fact you don't value or them and are unwilling to fight for them saddens me, but does not affect my resolve in any way, shape, or form to fight for them nonetheless.
Big talk, but I don't see any action.
And you also are wrong about me - I've been in plenty of protests, some of which I've organized, gotten bomb threats over them, police (and others) trying intimidation tactics, (they even called out the riot squad one time against one of the larger ones), probably been to court more times than you - in defense of constitutional rights - and successfully argued them without a lawyer (while in one case the 63 others who were arrested were so scared they used a lawyer and all ended up convicted - dumb-asses every one of them, ultimately found lacking the courage of their convictions).
Can you say the same?
Sure I could 'say' it.
It's easy to say 'Big Talk' and no 'Action' too. The only thing I hear from you is Talk with no Action as well.
The difference is.... I am not promoting the eradication of privacy and anonymity, which comprise the first line of our defense against corrupt governments, YOU ARE.
You fought for our rights? Really? So what changed from then and now?
Getting rid of "private" domains won't do a damn thing except INCREASE the amount of spam that domain holders get. Spammers don't hide behind private domains, they hide behind huge botnets!
I used to not hide my whois information. In fact, I was proud to display my contact information in my whois entry when owning my own domain was a novel thing. Then the spam started on the contact accounts. Annoying, but I could handle it. Soon after, I started getting phone calls from people who barely spoke English claiming to be from my "hosting company" or from NetSol and they need access to my host right away or there was a "billing problem" and they need my credit card information to resolve it.
I set my domain information private right after that and never looked back.
No thank you. I use private domains to HIDE from spammers and scammers.
The
You obviously didn't read the link. Few states are listed as having anti-mask laws, fewer still support your general claim of "you don't have a right to wear a mask":
California - Illegal to wear a mask for the purposes of disguising yourself during the commission of a crime or evading capture by the police.
DC, Florida - Illegal to wear a mask for the purposes of intimidation/threats, depriving others of their legal rights, or avoiding identification while committing a crime.
New York - Illegal to hang around masked in a public place with a group of people similarly masked
North Carolina, Virgina, West Virginia - Congratulations, these have a broad enough scope to superficially support your claim...provided none of the listed exemptions apply. You also have to ignore the fact that these are essentially blue-laws targeted at the KKK and their like, enforcement of which against someone just going about his business while masked is laughably unlikely to happen in the first place, much less survive a Constitutional challenge.
Even that aside, all it shows is that there are three states currently violating your right to wear a mask in public, not that you don't have the right to begin with. You absolutely do have that right. It harms nobody, and other people are not entitled to see your face.
Since net neutrality isn't an issue I expect the ISP can provide that page to everyone via connection running at about 2 baud. You'll have the names in about twenty years.
Hmm, gee, that's a tough one. Maybe it's because they believe in privacy in some areas, and not others? Maybe they don't see a dichotomy between complete privacy in every area and willingly sharing your most pragmatically necessary secrets with strangers on the internet?
You know, there is a difference between trolling and pointing out the flaws in your reasoning. Just saying.
In 1886, Santa Clara County v. Southern Pacific RR granted human rights to corporations under the Constitution. This made corporations more than human: They don't eat, breathe or die (unless they go bankrupt - Hmmmm).
There are companies that are hundreds of years old - how's a human supposed to compete with that? After all, you might be able to punch your next door neighbor in the face, but you'll never punch Coca-Cola in the face...
Ask Me About... The 80's!
I'l even make it easier for you : In this particular case you can see for yourself that the poster did try to obsfucate his identity for people he does not like any attention from :
How's that for hypocrisy ? :-D
If anyone wants to contact Tom Hudson personally and point out what an idiot he's being, his address is:
66 Whiteoak
Dollard-des-Ormeaux
H9B 1K3
CANADA
His phone number is 514-244-2433
Seems to me that legitimate businesses with an internet presence spend a lot of time & money on trying to be known.
Why would a legit business want to be anon?
For people posting in fear of their lives, there's Wikileaks...
This is not the way to defeat spammers and others.
I am not fighting for "the eradication of privacy and anonymity" - there is no requirement that people HAVE to have a domain, same as there is no requirement that people HAVE to have a drivers license. You're free to use the web, and you're free to walk on the street. However, the use of certain aspects should NOT be completely unregulated - both for driving cars and hosting domains. Either one you should be able to track down the responsible party for when they fail to act responsibly.
Rights come with responsibilities, as anyone who isn't thinking like a spoiled child would know. You want the right to register a domain, then that registration information should be public, so that when someone has a beef with you they have a legit avenue of complaint.
As for "unlikely to happen", tell that to the 8-year-old who was arrested for writing on her desk with an erasable marker, or the 5-year-old kid who was charged with sexual assault because he kissed a classmate.
Feel free to prove me wrong by going into your local bank wearing a mask. Better yet, go into your local gun shop wearing a mask. Do Darwin proud! :-)
I noticed you left out my name - do you want to try again - AFTER reading my slashdot profile, so you at least get the pronouns right next time??? :-p
The mask banning is quite true and enforced in a lot of places. Just the facts.
No, you made the blanket statement: "You have a face that's publicly viewable when you go on the street - and you don't have the right to wear a mask to hide it". You succeeded, at most, at "proving" this to be true in a narrow set of circumstances...in three states out of fifty. That's a success rate of less than 6%.
Ignoring your failure to cite sources showing these incidents actually took place, let's look at the parallel you're trying to make. Laws against vandalism and sexual assault:
None of this applies to your so-called "can't hide your face" law. Your comparison doesn't hold water.
So, having started from a position of "you don't have a right to hide your face in public", you have now backpedalled to "if you hide your face in certain specific public places people might think you're breaking a completely different law even though you're not". That's about as close to admitting you were wrong as you can get without coming out and honestly saying so.
And don't try to shift the burden of proof. You made the positive claim, you have to back it up. Thus far you have failed miserably to do so.
One of the posters claimed that there were no such laws. I proved otherwise. Now, if you want to show that those laws are not in effect, do so, and pics or it didn't happen.
There is on constitutional right to go around wearing a mask, and various states, as well as municipalities, prohibit it. It's also probable cause for stopping you pretty much everywhere.
It's not up to me to go through the ordinances of 10,000 cities and towns to see which municipalities also have similar restrictions.
Just go out there and collect your Darwin.
The drivers license is simple. It is a privilege to drive simply because of how dangerous of an endeavor it really is. The best interests of society are served to make sure that I have the ability to drive safely.
The drivers license should not be used as identification on demand by authorities. I always fight that tooth and nail. If I am not in car, you don't get to ask for my identification, UNLESS, you have just cause to do so. That just cause being a belief, that can be supported by evidence, that I was responsible for a crime or had recently committed a crime.
As for the domains, I disagree. There is nothing that says I MUST publish my home address anywhere in the public record. In fact, I don't even give it to government because they might as well be public record since they sell the information with the laughable farce that you need to be in law enforcement to get it. I don't believe it serves the public interest to have where every citizen sleeps on public record. That is insanity, which is what you are advocating.
Not everyone has a business with a business address. Plenty of people with websites choose privacy because they don't want some nutball on the Internet getting upset about how they insulted the Teletubbies in their blog and tracking them down. The privacy services are not immune to law enforcement or subpoenas either. You can still get the address of someone using a privacy service.
Rights do come with responsibilities and I agree with that. However, that does not mean, cannot mean, will not mean, EVER, that I give up a single shred of my privacy or anonymity to further any agenda by anyone in government. Period.
You have plainly argued that I don't have the right to privacy and anonymity, not just with domains, but just being a citizen and enjoying my rights peaceably around the city.
I'm sorry, but I cannot see anything in your posts supporting of my rights to privacy and anonymity. You seem to be of the sort willing to chuck it all away so that government knows everything, everywhere, in real time, so that they can catch some fucking spammers.
After we give this away....... are we really going to be safe from government abuse? Or will they just use that vast amount of power and now knowledge to accomplish some other sort of goals ostensibly for our benefit? Is it really going to eliminate spam?
You can call me a spoiled child for adamantly supporting the two single greatest measures of defense against corrupt governments, but you would be wrong. I take it very seriously and there is simply no consequences of any kind that would warrant the removal of my rights to give me safety. For when you exchange Freedom for Safety, you get neither one.
Unfortunately for you, the ways in which I can prove you wrong are not limited to what you "provide". Even "prove you wrong" is more than I need to do; I need merely point out how you have not proven yourself right. I have shown how your cited evidence fails to support your claim, and you have not defended it. You, as the one making the assertive claim, are the one under the burden of proof. So the fact that I'm not going to do what you ask doesn't say what you want to think it does. And you know it.
You "proved" that your claim is less than 6% true, which you would have known if you had actually read your source. Remember: three states out of fifty (and zero cities, but we'll get to that later), none of whom have been shown by you to be enforcing these laws in the context you claimed or defending them in court. Since your original claim is a blanket statement covering the entire US (assuming that you only meant the US), this isn't even remotely enough to show that your claim should be accepted as generally true everywhere.
Again, burden of proof. You're arguing from ignorance here.
Well, first of all, there doesn't need to be. Ninth Amendment: "The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.".
But we need not fall back on the Ninth. Wearing a mask has two primary functions: self-expression and anonymity, both of which are amply protected by the First Amendment.
Therefore, any laws against masks can only pass Constitutional muster if tailored to a very narrow scope. Those of California, DC, and Florida would probably survive since they focus on the use of masks to aid activities that are unlawful anyway.
New York's did survive a challenge, but don't get excited by the headline; read the article and you'll see that the reasoning was tied entirely to safety issues arising from the fact that the plaintiffs were seeking to hold a KKK parade in their hoods, and it was held that the hoods did not convey anything that the robes didn't. Obviously the same could not be said of, say, a protest by Anonymous, and certainly not to someone just walking down the street as in your original statement of "You have a face that's publicly viewable when you go on the street - and you don't have the right to wear a mask to hide it". Note also that the court recognized that "the law could theoretically be applied in a manner that violates the First Amendment’s protection of expressive conduct, also referred to as communicative conduct or symbolic speech.". Applied to a case like Anonymous where the mask is essential to the message, or to an individual, the law is far less likely to hold up (it doesn't even apply in the latter case anyway).
And if New York's law has chinks in its armor, then those of North Carolina and the Virginias, with their broad scopes, would get chewed up and spit out like Chiclets. Assuming they even get enforced in the "walking down the street" context of your original claim, that is.
Prove it, then, and furthermore prove that said prohibition - and NOT against Klan rallies and the like, but against indi
So admit that you're wrong. There ARE laws against it. And if you want to go by percentages, there's a country bigger than yours that has laws against it right on top of you. And there are other countries that also have similar laws. So eat crow, fatso.
Those posters were attacking your original claim, which was this:
That claim is not "there are laws against it in a small number of places". It was a generalized statement of fact which, in your ignorance, you assumed applied everywhere. Your claim was that laws against masks were the rule, not the exception. You failed miserably in supporting that statement. Upon realizing this, you started trying to move the goalposts so you could redefine your position as "there's a law against it SOMEWHERE" rather than your previous position of "there's a law against it EVERYWHERE".
But again, your claim wasn't that some place, somewhere has an anti-mask law. It was that anti-mask laws are prevalent, which as your own evidence shows is false by a binary standard.
No, for the same reason I won't admit that I'm secretly the King of the Moth People.
If you want to retroactively broaden the scope of your original claim to cover the whole world, you face some problems:
It's like saying "It's illegal for elephants to be in the US" I don't have to show elephants in all 50 states to prove them wrong. Just 1 state.
How does one state equal the entire country? Or even three? The answer, of course, is that is doesn't, and you're simply lying.
And a blanket ban IS unconstitutional. The fact that it hasn't been overturned yet doesn't prove otherwise. To suggest that it does is to argue that any law on the books is automatically constitutional.