ICANN ICANN Email List Archives

[At-Large Advisory Committee]

<<< Chronological Index >>>    <<< Thread Index >>>

Re: [alac] GAO Report on Domain Names

  • To: John L <johnl@xxxxxxxx>
  • Subject: Re: [alac] GAO Report on Domain Names
  • From: Vittorio Bertola <vb@xxxxxxxxxxxxxx>
  • Date: Sat, 10 Dec 2005 19:05:56 +0100

I'm not taking anyone's parts in this discussion, but there is a common misconception that I would like to point out:

John L ha scritto:
You know I didn't say that, just that I doubt it's a big piece of the overall picture, and that its value in catching spammers doesn't seem to outweigh the privacy and anonymity harms, in its current form.

You may not have said it in so many words, but the message is clear, you don't believe that WHOIS is useful for catching spammers and other crooks. I know people who find WHOIS, imperfect though it is now, extremely useful for tracking down serious spammers. The crooks often lie, but their lies have patterns that are clear to the experienced eye, and sometimes for whatever reason their info is real. The people telling me this are real people who do this every day.

I think that you need to make a difference between collecting reliable information on the owner of a domain name, and exposing it freely to the entire world. Wendy might have a different opinion on this, but what I challenge is really the second part, not the first one. I have no problems in supplying my real identity, as long as I have guarantees that it will be exposed only to trusted third parties (for example, law enforcement agencies, or entities who comply with a clear and shared code of conduct) and not to other parties that might misuse my data (including address harvesters, scammers, harassers, and lawyers who would like to use the "cease and desist" effect against me, without having to go through any reasonable judiciary process and check).

I have no problems with an anti-spam agency having access to my true data, as long as I have guarantees that they act impartially and were entrusted of this power by law or other reasonable authorities, rather than by themselves.

I also have seen no evidence whatsoever that the current WHOIS rules cause any privacy or anonymity harm at all, particularly with the pseudonym service like Godaddy's available.

I remember some stories from an old Whois workshop years ago, and also a story I saw on the Italian television, where an "assault journalism" show used Whois to detect the owner of a website who was used for frauds and posted his face in TV, just to determine later that he was just a mentally handicapped person that was being used by the real fraudsters.

But I also think there's some principle-level sensitivity involved in this: apparently, in the US your privacy is a service you buy, while in most of the rest of the world your privacy is a human right that you own already and others have to abide by. Being required to pay additional money to preserve your privacy, to European eyes, is pure extortion.
vb. [Vittorio Bertola - v.bertola [a] bertola.eu.org]<-----
http://bertola.eu.org/ <- Prima o poi...

<<< Chronological Index >>>    <<< Thread Index >>>

Privacy Policy | Terms of Service | Cookies Policy