Posts by libove

FUD argument is wrong. Action Fraud has some points. Read on ...

The article's argument that ICANN's argument amounts to FUD - that criminality will increase in the absence of good, accessible WHOIS data - is incorrect.

Action Fraud's comment that it takes a consumer both sufficiently aggrieved as well as capable to even open a police case, followed then by an adequately resourced and motivated police force, in the same jurisdiction, to get WHOIS data to begin to track down malfeasants, is absolutely correct.

A large amount of small fraud is gotten away with all the time today due to the ease with which wholesale (fake) copies of e-commerce websites are set up and then SEO'd into high-end positions in search results that people looking for an article to purchase may find themself on such a fake site. Absent readily accessible WHOIS data, they (were they so skilled and inclined to check first) could not get the information needed to take into account in judging whether the site is likely legitimate, or (in the more common case of the consumer who lacks the wherewithal to do such analysis themself) other site rating services would not have enough information to form an opinion, because the sites churn quickly.

The result is that many consumer just take the risk of buying from the unknown site, and are defrauded (which, under credit card fraud rules in the US, is low risk to the consumer, but for the rest of us in the world, where we have far less legal protection against credit card fraud, is largely at our own risk), or, the more cautious consumer simply doesn't buy (which hurts the legitimate small business which forever whatever reason, either of their own potentially misguided commercial choice, or because of the defaults of their possibly-hidden-behind-two-service-provider-layers-Registrar has their registration data private).

There are US-EU dick-size contests going on here. But there also truly is a problem with the current towards-privacy-everywhere argument in WHOIS data.

My proposal is that WHOIS data should be made accessible in most cases (call this two different levels of WHOIS Privacy) to anyone who files a legally sworn statement as to the reason and validity of their request, with no need for police or court process, to be granted the requested access; if that access turned out to be fraudulent then that person will have committed an easily prosecutable crime. The second (higher) level of WHOIS Privacy would be accessible only upon presentation of a court or police finding that the registrant is under unusual threat, and would then enjoy the level of privacy that current one-size-doesn't-fit-all WHOIS Privacy provides.