Hi Karl,
"If you want to create a system of internet business licenses, feel free to propose it."
Horray! Out of argument comes agreement. Now we have something on which we can go forward.
Indeed,
I *do* support the idea that there be some sort of internet business license that is coupled to an obligation to have real and meaningful information about who or what is behind the business, where it legally exists, and how it may be contacted for both informal and formal communications.
To me that would vastly clarify the issue of whois privacy and make it easier to define the privacy rights and disclosure obligations, if any, of individuals who are not also acting in a business capacity versus the obligations of people and aggregate entities that are.
Agreed. But it's been argued by many that framing the disclosure versus privacy debate as a WHOIS matter is missing the point. WHOIS is a protocol and a data format. It's an implementation, not a right or obligation. There are, of course, a few nits - for example, some things that some
countries treat as religious bodies others treat as commercial cults. (I suspect that we all know who I am referring to.)
I would think that there will also be some opponents to the idea of treating personal domain ownership differently from business-owned ones. Come to think of it, finding opponents to this idea will not be difficult.
I don't see the need for there to be a single entity that issues these licenses, not does it have to be a governmental body. And I believe that ICANN's role would not be that of a licensor but rather to base its whois policy on whether one has a license or not from a recognized authority. (We can foresee that there will be fights over who gets that nod of recognition.)
I do have concern that there are those, such as the pharmacies you note, who may be scofflaws and simply not obtain such a license from wherever such licenses might be obtained.
Getting this universally accepted will certainly be a lengthy and uphill battle, but perhaps there is a window of opportunity offered in ICANN's attempt to create an optional "high security zone" certification for new gTLDs. http://mm.icann.org/pipermail/hstld-ag/2009-December/000001.html One of the reasons I'm on the HSZ advisory group (one of only two from At-Large and there's nobody from NCSG, amidst a mob of contracted parties) is to ensure that such a certification enforce some kind of ownership-information accuracy regime as part of the certification. Originally I thought of that as WHOIS accuracy but it doesn't have to be in that form. What about advancing the notion that a HSZ must have some method of registration / licensing, handled by the registry (or its agent) but enforced at the registrar level? (Ie, a business has to get registered/licensed from the registry before it can buy a domain from one of its registrars? Then, for instance, the registry can have its domains audited against the registered/licensed owner list. The timeline for this is not compressed; the AG doesn't expect to have much done by Nairobi. So we have time to thrash through the license concept and then build support for it. On the other hand, I see a pressure that could coerce people to engage with
various business license system - I can readily imagine web browser plugins that check the various license databases and put up a warning marker, much as they already do for un-rooted SSL certificates and passwords over non-HTTPS connections, when someone is interacting with a website. Doing this so that it isn't as heavy handed as, for instance, Firefox handling of non-rooted certificates, might take some inventive thinking.
We may not be able to force browser developers to do what we want. But that's what plugins are for. :-) - Evan