Open comment to ICANN on WhoIs changes
I am writing to oppose the proposed changes to WhoIs. My comments echo those of Joe Andrieu.
ICANN has always been a technically driven overseer of the DNS and IP infrastructure, shrewdly navigating sometimes contentious waters with reliable continuation of Internet services as its guiding priniciple. If an action might (or would) reduce the stability of core Internet services such as DNS or the services relying on DNS, such as email and the World Wide Web, then that action was rejected until such stability could be assured. This principle is the reason ICANN deserves its quasi-independent regulator status; decisions made contrary to this interest negate ICANN’s moral authority to administer Internet resources on behalf of the general welfare.
For example, by strictly focusing on this guiding principle, ICANN has managed to isolate the legal issues of trademark disputes from imprudent termination or transfer of domain control. Similarly, ICANN maintains rigorous policies and procedures that all domain registrars must follow at the termination of a registrant’s contract, specifically designed to assure that the current domain owner has every reasonable opportunity to assert their control and maintain a working domain that links to their Internet service.
The move to a limited-disclosure official point of contact is a move in the right direction, but a closer reading of the proposed recommendation suggests it is flawed in its details. The point of WhoIs is to allow for resolution of service quality issues, that is, to allow for a reliable continuation of services. The current recommendation instead creates a route for undesired intervention by interested parties, which can only reduce the quality of services.
Allowing access to unpublished information on the minimal criteria of “reasonable evidence of actionable harm” does nothing to ensure the future stability of Internet services and instead acts as a starting point for several players–whether private or public entities–to begin processes which would seek to interfere with such services. Enabling litigants or law enforcement further means to pursue the registrants in no way increases the stability of the services offered by the registrant and most likely increases the likelihood that such services be–rightly or wrongly–moderated or even terminated. In short, the clear and obvious natural result of the recommendation would be to decrease the stability of Internet services.
Not all services of course, just those that afford intervention because of “reasonable evidence of actionable harm.” However, the judgment of evidence is neither ICANN’s purpose nor its expertise. Most jurisdictions in the world provide appropriate mechanisms for judging evidence against the public welfare. In the United States, that means the courts. Should a private or public entity seek the unpublished information for any registrant, the appropriate route for discovery–assuming the point of contact refuses–is to demonstrate a legally justifiable reason to a judge and thereby secure a subpoena. This process both assures suitable access to otherwise private information /and/ provides appropriate protections against unwarranted searches and seizures. It would be a complete abandonment of its moral authority and a wild assumption of unwarranted power should ICANN seek to enable itself, or its registars, to act in judgment on evidence of the need for disclosure in the public welfare.
Finally, the potential hope that this system will ultimately make it easier to root out the bad guys fails in the situation where it is most required: the truly bad actors can easily bypass the presentation of their information in the database using any number of shell games, private corporations, and attorneys. By providing streamlined access to unpublished information, ICANN will not be assisting in the prosecution of justice against the worst terrorist and criminals, because such bad actors will avail themselves of one or more of the available workarounds. Instead, ICANN will be assisting public and private entities in the harassment and persecution of domain owners whose interests or activities have become a target of attention, all without suitable due process for those actors to prove in the appropriate venue that such owners should be revealed.
We already see this disparity today, with registrars charging a premium for “anonymous” registrations, which demands additional fees for those who want to protect their identity and personal property from would-be attackers. Clearly, those entities who are sophisticated criminals already avail themselves of these services. Therefore we can reasonably assume that the bulk of the information in Whois is not the world’s most dangerous terrorists, but rather everyday folks… and in the case of criminals, those small time operators who don’t have the wherewithal to protect their identity through one or more layers of anonymous services. While the idea of a limited-disclosure official point of contact seems to help with this problem, recommendation 2 proactively provides a loophole for the most tenacious and well-funded attackers to pursue their actions against domain name owners. In the end, this can only destablize those services which come under attack. It will not improve the services for anyone.
Ultimately, it is beyond the purpose and capability of ICANN and its registrars to make judgment on such cases and even more importantly, it is beyond your moral authority to support a scheme of offensive intervention against existing Internet services. Your role is to act steadfastly in protecting the technical infrastructure underlying the functioning Internet. Anything contrary to that can only be considered an abandonment of your very reason to exist.
As such, I implore you in the strongest possible terms to reject the recommended changes and to retain your fundamental focus on assuring the reliable operation of the infrastructure underlying the Internet.
Sincerely, Weston Triemstra hostmaster@xxxxxxxxxxx