Re: [ga] scammers using whois privacy/Public Comment

[Hugh Dierker <hdierker2204@xxxxxxxxx>]

If you just take a look at the public comment forum, you will see more input here than there. Why?
  http://forum.icann.org/lists/whois-services-comments/
  e

  
2007 Jan 03     
   Public Comments on Whois Task Force November 2006 Report Rod Dixon 
06/12/08 -->  
2006 Dec 08     
   WHOIS database and Use for SCAMS Tom 
06/12/02 -->  
2006 Dec 02     
   Preliminary Task Force Report on Whois Services TLDC 
06/11/30 -->  
2006 Nov 30     
   Comments on the whois task force report Patrick Vande Walle 
06/11/29 -->  
2006 Nov 29     
   I'd prefer the OPoC proposal Markus Hanauska 
06/11/26 -->  
2006 Nov 26     
   [Fwd: A commet (third attempt to submit)] Karl Auerbach 
  
kidsearch <kidsearch@xxxxxxxxxxxxx> wrote:
  You still have not explained why it should be different online than it is 
offline. The same stalking and harrassment can happen to any business or 
property owner offline. In addition to that, there is a difference between 
running a business online and having a political blog or personal website. 
If you are going to have the ability to accept credit cards and other forms 
of payment online then you can also provide who you are.

Chris McElroy aka NameCritic
http://www.articlecontentprovider.com

----- Original Message ----- 
From: "Jeff Williams" 
To: "Roberto Gaetano" 
Cc: "'ga'" ; "icann board address" 

Sent: Thursday, January 04, 2007 2:06 AM
Subject: Re: [ga] scammers using whois privacy


> Roberto and all,
>
> No "Name and Address" of any registrant or agent for any registrant
> is needed for contact information. All that is and has ever been
> needed is a valid, reachable Email address and phone #. We, you
> and I amongst others have had this debate/discussion before in great
> detail. So again, as was determined in the Whois WG some time
> ago, requiring any registrant to provide "Name and Address" before
> any Domain name registration can be finalized or excepted is wrong.
> It is wrong as well as dangerous as some have registrants have
> experienced for a number of reasons which have been discussed
> many times. Of these reasons why "Name and Address" need not
> and should not be required by any registrant or their agent, the
> most important one has to do with the registrants personal security
> in that several reported and documented cases of stalking have
> been tracked back to criminals using Whois in order to get
> personal and private information for victims, and terrorists to
> do likewise with different motives.
>
> Secondly requiring "Name and Address" of any registrant
> OR any registrants agent, also exposes registrant to fraudulent
> legal harassment as was shown in the sex.com case for instance,
> and as such empowering less than ethical lawyers to harass
> registrants without cause and prior due process costing many
> registrants far more than they can possibly afford and need not
> have been dragged into such schemes had proper and reasonable
> privacy practices been incorporated in ICANN's Whois policy
> and contractual arrangements with registries and registrars.
>
> Roberto Gaetano wrote:
>
>> Karl Auerbach wrote:
>>
>> >
>> > And one of the curative measures that seems to constantly
>> > escape the minds of ICANN is that *before* any person should
>> > be allowed to examine whois information that person ought to
>> > be required to declare, in writing, into a permanent and
>> > public archive the following things:
>>
>> [snip]
>>
>> I have always problems with statements like "ICANN does not understand" 
>> or
>> the like.
>> Sure, some people in the ICANN Board or staff or community might be in 
>> that
>> situation, maybe others do understand but cannot change the situation,
>> others do understand, but disagree, and so on with a variety of 
>> approaches
>> and behaviours that is, IMHO, one of the richness of this environment.
>>
>> This said, I would like to state what is *not* the opinion of ICANN, or 
>> at
>> least not necessarily, but is *my* opinion.
>>
>> The matter is extremely complex and far from having one single simple
>> solution, as the exchange btw. Chris and Karl has shown. For me, the real
>> problem, besides the fact that there are different opinions and interests
>> (which is part of the given landscape, and a constraint that cannot be
>> changed), is the fact that we are trying to use the WhoIs for different
>> things, that are only loosely connected with the purpose for which the
>> system was designed.
>>
>> Karl, or anybody who has a longer experience than myself with the 
>> subject,
>> are welcome to correct me if I am wrong, but the initial purpose of the
>> WhoIs, and its importance for security and stability matters, is to be 
>> able
>> to identify an entity that can respond if there is a problem with the
>> corresponding resource (name or address). This does not imply in any way
>> identification of the owner of the resource, quite the contrary, in the 
>> vast
>> majority of the cases this is an agent with some kind of authority 
>> delegated
>> by the owner. While I agree that the ultimate responsibility stays with 
>> the
>> owner, there is no need to identify the owner in an emergency situation.
>>
>> May I use an example. Suppose I own a domain name, and suppose that I use
>> some kind of hosting services for the website. Suppose that my domain 
>> name
>> is used as a relay by a spammer or scammer for his/her activities. It 
>> would
>> not do any good to contact me, because in my ignorance of the internet
>> technology I would barely understand what they are talking about, ;et 
>> alone
>> to be able to do something to cure the problem. The fact is that, under 
>> the
>> assumptions above, I pay a provider for a service, and if anybody can
>> intervene, it is the technical staff of the provider, not me.
>>
>> This for what I understand to be the original purpose of the WhoIs. 
>> Another
>> aspect is to identify, once the emergency has been fixed by the technical
>> staff, the responsible party who has to pay for the damages, so to speak.
>> This is a completely different ball game,and although we could use the 
>> WhoIs
>> for storing this kind of information, I personally continue to fail to 
>> see
>> any reason for having this information publicly available.
>>
>> The problem raised by Chris is a legitimate, but complex one. I don't 
>> think
>> that it would be an appropriate use of the WhoIs to be a repository for
>> information that have to do with the contents of a web site. The problem 
>> of
>> being able to trust a web site is (again IMHO, not necessarily in the
>> Board's opinion) something that is related to the trade or other activity
>> performed on the web site. In simple words, there is the case of the
>> ecommerce site that claims to sell goods that will never be delivered, 
>> but
>> also the site who gives false information making believe they are an
>> important news agency, or a fake university that claims to give degrees, 
>> or
>> whatever. I am absolutely convinced that it is the trade organization 
>> that
>> should react to put measures in place as safeguards to the consumers, in
>> exactly the same way we do have brand protections, guaranteed origin 
>> marks
>> for producers, quality labels, and so on. In short, since illegal 
>> activities
>> do damage the honest traders, the community of the trade has to put in 
>> place
>> measures to protect the traders (and the consumers).
>>
>> I don't know if we are going to see certificates on websites that 
>> guarantee
>> the contents of the website from the ecommerce point of view, but I do
>> believe that bodies like the ICC should be looking at this, and that this
>> solution is more appropriate than to bend the WhoIs system to do 
>> something
>> that it was not designed to do, and also oblige the customers to do 
>> searches
>> for which they might be not technically skilled for rather than being
>> prompted with some visible sign that will give them the sufficient
>> confidence that the site can be trusted.
>>
>> Roberto
>> (in my personal capacity)
>
> Regards,
> --
> Jeffrey A. Williams
> Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
> "Obedience of the law is the greatest freedom" -
> Abraham Lincoln
>
> "Credit should go with the performance of duty and not with what is
> very often the accident of glory" - Theodore Roosevelt
>
> "If the probability be called P; the injury, L; and the burden, B;
> liability depends upon whether B is less than L multiplied by
> P: i.e., whether B is less than PL."
> United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
> ===============================================================
> Updated 1/26/04
> CSO/DIR. Internet Network Eng. SR. Eng. Network data security
> IDNS. div. of Information Network Eng. INEG. INC.
> ABA member in good standing member ID 01257402
> E-Mail jwkckid1@xxxxxxxxxxxxx
> Registered Email addr with the USPS
> Contact Number: 214-244-4827
> 



 __________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com