SoylentNews is people
SoylentNews
The EU's General Data Protection Regulation (GDPR) has only just started to be enforced, but it is already creating some seriously big waves in the online world, as Techdirt has reported. Most of those are playing out in obvious ways, such as Max Schrems's formal GDPR complaints against Google and Facebook over "forced consent" (pdf). That hardly came as a shock -- he's been flagging up the move on Twitter for some time. But there's another saga underway that may have escaped people's notice. It involves ICANN (Internet Corporation for Assigned Names and Numbers), which runs the Internet's namespace. Back in 2015, Mike memorably described the organization as "a total freaking mess", in an article about ICANN's "war against basic privacy". Given that history, it's perhaps no surprise that ICANN is having trouble coming to terms with the GDPR. The bone of contention is the information that is collected by the world's registrars for the Whois system, run by ICANN. EPAG, a Tucows-owned registrar based in Bonn, Germany, is concerned that this personal data might fall foul of the GDPR, and thus expose it to massive fines. As it wrote in a recent blog post:
We realized that the domain name registration process, as outlined in ICANN's 2013 Registrar Accreditation Agreement, not only required us to collect and share information we didn't need, it also required us to collect and share people's information where we may not have a legal basis to do so. What's more, it required us to process personal information belonging to people with whom we may not even have a direct relationship, namely the Admin and Tech contacts [for each domain name].
All of those activities are potentially illegal under the GDPR. EPAG therefore built a new domain registration system with "consent management processes", and a data flow "aligned with the GDPR's principles". ICANN was not happy with this minimalist approach, and sought an injunction in Germany in order to "preserve Whois data" -- that is, to force EPAG to collect those administrative and technical contacts.
(Score: 2, Funny) by jmorris on Saturday June 02 2018, @07:51AM (3 children)
Think I tried to tell ya U.N. bootlicking morons that handing control of the Internet over to the U.N. would end badly, that every shithole would be able to dictate terms until we had a full out race to the bottom and the free and open Internet was reduced to the sum of every shithole tyrants whims. Well the EU is tryant #1, won't be the last though.
The correct solution would be to declare it a bad idea, having now seen the results for a few years, get ICANN back into the Commerce Dept and tell everybody to pound sand because the current system has worked pretty well. I'd even suggest eliminating the existing anonymity in WHOIS. You want to connect a site to the rest of us, we need to know who to bitch at when it borks our stuff. The only alternative would be well defined IP ranges to black hole if there is no contact, basically allow everyone else to pull your plug if you aren't willing to offer up a contact point.
The other alternative is nuke all the top level domains other than country codes, move to IPV6 with each country having a well defined block. Then we all build really huge firewalls. Then the sane admins would quietly work out most of the same rules we have now to make interop actually workable, reconnect all the sane sites / countries back the way it was before and we would have an Internet among the sane world and a bunch of mostly firewalled off shitholes canning spam that wouldn't be deliverable to anyone worth sending it to. And it really looks like the EU would be in the shithole list, happily we would get most of the individual countries back in a few years as exiting the EU is already becoming a trend.
(Score: 5, Insightful) by Dr Spin on Saturday June 02 2018, @08:47AM (1 child)
we need to know who to bitch at when it borks our stuff
To put this in words you might understand:
Its fucking arseholes like you that are responsible for the whole damned fuck-up in the first place.
What is needed is a RELIABLE means to communicate issues to the responsible person. That does not mean providing a name and address so the swat team can hit him, or emailing anyone's personal details to world class spammers. Or incentivising people to supply false information.
In short, what ICANN deliver is the worst possible solution to the issue you are bitching about. and by supporting them, you are proving that you are the worst kind of bitch.
I hereby formally slap you round the face with a GDPR - you may choose your weapons, but I choose the location: any German Court of your preference.
Warning: Opening your mouth may invalidate your brain!
(Score: 2) by coolgopher on Sunday June 03 2018, @02:16AM
Given that these days apparently it's possible to serve legal papers via a person's facebook profile, there's really no need for full address details in whois. Besides, who has *not* been using whatever privacy guard your registrar of choice provides (often for free)? As long as there is *a* way of contacting, be it email, twitter, farcebook, icq or whatever, I guess that's plenty. Or we could just go back to using hostmaster@.
(Score: 0) by Anonymous Coward on Saturday June 02 2018, @02:28PM
Its this kind of thinking that led to premature ipv4 exhaustion. its 2018, not 1918.