Disclosure of Registrant data should require a court order

[Joris De Donder <joris@xxxxxxxxxxxxxxxxx>]

Dear ICANN,

I submit these comments as CEO of a company specializing in online 
reputation management, someone
who has over 15 years experience buying and selling domain names and a 
worried internet user.
I strongly urge ICANN to reject this proposal to cripple WHOIS Privacy 
services.
Instead of undermining WHOIS Privacy services, ICANN should strengthen 
them. Registrant data
should only be disclosed in response to a court order or a subpoena 
issued in the jurisdiction relevant to
the WHOIS Privacy Service Provider .

The history of the WHOIS system has been riddled with abuse. Having your 
email address published
in a public WHOIS record has for many years been a sure fire way to 
attract spam. And in recent years,
not only spammers have been abusing that public data, but identity 
thieves and other fraudsters have
found it to be a treasure trove of information that enables them to 
conduct more and more sophisticated
types of so called (spear)phishing attacks. No wonder literally millions 
of domain names now have
'anonymized' WHOIS records, a service their registrants obviously value 
as can be deduced from the
fact that these registrants are voluntarily willing to pay for these 
WHOIS Privacy services.
In addition to having become an essential service to protect oneself 
against criminal behavior, WHOIS
Privacy services can mean the difference between freedom and 
incarceration or even between life and
death. For journalists (both professional and citizen-journalists), 
social and political activists and
many others operating in parts of the world where the Rule of Law is not 
respected and voicing certain
opinions or merely reporting the facts can get a person kidnapped, 
thrown in jail or killed, the importance
of WHOIS Privacy services cannot be underestimated.

By adopting the WHOIS system, a problem was created. For millions of 
domain registrants the use of
WHOIS Privacy services is a way to fix this problem. The types of 
changes now being considered
to WHOIS Privacy requirements would undermine and essentially eliminate 
this fix.
The changes being considered to WHOIS Privacy requirements would 
allegedly help fight copyright
infringement by supposedly making it easier for copyright holders to 
track down the culprits. History
and experience teach us otherwise. Criminals typically do not use their 
own names and addresses
when registering domain names (Despite the existence of the "WHOIS 
Accuracy Program" which has
turned out to be the cause of a whole new set of problems). Therefor 
undermining WHOIS Privacy
services, as ICANN is now considering doing, will not bring copyright 
holders or their agents any step
closer to identifying those violating their copyrights.

Again, I strongly urge ICANN to reject this proposal that would make the 
Internet less safe.

Thank you,
Joris De Donder
Digital Defense, GCV.
http://digidefen.se