SoylentNews is people
SoylentNews
The US government has waded into the omni-shambles that is the internet infrastructure industry's failed effort to comply with European privacy laws.
Having tried to use its behind-the-scenes influence at a recent meeting of DNS overseer ICANN to drive decisions, the Department of Commerce's frustration had led to it going public with a letter to ICANN [PDF] in which it pressures the organization to investigate the world's largest registrar GoDaddy for limiting access to its "Whois" service.
In preparation for the May 25 deadline of Europe's General Data Protection Regulation (GDPR), and in light of the utter failure of ICANN to come up with a way to make the Whois service compliant with that law, GoDaddy has started hiding personal contact details for the 50 million+ domain names it looks after and has begun throttling access to its Whois service.
That would appear to be a commonsense response to a law that can see the company fined millions of dollars for failing to keep personal details private. But it earned the ire of several companies that make a living from accessing such details.
A letter [PDF] from one intellectual property lawyer representing those interests urged ICANN to take action against what he claimed were "clear and direct violations" of GoDaddy's contract with ICANN. ICANN responded [PDF] with no more than an acknowledgement it had received the complaint.
But the US government has unexpectedly came to their defense, noting in its letter that "the actions taken by GoDaddy last month... are of grave concern for NTIA given the US government's interest in maintaining a Whois service that is quickly accessible for legitimate purposes."
-- submitted from IRC
(Score: 3, Insightful) by crafoo on Saturday April 21 2018, @05:28PM (9 children)
WHOIS information should be public. This is in keeping with the spirit of what once we called the internet. If people don't want their information public, do not register a web site. Do not participate. Pay someone else to do it for you.
(Score: 2) by janrinok on Saturday April 21 2018, @06:02PM (7 children)
Do you ever purchase anything on the internet - well why not give us all your PIN and bank account details? After all, it is in keeping with the spirit of what once we called the internet.
(Score: 2) by Geotti on Saturday April 21 2018, @11:51PM (6 children)
How the fuck is your Whois related to your bank account details? What sort of argument is that, janrinok?
How is giving out your bank account "keeping with the spirit"? WTF?
You don't want whois? Make an onion or freenet site, pay extra for an anonymizing service or whatever. How is this even a topic that we have to argue about here, is there even anyone on this site, who did not witness the beginnings?
(Score: 2, Insightful) by janrinok on Sunday April 22 2018, @05:02AM (5 children)
The Whois site is supposed to allow system administrators to contact each other to resolve problems with the internet. It was not supposed to be a source of personal data that is accessible to anyone who wishes to harvest personal information.
Just as you have an expectancy for your personal bank account details to be kept securely when you share them via the internet with a supplier who provides you with a service, I have a reasonable expectancy for my personal details to only be divulged when it is necessary for me to be contacted to resolve a problem on the internet - presumably in relation to one of the several domains that I own. But because some companies in America want to be able to collect big data you are arguing that my personal details should be available to all and sundry. NO, they should not be.
So I merely used your own illogical argument back to you - your shared your bank details on the internet so surely anyone now has the right to have access to them? It might not be for the purpose you originally intended, but that doesn't matter because I shouldn't have to state why I need the information or what I am going to use it for, right? Or is that somehow different because you are personally affected?
Access to Whois data should be limited to those who can prove that they have a need to know that data, and it should only be used for the purpose for which it was intended. And I should be informed that the information has been shared with the person requesting it. The European law is giving me back the right to control who has my personal telephone number and home address - who needs that information to help resolve 'problems' on the internet?
(Score: 2) by Geotti on Monday April 23 2018, @07:30PM (4 children)
No, I'm sorry, that still doesn't make sense to me.
To foil data grabbers it's enough to put a rate limit and a captcha like, e.g. denic has had for about a decade.
What you're asking for is capitulating our position that "the internet belongs to the ones who build it".
Just as there is a public interest in knowing who owns a company, there is public interest in knowing who owns a domain.
You want us to jump through hoops just to be able to see the contact information of a domain owner? Fuck that!
There's a gazillion legitimate reasons to view such contact information, do you really think a drop down, where you select a reason and some contact information of the requesting party will stop the marketeers? Get real, man. There are other means of reigning the misbehavers in.
(Score: 2) by janrinok on Tuesday April 24 2018, @08:57AM (3 children)
None of which appear to have worked. So the EU, in bringing the law onto the books, are making sure that those in Europe that actually manage the domains realise that they cannot just provide personal information for public release without consequences, and that those who publish it in Europe, which includes providing it to Whois, or do not adequately protect such data on those protected by this law are committing an offence.
Nobody is suggesting that the internet doesn't belong to those who built it - which basically is the entire world - but that those very same people are protected from exploitation by others whose motive is pure greed. If you need access to the information in order to 'fix the internet' then you will still have access to it, but you will have to justify why you need the information rather than just making all of the Whois data - including personal information - available for anyone to harvest. Why should I have to suffer from spam mail because Whois have published my home address in addition to the address of those responsible for managing my domains? Why should I have to put up with numerous out-of-hours telephone calls on my private phone because Whois think that putting that information out on the web is a good idea?.
The information given out regarding who owns a company does not include personal information. Please look-up Mark Zuckerberg's mobile phone number and tell me what you find. It contains business information and business contacts. Whois publishes all information on the web and does not limit it to the essential business or management information, and it is this that the EU law seeks to address.
Each year I receive an email from Whois demanding that I update my personal information at penalty of potential domain seizure by Homeland Security, just so that Whois can update the databases of spammers and others. There are better ways of doing this than the current method, and the EU law is simply making sure that private information stays private.
And if I am the only contact that you have that can 'fix the internet' then all is lost!
(Score: 2) by Geotti on Tuesday April 24 2018, @06:49PM (2 children)
Form a company and provide company information. There, problem solved. Nobody requires you to provide personal information, if you register the domain in the name of your business. Invest the 250 quid and get a ltd or some other regional equivalent. Also, nobody requires you to provide your mobile phone number. Get a free number from e.g. sipgate and put up a mailbox.
Stop whining, the GDPR is a pile of shit that just makes life more complicated and doesn't change a thing for the people who have a vested interest in collecting your data. You don't seriously believe for a moment, that FB & Co. will actually delete your data, when you request them to do so, do you? That's just not technically feasible. Just don't post anything that you don't want to be on the internet to the internet, like TMB wrote before. You should know better, after all.
Why, according to our favorite encyclopedia [wikipedia.org], quite a lot of progress has been made since the 90s.
(Score: 2) by janrinok on Tuesday April 24 2018, @06:58PM (1 child)
Perhaps it is different where you live, but I do receive an instruction from the US authorities each year to confirm that my details are truthful and accurate, or risk having my domain seized by the US courts - who for some reason believe that they rule the world with their laws.
Furthermore, you fail at reading comprehension. I haven't put my details onto the internet - Whois have!
(Score: 2) by Geotti on Tuesday April 24 2018, @10:02PM
Maybe you should change your registrar then? I have quite a few (CNO) domains and not once have I received such an instruction.
I can recommend inwx [whois.com].
Pardon me, but I have to point out that you're the one mixing up the www and the internet here, or did you register by snail mail or phone?
(Score: 3, Touché) by Lester on Saturday April 21 2018, @06:39PM
Where is writen thai it is all or nothing?