ICANN Paris - The great WHOIS debate
(2 votes, average: 4.5 out of 5)
Loading ...The issue that ICANN community process has been least able to tackle is that of access vs privacy in the WHOIS databases of Generic Top Level Domains (gTLDs). On the one side you have registrants, both individuals and organisations who want to maintain privacy for some very sound reasons. If you ran a web site offering abortion advice from a country where that was illegal then you would register in a gTLD, not the local country code and also want some degree of protection of your identity.
On the other side you have law enforcement who regard WHOIS, quite genuinely, as a very important tool in fighting online crime. Obviously that means that either there are a lot of dumb criminals who use their real identities to register domains or, more charitably perhaps, the protections in place to stop fake registration data do actually work.
This side is joined by the formidable Intellectual Property Community for whom domains names and the Internet are a huge problem of detection and enforcement. They, like law enforcement, want free and unfettered access to all WHOIS data.
Stalemate
The current position at ICANN is stalemate. Views are becoming so entrenched that the most recent discussion was on whether or not to commission more research into the problem, with some groups saying quite vehemently that enough research had been done over the years so no more was needed!
Jurisdiction
If we just concentrate on the issue of access for law enforcement you should hopefully understand just how complex and potentially intractable this problem is.
In the UK our policy is pretty straightforward. If you are a UK law enforcement agency and you ask for the data then we give it, even if the registrant has opted for privacy in the WHOIS. If you are a law enforcement agency outside of the UK then you must contact one inside the UK and ask them to ask us. So we deal exclusively with law enforcement agencies in our local jurisdiction.
In the gTLDs however the problem is much more complex. Let’s say PIR were to adopt the same policy and only deal with US agencies, since that is where they are based. Can you really imagine other countries being happy at asking US law enforcement agencies for data from what is supposedly a global domain name? Can you even imagine Iranian or Cuban law enforcement agencies asking or receiving an answer?
So this is altogether a global problem, in a world where mechanisms for establishing credentials over long distances are, at best, informal.
This is why one camp just wants it freely accessible, without limits and with all the data in it checked regularly. That way their access problem is simplified. Of course those who care about privacy would never agree to that.
September 22nd, 2008 at 9:43 pm
the rules described above ignore a more important point. There are names out there that could be used by legitimate businesses who need the name to fulfil a good brand idea. Right now, someone can buy and thereby remove from the market a .co.uk domain name for as little as £2.50/year and effectively block out a great idea or business from the world. At least, if they are obliged to publish their address, you can contact them and make them an offer. Without contact details the market is stifled and the growth of business in the uk restricted.