[gnso-rds-pdp-wg] Dangers of public whois

Gomes, Chuck cgomes at verisign.com
Sat Feb 18 00:58:23 UTC 2017 

Well said Theo.

Chuck

-----Original Message-----
From: gnso-rds-pdp-wg-bounces at icann.org [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of theo geurts
Sent: Friday, February 17, 2017 4:10 PM
To: gnso-rds-pdp-wg at icann.org; marksv at microsoft.com
Subject: [EXTERNAL] Re: [gnso-rds-pdp-wg] Dangers of public whois

Mark,

Thank you for your comment. I think you are nailing the problem here; this is very good IMO.

"and the need to mitigate them does not eliminate the need to have public data."

This is the issue here. That data should have never been public if we look at the EU GDPR and many other data privacy laws around the globe, and this is what causes Registries and Registrars having massive problems regarding complying with the law.

So we with the RDS we are starting from scratch. So and I think this is KEY here, how do we ensure privacy and yet make sure we can still effectively combat abuse.

Speaking personally, I think privacy is very important, and I do not like the fact my personal data is being processed all over the place by shady folks.
As a Registrar, I find it very important that we should not go backward in fighting abuse. For the simple reason, abuse costs us money, and we should never be in a situation that it becomes harder to battle child porn, or taking down terrorists, or sinkhole botnets.

So what we cannot do is ignore all these privacy laws. That would be insane as we would be piling up in tons of fines here.
We do not want to reduce effectiveness regarding abuse because that is costing money also. And to be clear here, the registrants will be soaking it all up one way or another.

So my take on this is, we make sure that we move on and address BOTH issues and this is our task as a WG. Our task is to solve these problems as we start from scratch with RDS. We learned our lessons from the current WHOIS, now we need to make sure that we can avoid all these pitfalls within RDS.

Thank you for making it this far.

Have a good weekend,

Theo
Registrar


On 17-2-2017 18:27, Mark Svancarek via gnso-rds-pdp-wg wrote:
> Spam and DDOS will always be with us, and the need to mitigate them does not eliminate the need to have public data.  It seems orthogonal to me.
>
>
>
> -----Original Message-----
> From: gnso-rds-pdp-wg-bounces at icann.org
> [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of
> benny at nordreg.se
> Sent: Friday, February 17, 2017 8:25 AM
> To: RDS PDP WG <gnso-rds-pdp-wg at icann.org>
> Subject: Re: [gnso-rds-pdp-wg] Dangers of public whois
>
> Another post about the problems with public whois
>
> How anyone here can still defend this abuse of info as a the best system I have serious problems understanding.
>
> http://domainnamewire.com/2017/02/16/control-block-sms-spam-robocallin
> g-based-whois-info/
>
>
> --
> Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
>
> Benny Samuelsen
> Registry Manager - Domainexpert
>
> Nordreg AB - ICANN accredited registrar
> IANA-ID: 638
> Phone: +46.42197080
> Direct: +47.32260201
> Mobile: +47.40410200
>
>> On 17 Feb 2017, at 14:55, Michele Neylon - Blacknight <michele at blacknight.com> wrote:
>>
>> Allison
>>
>> As others have said, if you have an issue please report it to ICANN,
>> law enforcement, consumer protection etc., Some of us take our obligations very seriously and lumping all registrars and providers into one big bucket isn’t very helpful for constructive dialogue.
>> We get a number of whois complaints from ICANN every year and we investigate each and every one of them. In some cases it’s very obvious that the details provided are bogus, but in others it’s not and we have to spend time energy and effort going back and forth with our client and ICANN to resolve it. Sometimes this leads to domains being suspended or deleted, sometimes the whois gets updated, sometimes the complaint is denied. But each complaint is handled on its merits.
>>
>> We also have a whois privacy service. It is NOT a fake address. You can check it in the Irish company office:
>> https://search.cro.ie/company/CompanyDetails.aspx?id=480317&type=C
>>
>> Now you may not like that people and organisations choose to obfuscate their contact details via services like that one, but that’s a different issue entirely. I also personally have correspondence addresses in the US, mainland UK and a couple in Northern Ireland. I don’t live at any of them, but you can send me physical mail and I will get it. You could argue that the address is “fake”, but as I can get mail to it I’d suspect that in many cases it’d be considered valid.
>>
>> Regards
>>
>> Michele
>>
>> --
>> Mr Michele Neylon
>> Blacknight Solutions
>> Hosting, Colocation & Domains
>> https://www.blacknight.com/
>> http://blacknight.blog/
>> Intl. +353 (0) 59  9183072
>> Direct Dial: +353 (0)59 9183090
>> Personal blog: https://michele.blog/
>> Some thoughts: https://ceo.hosting/
>> -------------------------------
>> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business
>> Park,Sleaty
>> Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

More information about the gnso-rds-pdp-wg mailing list