Patrick Vande Walle wrote:
On Thu, 17 Dec 2009 10:52:43 -0500 (GMT-05:00), Beau Brendler <beaubrendler@earthlink.net> wrote:
Some people I know have been trying to figure out, without success, who is funding the health care front group U.S. Citizens Association. One look at a few registration records did the trick:
http://www.walletpop.com/blog/2009/12/16/why-these-u-s-citizens-serve-as-a-g...
Law enforcement, by the way, wouldn't care about unmasking front groups. Even in its current state, WHOIS data still can be useful.
Actually, you used the WHOIS for what it was not designed for originally , ie identify a domain name holder to report technical issues with his/her domain name/DNS server, etc. I am glad you unmasked a front group using WHOIS, but at the same time, it seems that the problem is defective legislation related to different kinds of US not-for-profits, which does not mandate enough transparency. So, WHOIS is the wrong answer to this issue.
Actually, the internet was not designed to protect innocent users from bad actors deliberately targeting them and the internet in general the devastating effects that would have down the line. In fact there is no official way of identifying the perpetrators. WHOIS is the nearest approximation of only one of the methods of identification we have, be the WHOIS details fake or using identity theft. However each of the methods in itself may not be conclusive but is only one bit of the evidence trail. Nonetheless WHOIS details playing and important part in the evidence trail. However do not believe me, speak to your law enforcement officials.
In many European countries, for example, there is a legal obligation that web sites carry a page listing the contact details of the publisher. For my ALS, this is http://www.isoc.lu/l-association/coordonnees and it even includes the association registration number.
Speaking as an individual, natural person, needless to say I agree with Adam's comments. I would also like to know who queries my WHOIS records, in what capacity and what they intend to do with the data. But I agree that companies should not be allowed to use proxy services. After all, transparency is a key element in the trust relationship between a consumer and a service/goods provider, and especially those asking for donations.
While I would agree with you, this would also be a red flag for bad actors to change identity. In fact a major part of the learning process for bad actors is abuse reports forwarded to them by ignorant trusting service providers.
The main issue I see in the ICANN context is that proxy and privacy services are totally unregulated, unlike registry and registrars. We need a proper framework and rules for these services, as well as a signed agreement with ICANN. This would help eliminate bad actors in the proxy/privacy services fields.
Agreed, totally and absolutely. Privacy and proxy providers should not equate to unaccountability.
Patrick
Derek