Hooray
But I suspect Fasthosts will still try and charge 3 quid for it.
The long-standing but outdated "admin" role associated with every internet domain name will be killed off under new recommendations designed to update the Whois registry and make it compliant with European data privacy rules. In addition, the "tech" role may be made voluntary, email addresses associated with domain owners will …
It's not a question of what they hold. Of course them holding technical and administrative information for the intellectual properties they are renting out is reasonable.
What's NOT reasonable is displaying that information to all-and-sundry on any request whatsoever to the extent that you have a public API to do so.
Law enforcement need it. Sometimes the technical people need it. But why do you have to have it as a publicly available list of names, addresses and emails? I don't get that for, say, the people who sell on eBay.
Why not just remove the information from public view entirely and replace it with a contact form? Exactly the same effect - genuine grievances and trouble can be notified to the right people, but the average spammer can't just trawl the whole list and spam them, and no personal user is ever identified against their will.
It's not a question of what they HOLD (though that is affected by GDPR, it's hardly different to what they need to do), it's a question of what they DISTRIBUTE. Which should, quite literally, be... nothing.
It's not a question of what they HOLD (though that is affected by GDPR, it's hardly different to what they need to do), it's a question of what they DISTRIBUTE. Which should, quite literally, be... nothing.
The answer is in the article and other articles... lawyers. They want free access. It's particularly the media lawyers for take down notices, fines, and lawsuits. When in doubt, follow the money.
This post has been deleted by its author
Data minimisation isn't just GDPR. The data protection act has always stated you should only hold the required information.
So the required information is a contact. admin@.... is a perfectly fine contact, and not being personally identifiable, fits with GDPR. I can see why lawyers may not like that, ie sending a threatogram to Admin doesn't have the same weight as sending to a named individual who may have left the target company some months/years ago.
For everyone else, it's more a case of whether anyone actually looks at the admin mailbox. If LEOs want to find out more, they can ask the registrar for the billing contacts.
What makes you think for a second that someone who stole your domain name would put their genuine home address onto the WHOIS when they did so?
If someone stole your bike, would you be expecting them to register it as their own on a public list of bike-owners? And if they did, would you assume those details to be correct? And if they did, would you pile into that person or would you be expected to - for example - go to the police/courts who'll determine who really has it, return it to you if possible, and you'll have precisely ZERO dealings with any ensuing law enforcement action beyond providing a witness statement (they won't tell you the criminal's home address!).
The equivalent here would be "file a complaint to ICANN". That does NOT need YOU to have public WHOIS information for every domain name in the world.
Your argument is one of the weakest arguments I've ever heard in my life.
The Primary reason EU are waging war on Whois, under the pretense of "data protection", is that Whois made it far too easy to spot websites funded by "Open Societies Foundation" and their ilk.
The unelected Eurocrats do NOT want their secondary paycheck providers exposed for their meddling.
Oh, you mean the EC, the people which are selected, as you say, by, err, governments elected in each country by the public, voted in by the MEP, and who are in charge of implementing the MEP's decisions?
I'm not so sure your competency claims hold much water, sorry.
Seriously, it's all available online, there's no mystery to it:
https://europa.eu/european-union/about-eu/institutions-bodies/european-commission_en
"The Primary reason EU are waging war on Whois, under the pretense of "data protection", is that Whois made it far too easy to spot websites funded by "Open Societies Foundation" and their ilk."
Whois also makes it easy to spot so-called PR firms hired to attack anyone with a differing opinion.
Actually, the best way to stop this sort of nonsense is to put the punishment on the lawyers. The threat of being disbarred, should stop most lawyers from pursuing ridiculous appeals.
Oh right, sorry, lawyers are immune from punishment, because they write the laws in the first place. Silly me forgot that.
Lawyers don't create laws, MPs create laws.Lawyers get paid to help you make sense of them.
Want better laws then start voting for competent people who might spend more time doing their job and less time being directors of random firms, politicking and appearing on TV.
If politicians did a better job of creating laws and took the time to vote through an explantory leaflet explaining what they intend, half of lawyers' work would disappear.
QUOTE
Lawyers don't create laws, MPs create laws.Lawyers get paid to help you make sense of them.
Want better laws then start voting for competent people who might spend more time doing their job and less time being directors of random firms, politicking and appearing on TV.
If politicians did a better job of creating laws and took the time to vote through an explantory leaflet explaining what they intend, half of lawyers' work would disappear.
END-QUOTE
That is indeed how USAians politics works, in general we have somewhat less bad (still not good) MPs in Europe.
The answer to that is simple : anyone who has a warrant.
That means probable cause, approved by a judge and enforced by proper police force.
Of course, that also means that US-based IP lawyers can go fuck themselves, which is an outcome I entirely approve of.
The answer to that is simple : anyone who has a warrant
- in the Jurisdiction of the registrar NOT just their friendly district judge in whichever state in the USA they happen to have lobbied with large "donations" to campaign funds.
so a UK court for .co.uk etc
and a French court for .fr
an Australian court for .au
ETC
How long until a company offers domains that are 100% secure against prying eyes. Nobody can prove ownership - not even the owner. It sounds like a perfect CloudFlare product.
I'm all for privacy but GDPR jumps the shark in some areas. At some point people need to be responsible for the crap they throw onto the Internet. Pay somebody else to manage your domain if you don't want to be the admin.
At some point people need to be responsible for the crap they throw onto the Internet
I think you've missed the point. I'm happy to manage my domains - it's really not that difficult.
But why should I have to have my name, email, and home address splashed across the internet when that "splashed across the internet" bit is 100% not required in order for the registry operator to perform their part of the contract ?
Yes, the registry (and reseller) need my details so they can bill me etc - that's basic contract stuff. But that information is really only relevant to the three of us involved - not every tom, dick, or harry on the internet. GDPR is clear on that - neither the reseller or registry can make allowing me to have a domain name contingent on me agreeing to collection of data that isn't needed for the contract, or publishing what data they do collect. In both cases they may ask me - but I can simply say no.
THAT is what the debate is about.
I cannot believe the mess created and still being created by the snowflakes who appear to love GDPR for just about any reason.
The WHOIS should continue to offer data of people who are about to share content with the online world. Should they decide to defame a citizen, why should that citizen not have the instant right to challenge one of the many trolls who act in this fashion?
The bad guys must be rubbing there hands with joy. Who needs the dark web when the main-stream web has built in protection for terrorists. I hope the people who are pushing this through can sleep at night. What is liberal about allowing terrorits to peddle there foul content enabling normal people to be murdered - please explain that to me.
@EricWiltsher... you genuinely think that trolls and terrorists (not happy to have those in the same sentence) would be putting up genuine contact details?
It's never been difficult to use fake information when setting up a domain. That's primarily because most registrars only care about the money. WhoIs information has never been particularly useful unless you're dealing with genuine companies and even then it's often out-of-date.
@EricWiltsher - What the f**k! You can not be seriously suggesting that a terrorist or troll would register a domain with a legitimately traceable address/email/name?
Tell me, has it caught out a few simpleton trolls who spewed their asinine vitriolic diatribe?
Maybe this is how the Five-O manage to catch all the terrorists in the past? 'Hey Bobbie, can you lookup them terrorist in the WHOIS so we can nip round and pick em up for trial (actually lets skip the trial bit) and for a spell in Gitmo?'
Looks like we can expect all terrorists and trolls from this point onward to walk among us for eternity without having their collars felt by Five-O! Damn GDPR <big ferocious grrr> has surely ended the Five-O's ability to catch them terrorist chaps forever without public access to the WHOIS DB.
+ what @MrReynolds2U said
@EricWiltsher
Wow privacy vs terrorism pushed to the nth degree!
However assuming you do actually believe your own argument, can you cite any example in the world where a terrorist has been collared due to their information being available on whois. Or where their material has been taken down due to whois information rather than just contacting the host or DNS to remove or block the content?
For each one you do, I will match it with 100 examples of when I have been spammed for using genuine details, as required, telling me falsely that I need to renew my domain to avoid losing it, or that someone is trying to register a similar domain and I have a chance to register it first.
I would prefer an option allowing me to display my name or my company name.
There was a time early on when a network admin would attempt to contact another admin for BGP, hacking, or spamming issues. Nobody I know does that anymore.
Doesn't seem fair to the registrars to shoulder this increased burden (cost) of fielding requests going forward. I have some domains paid up for 10 years. If it ends up anything like DMCA notices, the overhead could be significant.