» »

Poziv za zaščito Whois baze

Poziv za zaščito Whois baze

Matthai ::

Tule si lahko preberete EPICov poziv, ki se nanaša na pravkar objavljeno novico.


Dear Friends,

In less than a week, the Internet Corporation for Assigned Names and
Numbers (ICANN) will hold meetings in Carthage, Tunisia. The
meetings will include discussions of WHOIS, a database that could
have a significant impact on privacy, civil liberties, and freedom
of expression for Internet users. The WHOIS database broadly
exposes domain registrants' personal data to a global audience,
including criminals and spammers.

We believe that ICANN should work to ensure that network
administrators have access to accurate information in order to
contact domain registrants and combat fraud and spam. However, this
also requires the establishment of corresponding privacy safeguards,
including reduced access and minimal data requirements, in order to
encourage the submission of accurate data. In addition, users of
domain names have a legitimate expectation of privacy and right to
free speech, which should be protected.

We have drafted a letter to the President of ICANN, Paul Twomey,
asking him to ensure that strong privacy safeguards, based on
internationally accepted standards, are established for the WHOIS
database. We would sincerely appreciate it if you would join us in
this statement to ICANN. Domain registrants should not be required
to submit extensive data that could lead to fraud victimization or
political persecution.

If you agree with the statement below, please send an email to
mailto: chlaurant@epic.org with your name, email address, and
organizational affiliation before October 26.

Thank you for your help with this.

Marc Rotenberg
Cedric Laurant
Frannie Wellings


28 October 2003

Mr. Paul Twomey
President and Chief Executive Officer
Internet Corporation for Assigned Names and Numbers
4676 Admiralty Way, Suite 330
Marina del Rey, CA 90292-6601
United States of America

Dear Mr. Twomey,

We write to you, on behalf of many consumer and civil liberties
organizations from around the world, regarding the significant
privacy issues surrounding the WHOIS database and the need to ensure
that strong privacy safeguards are established. ICANN has moved
aggressively to establish accuracy requirements for domain name
registrants, but has failed to establish corresponding protections
for personal information that is provided. As representatives of
Internet users around the world, we are keen to ensure that the
policies developed for the WHOIS database respect the freedom of
expression and the privacy of every individual who registers
Internet domains.

Many organizations, consumer advocates, and technical experts have
advocated strong protection for privacy interests. Those privacy
concerns have not thus far been adequately addressed. We hope that
our comments will be given due consideration during the WHOIS
workshop at the upcoming ICANN meetings in Carthage, Tunisia.

1. The main purpose of the WHOIS database should be to resolve
technical network issues, the most important being spam.

The WHOIS database was originally intended to allow network
administrators to find and fix problems to maintain the stability of
the Internet. It now exposes domain name registrants' personal
information to many other users for many other purposes unrelated to
network access. Anyone with Internet access can now have access to
WHOIS data, and that includes stalkers, governments that restrict
dissidents' activities, law enforcement agents without legal
authority, and spammers. The original purpose for WHOIS should be

One of the most important technical problems that threaten public
use of the Internet today is spam. A sensible WHOIS policy would
improve contact-ability and data accuracy for network
administrators. It would not make personal information more widely
accessible to third parties.

2. The use and management of the WHOIS database without adequate
data protection safeguards raises risks for domain name holders'
right to privacy and freedom of expression.

Users of domain names have a legitimate and reasonable expectation
of privacy. There are many users, particularly in the
non-commercial world, who have valid reasons to conceal their
identities or to register domain names anonymously. Although there
are some domain name registrants who use the Internet to conduct
fraud or to infringe on other people's or companies' intellectual
property rights, we believe that a sensible privacy policy for WHOIS
must protect the legitimate privacy expectations for domain registrants.

First, for domain name registrars to compel registrants to
disclose personal information, even information related to domain
registration, poses dangers to freedom of expression and privacy on
the Internet. Many domain name registrants--and particularly
noncommercial users--do not wish to make public the information that
they furnished to registrars. Some of them may have legitimate
reasons to conceal their actual identities or to register domain
names anonymously. For example, there are political, cultural,
religious groups, media organizations, non-profit and public
interest groups around the world that rely on anonymous access to
the Internet to publish their messages. Anonymity may be critical
to them in order to avoid persecution.

Second, WHOIS data should not be available to anyone with access to
the Internet. It is well known that broad access to personal
information online contributes to fraud such as identity theft. US
Federal Trade Commission (FTC) advises consumers to protect
themselves from identity theft, and generally from Internet-related
frauds, by not disclosing personally identifiable information. The
mandatory publication of WHOIS data is contrary to the FTC's advice.

We urge ICANN to consider the views of consumer organizations
and civil liberties groups on the WHOIS. At a minimum, we
believe that adequate privacy safeguards should include the
following principles:

- The purposes for which domain name holders' personal data
may be collected and published in the WHOIS database have to
be specified; they should, as a minimum, be legitimate and
compatible to the original purpose for which this database was
created; and this original purpose cannot be extended to other
purposes simply because they are considered desirable some
users of the WHOIS database;

- The most relevant purpose for collecting WHOIS data is to
combat spam;

- The amount of data collected and made publicly available in
the course of the registration of a domain name is limited to
what is essential to fulfill the purposes specified;

- Any secondary use that is incompatible with the original
purpose specified requires the individual's freely given and
informed consent;

- The publication of individuals' personal information on the
Internet through the WHOIS database should not be mandatory;
it should be possible for individuals to register domain names
without their personal information appearing on a publicly
available register; amnd

- Disclosure of WHOIS information to a law enforcement official
or in the context of civil litigation must be pursuant to explicit
legal authority set out in statute.

Such a policy would not frustrate lawful criminal investigations. It
would instead establish necessary privacy safeguards, and reduce the
risk that the widespread availability of WHOIS information will lead
to greater fraud, more spam, and jeopardize freedom of expression.

Respectfully submitted,





Memo from ICANN President Paul Twomey concerning WHOIS, 18 September 2003. http://www.icann.org/announcements/anno...

ICANN Carthage WHOIS Workshop Agenda, 30 September 2003.

ICANN WHOIS Privacy Steering Group webpage.

ICANN, Staff Manager's Issues Report on Issues Related to WHOIS, 13 May 2003.

Public Internet Registry, Letter regarding WHOIS to Chairman Lamar Smith, United States House Judiciary Committee, Subcommittee on Courts, the Internet, and Intellectual Property, 16 September 2003. http://www.pir.org/about_pir/pir_policy...

Public Interest Registry, Comments to the Final Report of the GNSO Council's WHOIS Task Force Accuracy and Bulk Access, 17 February 2003. http://www.dnso.org/dnso/dnsocomments/c...

Generic Names Supporting Organization (GNSO), WHOIS Privacy Issues Table, 14 August 2003.

GNSO WHOIS Task Force, Final Report of the GNSO Council's WHOIS Task Force Accuracy and Bulk Access, 19 February 2003.

Electronic Privacy Information Center (EPIC), Minority Comments to the Final Report of the GNSO Council's WHOIS Task Force Accuracy and Bulk Access. http://www.icann.org/gnso/whois-tf/repo...

EPIC WHOIS webpage.

EPIC WHOIS Privacy Issues Report, 10 March 2003.

EPIC and Privacy International, Privacy and Human Rights - An international Survey of Privacy Laws and Developments, 2003.

Organization for Economic Co-operation and Development (OECD), Guidelines on the Protection of Privacy and Transborder Flows of Personal Data.
http://www1.oecd.org/publications/e-boo... (English).
http://www1.oecd.org/publications/e-boo... (français).

European Union, Directive 1995/46/EC of the European Parliament and the Council on the Protection of Individuals with regard to the processing of Personal Data and on the Free Movement of such Data ("EU Data Protection Directive").
http://www.europa.eu.int/smartapi/cgi/s...!celexapi!prod!CELEXnumdoc&lg=EN&numdoc=31995L0046&model=guichett (English).
http://www.europa.eu.int/smartapi/cgi/s...!celexapi!prod!CELEXnumdoc&lg=fr&numdoc=31995L0046&model=guichett (français).
http://www.europa.eu.int/smartapi/cgi/s...!celexapi!prod!CELEXnumdoc&lg=es&numdoc=31995L0046&model=guichett (espanol).

European Union Article 29 Data Protection Working Group, Opinion 2/2003 (WP 76) on the application of the data protection principles to the Whois directories, 13 June 2003.
http://europa.eu.int/comm/internal_mark... (English).
http://europa.eu.int/comm/internal_mark... (français).
http://europa.eu.int/comm/internal_mark... (espanol).

International Working Group on Data Protection in Telecommunications, "Common Position on Privacy and Data Protection aspects of the Registration of Domain Names on the Internet" (adopted at the 27th meeting of the Working Group on May 4-5, 2000 in Rethymnon, Crete).

United States Federal Trade Commission, National and State Trends in Fraud and Identity Theft (January 2002 - December 2002), January 22, 2003.


Cedric Laurant - Policy Counsel
Electronic Privacy Information Center
1718 Connecticut Ave., N.W., Suite 200
Washington, DC 20009 - U.S.A.
Tel: +1 (202) 483-1140 (x114)
Fax: +1 (202) 483-1248
- - - - - - - - - - - - - - - - - - - -
epic.org - privacy.org - gilc.org

Matthai ::

Še kopija novice:

V naslednjem tednu bo imela ICANN (Internet Corporation for Assigned Names and
Numbers, ki skrbi za upravljanje globalnega domenskega sistema) srečanje, na katerem bodo razpravljali o WHOIS bazi, v kateri so shranjene informacije o veljavnosti domen, o njihovih lastnikih in DNS strežnikih.
Organizacija EPIC (Electronic Privacy Information Center) pa opozarja, da bi lahko imela ta razprava pomembne posledice na zasebnost, civilne svoboščine ter svobodo izražanja na internetu. Problem je namreč v tem, da so podatki iz WHOIS baze javno (in globalno) dostopni vsem. Tako spammerjem, kriminalcem ter državnim organom totalitarnih režimov. EPIC opozarja, da se zaradi tega lahko lastniki domen znajdejo pod različnimi pritiski ter dodajajo, da lastniki domen upravičeno pričakujejo zaščito njihove zasebnosti in posledično svobode izražanja. Člani EPICa so zato na predsednika ICANN-a Paul Twomeya naslovili pismo, v katerem ga pozivajo naj ICANN za WHOIS bazo zagotovi visoko stopnjo zaščite zasebnosti, ki bo temeljila na mednarodno sprejetih standardih. EPIC želi, da se od lastnikov domen ne bi zbiralo podatkov na podlagi katerih bi lastnik domene lahko postal žrtev goljufije, viktimizacije ali političnega preganjanja.
Celoten poziv v angleškem jeziku si lahko preberete tukaj (oziroma v forumu) in če se z njim strinjate, lahko do 26. oktobra Cedricu Laurantu iz EPIC-a pošljete svojo podporo v kateri navedite svoje ime, e-mail naslov ter (opcijsko) organizacijo ki jo predstavljate.

Bakunin ::

Razlog vec da sem odsel iz netsol ter dotsterja....

nista omogocala "skrivanja " e-postnega naslova ter ostalih informacij imetnika domene za razne worme ipd.

sedaj sem na gkg.net 0:) in v whois je dovlj informacij da me CLOVEK lahko kontaktira.

razen ce ima IQ pod sobno temperaturo.

Matthai ::

Aha, imajo kar dober sistem s tem forwardingom. Edini problem je, ker je objavljeno tudi tvoje ime... če si recimo kitajski disident je to že lahko problem.

Bakunin ::

pac das neko fooooo ime.

V WHOIS bazi je dovolj podatkov (delujoc e-naslov) da me lahko CLOVEK kontaktira.

Ce kdo isce po drugih kriterijih (ali sem clan udbe, skavtov ali zbora mladih kristjanov) pa mu lahko samo recem: fsck off

Matthai ::

Ja, samo problem je, ker - pravno gledano - moraš vnesti prave podatke. Sicer ti domeno lahko vzamejo. Je pa res, da je tveganje minimalno. Se pa strinjam - v nekaterih primerih pravih podatkov pač ne vneseš (in s tem vsaj malo tvegaš). Sam sem naredil isto pri registraciji ene aktivistične domene.

Bakunin ::

Registrar ima vse moje podatke. CE jih bo kdo RES tako zelo rabil......in bo imel sodni nalog....potem jih bo verjetno dobil. :D

Vredno ogleda ...

TemaSporočilaOglediZadnje sporočilo
TemaSporočilaOglediZadnje sporočilo

Volja in RIPE obrazec za dodelitev večih IP številk

Oddelek: Omrežja in internet
192699 (2497) Cosmo

Lastniki domen?

Oddelek: Omrežja in internet
103564 (3342) Bakunin

SIOL - zapira stacuno !? :-)

Oddelek: Omrežja in internet
292776 (1644) FastWIND

Izsledljivost preko IP-ja

Oddelek: Omrežja in internet
193149 (2680) PaJo


Oddelek: Omrežja in internet
202126 (1649) Ales

Več podobnih tem