US and EU Clash Over Whois Data 67
itwbennett writes "ICANN wants to store more data (including credit card information) about domain name registrations in its Whois database, wants to hold on to that data for two years after registration ends, and wants to force registrant contact information to be re-verified annually — moves that are applauded by David Vladeck, director of the FTC's Bureau of Consumer Protection. The E.U.'s Article 29 Working Group is markedly less enthusiastic, saying ICANN's plans trample on citizens' right to privacy."
Credit Card Information? (Score:5, Informative)
Why would you store credit card information in WHOIS? I already get mail from registrars wanting me to "renew" my domains (read Transfer them to them) for a "reduced rate" of $30 (I pay $12 a year). If the credit card information was in there as well, what would stop shady organizations from using that information for other scams? WHOIS certainly doesn't keep my physical address safe from scammers.
Visa rules (Score:5, Informative)
It's a ruse (Score:4, Informative)
From my own experience I would say at least 80% of the records I have looked up in the past several months for extant domain names have had obfuscated information, protected by registrars who don't give a damn that their customers are conducting illegal activities (fraud, selling drugs, selling pirated software, sending spam, etc) through the domains that they sold them. ICANN doesn't give a shit about "protected" obfuscated domain names, and doesn't care about ones with blatantly false data, either.
ICANN just wants to make money. They'll either find a way to make more money with this, or - more likely - they will give it up once the pressure is off.
Re:Credit Card Information? (Score:5, Informative)
Why would you store credit card information in WHOIS? I already get mail from registrars wanting me to "renew" my domains (read Transfer them to them) for a "reduced rate" of $30 (I pay $12 a year).
This is just another intentionally misleading headline. Card data is not going into whois.
The issue is requiring registrars to hang on to CC data so that governments would be able to "lawfully" request from the registrar if that registrar is operating within jurisdiction of said goverment.
Rather than addressing data retention standards with legislation as decided by each countries government...such as thru a billing passed by congress and signed by the president they are essentially attempting an end run around democractic process to get a desired outcome.
None if it is defensible...both ICANN and FTC are in the wrong regardless of what you feel about the issue of data retention.
Re:Won't "private registrations" still continue? (Score:4, Informative)
What's to stop companies from continuing the "private registration" feature that they already offer (often for a significant fee) to hide the domain owners name, address and other personal details?
Are you aware of the requirements that apply to domain registrars, including ones that implement that function?
Every domain registrar is Required to retain the WHOIS data, and all the pertinent details for all their customers, and make all that information available to organizations designated by ICANN.
Buying a private registration gets you a public WHOIS listing, but all your information is still available.
Unless you have a 3rd party registrar-unaffiliated proxy service, register the domain, own the domain in place of you, and provide their information to the registrar, instead of yours.
Then there's a risk, however, if the proxy service goes bankrupt: ownership of the domain could get included in the proxy services' assets and liquidated to pay creditors of the proxy service.
Re:Won't "private registrations" still continue? (Score:2, Informative)
GANDI.NET doesn't charge. They provide a tick box to remove your details from public WHOIS and even encourage you to tick it. To hell with the nickel and dimers gouging you for basic functionality.
Re:Want to get rid of spam or not? (Score:4, Informative)
It's nothing to do with spam. It's so the intellectual property crowd can sue the right person.
Think! Who else in the domain ecosystem needs to know exactly who you are?