[comments-whois] Forwarding of comments to list
Dear Mr. Nunn
Thank you for your comments. All comments which I receive or any Task Force
member receives, will be forwarded to the public comment site, so that they
are available to the full Task Force, and other interested parties. May I
request your permission to do so? Or, if you prefer, it would be simplier if
you posted directly.
We are just at the beginning of the open comment period. I hope you will
monitor the comments on the dnso site and perhaps contribute further.
You can find the comments site at firstname.lastname@example.org.
Marilyn Cade,Co-chair, WHOIS Task force
cc: Antonio Harris, Co-chair
>From: "Jefferson Nunn" <Jefferson@isgca.com>
>Subject: FW: Serious Privacy Issue with WhoIS and Valid Phone Numbers
>Date: Thu, 17 Oct 2002 10:02:26 -0700
>Please read through the email thread below. My original email is on the
>bottom. Mary's reply is above.
>For the same reasons that I would not want to provide a home number, I
>would not want to provide a work number. Additionally, why should I have to
>pay $40 a month for a voicemailbox when I shouldn't have to provide a phone
>number at all. Now, I will have an additional activity that I would have to
>perform every day to delete all the voicemails from harassers to avoid the
>"your voicemailbox is full" and again be at risk for a $500(!) fine.
>There seems to be an absence of consideration given to private domains.
>Domains like http://www.thomassmith.com and just private individuals that
>want to share basic information between themselves.
>As far as the argument of saying, "just allow your third party
>provide their contact details". Why should a Third Party Registrar be at
>risk for similar activities? Why can't an email and an physical address
>suffice? Email is a far more reliable and documentable activity for the
>purposes of notifications regarding whois and domain registration than
>phone numbers. Phone calls can't be proof-enough for notification even in a
>court of law. If you tape the conversation, you may violate wiretapping
>In any case, again, I believe there is a serious lack of consideration
>foresight given to the topic of the requirement of private individual
>domain holders to provide valid working telephone numbers.
> -----Original Message-----
> From: Mary Hewitt [mailto:email@example.com]
> Sent: Wed 10/16/2002 4:37 PM
> To: Jefferson Nunn
> Subject: RE: Serious Privacy Issue with WhoIS and Valid Phone Numbers
> As we discussed briefly on the phone, there are alternatives. For
>instance, you can provide a work number, or voicemail, etc.
> This issue is being looked at by the Domain Name Supporting Organization
>headed up by Marilyn Cade. You may want to forward her your email and
>providing her feedback on the Whois issue. Her email address is Marilyn
> below is an update as to what is happening regarding the issue from a
>Washington Internet Daily publication:
> The Names Council WHOIS Task Force is seeking comments on its interim
>report on how to improve the accuracy and ease of use of the WHOIS database. The
>interim report, which can be found at www.dnso.org, contains several recommendations: (1) Better
>enforcement of global top-level domain (gTLD) registry contracts could improve accuracy of WHOIS data
>without incurring significant additional costs, although some task force members believed some
>enforcement actions could come with costs. (2) Graduated sanctions for erroneous WHOIS data would have a $250
>fine after notice of noncompliance, which would escalate to $500, then $1,000 in 30-day
>increments if action still wasn’t taken to correct the listing. A 5-day suspension of registration rights would
>follow, leading to removal of accreditation if no remedies were undertaken. The task force is seeking comment on the
>possible effectiveness of that graduated approach. (3) Several methods to improve search
>capabilities were proposed. (4) The task force said 89% of respondents said WHOIS information shouldn’t be
>disseminated for marketing purposes unless the registrant opted in. Any comments filed by Oct. 22 will be
>taken into account at the ICANN meeting in Shanghai, the report said, and comments will be accepted until
>Nov. 8 at firstname.lastname@example.org. A final report will be ready in early Dec. for consideration by the ICANN
>board, the task force said.
> Please let me know if you have any other questions.
> Best regards,
> Mary Hewitt
> Director of Communications
> 4676 Admiralty Way #330
> Marina del Rey, CA 90292
> -----Original Message-----
> From: Jefferson Nunn [mailto:Jefferson@isgca.com]
> Sent: Wednesday, October 16, 2002 3:47 PM
> To: email@example.com
> Subject: FW: Serious Privacy Issue with WhoIS and Valid Phone Numbers
> Importance: High
> Thanks for the call. Attached is the email I sent previously. Any help
>would be greatly appreciated.
> -----Original Message-----
> From: Jefferson Nunn
> Sent: Wed 10/16/2002 3:21 PM
> To: 'firstname.lastname@example.org'
> Cc: 'email@example.com'
> Subject: Serious Privacy Issue with WhoIS and Valid Phone
> Mr. Lynn,
> I am writing to you out of concern regarding the issue of
>placing valid phone numbers on privately-held domain records. Presently, I hold the
>domain of Mindragon.com. I first submitted an email about this issue last
>week and I have not heard anything back, so I am resubmitting the request.
> In case you are unaware, there is a serious electronic war
>presently being waged using the internet. Spammers, Hackers and Vigilantes
>are in abundance on the internet causing threats to privacy, freedom of
>speech and our way of life. I recently wrote an article condemning the
>violent actions of SPEWS.org and its’ affiliates. These people look for
>any information that they can obtain and will use it against you in
>whatever fashion in order to seek retribution for what they feel is a
>threat to them. Shortly after I wrote that article, my spam count rose from
>2-3 per week to 100 to 200 per day. In addition, I received approximately
>30 to 40 new articles of mail per week that could be classified as spam.
>Truly, these people do not have any regard for personal privacy or personal
>freedoms as they supposedly campaign to rid our world of spammers by
>destroying companies and causing tens of millions of dollars in damages.
> On a similar note, I am surprised that ICANN would choose to
>force its’ registrars to enforce the policy of providing a valid phone number
>through which someone can be personally located. Think about this for a
>would you expect to dial 1-800-bill-gates and reach him personally?
> In fact, ICANN does not enforce this policy at all for its’
>own members. ALEJANDRO PISANTY is listed at
> http://www.icann.org/biog/pisanty.htm as having an email address that
> points to firstname.lastname@example.org. Unam.mx according to www.allwhois.com
<http://www.allwhois.com/> doesn’t have a valid phone number, email
>address, physical address or even an expiration date. He is just one
>person. I found four such listings without even trying on ICANN.org’s
> I can understand why aol.com should list a valid phone number
>and wouldn’t mind listing 703-265-4670. Not that you will reach an actual
>human at that phone number, but it is an AOL phone number.
> I cannot understand why a Private Individual, such as myself,
>that is listing a domain that is a Private Website domain is required to list a
>valid phone number that would then subject myself to:
> 1) Telephone Harassment
> a. If you file a complaint with the police, you’d be lucky
>to have the harasser stop. More than likely, they’ll just switch
>phone numbers and continue to harass you.
> 2) Telemarketing Harassment
> a. Supposedly, California is passing a law against this. But
>still, not every state has a law stopping this time-wasting activity
> 3) Wiretapping (land-lines)
> a. Land-lines can be tapped relatively easily. Any spy shop
>has the equipment required to do it. Takes just seconds and you can
>listen to lots of private information. Yeah, it’s illegal, but first you gotta
>know that it is happening. Most people never know.
> 4) Wiretapping (cell)
> a. They have kits that are available on the black market to
>tap into digital cell phone communications. So, that isn’t secure either.
> It’s one thing to request addresses and email addresses.
>Emails can’t hurt. One can use virus protection, firewalls and tools like
>ad-aware to ensure that the machine is secure. Emails can even be encrypted
>for total security. Spam filters are coming online so that spams will be
>all but eliminated. Snail Mails can go to a Post Office box. If any armed
>bandits show up there, the police can and will be called. So, physical
>addresses can be made secure. Telephones aren’t in the same boat.
>Wiretaps can be made such that people never know that it is happening. And
>lots of private communications go over these wiretaps. So your system,
>presently, condones the activity of Privacy Violations and Identity Theft.
>This is why I placed the number to the local police department. I can
>actually be reached through there, although, it's a bit of a convoluted
> Now, I find it ironic that registrars are not required to
>check every single domain to ensure that all phone numbers are valid. It’s
>almost tempting to write a routine that sucks down every single domain and
>check every single phone number for validity and auto-submit a complaint to
>ICANN’s complaint system. This is a valid process that conforms to your
>own rules. Any Internet User can request WhoIS information without any
>penalties. Any citizen can place a phone call. Any internet user can submit
>a complaint to ICANN. I’m sure if such a routine were enacted, I would
>shortly receive a letter from your attorney requesting that I stop
>bombarding you with these requests. At that point, I would simply point to
>your so-called â€œregulationsâ€ and state that I am following the rules by
>submitting complaints about invalid whois information. However, just like
>your request to me, this process doesn’t make a damn bit of sense!
> Therefore, I humbly request that this policy be reconsidered
>in light of present day events and factors that the people writing the
>policies may have been clueless about in 1992. It certainly was a different
> Jefferson Nunn
> Chief Information Officer
> Internet Solution Group, Inc.
> 2535 Townsgate Road
> Suite 310
> Westlake Village, CA 91361
> Tel: (805) 446-2222 x 129
> Cel: (805) 750-8700