Slashdot Mirror
ICANN Seeks Comment On Limiting Anonymized Domain Registration
angry tapir writes: Privacy advocates are sounding the alarm over a potential policy change (PDF) that would prevent some people from registering website addresses without revealing their personal information. ICANN, the regulatory body that oversees domain names, has asked for public comment on whether it should prohibit the private registration of domains which are "associated with commercial activities and which are used for online financial transactions."
with an army of lawyers and multiple international corporations could remain anonymous.
excitingthingstodo.blogspot.com
prohibit the private registration of domains which are "associated with commercial activities and which are used for online financial transactions
I'm not sure I have a big problem with this. If you do business with a company that can just disappear, that'd be a bummer. That said, you shouldn't do business with a company like that, but people aren't always smart.
ICANN has been pro-profit for some time now. They make more money by allowing registrars to sell anonymized domains than if they do not. The privacy question is just window dressing.
In the end, though, it doesn't make much of a difference. I used to take the time to do WHOIS lookups on particularly egregious spamvertised domains (specifically ones selling counterfeit or contraband products) and contact their registrars and hosting providers. Did it make a difference? No. I even found that specific registrars were notably complacent and willing to do business with the characters behind such operations, so I reported said registrars to ICANN. Did ICANN do anything? No.
I also pointed out to ICANN that selling gTLDs would be a bad idea as it opened the floodgates to more such doings. Did they care? No.
In other words, if you are concerned that ICANN might start to prohibit anonymized registration, don't be. They are just trying to drum up some PR to make it look like they care about more than their bottom line. It will all pass soon.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
Namecheap sent this out 2 days ago:
Hello *redacted*,
Over the weekend, Namecheap customers sent more than 5000 comments to ICANN, to help fight for privacy and save Whois protection. What an amazing, positive response!
Unfortunately, due to the way ICANN chooses to approve comments, your voice may not have been heard. We deeply regret this and want to make sure ICANN hears what you have to say. We have revised the way comments are submitted to ICANN via our site RespectOurPrivacy.com. If you submitted a comment to ICANN before June 22, 2015, we would like to ask you to please go back and do so again, to insure your message reaches its target. We sincerely apologize for the inconvenience. This is a truly important and urgent issue, so from the bottoms of our hearts: THANK YOU for taking the time to submit your comments a second time.
If you haven't submitted your comments to ICANN yet, we encourage you to do so now. Visit RespectOurPrivacy.com and we'll guide you through the process.
We are dedicated to making sure ICANN hears your voices loud and clear. Together, we can win the fight for online privacy!
Warmest regards,
Richard Kirkendall, CEO
Namecheap.com
It was enough to convince me. I sent them an email and allowed ICANN to publish as part of the public record.
specifically all the phishers and botnetters that register disposable domain names continuously. maybe that would at least be another thorn in their side?
I work for the Department of Redundancy Department.
I'm tired of people owning domains with no way to contact them because of "whois guarding". Maybe ICANN can also go all the way and recall accreditation for registrars known for registering malware/typoscamming/etc domains.
Buck Feta. You know what to do.
I have a feeling all the people who are talking about their privacy being invaded have yet to read the summary. It specifically mentions websites associated with "business and financial transactions". Are you proposing that to run a legitimate business, you don't ever have to reveal to your customers such basic things like a phone number or a mailing address? I find it awfully hard to trust a business that doesn't want any interaction with its customers whatsoever.
"Set a man a fire, he'll be warm for the rest of the night. Set a man afire, he'll be warm for the rest of his life."
Governments and any other powerful entities of the world: fuck you all, go fuck yourselves .com
Are you off your meds? ICANN is independent and doesn't give a crap what any government wants or demands (at least, without a warrant). This has nothing to do with any government or powerful non-profit / not-for-profit entity. Indeed, they will rule in favor of anoymized registration precisely to make sure that more registration money is coming in for themselves and for their lower-level registrar buddies.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
TFA says for commercial domains used for financial transactions, not free speech. I like to know who I'm doing business with and generally don't do business with anonymous strangers.
Why do you want to have a name on internet et remain anonymous ?
Quite simply my Whois data has only been abused. I have received phony bills from fictitious domain registries. I have received threatening letters from companies that I was violating this or that. And then there is the endless spam. Except that this spam carefully exploits the data found in my whois data.
On the other-hand I don't know of anyone who benefited from whois data beyond curiosity.
Registrants of domains SHOULD be publicly contactable. It should not be OK for a domain to exist and there to be no way to get in touch with the owner of that domain (if they're sending spam, if you suspect their server has been compromised, if you have a legal issue with the domain's existence.) This is why there's a requirement for WHOIS information to exist. Contacting the owner of another domain SHOULD be a thing that you can do.
The current "anonymous" registration process (other than being a cash cow for registrars) breaks the reason for having contactable registrants, without removing the requirement entirely. People EXPECT the system to work where domain registrants can be contacted, but usually it's an unmonitored e-mail account at their registrar who won't forward the message. The system is broken today.
I don't have a problem with the registrant information being private IF it's replaced by information by which the registrant CAN be contacted. Register.com will let me pay them to be the publicly listed domain contact? Fine. Then they better have the ability to pass legitimate messages on to the actual owner (spam filters are fine, /dev/null inbox is not). They better be able to accept legal service on behalf of their customer. They better have the information about their customer to ALLOW that customer to be contacted.
Either rip the whole notion of WHOIS information out by the roots in its entirety, or make it work properly. Half-ass measures like "well, we're OK with this not really working, except under these circumstances that aren't actually as well defined as you'd think....." make the problem worse, not better. Every owner should be contactable, and whether it's directly or through an anonymizing proxy third party shouldn't matter, as long as it actually works.
Speaking as an IT Consultant, generally any problem with a business should go to the business owners themselves.
I manage around 60 domains for various clients including a few financial entities.
My relationship with them is contractual and related to their IT infrastructure ONLY.
Should it become mandatory to list my personal contact info in whois directly, then any chump with whatever made up beef can just toss my info in with his "sue world +dog" fantasy tort.
Here's a pro-tip, don't be stupid. Only do financial stuff with people you have met in person, period.
Don't worry about the domain name or the website. Find the actual business you want to do business with, check their incorporation against the state register and if possible do a BBB check on them as well.
Whatever you do, don't go thinking that the guy who runs the website or even registered the domain on their behalf has any inkling as to the day to day details of the business. Most of us are people just like you.
If this goes through, you can expect that mailinator or some other disposable address service will suddenly become the most popular email service in whois. Otherwise, spam will probably skyrocket too as people's email addresses are culled from the nice juicy target that ICANN paints on the backs of every IT Admin in the industry.
Signed,
webmaster@domain.tld
admin@domain.tld
abuse@domain.tld
If you are doing financial stuff, should it be via HTTPS ? And should the SSL Certificate have ownership/identity information in it?
Don't blame me, I voted for Kodos
Comment removed based on user account deletion
They are claiming that running ads on your website turns it into a commercial domain. So if you have a private blog but run an ad or two to cover hosting costs, congratulations! You would need to give your real address in the WHOIS information.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
Actually, from what I've read, the real force behind the "no anonymous domains" push is the MPAA. If you set up PiratedMovies.com and make your WHOIS information private, it makes it harder for the MPAA to sue you. Not impossible, mind you. They can do it, but it takes a court order and the domain registrar giving the information to the court. The MPAA just wants to look up WHOIS to find who to threaten to sue.
They know they'll lose right now if they push to have all private WHOIS information banned, so they're trying to claim that a website with an ad on it is a commercial business. (Even if said ad only covers hosting costs.) If they're successful with this, look for the definition of "commercial" to expand even more until every website is a "commercial" site and private WHOIS information is done away with.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
The current rules do not permit anonymous information! These anonymous proxy services are the actually owners of the domains which licenses the domains back to the customers. See Balsam v. Trancos and Solid Host v. NameCheap.
ICANN simply does not really enforces its rules, they never have. The only time ICANN gets off their ass is when they are really publicly embarrassed, trying to get rid of Karl Auerbach, or Registrar meltdown.
In its recent rules, ICANN has adopted definitions for privacy services which recognize, not endorses. One can recognize different types of murder, but not endorse it.
Fight Spammers!
Eventually being Amish is going to be a preferable (without the religion part) way to live. Low tech is future privacy tech.
They'll try to take that away, too, by polling other Amish who claim you aren't Amish.
Although generally it's an interesting idea, and I wonder if anyone has actually tried "becoming Amish" (without actually being Amish) as a way of going off the grid in a way that doesn't draw attention because it fits some "known" role of people living off the grid.
How are financial transactions not free speech? If I want to be able to BUY A PRODUCT or to DONATE MONEY I should not be forced to disclose any of that information to a government agency just because they want to know what I like to buy, read, use, whatever.
That is absolutely free speech, ultimately all of the freedoms that people think are important are completely useless and fall flat on their face if the most important freedom - freedom to earn money, freedom to spend money is not actually protected from government oppression.
You think being able to spend or earn money without being oppressed is somehow outside of individual freedom protections because it's money? Money, time, any possessions are worth nothing if you do not have protections against government oppression, which means you cannot be protected from government taking anything it wants away from you, preventing you from doing stuff to earn a living (and I am not talking about harming others while earning a living, that's the purview of criminal justice system).
Being able to stop you from advertising your services because some government official wants to own that piece of business for himself or for a donor... THAT is what individual rights are - protection against government oppression. A right is protection against government oppression and only government oppression. A right has nothing to do with transactions and dealings between individuals and / or companies.
Why is that? Because government is an institution that has supposedly legal and legitimate power to oppress you! No corporation, no other individual has legal and legitimate power to oppress you. A private individual (or a company) oppressing you is a matter for courts and justice systems, but a government oppressing you is a matter of policy and governance and nobody in government will ever be punished for oppressing you, so you have to prevent the oppression from happening, you cannot rely or expect retribution after the fact.
The only meaningful individual rights have to do with preventing government oppression against taking your stuff and your freedom and your life.
Any move to deanonymize any activity that has nothing to do with harming others is a move towards government oppression.
You can't handle the truth.
There are a few exceptions. A few. A legitimate business, though, almost always has some sort of presence in the the real world, and wants customers to be able to contact them to transact business. If a business wants to be anonymous, fine, but don't expect me to do business with you. A business with a "privacy protected" whois is inherently very, very suspicious to me.
Who is claiming that? Remember to look at the source of the claims.
"So long and thanks for all the fish."
What does this have to do with you buying a product or making a donation?
"So long and thanks for all the fish."