Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Privacy The Internet

ICANN's Plan To End Commercial Website Anonymity Creates Real Problems 202

An anonymous reader notes that ICANN is closing the comment period for its plan to prevent owners of commercial websites from keeping their personal details out of a site's public-facing registration information. Digital rights groups are taking the opportunity to explain how real harm can result from this decision. The Online Abuse Prevention Initiative posted an open letter to ICANN pointing out the rise of doxing and swatting: "Our concern about doxing is not hypothetical. Randi Harper, a technologist, anti-harassment activist, and founder of the Online Abuse Prevention Initiative, was swatted based on information obtained from the Whois record for her domain. The only reason law enforcement did not draw their weapons and break down Harper’s door was that she had previously warned her local police department about swatting."

Cathy Gellis at Popehat refers to the situation surrounding Charles Carreon, the man who antagonized The Oatmeal (Matthew Inman's webcomic) and issued legal threats to those who called him out. "In that case the critic had selected a domain incorporating Carreon's name in order to best get his point about Carreon's thuggery across, which the First Amendment and federal trademark law allowed him to do. ... Unfortunately, the registrar immediately caved to Carreon's pressure and disclosed the critic's identifying information, thereby eviscerating the privacy protection the critic expected to have, and depended on, for his commentary."
This discussion has been archived. No new comments can be posted.

ICANN's Plan To End Commercial Website Anonymity Creates Real Problems

Comments Filter:
  • OAPI is a Scam (Score:5, Insightful)

    by Kunedog ( 1033226 ) on Wednesday July 08, 2015 @04:11AM (#50067525)
    Randi Harper is a notorious harrasser and citing her in relation to anything (especially harrassment prevention) seriously damages the credibility of your cause.
    • Re: (Score:2, Informative)

      by Anonymous Coward

      Randi Harper is a notorious harrasser and citing her in relation to anything (especially harrassment prevention) seriously damages the credibility of your cause.

      She seems to know quite a bit about harassment though, harassing people nearly daily gets you a lot of experience.

    • Re:OAPI is a Scam (Score:5, Insightful)

      by Crashmarik ( 635988 ) on Wednesday July 08, 2015 @04:27AM (#50067561)

      Seriously Ms. Harper has quite the history of censorship and harassment
      http://s2b20blog.mukyou.com/hi... [mukyou.com]

      Or rather incompetent censorship seeing as her twitter blocker software runs guilt by association.

      • by Kunedog ( 1033226 ) on Wednesday July 08, 2015 @04:59AM (#50067641)
        What's appalling is that the /. editors must be aware of her history by now. It's been pointed out repeatedly in the comments of multiple stories posted to the front page (including OAPI's founding). They're exploiting serious issues to try to build publicity and goodwill for hypocritical, attention-seeking "activists" who clearly deserve the opposite.
        • Re: (Score:3, Interesting)

          by Anonymous Coward

          I've visited Slashdot multiple times a day for the past 15 years. I also read a variety of news on other websites, daily. I've never heard of this person before. Perhaps they aren't as well known as you'd like to believe.

        • Re: (Score:2, Insightful)

          by ctid ( 449118 )

          Randi Harper has done an excellent job of bringing to the wider Internet's attention ICANN's plan. I know I had not heard about it until I read the page that she set up.

          You can't dismiss her just because she set up ggautoblocker.
           

        • Re: (Score:2, Informative)

          by AmiMoJo ( 196126 )

          If you have a genuine complaint then make it. Include some actual evidence, not just insinuations and innuendo, and not just links to blogs and imgur. The kind of stuff a respectable journalist might accept, or even better that the FBI might be interested in (since there are claims of fraud and harassment, and active investigations that would accept such material).

          The only people making these claims are the ones who are butthurt over the GGAutoblocker and the fact that the GG IRC logs were published.

          PS. -1

          • Re: (Score:2, Troll)

            by fche ( 36607 )

            "Include some actual evidence,"

            Are you insinuating that the captured IRC etc. traffic on display there is faked?

            "The only people making these claims are ..."

            No.

          • LEL, I post a response as you asked, with actual evidence, used by an actual journalist, and you set me as foe and moderate my post as -1 Troll from your sockpuppet.

            "PS. -1 offtopic and -1 troll are not your personal censorship tools. Don't be cowards with your moderation, post your responses instead."

            Hypocrite.

      • Re: (Score:1, Insightful)

        by Anonymous Coward

        The blocker is incredibly effective. It blocks all forms of garbage I would be alright with never ever seeing.

        But that's beside the damn point.

        There are MANY websites that are hiding behind little more than an anonymous proxy account (eg at godaddy) and cloudflare (to hide the real machine), there's sites like 4chan, sites that harbor childporn, sites that traffic in pirated films, games, comic books, anime, etc, you name it. This is the kind of stuff the DMCA safe harbor clause was not intended to "save" a

    • Re:OAPI is a Scam (Score:4, Insightful)

      by BitZtream ( 692029 ) on Wednesday July 08, 2015 @06:00AM (#50067783)

      $10 says Randi Harper is the one who submitted the story

    • by Z80a ( 971949 )

      It's still a case of abuse of the system that can became very frequent if this becomes mandatory.
      Even if was a case of "false flagging", the mandatory real id will basically give a blanket excuse for all the people using those techniques as well.

      So, no matter on the side of the discussion you are, its still a bad thing for you.

  • Straw man? (Score:5, Insightful)

    by Demonoid-Penguin ( 1669014 ) on Wednesday July 08, 2015 @04:24AM (#50067551) Homepage

    The problem, IMO, is that .com(.*) sites are not exclusively commercial, and other TLDs can be commercial. If you want to run a commercial site that takes money (not advertising revenue) from sales - you should provide publicly accessible, verified, identification and contact details.

    If your site doesn't sell things then you should be able to protect your details from the public.

    You should also be able to not be liable for people speaking their mind, within limitations - but that's another complex issue.

    • by Anonymous Coward

      If your site doesn't sell things then you should be able to protect your details from the public.

      What if your site has advertising banners?

      • If your site doesn't sell things then you should be able to protect your details from the public.

        What if your site has advertising banners?

        Are you selling things? (i.e. pay per view or pay per conversion). If you benefit from sales you are selling things - and should be able to be held liable. No different than bricks and mortar.

        e.g. you own a shop - you tell people the drug shop down the road sells good drugs, and you get paid for every customer that goes through the drug shop door. I don't have a problem with you wearing a false moustache and telling people your name is Bill Smith - different issue if you get paid for every customer that buy

    • This is how it used to be done in some countries. I remember Australian registrars refusing to register .com.au domains if you didn't have an associated ABN (Australian Business Number assigned by the tax office to registered businesses). I had a problem where outdated ABN details didn't match the entry I was trying to put in the WHOIS records. Clearing the mess took a few days.

      Though today it looks like click and play just like .com domains.

      • This is how it used to be done in some countries. I remember Australian registrars refusing to register .com.au domains if you didn't have an associated ABN (Australian Business Number assigned by the tax office to registered businesses). I had a problem where outdated ABN details didn't match the entry I was trying to put in the WHOIS records. Clearing the mess took a few days.

        Though today it looks like click and play just like .com domains.

        It's still supposed to be the case (I'm a registered domain registrar) - but it is rarely enforced, despite my continual arguments (please don't guess who I am, it should be pretty obvious but... I use a pseudonym for a reason).

        MelbourneIT, GoHosting, and VentraIP are the worst offenders by numbers. The last two are the biggest scumbags [icann.org] (front-running and domain hijacking). GoHosting have spent years stalling on DNSSEC and avoiding penalties for flagrant breaching of policies. In fairness the fish rots fro

        • The ATO wasn't stalling. The problem was procedural on the side of the business owner. They didn't fill in the required paperwork and they would likely have gotten a visit from the ATO come tax time anyway. But that's neither here nor there.

    • by houghi ( 78078 )

      In hindsight, the whole com, net, org idea was stupid to begin with. The best would have been to ONLY use the countries different TLDs.

      "But what about debian.org and the like?"
      Well, either you register in one country and use that domain or you register multiple times.

      "But that costs extra money, that we do not have" Then use only one domain.

      "But my country does not allow me to have a domain." Then take one that does

      I do have an org domain. I would not mind if they suddenly deside to change it to org.us.

      That

      • [...]"But what about debian.org and the like?"[...]

        Noted, bookmarked, not understood (I can be a bit thick) - I'll get back to it (my apologies, I'm busy and tired (and emotional - it's an Aussie thing) at present.

      • In hindsight, the whole com, net, org idea was stupid to begin with.

        It wasn't stupid, it was just wrong. They didn't think "which legal jurisdiction will apply?" would matter.

        Keeping force impotent and jurisdiction irrelevant, will be on everyone's mind when whatever-comes-after-DNS is designed.

      • It's not easy to follow either your post - but I'll try. Please consider a spell checker and the use of formatting.

        In hindsight, the whole com, net, org idea was stupid to begin with.

        Could you expand on that?

        The best would have been to ONLY use the countries different TLDs.

        .TLD for US, .TLD.countrycode system works fine for me. It would be simpler is .TLD hadn't been made available to entities based in other countries - but that's part of a long history of ICAANs fuckups. It's impossible to start over - but if we could then I'd have made .com and .com.* only available to commercial organisations, and .org/.org.* only available to register

    • by cdrudge ( 68377 )

      IMO, is that .com(.*) sites are not exclusively commercial, and other TLDs can be commercial. If you want to run a commercial site that takes money (not advertising revenue) from sales - you should provide publicly accessible, verified, identification and contact details.

      If you're a small company that operates out of your home, you may not want your street address and home phone directly published in association with your company name. How is a whois privacy guard that acts as a proxy any different than sa

      • IMO, is that .com(.*) sites are not exclusively commercial, and other TLDs can be commercial. If you want to run a commercial site that takes money (not advertising revenue) from sales - you should provide publicly accessible, verified, identification and contact details.

        If you're a small company that operates out of your home, you may not want your street address and home phone directly published in association with your company name.

        Then you should register your business at another address or you shouldn't be in business. I never said or implied that the home address of business principals should be in whois (and neither is ICAAN) - only that the correct contact details for the business should be.

        How is a whois privacy guard that acts as a proxy any different than say Amazon listing their legal department with a PO box [domaintools.com]? It's not like a PO box is a real person or publically accessible. It really doesn't give you any more information then the whois proxy. I mean, should't Amazon's whois information list Jeff Bezos's personal information or something?

        Since when is a PO box not publicly accessible? Amazon (Amazon Technologies, Inc.) is a registered company, not Jeff Bezo as a sole trader using a trading name registered to his house.

        The test is - is the business legally registered? Are the p

    • by allo ( 1728082 )

      maybe the ".com" = US should shift to ".us" = US?

      • maybe the ".com" = US should shift to ".us" = US?

        It's an idea. The some what artificial shortage of available domain names also needs to be addressed. Too many manage to either blatantly flaunt the rules on domain name squatting, or skirt the edges. Enforcing and tightening those rules will likely cause more out-cry than the current proposed changes. Most of which are based on incorrect interpretation of the changes - or defence of shonky business practices.

        • by allo ( 1728082 )

          and with the "new" domains, we get no new names ... but every owner of a name needs to ... ... get NAME.newdomain for each domain ... try to get his own .NAME top level domain, if its a big brand.

          Nothing gained. But money for new registrars.

          • Nothing gained. But money for new registrars.

            I haven't realised any greater revenue from the new domains - at least none that isn't cancelled out by the additional administration costs.

  • Given that it's been associated with people that harass under the banner of "anti-harassment", their claims are impossible to believe. The only reason that such "anti-harassment" groups exist is for the coordinated silencing of individuals that present uncomfortable, narrative-breaking facts.

    The bulk of their harassment claims end up being disproven, while their harassment of individuals is well-proven (see Chelsea "ZQ" van Valkenberg, R.H., and others).

    • Re: (Score:2, Flamebait)

      by ctid ( 449118 )

      Of course you can provide evidence for all of this? Also, why did you not just say, "Zoe Quinn"?

    • Re: (Score:3, Informative)

      by ctid ( 449118 )

      the coordinated silencing of individuals that present uncomfortable, narrative-breaking facts

      For those people who are unaware what this poster is talking about, Randi Harper set up ggautoblocker, which helps GamerGate harassment victims. The poster seems to think that this is "silencing" people. Of course nobody is "silenced". ggautoblocker just helps other people not to have to listen to them.

      • by dave420 ( 699308 ) on Wednesday July 08, 2015 @08:01AM (#50068345)
        Apparently letting people close their eyes is harassment. Weird. I guess remote controls are, too, as you can use them to change channels. This level of knee-jerk reaction from adults who honestly sound like scalded children is heartbreakingly pathetic.
        • No, ctid is intentionally lying to try and make this Randi person out to be not a harasser.

          http://www.breitbart.com/big-j... [breitbart.com]
          http://www.breitbart.com/big-h... [breitbart.com]

          As I have no way to verify any of the claims in these articles, you are better off reading them yourself and coming to a conclusion. However, sending comments like in the first article is harassment, and that is out in the open.

          Comments like this are harassment, no doubt about it:

          “Set yourself on fire.”

          “You’ve made your bed, now

          • by ctid ( 449118 )

            Quoting Breitbart to back up your views is not exactly going to convince normal people now, is it?

            • Refute what they said, not the source. They have citations, where are yours? I know nothing of Breitbart, but I do know that citations are the basis of things like this. Are you saying that Roberto Rosario isn't in the ggautoblocker, or that he is somehow a harasser? Show your work. Are you trying to claim that Chris von Csefalvay did not get harassed for doing a scientific article about gamergate, or that he did but he is wrong because it disagreed with Randi? Did Claire Schumann not get harassed rig

              • by ctid ( 449118 )

                "I know nothing about Breitbart".

                1. I simply do not believe you, but if that is true, it might be worth doing a quick search to see what sort of organisation they are;
                2. It is my understanding that Robert Rosario was taken out of the blocklist;
                3. I have no idea who Chris von Csefalvay is, nor Clairek Schumann;
                4. It is ludicrous to say that Vivek Wadhwa was "harassed into no longer advocating for women in tech", just as it's ludicrous to suggest that the ggautoblocker "censors" or "silences" people.

                I have no

    • by dave420 ( 699308 )
      It would help your argument if you could offer some actual evidence, instead of just venting everywhere like child made to look foolish...
    • by AmiMoJo ( 196126 )

      Do you have any evidence of this that you can cite? And when I say "evidence", I don't mean random blog posts and tweets.

      • Here is my response to Dave420 asking the same thing above.

        http://yro.slashdot.org/commen... [slashdot.org]

        You can try to claim that Breitbart is just some shitty blog or whatever, but they have all the evidence they were able to gather linked in there. So if you disagree with them, provide your own proof.

  • by Anonymous Coward

    Here's something completely different to consider...

    1. Someone finds a website (of someone they don't like)
    2. Get the persons details from the WHOIS report
    3. Load up Tor and falsely accuse the person of being a child molester
    4. Wait for mob mentality to kick in and the person gets murdered as a result

    And I live in the UK, a country that has a general "kill first, ask questions later [huffingtonpost.com]" mentality when it comes to people accused of being pedophiles and child molesters.

    So, yeah, this is pretty fucking bad.

    • Something similar to this almost happened to me. There's a woman online who has been harassing people. She found my blog where I post under a pseudonym. (I'm not posting the pseudonym or the woman's name here lest she link my pseudonym with my real name.) She claims to be a prophet from god and "god" tells her all sorts of awful things people have done. She then goes and alerts the police/family members/companies those people work with/etc. about those bad things.

      One of her primary targets is a teacher

      • Sounds like a pretty clear case of defamation. You should get a nice payday out of that.

        • The problem is getting any police/legal work done across country borders. As it stands, she was tweeting claims that I kill babies so I contacted Twitter and they refused to do anything about it. Apparently, saying that someone is a baby killer isn't grounds for account suspension.

      • If you get a lawsuit filed against you, aren't you entitled to know who did it? I'd hate to be told somebody was suing me and I had to defend myself against a mysterious plaintiff.

        • Actually, I misspoke a bit. I believe the person was filing a complaint and readying a potential civil suit. When the police in the harasser's area were contacted, they went to her house, told her just who was filing the suit, and then left. So the harasser spun it (in her mind and online) that the police believed that god talked to her and kept up her behavior. Meanwhile, the court system fizzled out the case. Has this harasser been the type of person to travel to bother someone in person, the woman s

    • by allo ( 1728082 )

      There are two points in your post, but they are not related at all.

      1) ICANN destroys anonymity
      2) people can (sometimes) ruin you with rumors.

      But there is no reason, why a non-anonymous domain leads to false accusations.

  • by Trax3001BBS ( 2368736 ) on Wednesday July 08, 2015 @05:18AM (#50067693) Homepage Journal

    Never post anything I wouldn't want my kids to read, this was long time ago; knowing that one day they may search my post out.

    I've never been in a flame war and the only curse word I've ever used on-line - was go figure when chatting to my youngest :) now mid 20's.

    I used a handle on the Usenet and only posted there, Googling that handle now gets 12,000 hits and all of them on .com sites, they are everywhere. Chances are very good if you Google a computer help question you'll come across a post of mine as a first hit at tomshardware.com (they must pay for that honor), a place I found as many of my post were showing as being from there..

    Now many sites it appears use the Usenet postings as showing how busy/active their comment sections are. At least most are now showing up as "guest" or not able to be replied to (a reply that would never be seen nor sent).

    I can't be held accountable for anything posted to a .com site under that handle, as I can't vouch for any of them not being edited.

    • Is there anything about this post related to the topic at hand?

    • by houghi ( 78078 )

      I had this rule before I was even on Internet. I knew that some things come back to bite you because things change. I had these discussion about what privacy was and what should be public. We had these discussions at the age of 15.

      Politicians are not even allowed to change their minds ever.

      That said, I have seen things I posted on Usenet where I have the complete opposite opinion right now. People change ideas. Extra information becomes available. What was OK a while ago is not ok now and the other way arou

      • That said, I have seen things I posted on Usenet where I have the complete opposite opinion right now. People change ideas. Extra information becomes available. What was OK a while ago is not ok now and the other way around.

        Are you sure it wasn't the kool-aid? Or did this magical transformation in opinion occur when you had to start working for a living?

  • Randi Harper. (Score:1, Informative)

    by Anonymous Coward

    Are we talking about the woman who doxxed a debt collection agency director?

    The one woman who harassed silicon valley ceo and feminist Whadwa?

    Who told her ally Claire Shuman to get fucked because she wanted was to fine common ground with the group Harper wants to vilify and put on employment blacklists?

    Lmao, ok.

  • Useless plan (Score:5, Insightful)

    by aaaaaaargh! ( 1150173 ) on Wednesday July 08, 2015 @05:52AM (#50067761)

    This plan would perhaps make limited sense if companies would actually answer emails and snail mail. They often don't, especially not in the problematic cases when anonymity could also be a nuisance. No, you will not suddenly be able to contact the poker company on Malta registered by a strawman in order to tell them that they should kindly delete your credit card information. It's not going to happen.

    The whole construction is useless. A de-anonymization will not give any advantage to customers of businesses, it will online increase online harassment, particularly of semi-commercial bloggers and media, and increase the amount of spurious legal letters sent to small businesses by copyright and patent trolls.

  • by tlambert ( 566799 ) on Wednesday July 08, 2015 @06:13AM (#50067811)

    Since you can always get the information by showing legal cause and obtaining a court order, I really don't see what use de-anonymizing domain name registration serves, other than to make it less expensive to obtain large amounts of information for relatively little cost, as opposed to having to be sure enough of something that you can justify the court order.

    The ICANN proposal as it stands is pretty stupid, and Doug Brent would likely have never had his name associated with it while he was COO, and Jon Postel sure as *hell* would not want his name associated with it.

  • ICANN exists to make money. This plan is not helpful for that goal. They are just doing this to get people to pay attention to them again to justify the salaries they pay to their top management. In another few weeks they will announce a "compromise" that will make this all go away and make them look like they are pro-privacy (or in some other way good for the hobbyists who they actually don't give a shit about).
    • > ICANN exists to make money.

      Not according to their own public descriptions and charter, at https://www.icann.org/ [icann.org]. They're supposed to be a service to the Internet as a whole.

      The plan is potentially _very_ helpful, in that it encourages using third party DNS providers who are more profitable customers for ICANN: they require far less support per domain name than your average domain holder, and they tend to be more organized about paying their bills. It transfers the overhead of individual customer suppo

      • ICANN exists to make money.

        Not according to their own public descriptions and charter

        Their mission statement is bullshit. They are run by people who are concerned with making money above all else. Look at the crappy decisions they have made in the past with pure profit motives behind them (selling gTLDs to the highest bidders being a prime example) and you'll see where their real interests lie.

  • all you have to nullify this is have the domain "technically" owned by a third party. Then references to the owner will be traced back to a hosting company.

    You can't stop people from being anonymous. Who ever came up with this idea is a dipstick.

    • The problem is well beyond that. The criminals will just provide useless whois info, because that is what criminals already do, and ICANN and all of the authorities will not have the time to investigate claims of false information, plus lots of people suffering from other issues, such as poor local postal service, registrar database errors, false claims of fraud by competitors, etc., will have their domains seized unjustly. The vast majority of people actually impacted by this will be legitimate, law-abidin
      • Legit users can hide their names by proxying the ownership.

        I already do this... I have a corporation I set up just to own things for me. I own the corp and all the information on the corp goes to a PO box. So... whatever.

        All the mechanisms to obscure your identity are already there.

        Think like an IT man... how often do we deal with machines that want things just "so"... and they can't be just "so" for some reason. So what do you do? You tell the machines they're just "so" anyway and then set up the rest of t

        • There is a significant number of people who either don't know how to do those things or cannot do those things. These rules are for everyone on the WWW, not just Americans.
          • that's a myth... there are no people outside of the US... just evil ghosts... :P

            Seriously though... this is what you can expect for resting control of ICANN away from the US. We warned you that we protected free speech better than your gaggle of international organizations and you didn't listen.

            So... expect ICANN to be increasingly obnoxious as the French, the Iranians, and the Chinese start exerting more control over it.

            For my own part, I'm going to be selfish because if I don't look after myself... no one

            • /c bureaucrat

            • According to the emails I received from Namecheap, one of the strongest organizations pushing this new policy is MarkMonitor [wikipedia.org].
              • I'm sure... and you can expect all of this to get about as bad as it can possibly get because systems that protected the internet are all being systematically removed.

                People like to diss the US for its many flaws but there are some things about us for which we have no peers.

                Our protections of free speech are one thing for which we have NO peers.

                The corporations are a different story. Look at Apple censoring the confederate flag for no reason... even on civil war games... Reddit banning subreddits that are n

  • I just bleed for the scammers and fraudsters who are going to be directly and immediately traced by this change of policy.

    As to those who are complaining about their "personal" information being made public: perhaps you'd care to explain why you don't have a business address and corporate officers for your "business"?

    Sure there are people who run their businesses out of their homes, but they should not be free of identification requirements just because they're small businesses. Any business should be

  • ICANN is full of bottom-feeding scum-sucking algae eaters.

    They don't care about policy which furthers the best interests of Internet users they only care about enriching themselves and their fellow algae eaters at the expense of Internet users everywhere.

    If you want to encourage domain owners not to lie when registering a domain the only policy available to you is offering *EVERYONE* privacy controls so there is less incentive for them to do so.

    I only see two possibilities. 1. You are up to shady shit in w

  • A corporation has the rights of an individual so I will register under the corporation's name and address and not a person's name.
    Again only small business owners get the shit end of the stick.
    Way to go ICANN, if you keep proving how irrelevant you are I may get my Christmas wish and you can all pound sand.

  • of course they do like different agencies would like to have the internet.
    ICANN should be a organization of different countries of the world, who want to create a free internet.

"The Street finds its own uses for technology." -- William Gibson

Working...