ICANN/DNSO
DNSO Mailling lists archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] whois.txt, ala robots.txt, as a standard ?


Hello,

Combining multiple responses, to save on posts (last of the day!)

Abel: a survey had already been conducted by the WHOIS taskforce. See:

http://www.dnso.org/dnso/notes/20011221.Whois-survey-result.doc

Also good reading for those who want to see a wide variety of views. To
take one learned comment:

"There is no logical privacy interest in a domain registration. They
should be considered equivalent to business names. If someone wants to
have a domain name, they should expect to be a part of the Internet
community when it comes to dealing with problems, and that means they
need to be reachable. Otherwise, they should contract for someone else
to manage their domain, and put their info in the WHOIS."

Couldn't have said it better myself (and, that wasn't my submission!). 

Michael: I didn't read all 83 pages (!), but note that you (and others)
still haven't presented a dollar value for the value of having your
WHOIS private. You argued in one section that folks tend to
"undervalue" (are myopic) their privacy, but that still doesn't remove
the burden to come up with a number (it need not have to be the same as
the value that marketer's place on the info, just their personal
valuation). I'm glad that you *did* mention that greater disclosure of
contact details *would* help prevent the evils associated with
anonymity. Buried in footnote 25(I do read footnotes!):

"Of course, disclosure also helps prevent evils that can hide behind
the veil of anonymity. See A. Michael Froomkin, Flood Control on the
Information Ocean: Living with Anonymity, Digital Cash, and Distributed
Databases, 15 J.L. & COM. 395, 404-07, 410-11 (1996)."

I'd argue that those evils are non-trivial, and outweigh the minor
privacy gains by not having accurate and public WHOIS.

Leah: why not answer my question about what the dollar value of having
your WHOIS data not being published? Is it a million dollars? More than
the cost of dogs? If so, why not spend the couple of dollars per year
and use Domains By Proxy or something, instead of shifting the costs to
someone else? 

Especially in an international context, as Rick Wesson alludes to,
suppose access is restricted to legal authorities, and that those
authorities are in China or Iraq or North Korea, and not in the US,
where legal standards are different. Will you then suggest that their
legitimate (in their own eyes) requests for the data be rejected, or
that they have to jump through more hoops? Or, vice-versa, suppose it's
an American authority who wants the info, but that person *claims* to
be from Vanuatu (e.g. as in the Kazaa case). What should be done there?
With transparent WHOIS, one knows immediately who is responsible
legally for a domain, unless folks want to build a new set of access
procedures (agreed upon internationally, good luck) to deal with the
aforementioned issues.

--- Richard Henderson <richardhenderson@ntlworld.com> wrote:
> I fully agree with Leah. Unless you've been stalked you've no idea
> the
> effect it has on you and on your family. The WHOIS exposes families
> to
> wholly unwarranted dangers. If people want to disclose their private

While one sympathizes with those who've been stalked, there are more
than adequate procedures to deal with the problem under the status quo.
One could opt not to buy a domain name (one can publish on the web
using Geocities, and a Yahoo email address, for example). Or, one can
use Domains by Proxy, or similar services. If that privacy is so
important and highly valued, it's a no brainer, and cheaper than a home
security system. As Michael wrote, "disclosure also helps prevent evils
that can hide behind the veil of anonymity". Why should others have to
suffer those evils? 

And Richard, without the public WHOIS, how would you have detected the
major abuse that happened in the Sunrise/landrushes for the new gTLDs?
:) It would have been harder, and cost you more, and there would have
been even *more* abuse as a result, had folks known going in that their
WHOIS would have been completely private.

Before I have to resort to issuing another "Cookie Challenge", can
someone please tell me what their dollar value is on that privacy? :)
It's evading the question to say as Leah did that:

"BTW, the cost is not necessarily in dollars.  It is in lives and 
personal security.  That outweighs the dollar consideration by far."

That's very naive, otherwise by that logic every car would cost
$200,000 and come with 50 airbags. Folks make decisions and compromises
every day, to balance the costs and benefits, just as policy makers
will. If one's personal security is "priceless", it's certainly worth
more than $18, or whatever the minimal cost of Domains by Proxy is. Why
aren't folks using that solution? It also ignores completely the lives
and personal security of those put at risk due to the "evils of
anonymity".

Sincerely,

George Kirikos
http://www.kirikos.com/
--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>