If I were criminally-minded, I would simply use IDNs, which are essentially unsearchable as far I understand. For a perspective on how a verified whois would work in practice (and on how useless it would be, and how much it would cost) see a recent article from a domainer publication: http://domainnamewire.com/2012/05/15/heres-what-law-enforcement-wants-you-to... Antony On May 15, 2012, at 1:23 PM, Lutz Donnerhacke wrote:
On Tue, May 15, 2012 at 09:16:04AM -0700, Antony Van Couvering wrote:
I don't know what Patrick was thinking, but it's possible he was referring to the fact that the ALAC position on Whois is nearly indistinguishable from the wish list of the trademark lobby
True ... sad, but true.
The flaw in the position of the Whois Policy Review Team is quite simple: only the most idiotic of criminals would provide real Whois information, and without comparison of state-issued documents to registration information, there is no way to reliably check it.
That's only true with a thick whois model. The thin whois model, which reveals the contract information down the reseller chain, is much more stable and reliable even in the case of a "compromised" registar (might be run by organized crime itself).
You might have a look at this thin whois model by asking whois.iana.org.
The real charm of this approach is, that the data does not need to leave the place where they are needed to establish the business itself. So the access restrictions can and must be derived from local law, which causes a much better privacy protection (at least for EU) than an centralized thick whois database, searchable by everyone who can pay or cry for.
Yes I do hear the cry for "use cases". So the suggestion came up to urge ICANN to run a central, multilingual interface(!) to query and access the distributed data sources.
Why should ICANN operate the service? Simply because they *have* the contracts which allows them to query the databases at any rate and to any detail level, they need. Nobody else can prevent to be blocked out by various resellers or registrars. Such a block would render this interface useless.
Unfortunly this recommendation did not make it to the final report, only a crippled version dealing with an uninteresting case of gTLD strangeness.
I was unable to fight better for this idea. Sorry.