Forgot your password?
typodupeerror
Privacy EU Network United States Your Rights Online

US and EU Clash Over Whois Data 67

Posted by Soulskill
from the not-going-to-spark-world-war-3 dept.
itwbennett writes "ICANN wants to store more data (including credit card information) about domain name registrations in its Whois database, wants to hold on to that data for two years after registration ends, and wants to force registrant contact information to be re-verified annually — moves that are applauded by David Vladeck, director of the FTC's Bureau of Consumer Protection. The E.U.'s Article 29 Working Group is markedly less enthusiastic, saying ICANN's plans trample on citizens' right to privacy."
This discussion has been archived. No new comments can be posted.

US and EU Clash Over Whois Data

Comments Filter:
  • by Jason Levine (196982) on Wednesday October 10, 2012 @04:26PM (#41612859)

    Why would you store credit card information in WHOIS? I already get mail from registrars wanting me to "renew" my domains (read Transfer them to them) for a "reduced rate" of $30 (I pay $12 a year). If the credit card information was in there as well, what would stop shady organizations from using that information for other scams? WHOIS certainly doesn't keep my physical address safe from scammers.

  • Visa rules (Score:5, Informative)

    by OldGunner (2576825) on Wednesday October 10, 2012 @04:28PM (#41612881)
    I believe storing consumer credit/debit card data over 90 days is a direct violation of Visa International rules. I've been away for that stuff for a couple of years now, so I could be wrong.
  • It's a ruse (Score:4, Informative)

    by damn_registrars (1103043) <damn.registrars@gmail.com> on Wednesday October 10, 2012 @04:29PM (#41612897) Homepage Journal
    ICANN doesn't give a rat's ass about the validity of data in WHOIS, and hasn't for a long time. Someone (perhaps in law enforcement?) probably put a little pressure on them something recently and now they are putting on a show. It will blow over soon enough and we'll be back to business as usual, with ever-increasingly-more-meaningless WHOIS data.

    From my own experience I would say at least 80% of the records I have looked up in the past several months for extant domain names have had obfuscated information, protected by registrars who don't give a damn that their customers are conducting illegal activities (fraud, selling drugs, selling pirated software, sending spam, etc) through the domains that they sold them. ICANN doesn't give a shit about "protected" obfuscated domain names, and doesn't care about ones with blatantly false data, either.

    ICANN just wants to make money. They'll either find a way to make more money with this, or - more likely - they will give it up once the pressure is off.
  • by WaffleMonster (969671) on Wednesday October 10, 2012 @05:06PM (#41613295)

    Why would you store credit card information in WHOIS? I already get mail from registrars wanting me to "renew" my domains (read Transfer them to them) for a "reduced rate" of $30 (I pay $12 a year).

    This is just another intentionally misleading headline. Card data is not going into whois.

    The issue is requiring registrars to hang on to CC data so that governments would be able to "lawfully" request from the registrar if that registrar is operating within jurisdiction of said goverment.

    Rather than addressing data retention standards with legislation as decided by each countries government...such as thru a billing passed by congress and signed by the president they are essentially attempting an end run around democractic process to get a desired outcome.

    None if it is defensible...both ICANN and FTC are in the wrong regardless of what you feel about the issue of data retention.

  • by mysidia (191772) on Wednesday October 10, 2012 @07:12PM (#41614325)

    What's to stop companies from continuing the "private registration" feature that they already offer (often for a significant fee) to hide the domain owners name, address and other personal details?

    Are you aware of the requirements that apply to domain registrars, including ones that implement that function?

    Every domain registrar is Required to retain the WHOIS data, and all the pertinent details for all their customers, and make all that information available to organizations designated by ICANN.

    Buying a private registration gets you a public WHOIS listing, but all your information is still available.

    Unless you have a 3rd party registrar-unaffiliated proxy service, register the domain, own the domain in place of you, and provide their information to the registrar, instead of yours.

    Then there's a risk, however, if the proxy service goes bankrupt: ownership of the domain could get included in the proxy services' assets and liquidated to pay creditors of the proxy service.

  • by mrbester (200927) on Wednesday October 10, 2012 @08:06PM (#41614721) Homepage

    GANDI.NET doesn't charge. They provide a tick box to remove your details from public WHOIS and even encourage you to tick it. To hell with the nickel and dimers gouging you for basic functionality.

  • by rs79 (71822) <hostmaster@open-rsc.org> on Thursday October 11, 2012 @01:04AM (#41616235) Homepage

    It's nothing to do with spam. It's so the intellectual property crowd can sue the right person.

    Think! Who else in the domain ecosystem needs to know exactly who you are?

CCI Power 6/40: one board, a megabyte of cache, and an attitude...

Working...