US and EU Clash Over Whois Data

itwbennett writes "ICANN wants to store more data (including credit card information) about domain name registrations in its Whois database, wants to hold on to that data for two years after registration ends, and wants to force registrant contact information to be re-verified annually — moves that are applauded by David Vladeck, director of the FTC's Bureau of Consumer Protection. The E.U.'s Article 29 Working Group is markedly less enthusiastic, saying ICANN's plans trample on citizens' right to privacy."

Solution

Well, I guess I'll have to get a temporary phone number, address AND anonymous "gift card" credit card now for my domain now

Time for the anti UN comments...

[xaxa]

Time for the anti UN comments, as usual around here. But how can you defend the USA on this case?

(My .uk domain's public whois looks like this:

        Registrant:
                [My real name]

        Registrant type:
                UK Individual

        Registrant's address:
                The registrant is a non-trading individual who has opted to have their
                address omitted from the WHOIS service.

And that's the way I like it!)

Why would this get rid of spam?

[Anonymous+Brave+Guy]

That makes no sense, because many people can and routinely do send e-mail from the same domain.

This move is fairly directly contrary to the basic rules of privacy in the EU, and after the negative press that European governments have had over things like airline passenger and banking information recently, I don't see this getting very far. There's no compelling "fear the terrorists" or "catch the tax evaders" kind of argument with popular appeal here. The US authorities have no need to know my credit card number, and certainly no need to keep it for years, assuming it's even still valid by that time.

Re:Want to get rid of spam or not?

[ilsaloving]

How could this possibly stop spam? Most spam comes from botnets anyway, which are going through their companies and/or ISPs mail server. The last thing a spammer would do is use a proper domain.

Credit Card Information?

[Jason+Levine]

Why would you store credit card information in WHOIS? I already get mail from registrars wanting me to "renew" my domains (read Transfer them to them) for a "reduced rate" of $30 (I pay $12 a year). If the credit card information was in there as well, what would stop shady organizations from using that information for other scams? WHOIS certainly doesn't keep my physical address safe from scammers.

Re:Credit Card Information?

[WaffleMonster]

Why would you store credit card information in WHOIS? I already get mail from registrars wanting me to "renew" my domains (read Transfer them to them) for a "reduced rate" of $30 (I pay $12 a year).

This is just another intentionally misleading headline. Card data is not going into whois.

The issue is requiring registrars to hang on to CC data so that governments would be able to "lawfully" request from the registrar if that registrar is operating within jurisdiction of said goverment.

Rather than addressing data retention standards with legislation as decided by each countries government...such as thru a billing passed by congress and signed by the president they are essentially attempting an end run around democractic process to get a desired outcome.

None if it is defensible...both ICANN and FTC are in the wrong regardless of what you feel about the issue of data retention.

Visa rules

[OldGunner]

I believe storing consumer credit/debit card data over 90 days is a direct violation of Visa International rules. I've been away for that stuff for a couple of years now, so I could be wrong.