Home / Blogs

Lobbying for Whois Privacy

Today a letter was submitted to the President of ICANN, Paul Twomey, at the ICANN Carthage meeting, "asking him to ensure that strong privacy safeguards, based on internationally accepted standards, are established for the WHOIS database."

Latest reports indicated that the draft letter had been signed by about 50 nonprofit groups and represented 21 countries on six continents. "Signers of the letter included the American Library Association, the U.S. Association for Computing Machinery, the Australian Council for Civil Liberties, Electronic Frontier Finland, Privacy Ukraine, and the United Kingdom's Foundation for Information Policy Research."

As ICANN tries to decide how to balance domain name owners' privacy with accountability, this coalition effort emphasized the fact that ICANN "has failed to establish corresponding protections for personal information that is provided. As representatives of Internet users around the world, we are keen to ensure that the policies developed for the WHOIS database respect the freedom of expression and the privacy of every individual who registers Internet domains."

The following is an excerpt from the letter:

"First, for domain name registrars to compel registrants to disclose personal information, even information related to domain registration, poses dangers to freedom of expression and privacy on the Internet. Many domain name registrants--and particularly noncommercial users--do not wish to make public the information that they furnished to registrars. Some of them may have legitimate reasons to conceal their actual identities or to register domain names anonymously. For example, there are political, cultural, religious groups, media organizations, non-profit and public interest groups around the world that rely on anonymous access to the Internet to publish their messages. Anonymity may be critical to them in order to avoid persecution.

Second, WHOIS data should not be available to just anyone who happens to have access to the Internet. It is well known that broad access to personal information online contributes to fraud such as identity theft. US Federal Trade Commission (FTC) advises consumers to protect themselves from identity theft, and generally from Internet-related frauds, by not disclosing personally identifiable information. The mandatory publication of WHOIS data is contrary to the FTC's advice.

We urge ICANN to consider the views of consumer organizations and civil liberties groups on the WHOIS. At a minimum, we believe that adequate privacy safeguards should include the following principles:

  • The purposes for which domain name holders' personal data may be collected and published in the WHOIS database have to be specified; they should, as a minimum, be legitimate and compatible to the original purpose for which this database was created; and this original purpose cannot be extended to other purposes simply because they are considered desirable by some users of the WHOIS database;
  • The most relevant purpose for collecting WHOIS data is to combat spam;
  • The amount of data collected and made publicly available in the course of the registration of a domain name is limited to what is essential to fulfill the purposes specified;
  • Any secondary use that is incompatible with the original purpose specified requires the individual's freely given and informed consent;
  • The publication of individuals' personal information on the Internet through the WHOIS database should not be mandatory; it should be possible for individuals to register domain names without their personal information appearing on a publicly available register; and
  • Disclosure of WHOIS information to a law enforcement official or in the context of civil litigation must be pursuant to explicit legal authority set out in statute.

Such a policy would not frustrate lawful criminal investigations. It would instead establish necessary privacy safeguards, and reduce the risk that the widespread availability of WHOIS information will lead to greater fraud, more spam, and jeopardize freedom of expression."

Follow CircleID on
Related topics: DNS, Domain Names, ICANN, Privacy, Spam, Whois
SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Share your comments

Re: Lobbying for Whois Privacy ed  –  Oct 30, 2003 2:40 PM PDT

I would assume you mean "Lobbying for Whois Privacy."

Lobbing: To hit, throw, or propel in a high arc
Lobbying: To try to influence the thinking of legislators or other public officials for or against a specific cause
(Dictionary.com)

Re: Lobbying for Whois Privacy Ali Farshchian  –  Oct 30, 2003 4:29 PM PDT

There was indeed a typo in the title which is now fixed. Thankfully the correct word is "Lobbying" — we hope!

"Lobbing: To hit, throw, or propel in a high arc" is a word that hopefully will never be needed in any future titles, particularly when it comes to ICANN meetings!

Re: Lobbying for Whois Privacy Mike O'Donnell  –  Oct 31, 2003 9:27 PM PDT

We don't really need policy here. We just need one sponsor with a well defended 2d level domain (nicesponsor.org) who is willing to provide 4th level domains (nemo.anonymousdomains.nicesponsor.org) to anonymous requesters.

Mike O'Donnell

To post comments, please login or create an account.

Related

Topics

Domain Names

Sponsored byVerisign

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byAfilias