Re: [ga] A story about Whois and privacy

[elliot noss <enoss@tucows.com>]

There is much that is factual in what you say. I do want to add that 
there are THOUSANDS of ISPs and web hosting companies who manage the 
whois information and shield individuals from the public exposure AND 
the intricacies of managing the process as a standard business practice 
and have done so for many many years.

On Sunday, May 18, 2003, at 05:33 AM, Richard Henderson wrote:

> As Leah and I have pointed out (separately) several times on this 
> list, the
> public disclosure of personal details in the WHOIS can endanger life 
> and
> intimidate people.
>
> Anyone who has, for example, been seriously stalked will know the fear 
> and
> heart-wrenching pressure you can be exposed to, and I think it is 
> wholly
> unacceptable to have any policy which insists on publication of 
> personal
> details.
>
> As a result of a determined female stalker with a psychiatric history 
> and
> obsessive personality, my family and I moved home and have had an
> ex-directory telephone number for 9 years. The one chink in this 
> armour is
> the existence of our details on WHOIS files, which leaves me feeling 
> exposed
> (though I have formed a judgement that the person in question is 
> unlikely to
> be computer literate).
>
> Other people may be less lucky.
>
> I know there are some registrars who will mask your details for you, 
> and I
> think that is absolutely necessary. I believe that WHOIS details 
> (perhaps
> apart from e-mail address) should be kept private, retained only on a 
> secure
> list, where people can obtain the details only on the basis of a court
> order. If people wish to disclose their personal details on the WHOIS 
> files,
> fine. But what is not acceptable is that people's right to privacy (and
> right to safety) should be jeopardised.
>
> If someone abuses their domain name rights (eg by perpetrating fraud or
> misrepresentation to the financial harm of others) of course the 
> injured
> parties should have legal recourse and police should be allowed legal 
> access
> to details if a judge agrees.
>
> But most domain name registrants are just going about their daily lives
> legally and decently. Their details should not be published on the 
> WHOIS
> files unless they want them to be.
>
> Sincerely,
>
> Richard Henderson
>
>
>
> ----- Original Message -----
> From: Vittorio Bertola <vb@bertola.eu.org>
> To: <ga@dnso.org>
> Sent: Sunday, May 18, 2003 11:17 AM
> Subject: [ga] A story about Whois and privacy
>
>
>> A few days ago, I was watching one of my favourite TV shows here in
>> Italy, and they were showing the following story.
>>
>> Some people had told the journalists of the show about a very peculiar
>> online cheat: they had found a .com site advertising sex nights with
>> very beautiful women (photos included) at the cost of several hundred
>> Euros (even thousands in some cases). By calling the telephone numbers
>> found on the site, they were told that they would have to pay in
>> advance half of the money to get the "date". Money had to be paid to a
>> given person and postal address through the payment system of the
>> Post. But of course, when the people paid they never got anything back
>> - the postal address on the payment bill was fake and by calling back
>> the website owners they were only getting mocked. (And you can imagine
>> that these "customers" weren't eager to go to the police to tell the
>> whole story.)
>>
>> However, the journalist tried a WHOIS search on the domain, and he
>> found the same name as on the payment bills - but this time with the
>> real address! Thanks to WHOIS, he was able to get back to the owner of
>> the domain. But to his surprise, he discovered that the owner was a
>> mentally handicapped person living on minimal State subsidies. In the
>> end, it came out that the true inventors of the fraud had exploited
>> this person, convinced him to let them have his personal documents,
>> and used these documents to register the domain and to collect the
>> money at the Post office. The police was finally called and these
>> people were caught.
>>
>> Now, apart from any judgement on suppliers and customers of this
>> peculiar form of e-commerce, and giving for granted that everything
>> was true and reported precisely, you may take different conclusions
>> from this story.
>>
>> It is true that the people were found thanks to WHOIS, and that for
>> the "customers" it could have been the only way to get back to the
>> people behind the service. But it is also true that the police would
>> have been able to do the same in a minute even without public WHOIS
>> (either by a private access to WHOIS data, or by tracking down
>> telephone numbers, or by looking for the name of the person). And what
>> if, rather than by a journalist, the WHOIS search had been made by an
>> angry customer? He could have ended chasing up or menacing the wrong
>> person.
>>
>> So, personally, I take it as an indication that cases of "identity
>> theft" are getting more and more common, and that some action should
>> be taken; and that there should be a quick way to get back to domain
>> owners in case of crimes, but it should not be accessible to everyone
>> without control.
>> --
>> vb.                  [Vittorio Bertola - vb [at] bertola.eu.org]<---
>> -------------------> http://bertola.eu.org/ <-----------------------
>> --
>> This message was passed to you via the ga@dnso.org list.
>> Send mail to majordomo@dnso.org to unsubscribe
>> ("unsubscribe ga" in the body of the message).
>> Archives at http://www.dnso.org/archives.html
>>
>
> --
> This message was passed to you via the ga@dnso.org list.
> Send mail to majordomo@dnso.org to unsubscribe
> ("unsubscribe ga" in the body of the message).
> Archives at http://www.dnso.org/archives.html
>

--
This message was passed to you via the ga@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html