Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
The Internet United States Your Rights Online

Whois Record Falsification Closer To Illegality 289

PipianJ writes "Reuters is reporting that the House of Representatives has recently passed the bill that would approve of penalties for those using fraudulent WHOIS records (H.R. 3632). Interestingly however, this does not directly outlaw it, instead extending the penalty by seven years for felonies performed using such fraudulent websites. The Senate has not yet passed their version (S.2242). The bill as originally written, however, focuses primarily on penalties for promoting counterfeit music, computer programs, and other media with identical labeling."
This discussion has been archived. No new comments can be posted.

Whois Record Falsification Closer To Illegality

Comments Filter:
  • Now if they (Score:5, Insightful)

    by Anonymous Coward on Tuesday September 21, 2004 @09:52PM (#10315587)
    Fine spammers who use information in whois records, it might be more acceptable. As it is now, my choices are to do a domain by proxy or falsify (oops, typo!) some of my information.
    • by AKAImBatman ( 238306 ) <akaimbatman@gmaiBLUEl.com minus berry> on Tuesday September 21, 2004 @10:02PM (#10315657) Homepage Journal
      C: Well you know how these programmers are with names these days. They've got to pick something screwy. If they're not careful, they'll wind up falsifying their whois records!

      A: Who's records?

      C: No, WHOIS records.

      A: That's what I said.

      C: No, you said who's records.

      A: Listen buster! I know what I said! Who's falsifying the records!

      C: WHOIS RECORDS!

      A: ARRRRRGGGGHHHHH!!!

    • by JeanBaptiste ( 537955 ) on Tuesday September 21, 2004 @11:47PM (#10316156)
      as it stands, 1st of all, it is _not_ illegal to use fake WHOIS records, even under the provisions of the legislature being discussed. All this does is to add jail time (up to 7 years according to the wording of the bill) to those that then go on to use the fraudulent domain for spamming,fraud,con activities. It just makes the punishment for those that are already doing illegal things worse.

      i run an internationally political website, and if I used my real name, phone, address, etc, I would have been physically attacked, at best. This law does not affect me in any way as I am not doing any fraud, spam, con-games, nigerian emails, or what have you.

      I would add that other laws that have been struck down HAVE made what I am doing illegal, fortunately nothing like that has stuck. In summary, the discussed law is not a problem for anyone, as long as they are not spammers, fraudsters, nigerians, etc.

      Agreed, its a step in the wrong direction. But as for now, as long as you are not engaged in other illegal activities, you (should not) dont have to worry.

      this merely adds penalties onto already illegal activities if you fake your WHOIS records.

      I am not a lawyer, but I play one on /.
      • Agreed, its a step in the wrong direction.

        I've been thinking about this for the past hour, and I'm thinking it really isn't. We can argue all day long whether this is a step in the right direction, I would have to disagree that it's a step in the wrong direction.

        I'm a hardcore libertarian and I'm saying this! My reasoning is that I don't think there's a "right to lie". In fact, I think most lies border on fraud to begin with. I can't support anyone's right to falsify WHOIS records anymore than I could su
        • The SCOTUS has repeatedly found that the right to anonymity is protected under the 1st amendment.
          The law would be unconstitutional if it were not limited to applying conditional penalties to other
          (criminal) acts.
        • by billstewart ( 78916 ) on Wednesday September 22, 2004 @02:17AM (#10316671) Journal
          I'm glad it's gotten watered down - the people who asked the legislators to push this bill have been twisting what Whois records are, and many members of the public, apparently including you, haven't understood them well enough not to be misled.

          The WHOIS records aren't a legal declaration of your True Name, True Legal Domicile, Phone number you agree to be reached at 24 hours a day by anyone who wants, ICBM address, Subpoena Acceptance Address, Mother's Maiden Name, Fingerprints, and RIAA pre-approved guilty plea that you give The Authorities in exchange for permission to speak on the Internet. They're simply administrative contact information people can use to try to reach you if your system is having trouble. There's a billing address there so that the Registrars can reach you if they want more money. There's a technical address to reach you if things are broken. There's an administrative address for general administrative requests. If somebody can't reach you because your information is out of date or incorrect, that doesn't mean you're an evil miscreant, it just means that you won't get proactive billing notices, and if your DNS isn't working right, people can't reach you to let you know.

          It is possible to give the registrars fraudulent information - if you're impersonating someone else who really exists, but that's adequately covered by existing fraud laws. But if you give your name as "Johnny Smith" and put your address as "111 Main Street, Bogustown, USA" or "1600 Pennsylvania Ave, Washington DC 90210", that's nobody's business, that's just not a very useful contact handle you're giving somebody. If your payment to the registrar works, it works. And here in California, it was common-law right to use any name you wanted to except for purposes of fraud, though apparently the DMV got that changed a decade or so ago and insists that you need papers from some government or other to have a name.

          ICANN seems to have been one of the early prime movers in True Name Whois Information, in spite of the damages to privacy that it causes (e.g. spammers hitting your published admin address.) The "IP" that they're interested in has always been "Intellectual Property", not "Internet Protocol", and they're really grouchy about the concept that anybody could ever use a domain name without agreeing to provide an always-updated True Name and Legal Process Server Address so that trademark owners can find you and sue you if they think they've got a claim on a domain name you're using. More recently, though, the RIAA/MPAA have taken up the cause, because they want to be sure that if you ever even think about sharing copyrighted music on line, they want to be able to drop handcuffs on you. If there's a dispute about domain name ownership, and your Registrar is unsuccessful in contacting you using the contact information you provide, for some reasonable period of time, it's reasonable for them to bounce your domain name.

          On the other side of the argument, while I strongly value privacy, most of the time when I try to track down spammers using whois records, the information is bogus, which is annoying, and it's almost always either obviously bogus or else some foreign address that looks hard to track down. The main exceptions are in-your-face spammers like Spamford or Scotty Richter, and spammers with corporate shells to hide behind (e.g. one spammer had a mailbox at the street address of The Company Corporation, which is in the business of setting up cheap Delaware corporations), so they're effectively untraceable.

          Meanwhile, if you're a "hardcore libertarian", you need to think about what rights mean. Saying somebody doesn't have the right to do something isn't just a statement about ethics - its equivalent to saying that you have the right to beat them up if they do it. Falsifying your personal resume is attempting to deceive somebody about your skills so they'll give you something that they wouldn't if you'd been honest, and of course that's wrong.

          But "Trav

          • "If your payment to the registrar works, it works."

            If, OTOH, your contact information doesn't work, having made a reasonable effort, the registrar should feel free to consider the registration abandoned and the fee forfeit, stop serving the associated RRs, and accept another registrant for that name as soon as one comes along.

            The contact information is not for when your system is *having* trouble, it's for when it is *causing* trouble. And if nobody can reach you to demand that it be fixed, yanking the n
            • Actually ICANN has asked registars to crack down on false whois info. Several registars will disable your nameservers if they discover the whois info is false..

              One of my customers has already been burned because the address format in his country doesn't look real to someone used to western style addresses. A single complaint to the registar got the domain disabled with no warning whatsoever even though the email address was real.

          • Yes, I understand what WHOIS is. That doesn't change the fact that I think you shouldn't be lying to them. At the same time, I do support the right of everyone to seek a different solution if WHOIS won't accept "mind your own business" as a contact.

            This story isn't about criminalizing false WHOIS information, it's about taking false information into account during sentencing for a SEPARATE act. If you want to argue about the morality of extenuating circumstances and other acts accessory to a crime, you may
    • STEAL their domains.

      There should be an agency that attempts to confirm WHOIS records. If the information given is false, or the individuals cannot be contacted - the domain DIES.

  • by 0racle ( 667029 ) on Tuesday September 21, 2004 @09:52PM (#10315588)
    ...beacuse when you have to change your records, your gonna be swimming in it.
    • by Nos. ( 179609 ) <andrew@nOSPAm.thekerrs.ca> on Tuesday September 21, 2004 @10:15PM (#10315735) Homepage
      I wonder exactly what makes a record false. My registrar provides (free) forwarding accounts. For example, the record for foundonp2p.com is showing D-23108frrb@usersa3.domainsatcost.ca right now, but within a week or so, it will change. The email is forwarded to my real address, so it is a legitmate address to email if you want to get a hold of me.
      • "I wonder exactly what makes a record false"

        My name is Nobujuta Mussabi, Recently VERY bad things have happened to my father, OKIMBE mussabi. OKIMBE had nearly 10,000,000,00 EUROS in a swiss ACCOUNT. AS he has most UNFORTUNATLY been killed in a PLANE CRASH, I am unable to ACCESS the money. as their is a civil war in my native country of SIERRA LEONE i am UNABLE to access his TREASURE. if you would SEND ME 10,000 for the TRANSFER FEE, i will SPLIT the money.

        Please see my 'fake website URL here' for inf
    • Unless you're comitting a crime you don't need to change anything.

      Businesses need a legitimate contact address, but people dont. The WHOIS could say Peanut McGee at 123 Fake St, just like I'd tell Radio Shack or anyone else who asks me for my personal info that has no reason to know. The registrar only needs to know their getting paid.

      Everyone should be allowed to (and is) publish their opinions anonymously, that's what America's about.

      Laws already exist to cover all the fraud whatnot with internet cri
  • Damn (Score:5, Funny)

    by Anonymous Coward on Tuesday September 21, 2004 @09:53PM (#10315594)
    providing "555-555-5555" as a phone number or "Small Wok Way, Chopstick Town, WI" as a street address.

    I need to change my phone no. and move now.
  • by mind21_98 ( 18647 ) on Tuesday September 21, 2004 @09:55PM (#10315606) Homepage Journal
    I'm sick of getting mail from "registrars" charging $40 and up for two year renewals and so forth. People wouldn't have to falsify records if ICANN did not require registrars to sell their records to whoever wants them. On that note, I'll probably move all my domains to Gandi [gandi.net] as they begin to expire because of this (they allow me to exclude my records from the stuff they sell).

    Also, will this penalize people who use their real names but false addresses? From the sound of it, it looks like it would.
    • by Kenja ( 541830 ) on Tuesday September 21, 2004 @09:58PM (#10315633)
      Jebus. People aren't even reading the summery, much less the article. Here, let me refresh your memory.

      Interestingly however, this does not directly outlaw it, instead extending the penalty by seven years for felonies performed using such fraudulent websites.

      So when you use false information to avoid SPAM or protect your privacy are you committing fraud?

      • Re: (Score:2, Interesting)

        Comment removed based on user account deletion
        • The economy? Give me a break, most spam isn't even taxed (since it's illegal). And I don't think spammers have a powerful Washington lobby, yet, anyway.

          You really think politicians really care about protecting the economic interests of a bunch of criminals who can't/won't even help them get reelected?

          And, IANAL, but I don't think providing false information is always considered fraud from a legal stand point. It's legal to use a pseudonym, ect. under certain circumstances.

      • by MrWa ( 144753 ) on Tuesday September 21, 2004 @10:27PM (#10315812) Homepage
        So when you use false information to avoid SPAM or protect your privacy are you committing fraud?

        Yes. You are depriving the company supported by the SPAM of revenue, according to the logic used by the RIAA, and, as a result, should be fine the sum total amount of all lost penis enlargement sales that would have resulted if you provided the correct contact information in your WHOIS registration and not committed fraud.

      • by MrLint ( 519792 ) on Tuesday September 21, 2004 @10:27PM (#10315813) Journal
        This concerns me more than even that. Lets say for the sake of argument that your business gets caught up in a customer complaint and it escalates to a civil suit, or you are falsely accused of spam or god forbid get caught up in an RIAA/MPAA random word search DCMA action, and you are 'hiding' your whois info. Well i can certainly see some overzealous DA go on a fishing filing these charges against you while all the other stuff is being cleared up (because they throw in the kitchen sink to see what will stick) and you may get nailed on this alone, as its the only "real" charge left over from the fishing expedition.
        • Well i can certainly see some overzealous DA go on a fishing filing these charges against you while all the other stuff is being cleared up (because they throw in the kitchen sink to see what will stick) and you may get nailed on this alone, as its the only "real" charge left over from the fishing expedition.

          But if no felony charges stick, then this 'charge' won't matter.

          this does not directly outlaw it, instead extending the penalty by seven years for felonies performed using such fraudulent websites.
          • But if no felony charges stick, then this 'charge' won't matter.

            Except for the legal costs, which you'll have to pay, and the time spent in jail if you can't make bail.

            Sounds to me like this is a pretty nifty way for a government body that doesn't happen to like your version of free speech to level false charges backed with ridiculous jail times as a credible threat. And if you think that the government is above such things, or that you'll somehow get justice for these acts, you've been smoking waaaaay
      • by kfg ( 145172 ) on Tuesday September 21, 2004 @10:49PM (#10315925)
        So when you use false information to avoid SPAM or protect your privacy are you committing fraud?

        No. You are "lying" in terms of applying a masquerade, like when you wear a Holloween mask.

        There is no crime in wearing a Donald Trump mask, or even in calling yourself Donald Trump while wearing one unless you do so with the actual intent to make people believe you really are Donald Trump in order to get money from them. That is the fraud, not the disguise.

        In my state you don't even have to go to court to change your name. Simply start using any alias you want and it defacto becomes your identifier, so long as you don't do so with intent to hide who you are for the purpose of fraud ( such as to evade legitimate debts or court action).

        This law is perfectly inline with American legal philosophy, case law and existing code.

        It is the crime that is the crime and we don't need any more laws making more crimes where there never were any before to "reduce crime."

        Go after the 419 scammers as best you can, but don't make the people hiding themselves from them criminals.

        KFG
    • Why would you wait for your domains to begin expiring? Transfer them now - you don't lose any registration time, you don't have to sweat any deadlines or your domains accidently dropping because you cut it too close, etc.

      I never understand why people wait until their domain is about to expire before deciding it's a good idea to change registrars.

      This new law may not be so bad, but I guess it's just the next step in privacy loss. "Give them an inch and they'll take a mile", whoever came up with that gem.
  • by rel4x ( 783238 ) on Tuesday September 21, 2004 @09:57PM (#10315619)
    ..watching them try to enforce it. It appears that the U.S, like other countries, has still not gotten the idea it's going to be nearly impossible to legislate the internet. I have a feeling this is going to be used more as one of those charges they use when they need an excuse to do a raid, and dont have enough evidence for what they're going for.
    Disagree? Lemme hear it.
    • I do disagree. I don't think this will be used too much in raids, but I do think that it will be tacked onto the tail-end of countless lists of offenses that criminals are charged with, allowing the prosecutors to easily add a few years to the sentence.
      • Sounds a lot like mail fraud. Whenever they charge a guy with a white collar crime you hear, "He lied for years! He stole millions from the pension fund! He destroyed the company! He ruined people's lives! And worst of all...he committed mail fraud!!!"
    • Enforcement (Score:3, Informative)

      by yintercept ( 517362 )

      watching them try to enforce it.

      Sounds more like this effort is about increasing criminal penalties to people who use the fraudulent information in their registry for scams than it is about forcing everyone to give their cell phone and primary email account in their registration.

      For example, imagine a company that uses the address for a local bank in their program to harvest credit card numbers from web surfers. If caught the whois records add to the fraud case.

      If this is the intention of the legis

    • by firewood ( 41230 ) on Tuesday September 21, 2004 @11:11PM (#10316019)
      It appears that the U.S, like other countries, has still not gotten the idea it's going to be nearly impossible to legislate the internet.

      The "internet" can't be regulated, but, if physically located inside US jurisdiction, the registrants and admins can be thrown in jail and the servers can be unplugged. That makes for defacto control of a big portion of the "net".

      • That makes for defacto control of a big portion of the "net".

        An ever-smaller portion of the net with each passing year. So far all such laws have been abysmal failures, and that situation doesn't seem to be changing.

        Max
    • [snip]I have a feeling this is going to be used more as one of those charges they use when they need an excuse to do a raid, and dont have enough evidence for what they're going for.
      Disagree? Lemme hear it.


      As this item only applys to a felony charge related to the false info, chances are if they suspect you commited a felony they will raid you and do whatever anyways.
  • Enforcement? (Score:5, Insightful)

    by Anonymous Coward on Tuesday September 21, 2004 @09:57PM (#10315620)
    How are they going to enforce it when a large portion of those registrants are actually non-US?
    • Simple. (Score:5, Funny)

      by Weaselmancer ( 533834 ) on Tuesday September 21, 2004 @10:14PM (#10315727)

      "Regime change".

    • Note to self: Put a fake address that would be located in Taiwan, not in Wisconsin.
    • Well they just knocked out 300,000,000 people from doing it. Now the other 5,700,000,000 people need to have similar law. This is one thing I think the UN should be very big on. I for one think my country (the US) is far to egocentric and it needs to have more international laws and agreements in place. Conversely the US should try to make any laws it really enjoys international as well (er that is, present them as options, not enforce them with righteousness).
  • by ShatteredDream ( 636520 ) on Tuesday September 21, 2004 @09:57PM (#10315624) Homepage
    I will confess that much my knowledge of federal penalties is second hand, having lived with two former federal agents most of my life, but what good does this do, really? The federal penalties for most crimes seem to already be aimed at simply "crushing the perp and ruining him/her forever" rather than anything resembling pursuit of justice.

    Yet another good reason to vote for Michael Badnarik in November. He wants to move us toward a system based on restitution, not simply locking the perp away and throwing away the key.
    • The federal penalties for most crimes seem to already be aimed at simply "crushing the perp and ruining him/her forever" rather than anything resembling pursuit of justice.

      It's also massively perverted. While the popular example is pot- I'll give you the reverse. In Massachusetts, if you're caught drunk driving, you get a MAXIMUM of 2.5 years, $5k, license suspension for one year (unless you need to get to work- then you're eligible for a limited license after just 3 months, and if you have "hardships"

      • I'm all for strict drunk driving laws. In Virginia, where I live, you don't want to get caught on a DUI, especially if you're an incorrigible offender. There was a guy from NC who got slapped on the wrist 8 times in NC for DUIs, when the VA state police caught him in Southern VA, and found out about his previous **8** offenses he was arrested, his car was seized, his license revoked for a long time and last I heard he was sent to rot for 5 years on a felony sentence in a state prison. DUIs can and often do
  • Well... (Score:5, Insightful)

    by Emperor Tiberius ( 673354 ) on Tuesday September 21, 2004 @09:58PM (#10315632) Homepage
    This will only become acceptable if you cut down on the fraudulent abuse of WHOIS. For example the Domain Registry of America garbage. You also have to take into account annoyances. I remember originally having my authentic WHOIS info and getting called by people wanting to "buy" my domain, for a good price; and various other crap.
  • by JasonUCF ( 601670 ) <[jason-slashdawt] [at] [jnlpro.com]> on Tuesday September 21, 2004 @09:59PM (#10315639) Homepage
    How about enforcing fines, penalties, and heck jailtime for all the fuckhead spammers (both V.AGRA and Register.com) who abuse the whois registry data? Or who want to charge you $10 to "protect your privacy" on top of your $10 registration per month? It's a shell game. I wish we still lived in some magical utopian internet bubble where only good geeks(tm) were on the net, but fact is we're up to our elbows in fuckheads and if I have to put in (555) because I don't want to be telemarketed.. well.. do something about the fuckheads and I'll put a good number in.

    Mmm... now that's a mature reply.. "Congressmen, it's a principle of fuckheads. Take that to the floor!"
  • by anthony_dipierro ( 543308 ) on Tuesday September 21, 2004 @10:01PM (#10315651) Journal

    "The government must play a greater role in detecting those who conceal their identities online," said Texas Republican Rep. Lamar Smith, a sponsor of the bill.

    Scared yet?

  • by BobSutan ( 467781 ) on Tuesday September 21, 2004 @10:01PM (#10315653)
    http://domainsbyproxy.com/

    Nuff said.
    • by firewood ( 41230 ) on Tuesday September 21, 2004 @11:06PM (#10315999)
      http://domainsbyproxy.com/

      Not this particular service necessarily, but this method in general seems to be the standard method to hide ownership (maybe, IANAL). Big corporations get their law firm to incorporate a shell company in the Bahama's or Cayman, and the shell company then buys the property anonymous from the real source of the money. Add more levels of indirection and blind trusts for fancier schemes to hide assets from bankruptcy, lawsuits, divorce settlements, etc. Maybe even legally.

      For a little privacy, all you need is money. Same should work for domain name "ownership".

    • by .com b4 .storm ( 581701 ) on Wednesday September 22, 2004 @12:01AM (#10316205)
      Yeah, except if someone sends a letter (even if it's bogus) to your domainsbyproxy.com address, they'll charge $20 just for telling you it arrived and where it's from. Then, if you want to actually READ the mail, you have to pay even more to have it actually forwarded or read through by a human being. Think hourly lawyer fees, because that's basically what you get with this service. If somebody sneezes in the general direction of your domain, some desk clerk will press a button and charge your credit card for it.

      I had a domain through domainsbyproxy.com, and I ended up receiving a letter accusing me of infringing on a trademark (one that is easily proven to be common and in prior use via Google or Usenet archives, and even previous to the birth of the internet). I turned over the domain because I'm just a student who lacks the resources to challenge a trademark, no matter how obviously invalid, especially for a novelty domain. But I ended up eating that bogus $20 "you've got mail" cost. It's all in the domainsbyproxy.com contract of course, but it's definitely got its drawbacks that a lot of people might not be aware of.
  • by Anonymous Coward on Tuesday September 21, 2004 @10:02PM (#10315656)
    Some of us prefer to have our names listed as: Anonymous Coward on our website registrations
    • I know this is supposed to be funny, but I really had a domain registered as Anonymous Coward for a while. I had given an actual address and was stupid enough to provide my school e-mail address (this domain was registered when spam wasn't *that* big a thing, yet).

      So, when spammers got into the business bandwagon, I must have been one of the oldest in their records, because I started getting spammed really bad -- both physical and virtual. I got so fed up of receiving spam (physical and junk-mail) that I j
  • I register my domains at GoDaddy.com, and use DBP for my WHOIS information. I rarely get any spam coming through my mydomain.com@domainsbyproxy.com address.
    At least with this legislative leniency, my approach won't be outlawed yet.
  • I don't get it... (Score:3, Interesting)

    by LostCluster ( 625375 ) * on Tuesday September 21, 2004 @10:05PM (#10315676)
    Would somebody please show us where exactly the law prohibts registering with 555-555-5555 as a phone number?

    I think we've got the wrong bill associated with this story.
  • How ridiculous... (Score:5, Interesting)

    by DroopyStonx ( 683090 ) on Tuesday September 21, 2004 @10:07PM (#10315690)
    Flat out and to the point: I have a right to privacy.

    My domain is a personal one. It's not meant to be a high profile public site... I get maybe 5 anonymous visitors a month.. why should I provide valid whois info? I don't feel comfortable with doing that and I will NEVER provide real info.

    Instead, how about making sites that involve monetary transactions register valid names?

    I don't give a rat's ass if "this is the internet, it's public," my right to privacy is my own. If you don't like it, tough shit. If they wanna make it illegal, then bring it on - I still won't provide valid info.

    What are they gonna do?
    • Re: (Score:3, Insightful)

      Comment removed based on user account deletion
      • How about you live with it? I have a right to privacy. Right now, my name appears as Mr. Roboto on my domain. It will stay that way and there's nothing wrong with it. My domain has a few paragraphs... one of which is about Lynndie England looking like a freak, theo the other two are meaningless nonsense I use to test my php scripts with. If you think someone will actually arrest me for providing "Mr Roboto" for a domain that serves no purpose, then you truly have problems...
    • by jdreed1024 ( 443938 ) on Tuesday September 21, 2004 @10:57PM (#10315968)
      Flat out and to the point: I have a right to privacy.

      Yes, and no. If you want U.S. Mail service, your address is published by the USPS and sold to marketing agencies and city directories. If you want phone service, your phone number and name (or initials) are published in the phone book. Why should it not be the case that if you want your own domain, you provide correct information?

      Contrary to popular belief, you can in fact live without having your own domain. It is not one of the fundamental rights guaranteed to people. If you needed it to live, that would be different. If the grocery store required you to publish contact info to buy food, that would be different.

      my right to privacy is my own. If you don't like it, tough shit.

      And their right to refuse to sell you a domain is their own. And if you don't like it, tough shit.

      I fail to see why everyone gets so pissy about publishing whois info, and yet doesn't seem to care about having their phone number publish in the phone book. In both cases, you can pay to have it unlisted.

      • You don't need your real name on your mail or in the phone book, and there's no law against listing false ones that I'm aware of. Maybe providing false info to a govt agency (the PO), but that's a tangent. I can have my mail addressed to Occupant and have an unlisted phone number.

        Obviously they have your phone number or address (PO Box), but then anyone who has your WHOIS has your IP address. There's only a certain amount of privacy you have to give up.

        If you aren't committing an act of fraud then it's
      • Actually, I provide a valid email. The name/address on my domain remains invalid. If someone wants to contact me, they can email me.

        That's all they get, and sorry ,but I do have a right to keep my information private, regardless of what anyone says.

        If any authority figure has a problem with it, I'll glady tell them to kiss my ass. If they want to try and do something about it, bring it the fuck on, because they'll be in for quite a surprise.
      • I fail to see why everyone gets so pissy about publishing whois info, and yet doesn't seem to care about having their phone number publish in the phone book. In both cases, you can pay to have it unlisted.

        We do get pissy. The defaults should be for privacy and if you want it to be public you need to take action to make it so.

        Just because the current system is fucked up doesn't mean we should quietly accept it when things get worse. I want my domain info to be private by default and I want my telephone
  • by mikeophile ( 647318 ) on Tuesday September 21, 2004 @10:09PM (#10315696)
    "The government must play a greater role in detecting those who conceal their identities online," said Texas Republican Rep. Lamar Smith, a sponsor of the bill.

    With all due respect to the Representative from Texas, I call bullshit.

    I can understand the problems deliberately fraudulent registration information can be when trying to track down the owners of a malfeasant commerce site, but what about the option to reveal no information to the public?
    • You're free to withhold all the information you want from the domain name registry- and not have a domain name. This will not impede your use of the Internet or operation of servers in any way; you'll just have to use your IP instead of an easier-to-remember character string when you want to link someone to your server. Think of it as the Internet equivalent of an unlisted phone number.

      You have a right to privacy, but you don't have a right to a domain name.
  • So... (Score:3, Interesting)

    by NoMoreNicksLeft ( 516230 ) <john.oyler@noSpAm.comcast.net> on Tuesday September 21, 2004 @10:19PM (#10315769) Journal
    Set up some public keys for federal agencies, and let us post our info in encrypted form... they can read it whenever they want, and no worry of it being harvested by spammers.
  • The bill as originally written, however, focuses primarily on penalties for promoting
    counterfeit music, computer programs, and other media with identical labeling.
    Counterfeit music? As in, "Made in imitation of what is genuine with the intent to defraud"? Does this mean an end to top-40 radio?
  • As they demostrated by their voice (anonymous) vote. Not wanting to be accountable for thier actions. The "Voice Vote" itself should be outlawed.
  • Let's see (Score:5, Insightful)

    by 0x0d0a ( 568518 ) on Tuesday September 21, 2004 @10:31PM (#10315833) Journal
    We have two bills -- one of the two linked-to ones makes writing software like Daemon Tools, no-CD patches, and bnetd (a libre open source battle.net implementation) a federal crime.

    The second bill makes not providing identifying information to let the feds track you down if they know what your website is illegal. (What if I want to speak freely, without fears of being harassed? I can post papers anonymously, but not be anonymous on the Web?) Add in the next obvious thing, a requirement for webmasters to log and be able to provide information for who posted something, and federal law enforcement can track anyone down.

    Combine this with the fact that Cat Stevens [cnn.com] just fell under the eye of the Homeland Security Watch List, had his plane diverted to Maine and was kicked out of the United
    States. As far as I can tell, his main crime was criticizing US involvement in Iraq.

    And Bush's polls are looking better than ever.

    It's an authoritarian next few years for all of us...

    • Combine this with the fact that Cat Stevens just fell under the eye of the Homeland Security Watch List, had his plane diverted to Maine and was kicked out of the United States. As far as I can tell, his main crime was criticizing US involvement in Iraq.

      According to the article, he was identified by the "Advanced Passenger Information System." In other words, Bush just took a piss on Cat Stevens.
  • I'm really torn on this issue on the one hand I like privacy on the web.

    On the other I would like to see people who run spamming and other illegitimate websites to be terribly molested.

    Why not some kind of commercial website whois notice related to accepting funds or displaying product for eventual sale, just because lawmakers are concerned about creating a complicated law in this case they are losing sight of some of the major freedoms they are trying to protect.
  • by Chuck Bucket ( 142633 ) on Tuesday September 21, 2004 @10:50PM (#10315931) Homepage Journal
    I thought this was illegal, I rem filling out something with some legal stuff when I signed up for my domains, and I was bummed that I would have to put my personal details out there. Then I found Domains by proxy [domainsbyproxy.com] and I didn't have to. So, I didn't break the law, but you can't find my name/address/email with a simple whois!

    CB
  • I confused myself (Score:2, Interesting)

    by kongit ( 758125 )
    I don't know whether this is good or bad. I could possibly gain security from the gov't's attempts to stop users from using WHOIS records falesly...ie. they might be using my name or phone number or etc. to do something devious. Or, will I be losing privacy because internet anonymity is slowly becoming illegal?
  • I wonder (Score:4, Funny)

    by WindBourne ( 631190 ) on Tuesday September 21, 2004 @11:00PM (#10315981) Journal
    how soon this congress and admin will outlaw that horrible chemical HOH. It is responsible for so many deaths and can hide terrorists activity. Perhaps, we can get this fine group of people to outlaw such a dangerous item. After all, it would be just about as easy to enforce this one as the whois record as well.
  • by lpontiac ( 173839 ) on Tuesday September 21, 2004 @11:27PM (#10316083)
    domain sullust.net
    status production
    owner Andrew Francis
    email locust@bur.st
    title Mr
    address PO Box 5009
    city Dalkeith
    state WA
    postal-code 6009
    country AU
    admin-c locust@bur.st#0
    tech-c locust@bur.st#0
    billing-c locust@bur.st#0
    nserver ns1.bur.st
    nserver ns2.bur.st
    nserver ns3.bur.st
    nserver ns4.bur.st
    registrar JORE-1
    created 2002-03-25 12:35:22 UTC JORE-1
    modified 2004-03-01 14:21:26 UTC JORE-1
    expires 2008-03-25 06:35:06 UTC
    source joker.com
  • I think this is the right way to go about this.

    It shouldn't be illegal to falsify whois records. Lookup the whois info on your favorite pr0n site. I'll bet it's not a real person that you find. It should be legal to put false information into the whois database because sometimes you're better off without people being able to find out who you are.

    It should be treated with the highest level of seriousness when someone hides behind false information to commit crimes, but providing that false information shou
    • Occurs to me this has another impact: AFAIK, at present in meatspace you can legally CALL yourself anything you want, *so long as there is no intent to defraud*.

      If it becomes unlawful to call yourself whatever you want in cyberspace (and think about it, this could readily be extended to ALL nyms everywhere) it's a short step to doing the same for meatspace.

  • More toothless legislation.

    Quite a lot of the spam I get these days can be traced back to registrars in India. How is this law going to to good in the US?

    It's not. As usual.
  • by macdaddy ( 38372 ) on Wednesday September 22, 2004 @12:15AM (#10316262) Homepage Journal
    I don't use valid records in most of my WHOIS records. I use one domain for posting to usenet, talking mainly about anti-spam stuff. I have another for mailing lists subscriptions. Yet another couple for seeding to spammer's "remove" forms. Then I have a number of personal domains. They all have common DNS records. I don't want spammers getting ahold of my personal information via my other domains. Spammers have a bad habit of attacking anti-spammers. I have also used the proxy registration options of my registrar, Godaddy. Unfortunately that doubles the cost of my domains and isn't very practical. Is there a solution that doesn't cut into your wallet?
  • The thing is I registered 22 domain names with bulkregister.com and 2 with stargate.com. Thing where good for about 2 years and then I moved into a new house, new town, same state. we where in the house for about 2 months (November 2003). Then all hell broke lose as a markiting target I became a hotspot for email, and now telephone marketers and most of it was due to 2 of my domain names. when I moved I had to chase down passwds and account names for 3 different registrars and I changed the contact info for
  • by Tablizer ( 95088 ) on Wednesday September 22, 2004 @12:21AM (#10316292) Journal
    I don't really care if the domain manager knows my home address and e-mail, but why the hell to does the whole goddam world have to see it?
  • The IETF's CRISP working group has developed a replacement for whois: IRIS (Internet Registry Information Service). IRIS allows for different levels of access, so that you don't have whois's "all or nothing" response any more. This will help protect record details like addresses from harvest by J. Random Abuser (spammer, what have you). This is goodness.

    I assume that the law enforcement agencies in the country in which the registry is domiciled would have to provide the highest level of access (equival
  • This is absolutely insane... You are a criminal, for doing nothing more serious than wanting a domain, while not wanting to be trivially-easily identified with that domain.

    Any such law would be the beginning of the end of personal domains, which is probably the true motive of the big companies behind the scenes, asking for the law. Domain names are so cheap anyone can get a few, but it's expensive for a company to have to sue you to get it (and they've been loosing more and more), so in the future, they
  • Let's outlaw more stuff we don't understand.

    Congress should pass a law requiring them to repeal two old, stupid laws for every new one they enact. (That's Bill Maher's by the way--one of the political and comic thinkers of our time.)

    If the framers had been able to predict what was going to happen, they'd have started a 4th branch of government, the sole purpose of which is to go through existing laws with the power to strike out the old, the irrelevant, the conflicting, and make it understandable so t

  • I registered oleg.ws and now I am in a world of pain. Thanks for those yahoo filters. I think there should be an option for non-commercial (non-.com?) users to hide the info but disclose it to people who make a personal application with a legitamate concern.

    As for seven year prison sentence, that's awfully harsh for someone who merely causes an annoyance. Make them do something to compensate the society - like secure public school/library computers - 8hr/day each weekend for a couple of years and most of t
    • I registered oleg.ws and now I am in a world of pain. Thanks for those yahoo filters. I think there should be an option for non-commercial (non-.com?) users to hide the info but disclose it to people who make a personal application with a legitamate concern.

      Some registration and hosting companies will hold your details on file but put their own contact information in the whois records and forward and legitimate communications to you. Domains by Proxy [domainsbyproxy.com] specifically advertises such a service but some hosting

  • As I read it.... (Score:3, Insightful)

    by Anonymous Coward on Wednesday September 22, 2004 @07:07AM (#10317413)
    ..the law in no way requires you to PROVIDE information. It simply requires that information that is PROVIDED must be accurate. From the actual bill:
    (6) the term `counterfeit documentation or packaging' means documentation or packaging that appears to be genuine, but is not.

    If I list my Address as "1234 Testing Lane," I'm in violation. But if I list it as "Not Disclosed", I don't believe (IANAL) that I am. Same goes for name, or listing the name as "System Administrator." E-mail could be listed as "whois@mydomain.com," which would be legit if that was a real e-mail address...

    I don't know a way areound the phone number issue, however. I believe that listing "not disclosed" as a phone number would be within the law, but I'm not sure a registrant will accept that if they validate phone numbers...
  • by Sheepdot ( 211478 ) on Wednesday September 22, 2004 @11:07AM (#10319345) Journal
    Really simple solution for the registrars:
    I give them my real info, they provide fake info. Or I get to continue to fake mine.

    IF SOMETHING GOES WRONG the authorities can leave a message with the registrar who will contact me and tell me to check my messages. I will gladly talk to them if I hear of any problems. In the meantime, sorry Dotster, your monthly newsletters don't even show up in my Inbox anymore.

    If the authorities want, they can yank the website after two weeks of no response from the owner. Or the registrar can choose to give up the owner's info at any time. Who would you register with? Someone that promised to keep your info private or someone that handed it over the very second the feds asked for it?
  • by cdrguru ( 88047 ) on Wednesday September 22, 2004 @11:10AM (#10319380) Homepage
    There are people that for legitimate reasons wish to conceal their identity in various ways.

    However, there are also people that are doing things online that, if they were done on a streetcorner, would get them arrested. They "know" that they cannot be caught, punished or prosecuted in any way because "online" is a law-free zone.

    Why should this be the case? This means that not only spammers and the like can hide in plain sight, but also people that are actively making the Internet truely horrible are allowed to continue. Their actions are decried by governments and corporations alike and, unfortunately, those are the folks that can actually do something to change the nature of the Internet in ways that will be worse for everyone. For example, what would it serve if in order to register a domain you had to be registered as a business? Well, for one thing it would cut out kiddy-porn vendors and 19 sorts of scammers. But, it would also affect a lot of individuals.

    I'm all for people protecting their privacy, but owning a domain and being private are not necessarily the same thing. Being able to hide your identity while posting on various dicussion boards is fine. Being able to set up a store where people can buy perscription drugs without a prescription for 10x the normal price isn't fine - but it is almost impossible to track these people down given the current system. Warez boards can be considered a true benefit to society - until you are a software developer with your sole income from sales of software.

    I think the best example of this is where someone decides in a vindictive moment to register a domain "johnsmithsucks.com" and puts up pictures of John Smith and his family. Photoshopped pictures. Obscene photoshopped pictures. And amusing stories about John, his children and their dog. Try getting such a thing shut down if you have only "N.B." as the name on the domain registration. Yes, you might be able to track down the hosting, but maybe they are unhelpful or a bargin hosting company in Korea. You might be able to get it shut down, but I doubt it without an incredible amount of work. It would probably be better if you just left down quietly and changed your name.

    Is this fair? It can happen today. Would you laugh if it happened to your neighbor? Sure you would, admit it.

You are always doing something marginal when the boss drops by your desk.

Working...