Neil, first off, thank you for your tireless efforts.
That may not be said enough
Now that it is said…
The very same a-holes you are combatting are empowered by the data that is being campained for. For every domain I register without privacy, I receive some form of harrasment. These harrasments come in many forms, by email, post, and telephone, and range from nuissance solicitations of commercial offers to perform web design or hosting all the way to fraudulent lawsuit theats alleging to be from the IRS by robo-dialers.
These coincide exactly with accurate whois information being provided as the vector used by the peers and marketers, because I have tested this by alternating the email address and phone number and address used with registration to those that I set up specifically for a registration.
While I applaud your work in "cleaning up the streets", if we better enable those who offend or enrich a higher volume of crap in order to aid you, this will only serve to compound the very problem you seek to solve, and worsen the experience of many for the sake of the few.
I suspect LEA have better than good access to the data you seek. Perhaps to the degree which your efforts might be aligned, perhaps it might be prudent to collaborate more closely with them.
Link | Posted on Apr 29, 2017 12:18 PM PDT by Jothan Frakes
I hope that nobody involved in this exchange of words remains under any delusion that there is an actual conversation going on here. This disagreement has been going on for longer than this website, and the parties on each side should simply acknowledge that they are ideological enemies with incompatible belief systems. You can cheer if the powers that be make arbitrary decisions of which you approve, per Neil, or piss and moan if they don't, but I doubt that anyone with the actual authority to make such decisions cares about any of the principles being debated here, or what any of us think.
In other words, to the limited extent that this tedious exchange of words is not simply tub-thumping, it's basically futile anyhow. You can tub-thump if you want to, of course, but don't mistake your activity for productive debate or effective political agitation.
Link | Posted on Apr 28, 2017 7:13 PM PDT by The Famous Brett Watson
I believe that domain name registration information is private and must be kept that way.
Those who want to play as if they were law enforcement must follow the same rules that law enforcement is supposed to follow: Before they can access private information they must do several things:
1. Identify themselves to the data subject so that, unlike Joseph K in "The Trial" the data subject, and the public, will know who is looking.
2. Make a concrete accusation of why the accused person and domain name are in violation of a specific law.
3. Produce concrete evidence to support #2, above, to a degree that creates "probable cause" that the accusation is, in fact, true.
4. A third, disinterested, party looks at the accusation and evidence and makes a ruling whether it is adequate to proceed.
5. Notice is given to the accused and an opportunity is given to rebut the accusation.
6. Take only materials related to that accusation, and make a log of what is taken.
5. Disclose that information only those working on that matter and destroying that information when the matter is closed.
I would go further and suggest that this ability to even ask to open domain name registration records be restricted only to bonded licensed persons who will lose that bond and license should they abuse their powers. Moreover, at the end of every year there should be a public journal of their actions so that the public may see who apparently acting in ways that might suggest abuse of authority.
I also recommend that those who go forth on white horses to attack putative ill doers of the domain name space read two books - "The Oxbow Incident" and "Don Quixote"
Link | Posted on Apr 28, 2017 10:08 AM PDT by Karl Auerbach
So you claim:
"I work every working hour of the day to protect literally hundreds of millions of users from privacy violating spam, phish, malware, and support scams."
Good for you, but have you ever stopped and though about where those criminals got the data of their victims? Some of that data comes directly from whois.
Link | Posted on Apr 28, 2017 2:35 AM PDT by Volker Greimann
You are basically saying that because there is some good coming from public whois, because it helps some private vigilantes to carry out their investigations more easily, it is absolutely fine to violate the privacy rights of millions of registrants who would rather not have their private data plastered across the internet, harvested by anyone for whatever purpose, be spammed by domain slammers or worse, have their legal right to privacy violated?
It is OK to put contracted parties in a position where they knowingly would have to violate applicable law and face extremely high penalties (coming soon)just to facilitate the hunt for a few criminals?
Sorry, or rather not sorry, but no! Public whois must go!
Link | Posted on Apr 28, 2017 2:28 AM PDT by Volker Greimann
My mother already knows what I do and she is very proud of it. She was the one who taught me never to give out my name and address without knowing who they were going to and how they would be used. She was the one who taught me about the persecution of people who share unpopular ideas, even if those ideas are valid, even if those ideas change and help the world.
I have since gone on to work with noncommercial organizations worldwide, including political dissidents, religious minorities, ethnic minority organizations and groups who work on unpopular but critical sexual, gender and political issues lead to threats against them. My family and friends support fervently the effort to protect Free Speech and Free Expression, and the right of people to share unpopular ideas (including in the DNS) without sacrificing their lives or their families' freedom.
What you forget is that the right of anonymous political speech is protected under the First Amendment (check the Bill of Rights at the National Archives, which my sister proudly helps run). Just 22 years ago, the US Supreme Court clearly proclaimed: ""Anonymous pamphlets, leaflets, brochures and even books have played an important role in the progress of mankind." Talley v. California, 362 U.S. 60, 64 (1960). Great works of literature have frequently been produced by authors writing under assumed names. [n.4] Despite readers' curiosity and the public's interest in identifying the creator of a work of art, an author generally is free to decide whether or not to disclose her true identity. The decision in favor of anonymity may be motivated by fear of economic or official retaliation, by concern about social ostracism, or merely by a desire to preserve as much of one's privacy as possible. Whatever the motivation may be, at least in the field of literary endeavor, the interest in having anonymous works enter the marketplace of ideas unquestionably outweighs any public interest in requiring disclosure as a condition of entry. [n.5] Accordingly, an author's decision to remain anonymous, like other decisions concerning omissions or additions to the content of a publication, is an aspect of the freedom of speech protected by the First Amendment." McIntyre v. Ohio Elections Comm'n, 514 U.S. 334 (1995).
Even if we can't have anonymity, we can have and maintain privacy. Since your organization is based in the US, your might want to tell "your Mom, family and your friends" that you don't really believe in the First Amendment. But for my family and community, we celebrate Free Speech and Free Expression with the protection of not having to put our name and address on every potentially unpopular statement - it is a right and a protection we proudly defend.
Link | Posted on Apr 27, 2017 12:46 PM PDT by Kathy Kleiman
I have to agree with the above, and I'd go one step further: WHOIS information is not and should not be private. Ever.
In law there's a separation between a person and a business. Even if that business is a sole proprietorship and pretty much equivalent to the person, it's still considered different from the person under the law. As a person I have a right to keep my information private. The business, however, affects the public and is public and the law says the public has a right to know who's legally responsible for what the business does so they can hold the business legally responsible when needed. No matter what contortions I go through, I can't use my right to privacy as an individual to mask from the public who's legally responsible for my business. If I operate a car, even as an individual I can't keep my identity as the owner of that car private. It's on file with the DMV, I'm legally required to disclose it as part of registering the car. If my car then causes an accident, the victims can find out who's legally responsible for the damage the car caused and I can't hide from them. A domain should be no different. When you set up a domain you step into a realm where what you do affects the rest of the Internet. You are no longer just a private individual, you now have another hat to wear as the entity responsible for a domain and what it does.
You're worried about being spammed? Welcome to the real world, bucko. You think business owners don't get lots of annoying mail? Hah. That's one of the things that comes with operating a public entity. I've figured out how to deal with it over the years, literally millions of other people have, you can too. You're worried about your address being public? Suck it up, buttercup, your address is probably already public and published in the phone book. If it's a major problem, get a post-office box and use that as your snail-mail contact point. Phone number? There's too many VoIP options you can use to weed out the telemarketers and scammers, and again this is something anybody operating a public entity's had to deal with for decades. And think about all of those problems and where they come from. That's right, domains and networks that conceal the identity of those legally responsible for what those domains and networks do. If they couldn't conceal that from the public, you wouldn't have the problems you're trying to complain about.
I've been operating a domain with my contact information public for 17 years now. Don't tell me it can't be feasibly done. And don't tell me it's too technical either. For crying out loud we're close to finishing the second decade of the 21st century, basic technical skills should be as common now as the ability to do basic car maintenance (change the oil, replace a flat tire) was when I was growing up.
Link | Posted on Apr 27, 2017 11:01 AM PDT by Todd Knarr
Correction made. Thank you.
Link | Posted on Apr 26, 2017 1:03 PM PDT by Ali Farshchian
Unless the deal was lightly burnt…
Link | Posted on Apr 26, 2017 12:30 PM PDT by Chip Marshall
The CRTC's decision gets several fundamental things entirely correct: the relative roles of creators, consumers, carriers and the regulator. The relationship of the creator and the content provider to the consumer is not to be interfered with by the carrier, and the regulator exists to maintain that non-interference. This decision is infused with Internet-centric thinking. This completes a revolution in the CRTC's thinking about the Internet.
Chairman, Internet Society, Canada Chapter
Link | Posted on Apr 25, 2017 8:54 AM PDT by Timothy Denton
The problem I have with your position is that it ignores the implications of the last-mile providers (largely telecomm and cable companies) imposing their own regulations on the Internet. Right now if I want to offer a service over the Internet, the biggest threat I face is the last-mile providers imposing a rule saying I have to pay them or they won't carry packets for my service. That's a problem because the people accessing my service are those same last-mile provider's own customers who're paying the last-mile provider to provide them access to, among the vast array of services we call the Internet, my service. The point of Network Neutrality is to say that, just as the FCC didn't impose regulations on Internet services, those last-mile providers should also not impose regulations on them unless absolutely necessary for reliable network operation and applied even-handedly. As far as end users (which includes people providing Internet services) are concerned rules the last-mile providers impose are regulations, you have the choice of abiding by them or losing Internet access in an environment where (in the US anyway) the possibly one viable alternative imposes the same rules. The effect is indistinguishable, from an end-user standpoint, from a government regulation stating the same rule.
The whole "network management" argument the last-mile providers talk about is a smokescreen in more ways than one. Firstly, they've admitted that congestion control isn't an issue. Secondly, the proposals for network neutrality specifically allow for control of traffic that causes problems for the network. The problem the last-mile providers have is that the proposals say they have to manage all such traffic equally, regardless of source. So, for instance, if they say streaming video's taking too much bandwidth and impacting customers, they can throttle streaming video as much as they want as long as they throttle all streaming video from all services in the same way. They don't want to do that, they want to throttle only those streaming video services that either don't belong to them or don't pay extra for the privilege of being delivered, which means that streaming video itself isn't causing an impact on their customers else why would only some streaming video need throttling?
I'd also note that the last-mile providers themselves forced the reclassification of Internet access as a telecommunications service. The FCC tried to regulate them as data service providers, and the last-mile providers successfully (and IMO correctly) argued that that wasn't allowed. So the FCC went back to their legal authority to classify Internet access as either a telecommunications or a data service, classified it as a telecommunications service and applied the regulations with stipulations that limited what regulations would be imposed and how.
Given the current make-up of the FCC commissioners I suspect you'll win, but make no mistake your argument isn't for preventing regulation, it's 100% for allowing any and all regulation by fiat by private entities not answerable to anyone. Nobody's going to thank you for that. Not even the incumbent last-mile providers, although it'll take them a while to realize it.
Link | Posted on Apr 24, 2017 5:25 PM PDT by Todd Knarr
Consider this: nearly five billion prescriptions have been filled every year in the U.S., and two percent have been mistakes.
It may not sound like much, but that means millions of patients get the wrong pills from US based pharmacies, many of which are approved by legitscript.com
Link | Posted on Apr 21, 2017 2:48 AM PDT by Mahesh Landage
AS per media reports (http://timesofindia.indiatimes.com/india/india-got-only-7-of-50-global-cancer-drugs-in-5-years/articleshow/58087833.cms) Indian cancer patients got only 7 of 50 new drugs launched by big pharma in last 5 years. What are the options for them? As per Indian Drug law Indian consumer can legally import unapproved drug for personal consumption from abroad if the drug is not launched in India. However as per twisted logic of legitscript and big phrma, the needy patient will be blocked from these internet pharmacies in western world because LegitScript logic says .pharmacy can't dispense to foreign patients. .pharmacy will add to more deaths in developing countries because it is created to create monopolistic closed markets for safeguarding commercial interested of some influential entities. Very unfortunate.
Link | Posted on Apr 21, 2017 2:20 AM PDT by Mahesh Landage
The point that "state actors are often willing to compromise cyber issues for other geopolitical gains" seems noteworthy.
The public international law relating to global networks has remained well established since 1850. State sovereignty over electronic communications only evolves around the edges. The related treaty instruments are good examples. Abe Sofaer with Lukasik in the mid 1990s attempted to evolve the State actor situation in the Stanford CRISP project.
Multiple China entities have invested enormous resources over the past decade in substantive international cooperation in this sector - in fact, more so than any other country. That investment will begin to demonstrate its value as we now evolve away from legacy internet notions to next generation NFV-SDN, 5G, and IoT based infrastructures. The real danger is the Trump Administration and its hostility toward multilateral cooperation, but his first 100 debacle days seem to have demonstrated that the Trump emperor has no clothes, but capable of compromising on rhetoric for geopolitical gains.
Link | Posted on Apr 18, 2017 7:15 AM PDT by Anthony Rutkowski
I believe that the IETF serves an important role, and I believe that the RFCs that form the mesh of the agreed ways of doing things are a fundamentally valuable contribution.
I am not critical of the IETF. I do not believe that the IETF is approaching sunset.
I do notice that there is a disconnect between the global developer / engineer community, and I get asked frequently why there is not a 'developer stakeholder group' at ICANN.
The response I get when I ask the question is that it does exist and it is the IETF. I disagree on that point. More needs to be done to aid the mistaken assumption that IETF = global developers.
I really don't want to see the IETF cease to be.
Link | Posted on Apr 14, 2017 5:23 PM PDT by Jothan Frakes