Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Privacy Businesses The Internet Your Rights Online

ICANN Seeks Comment On Limiting Anonymized Domain Registration 86

angry tapir writes: Privacy advocates are sounding the alarm over a potential policy change (PDF) that would prevent some people from registering website addresses without revealing their personal information. ICANN, the regulatory body that oversees domain names, has asked for public comment on whether it should prohibit the private registration of domains which are "associated with commercial activities and which are used for online financial transactions."
This discussion has been archived. No new comments can be posted.

ICANN Seeks Comment On Limiting Anonymized Domain Registration

Comments Filter:
  • by gurps_npc ( 621217 ) on Thursday June 25, 2015 @08:39AM (#49984825) Homepage
    with an army of lawyers and multiple international corporations could remain anonymous.
    • by Krojack ( 575051 )

      Maybe your joke or comment went over my head but I think you have it backwards.

      Domains part of commercial activities or financial transactions can not be shown as private. Us little peons still can have them as private.

  • hmmm (Score:4, Insightful)

    by Paul Frederiksen ( 4160961 ) on Thursday June 25, 2015 @08:40AM (#49984835)

    prohibit the private registration of domains which are "associated with commercial activities and which are used for online financial transactions

    I'm not sure I have a big problem with this. If you do business with a company that can just disappear, that'd be a bummer. That said, you shouldn't do business with a company like that, but people aren't always smart.

    • Re:hmmm (Score:5, Interesting)

      by IamTheRealMike ( 537420 ) on Thursday June 25, 2015 @09:49AM (#49985381)

      Probably would have prevented Satoshi being anonymous when he launched bitcoin.org, and thus might have led to Bitcoin never existing at all.

      • by Anonymous Coward

        that's kind've what i assume this is, some sort of attempted squelch on things bucking the system.

        anyone who has heard of offshore shell companies knows this doesn't affect the 1%; only the rest of us.

    • by msobkow ( 48369 )

      You can run a business without incorporating. As long as the registrant is a "legal entity" for operating a business, they should be able to register a commercial domain.

    • by Krojack ( 575051 )

      I see it the other way around... If the domain is part of some financial institution or doing any type of selling and so on and IS listed as private then that's a red flag and means stay away.

      This will just lead to even more false information and cheap post office box rentals to cover tracks.

    • prohibit the private registration of domains which are "associated with commercial activities and which are used for online financial transactions

      I'm not sure I have a big problem with this. If you do business with a company that can just disappear, that'd be a bummer. That said, you shouldn't do business with a company like that, but people aren't always smart.

      Ant that is why they are using the phrase which are used for online financial transactions as a place to start, and put the system in place. Camel's nose in the tent, as it were. More people will be okay with it. Once the system is in place, it will expand to cover everyone (except, of course, governments, politicians, and large corporations).

      Right now, I can pay my ISP an extra $10 - 20 to anonymize my information on Whois. I still have to provide it to my ISP - that has already been made a legal req

    • prohibit the private registration of domains which are "associated with commercial activities and which are used for online financial transactions

      I'm not sure I have a big problem with this. If you do business with a company that can just disappear, that'd be a bummer. That said, you shouldn't do business with a company like that, but people aren't always smart.

      I've registered several domains in the past and never been asked if they were for personal or commercial use. Are domain name registrars now going to be in the business of policing how domain names are used? At the present time, I don't think they have any involvement in how a domain is actually used, and many are used for multiple purposes, some commercial and some not. Who exactly is going to be responsible for doing this kind of content policing? If it is the registrars, I imagine the cost of registe

      • by KGIII ( 973947 )

        What I find most amusing is that when the US government takes down a site they then register the domain name and keep it registered to prevent other people from using it. So, to the registrar, this is pretty much guaranteed money. I do not remember the name but just recently the, the US government, failed to renew a domain name and had to steal it back again. It was an amusing article.

    • At the expense of political free speech globally? Donations and bitcoin are financial transactions as well. I'm completely against this.
  • ICANN has been pro-profit for some time now. They make more money by allowing registrars to sell anonymized domains than if they do not. The privacy question is just window dressing.

    In the end, though, it doesn't make much of a difference. I used to take the time to do WHOIS lookups on particularly egregious spamvertised domains (specifically ones selling counterfeit or contraband products) and contact their registrars and hosting providers. Did it make a difference? No. I even found that specific registrars were notably complacent and willing to do business with the characters behind such operations, so I reported said registrars to ICANN. Did ICANN do anything? No.

    I also pointed out to ICANN that selling gTLDs would be a bad idea as it opened the floodgates to more such doings. Did they care? No.

    In other words, if you are concerned that ICANN might start to prohibit anonymized registration, don't be. They are just trying to drum up some PR to make it look like they care about more than their bottom line. It will all pass soon.
  • by waspleg ( 316038 ) on Thursday June 25, 2015 @08:43AM (#49984845) Journal

    Namecheap sent this out 2 days ago:

    Hello *redacted*,

    Over the weekend, Namecheap customers sent more than 5000 comments to ICANN, to help fight for privacy and save Whois protection. What an amazing, positive response!

    Unfortunately, due to the way ICANN chooses to approve comments, your voice may not have been heard. We deeply regret this and want to make sure ICANN hears what you have to say. We have revised the way comments are submitted to ICANN via our site RespectOurPrivacy.com. If you submitted a comment to ICANN before June 22, 2015, we would like to ask you to please go back and do so again, to insure your message reaches its target. We sincerely apologize for the inconvenience. This is a truly important and urgent issue, so from the bottoms of our hearts: THANK YOU for taking the time to submit your comments a second time.

    If you haven't submitted your comments to ICANN yet, we encourage you to do so now. Visit RespectOurPrivacy.com and we'll guide you through the process.

    We are dedicated to making sure ICANN hears your voices loud and clear. Together, we can win the fight for online privacy!

    Warmest regards,
    Richard Kirkendall, CEO
    Namecheap.com

    It was enough to convince me. I sent them an email and allowed ICANN to publish as part of the public record.

    • to play devil's advocate (for now anyway) can't State-level actors simply demand this information anyway?

      I'd be happy seeing cryptographically-secure domain registrations, but I'm not sure the status quo does anything but lull users into a false sense of complacency.

      People who want real privacy are using .onion domain names now, because of the current reality. Making the truth plain isn't always a bad thing.

      • by waspleg ( 316038 )

        It doesn't stop law enforcement but it does make it harder for every random asshole with a grudge to mail you elephant shit. [poopsenders.com] or, you know, threaten your family, stalk your pets, whatever.

        • The summary stated this was about domains

          associated with commercial activities and which are used for online financial transactions.

          Is your personal webpage involved in such activities? If not, it would be exempt. No worries though, ICANN knows they will make more money if they do allow anonymous registrations to continue, hence they will. This is just ICANN trying to get some publicity - after all, all press is good press, right?

          That said

          random asshole with a grudge to mail you elephant shit. or, you know, threaten your family, stalk your pets, whatever.

          Happens so rarely it is pretty much a non-issue. Out of how many hundreds of millions of registered domains, such things have happened how many dozens

          • by waspleg ( 316038 )

            That's pretty broad and vague. Does the website which is registered in my name but which is actually my girlfriend's for the local comedy scene count? It has no ads but helps comedians get stage time, some of it paid.

            It seems to me that any site with an ad portal or an affiliate program link would count. Not just people selling widgets.

            As for random harassment, apparently we've been in different online circles ;) it was very common in the crowd I ran with 20 years ago and still happens on occasion - I've ev

            • That's pretty broad and vague. Does the website which is registered in my name but which is actually my girlfriend's for the local comedy scene count? It has no ads but helps comedians get stage time, some of it paid. It seems to me that any site with an ad portal or an affiliate program link would count. Not just people selling widgets.

              That's the issue.

              Ads alone are enough to qualify a site has having a commercial purpose.

              Run a blog with ads on it? That's commercial, your real name and real address needs to be on it.

              Consider the many blogs revealing TSA problems, The popular "Taking Sense Away" was ad supported. The tsa employee running the site would need to reveal his real name and address.

              Consider Groklaw, a site that many /. users referenced for the decade it was in operation. The founder (for good reasons) wanted to mask her ide

          • Happens so rarely it is pretty much a non-issue.

            It's happened to me so this is definitely not a non-issue for me. I had someone harass me online making all sorts of accusations of "crimes" I've committed and threatening to report me to the police. She claims god talks to her - so no use arguing with her. Do I actually think the police would do anything based on "Hi I'm RANDOM PERSON and god told me this guy's evil?" Of course not. She could make my life a living hell, though if she knew my real name an

          • Is your personal webpage involved in such activities?

            That's the problem. That isn't an easy question to answer.

            What does "associated with commerical activities" mean? does running adverts or having a donate button to help pay for hosting count? does posting links to your activities on commercial sites that runs adverts like youtube, facebook and twitter count even if none of the money from those adverts comes to me? does saying you are looking for work on a blog count?

            If something like this goes through expect broad interpretations of "commerical" to be used

  • specifically all the phishers and botnetters that register disposable domain names continuously. maybe that would at least be another thorn in their side?

  • I'm tired of people owning domains with no way to contact them because of "whois guarding". Maybe ICANN can also go all the way and recall accreditation for registrars known for registering malware/typoscamming/etc domains.
  • Well... (Score:5, Insightful)

    by EmeraldBot ( 3513925 ) on Thursday June 25, 2015 @09:14AM (#49985097)
    I have a feeling all the people who are talking about their privacy being invaded have yet to read the summary. It specifically mentions websites associated with "business and financial transactions". Are you proposing that to run a legitimate business, you don't ever have to reveal to your customers such basic things like a phone number or a mailing address? I find it awfully hard to trust a business that doesn't want any interaction with its customers whatsoever.
    • by krelvin ( 771644 )

      Nothing more annoying than having a business domain which has hidden their contacts behind a privacy by proxy which never gets responded to to deal with a technical issue related to their domain (email for example).

    • Re: (Score:3, Informative)

      Showing advertisements is classified as running a commercial business. I don't think I would want my personal details divulged just for showing advertisements to cover hosting costs.
      • Then don't host adverts. You are a business, even if you aren't trying to make a 'profit'. TANSTAAFL.

    • by PPH ( 736903 )

      This is a good point.

      In the bricks and mortar world, one must obtain a business license from one or more government offices. And to do so, you must provide an address as well as the identities of company owners or officers. In some jurisdictions, this is a simple task. In others, it can involve months or years of winding your way through various bureaucracies and bribe paying. Many businesses avoid setting up shop in some of the most corrupt locations. And since most licensing is largely a local issue, it

    • What's the problem? Nobody forces you to deal with a business you don't trust.

    • Re:Well... (Score:4, Insightful)

      by MobyDisk ( 75490 ) on Thursday June 25, 2015 @10:17AM (#49985605) Homepage

      Are you proposing that to run a legitimate business, you don't ever have to reveal to your customers such basic things like a phone number or a mailing address?

      Actually, this happens all the time.

      I have purchased ads from Google, and I have never been given their address. Google goes out of their way to make sure there is no way to find a human for technical support. Same goes for Steam, eBay, PayPal. Today companies give you a forum and expect the community to support themselves. It's almost impossible to find them unless they sell a physical product.

      • by Dahan ( 130247 )

        Actually, this happens all the time.

        I have purchased ads from Google, and I have never been given their address. Google goes out of their way to make sure there is no way to find a human for technical support. Same goes for Steam, eBay, PayPal. Today companies give you a forum and expect the community to support themselves. It's almost impossible to find them unless they sell a physical product.

        Well, maybe you weren't given their address, but Google certainly doesn't try to hide their address or make it difficult for people to find. You can even Google for "Google Headquarters". But more on the subject of what ICANN's doing, their contact info is listed in their whois [icann.org] record.

        As for getting a human for technical support on ads: Start at www.google.com [google.com] -> Advertising [google.com] at the lower-left -> AdWords Help Center [google.com] under Learning & Support at the bottom -> CONTACT US at the upper-right, followe

      • by phorm ( 591458 )

        I don't know about an address, but I've talked to people from Paypal and eBay by phone, and know those who have done so with Steam.

    • Why are owning a domain and running a business from that domain considered the same? What if I own a domain and lease it out? Why should I have my personal details made public for a business which I do not own?

      Who is to oversee this whole thing? Most likely, a bureaucracy that is incapable of handling the tsunami of complaints it will receive. The scammers, who presumably this proposal is intended to protect us from, will just fill in fake whois information as they always have and hide behind that, while al

  • by e70838 ( 976799 )
    Why do you want to have a name on internet et remain anonymous ?
  • Quite simply my Whois data has only been abused. I have received phony bills from fictitious domain registries. I have received threatening letters from companies that I was violating this or that. And then there is the endless spam. Except that this spam carefully exploits the data found in my whois data.

    On the other-hand I don't know of anyone who benefited from whois data beyond curiosity.
  • by Anonymous Coward

    Registrants of domains SHOULD be publicly contactable. It should not be OK for a domain to exist and there to be no way to get in touch with the owner of that domain (if they're sending spam, if you suspect their server has been compromised, if you have a legal issue with the domain's existence.) This is why there's a requirement for WHOIS information to exist. Contacting the owner of another domain SHOULD be a thing that you can do.

    The current "anonymous" registration process (other than being a cash co

  • by Anonymous Coward

    Speaking as an IT Consultant, generally any problem with a business should go to the business owners themselves.

    I manage around 60 domains for various clients including a few financial entities.

    My relationship with them is contractual and related to their IT infrastructure ONLY.

    Should it become mandatory to list my personal contact info in whois directly, then any chump with whatever made up beef can just toss my info in with his "sue world +dog" fantasy tort.

    Here's a pro-tip, don't be stupid. Only do fina

    • by Anonymous Coward

      The domains should be registered in their name, not yours.

  • When I registered one particular domain, I was on vacation and I used an RV Park address. It's still set up that way. Gosh, gee-wiz, how I have been so severely punished for not using my business address.

    I don't use that domain now, but for those in favor of full disclosure, an unscrupulous, but savvy, business will want to come off as legitimate as possible with an address published right there on the website (of the local homeless shelter) and a phone number (hard to fake I know).

    I favor the comments he

    • Follow the $$$

      Actually, from what I've read, the real force behind the "no anonymous domains" push is the MPAA. If you set up PiratedMovies.com and make your WHOIS information private, it makes it harder for the MPAA to sue you. Not impossible, mind you. They can do it, but it takes a court order and the domain registrar giving the information to the court. The MPAA just wants to look up WHOIS to find who to threaten to sue.

      They know they'll lose right now if they push to have all private WHOIS informat

  • The current rules do not permit anonymous information! These anonymous proxy services are the actually owners of the domains which licenses the domains back to the customers. See Balsam v. Trancos and Solid Host v. NameCheap.

    ICANN simply does not really enforces its rules, they never have. The only time ICANN gets off their ass is when they are really publicly embarrassed, trying to get rid of Karl Auerbach, or Registrar meltdown.

    In its recent rules, ICANN has adopted definitions for privacy services which

    • The proposed rules go beyond simply recognizing privacy services to deciding which legitimate domain owners are deserving of them, which is a task that ICANN should not be involved in.
  • There are a few exceptions. A few. A legitimate business, though, almost always has some sort of presence in the the real world, and wants customers to be able to contact them to transact business. If a business wants to be anonymous, fine, but don't expect me to do business with you. A business with a "privacy protected" whois is inherently very, very suspicious to me.

The sooner you fall behind, the more time you have to catch up.

Working...