Breaking the System to Save It?
The Internet database WhoIs may be marked for destruction, if some privacy advocates have their way. The database is regularly used by law enforcement officials and contains contact information of website owners.
The story is covered in some detail here.
“What removing the status quo will do is force all of the actors to come together without the benefit of a status quo to fall back on and say, `We are now all screwed. What will we do?’” Rader (Ross Rader, a member of ICANN’s generic name council) said. “It will lead to better good-faith negotiations.”
The issues are quite important–the database has clear value, but the potential for abuse is quite high. Because of ham-handed law enforcement and anti-terrorist measures in the recent past (mostly in the U.S. and U.K.), a significant percentage of stakeholders are willing to give up the database to prevent abuse.
“Law-enforcement officials and Internet service providers use it to fight fraud and hacking. Lawyers depend on it to chase trademark and copyright violators. Journalists rely on it to reach Web site owners. And spammers mine it to send junk mailings for Web site hosting and other services.
Internet users, meanwhile, have come to expect more privacy and even anonymity. The requirements for domain name owners to provide such details also contradict some European privacy laws that are stricter than those in the United States.
There’s agreement that more could be done to improve the accuracy of Whois, as scammers and even legitimate individuals who want to remain anonymous can easily enter fake data.
The disagreements are over “who gets to see it (and) how can we protect people’s privacy while at the same time making accurate information available to those who need it,” said Vint Cerf, ICANN’s chairman.”
The lesson to be learned is to take privacy seriously and don’t sacrifice your long term credibility for short term information gains. But there is no evidence that that lesson will in fact be learned.
November 11th, 2007 at 2:46 pm
Doing away with it altogether sounds a bit rash, there has to be some way for registries to contact domain owners, there also has to be a way for ‘normal’ internet users to inform sysops that something is happening over their network. The long chain from IP registration -> Connection provider -> Host Provider -> Sysop is way to shaky IMHO.
The above said, I dislike the current trend toward insisting on real geographical contacts as I personally favour anonymity for system owners to the greatest degree feasible. With America’s current desire to control who says what, the harder it is for them (or their governmental puppets elsewhere) to *geographically* trace the owner of a site the better.
The compromise I’d like to see is for registration to be dependant on a constantly working email contact. Put the liability onto the registrant to constantly monitor its effectiveness by saying that it must work, full stop, or the registration is void. Other than that, I would prefer no further personally identifiable information to be mandatory (obviously if people *want* to link their real-life identities with their online presence it is their decision).
The internet should IMHO be as isolated from the real world as possible, with the only consequence of violating governmental restrictions on the freedom of information being online ones, with as little ‘real life’ risk for whistle blowers as possible. Real criminals, terrorists/paedopiles/current-fear-word, will always be shielded because they have the money to circumvent almost any regulation imaginable, so the non criminals who wish to impede government sanctioned murder/mutilation of foreigners or invasion of the civil liberties of locals, should not need this financial clout to be as safe as the real bad-guys.
Dave J.