Guess Whois Going to Lose the Privacy Debate

Opinion: If you own a domain, your privacy is probably being needlessly compromised as a result. But nobody who can do anything about it cares.

At a recent gathering of the New York Metropolitan Area chapter of the Internet Society at the Jefferson Market library in Greenwich Village, there was a panel discussion on Whois policy. The panel was top-notch, including people representing the varied interests in the matter. And while there is an interesting proposal on the table for a change to Whois policy, I wish I could say I was optimistic about it.

You can download recordings of the debate in various formats from the Punkcast Web site.

The issues are important: It has always been policy that the registration information for Internet domains is public and publicly available through a database service called "Whois." Unix and Linux users typically have a Whois command line program that knows how to query the database.

Most Internet users, to the extent that they interact with the system at all, query through a Web-based proxy form, such as CompleteWhois (a good site with many other useful tools). If you do a lot of Whois-ing on Windows I recommend getting Jwhois for Windows.

/zimages/5/28571.gifTheres more evidence that the domain registration system is failing to serve the publics interests, and its going to get worse. Click here to read more.

Its also always been policy that owners of domains have to keep accurate information in their publicly accessible Whois entries. So if you own a domain for your personal use you have to have your address, phone number and an accessible e-mail in the record.

You really need to have an accessible e-mail address in that space because it is at that address you will be contacted if someone attempts to transfer your domain. That may also be the address at which your registrar will contact you if you when your registration is expiring.

/zimages/5/28571.gifBuilding an Integrated IT Security Strategy for 2007: eSeminars invites you to join this virtual tradeshow on Nov. 30, and learn how to reduce security costs and mitigate the risks associated with users and their access rights across your entire organization.

But this policy also means that anyone can get this information for their own purposes.

If you put your e-mail address in Whois you will be spammed. Youre also likely to receive solicitations from other registrars, and theres a history of sleazy registrars making misleading solicitations.

For these and other reasons, many have called over the years for privacy for domain owners. But there are arguments against it and privacy advocates have the disadvantage of fighting the mighty status quo, which has home-field advantage in matters to do with ICANN (Internet Corporation for Assigned Names and Numbers.)

Next page: ICANN to the rescue.