Slashdot Mirror
US and EU Clash Over Whois Data
itwbennett writes "ICANN wants to store more data (including credit card information) about domain name registrations in its Whois database, wants to hold on to that data for two years after registration ends, and wants to force registrant contact information to be re-verified annually — moves that are applauded by David Vladeck, director of the FTC's Bureau of Consumer Protection. The E.U.'s Article 29 Working Group is markedly less enthusiastic, saying ICANN's plans trample on citizens' right to privacy."
Well, I guess I'll have to get a temporary phone number, address AND anonymous "gift card" credit card now for my domain now
Time for the anti UN comments, as usual around here. But how can you defend the USA on this case?
(My .uk domain's public whois looks like this:
Registrant:
[My real name]
Registrant type:
UK Individual
Registrant's address:
The registrant is a non-trading individual who has opted to have their
address omitted from the WHOIS service.
And that's the way I like it!)
That makes no sense, because many people can and routinely do send e-mail from the same domain.
This move is fairly directly contrary to the basic rules of privacy in the EU, and after the negative press that European governments have had over things like airline passenger and banking information recently, I don't see this getting very far. There's no compelling "fear the terrorists" or "catch the tax evaders" kind of argument with popular appeal here. The US authorities have no need to know my credit card number, and certainly no need to keep it for years, assuming it's even still valid by that time.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
How could this possibly stop spam? Most spam comes from botnets anyway, which are going through their companies and/or ISPs mail server. The last thing a spammer would do is use a proper domain.
I personally don't mind having legitimate data associated to domains I own, but I don't like that my name, address, phone number, and email address is visible to everyone. I don't really think ICANN needs my credit card number, but it seems like just making only, say, the name, available publicly would be a better first step.
Why would you store credit card information in WHOIS? I already get mail from registrars wanting me to "renew" my domains (read Transfer them to them) for a "reduced rate" of $30 (I pay $12 a year). If the credit card information was in there as well, what would stop shady organizations from using that information for other scams? WHOIS certainly doesn't keep my physical address safe from scammers.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
I believe storing consumer credit/debit card data over 90 days is a direct violation of Visa International rules. I've been away for that stuff for a couple of years now, so I could be wrong.
Vietnam Veteran / Former Postal Worker -- Use Caution When Taunting!
ICANN doesn't give a rat's ass about the validity of data in WHOIS, and hasn't for a long time. Someone (perhaps in law enforcement?) probably put a little pressure on them something recently and now they are putting on a show. It will blow over soon enough and we'll be back to business as usual, with ever-increasingly-more-meaningless WHOIS data.
From my own experience I would say at least 80% of the records I have looked up in the past several months for extant domain names have had obfuscated information, protected by registrars who don't give a damn that their customers are conducting illegal activities (fraud, selling drugs, selling pirated software, sending spam, etc) through the domains that they sold them. ICANN doesn't give a shit about "protected" obfuscated domain names, and doesn't care about ones with blatantly false data, either.
ICANN just wants to make money. They'll either find a way to make more money with this, or - more likely - they will give it up once the pressure is off.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
What's to stop companies from continuing the "private registration" feature that they already offer (often for a significant fee) to hide the domain owners name, address and other personal details?
Are you aware of the requirements that apply to domain registrars, including ones that implement that function?
Every domain registrar is Required to retain the WHOIS data, and all the pertinent details for all their customers, and make all that information available to organizations designated by ICANN.
Buying a private registration gets you a public WHOIS listing, but all your information is still available.
Unless you have a 3rd party registrar-unaffiliated proxy service, register the domain, own the domain in place of you, and provide their information to the registrar, instead of yours.
Then there's a risk, however, if the proxy service goes bankrupt: ownership of the domain could get included in the proxy services' assets and liquidated to pay creditors of the proxy service.
It's nothing to do with spam. It's so the intellectual property crowd can sue the right person.
Think! Who else in the domain ecosystem needs to know exactly who you are?
Need Mercedes parts ?