Re: [ga] scammers using whois privacy

[Jeff Williams <jwkckid1@xxxxxxxxxxxxx>]

Roberto and all,

  Ok, thanks for clearing these confused remarks up.

Roberto Gaetano wrote:

> Trying to answer several comments on the same subject.
>
> First, the DMV. Funny you quote this example. I used it in the ICANN meeting
> in Tunis, I believe in a reply to Steve Metalliz, arguing that the request
> for a complete and publicly available WhoIs to search for potential (or
> actual) intellectual property infringements (sp?) in domain names would be
> equivalent to ask for complete and public access to all car registration
> agencies worldwide to allow a multinational corporation to check the cars
> they own.
>
> About Jeff's observation on "name and address", when I mentioned resources
> as names and addresses, I meant Domain Names, and IP Addresses, not personal
> names and addresses. Sorry if it was confused.
>
> About the comment on Karl's proposal, I have heard this already, and I am
> not under the impression that Karl intended the data of the requestor to be
> made public, but only to be kept logged.
>
> On Chris' comment below about things being different from the early days, my
> only point was that I don't think it is a good idea to use the WhoIs for
> matters that are not related to the physical characteristics of the resource
> (domain name or IP address) to cover other aspects, like for instance the
> content of the web site.
> I agree that "ecommerce is huge and the best protection for consumers is a
> way for them to know who they are dealing with". All what I am saying is
> that the WhoIs is, IMHO, not the best way to solve this problem: I would
> argue that the solution to what is essentially a consumer protection issue
> should be provided by mechanisms that have always been used to address this
> issue in the real world, like trade certificates, quality labels, etc.
>
> Cheers,
> Roberto
>
> > -----Original Message-----
> > From: kidsearch [mailto:kidsearch@xxxxxxxxxxxxx]
> > Sent: 04 January 2007 15:41
> > To: Roberto Gaetano; 'Karl Auerbach'
> > Cc: 'Dena Whitebirch'; 'ga'
> > Subject: Re: [ga] scammers using whois privacy
> >
> > I understand the original purpose Roberto, but in the early
> > days a lot of things were not forseen. Domain names were not
> > supposed to be related to trademarks either. Dot Org was
> > supposed to be nonprofit. ICANN was supposed to elect board members.
> >
> > But all nostalgia aside, things have changed. ecommerce is
> > huge and the best protection for consumers is a way for them
> > to know who they are dealing with. Everyone keeps saying, "we
> > have spoken about this many times" as if that means it should
> > not be brought back out on the table. The way things were
> > "intended" to be on the web also has nothing to do with the
> > current situation or problems consumers face on the web.
> >
> > Chris McElroy aka NameCritic
> > http://www.articlecontentprovider.com
> >
> > ----- Original Message -----
> > From: "Roberto Gaetano" <roberto@xxxxxxxxx>
> > To: "'Karl Auerbach'" <karl@xxxxxxxxxxxx>; "'kidsearch'"
> > <kidsearch@xxxxxxxxxxxxx>
> > Cc: "'Dena Whitebirch'" <shore@xxxxxxxxxx>; "'ga'" <ga@xxxxxxxxxxxxxx>
> > Sent: Wednesday, January 03, 2007 9:30 AM
> > Subject: RE: [ga] scammers using whois privacy
> >
> >
> > > Karl Auerbach wrote:
> > >
> > >>
> > >> And one of the curative measures that seems to constantly
> > >> escape the minds of ICANN is that *before* any person should
> > >> be allowed to examine whois information that person ought to
> > >> be required to declare, in writing, into a permanent and
> > >> public archive the following things:
> > >
> > > [snip]
> > >
> > >
> > > I have always problems with statements like "ICANN does not
> > understand" or
> > > the like.
> > > Sure, some people in the ICANN Board or staff or community
> > might be in
> > > that
> > > situation, maybe others do understand but cannot change the
> > situation,
> > > others do understand, but disagree, and so on with a
> > variety of approaches
> > > and behaviours that is, IMHO, one of the richness of this
> > environment.
> > >
> > > This said, I would like to state what is *not* the opinion
> > of ICANN, or at
> > > least not necessarily, but is *my* opinion.
> > >
> > > The matter is extremely complex and far from having one
> > single simple
> > > solution, as the exchange btw. Chris and Karl has shown.
> > For me, the real
> > > problem, besides the fact that there are different opinions
> > and interests
> > > (which is part of the given landscape, and a constraint
> > that cannot be
> > > changed), is the fact that we are trying to use the WhoIs
> > for different
> > > things, that are only loosely connected with the purpose
> > for which the
> > > system was designed.
> > >
> > > Karl, or anybody who has a longer experience than myself
> > with the subject,
> > > are welcome to correct me if I am wrong, but the initial
> > purpose of the
> > > WhoIs, and its importance for security and stability
> > matters, is to be
> > > able
> > > to identify an entity that can respond if there is a
> > problem with the
> > > corresponding resource (name or address). This does not
> > imply in any way
> > > identification of the owner of the resource, quite the
> > contrary, in the
> > > vast
> > > majority of the cases this is an agent with some kind of authority
> > > delegated
> > > by the owner. While I agree that the ultimate
> > responsibility stays with
> > > the
> > > owner, there is no need to identify the owner in an
> > emergency situation.
> > >
> > > May I use an example. Suppose I own a domain name, and
> > suppose that I use
> > > some kind of hosting services for the website. Suppose that
> > my domain name
> > > is used as a relay by a spammer or scammer for his/her
> > activities. It
> > > would
> > > not do any good to contact me, because in my ignorance of
> > the internet
> > > technology I would barely understand what they are talking
> > about, ;et
> > > alone
> > > to be able to do something to cure the problem. The fact is
> > that, under
> > > the
> > > assumptions above, I pay a provider for a service, and if
> > anybody can
> > > intervene, it is the technical staff of the provider, not me.
> > >
> > > This for what I understand to be the original purpose of the WhoIs.
> > > Another
> > > aspect is to identify, once the emergency has been fixed by
> > the technical
> > > staff, the responsible party who has to pay for the
> > damages, so to speak.
> > > This is a completely different ball game,and although we
> > could use the
> > > WhoIs
> > > for storing this kind of information, I personally continue
> > to fail to see
> > > any reason for having this information publicly available.
> > >
> > > The problem raised by Chris is a legitimate, but complex
> > one. I don't
> > > think
> > > that it would be an appropriate use of the WhoIs to be a
> > repository for
> > > information that have to do with the contents of a web
> > site. The problem
> > > of
> > > being able to trust a web site is (again IMHO, not
> > necessarily in the
> > > Board's opinion) something that is related to the trade or
> > other activity
> > > performed on the web site. In simple words, there is the case of the
> > > ecommerce site that claims to sell goods that will never be
> > delivered, but
> > > also the site who gives false information making believe they are an
> > > important news agency, or a fake university that claims to
> > give degrees,
> > > or
> > > whatever. I am absolutely convinced that it is the trade
> > organization that
> > > should react to put measures in place as safeguards to the
> > consumers, in
> > > exactly the same way we do have brand protections,
> > guaranteed origin marks
> > > for producers, quality labels, and so on. In short, since illegal
> > > activities
> > > do damage the honest traders, the community of the trade
> > has to put in
> > > place
> > > measures to protect the traders (and the consumers).
> > >
> > > I don't know if we are going to see certificates on websites that
> > > guarantee
> > > the contents of the website from the ecommerce point of
> > view, but I do
> > > believe that bodies like the ICC should be looking at this,
> > and that this
> > > solution is more appropriate than to bend the WhoIs system
> > to do something
> > > that it was not designed to do, and also oblige the customers to do
> > > searches
> > > for which they might be not technically skilled for rather
> > than being
> > > prompted with some visible sign that will give them the sufficient
> > > confidence that the site can be trusted.
> > >
> > > Roberto
> > > (in my personal capacity)
> > >

--
Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 134k members/stakeholders strong!)
"Obediance of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security
IDNS. div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402
E-Mail jwkckid1@xxxxxxxxxxxxx
 Registered Email addr with the USPS
Contact Number: 214-244-4827