more on Domain Owners Lose Privacy

[David Farber <dave () farber net>]

------ Forwarded Message
From: Daniel Weitzner <djweitzner () w3 org>
Date: Sun, 06 Mar 2005 18:21:35 -0500
To: <dave () farber net>
Cc: Ip <ip () v2 listbox com>
Subject: Re: [IP] Domain Owners Lose Privacy

I agree that the doctrine of anonymous (political?) speech is quite
important and the fact that these rules come from a Federal agency do
raise constitutional questions. However, the alleged privacy or
anonymity offered by at least some of these proxy services are so poor,
that I wonder whether any privacy gain here (which I believe to be de
minimis) is justified against the need to protect against unaccountable
abuse of domain name resources.

For example, the Terms of Service of Domains By Proxy
(http://www.domainsbyproxy.com/) offers to register domains for others,
but also drops any anonymity shield 'at their sole discretion' for just
about any reason:

"a.  You understand and agree that DBP has the absolute right and
power, in its sole discretion and without any liability to You
whatsoever, to either:  (i) close Your account (which means You then
become the Registrant of the domain name registration); (ii) reveal
Your name and personal information that You provided to DBP when
required by law, in the good faith belief that such action is necessary
in order to conform to the edicts of the law, or to comply with a legal
process served upon DBP; (iii) resolve any and all third party claims,
whether threatened or made, arising out of Your use of a domain name
registered by DBP on Your behalf; or (iv) take any other action DBP
deems necessary:"

Those who actually want anonymous speech outlets, then would be
ill-advised to rely on these proxy services. Instead, they should use
the increasing sophisticated remailers and mixes that do no depend on
obscuring domain name registration information. If that's the case,
then where does that leave the privacy argument?

Best,

Danny



On Mar 4, 2005, at 5:10 PM, David Farber wrote:

> ------ Forwarded Message
> From: Paul Levy <plevy () citizen org>
> Date: Fri, 04 Mar 2005 16:34:43 -0500
> To: <dave () farber net>, <ip () v2 listbox com>
> Subject: Re: [IP] Domain Owners Lose Privacy
>
> It is no response to a complaint about free speech violations to say
> that there is some other way to speak, or to say that if you want to
> remain anonymous, don't enter into any agreement with an ISP because
> you
> always leave traces behind.  One had might as well say, don't use the
> Internet either because you leave traces on the server.....
>
> The real question, it seems to me, is presented by the third point
> below -- are the concerns that are advanced as a reason for this new
> rule sufficient to outweigh the imposition on speech rights?  Surely
> the
> goal of preventing "abuse" is laudable, but is the fit between the
> goals
> and the means tight enough?  Is there no way to accomplish the goal
> without barring ANY person from staying anonymous?  How efectively does
> the means accomplsih the goal?
>
> Those are the questions that ought to be addressed .....
>
> Paul Alan Levy
> Public Citizen Litigation Group
> 1600 - 20th Street, N.W.
> Washington, D.C. 20009
> (202) 588-1000
> http://www.citizen.org/litigation
>
> > > > David Farber <dave () farber net> 03/04/05 01:53PM >>>
>
> ------ Forwarded Message
> From: Rich Kulawiec <rsk () gsp org>
> Date: Fri, 04 Mar 2005 13:36:42 -0500
> To: David Farber <dave () farber net>
> Subject: Re: [IP] Domain Owners Lose Privacy
>
>
> They never had any.  Spammers have been acquiring and selling much
> of this information for quite some time.
>
> > The Electronic Privacy Information Center said the move violates
> First
> > Amendment rights to anonymous free speech.
>
> Nonsense, for three reasons:
>
> First, nobody actually NEEDS a domain name to engage in free speech,
> anonymous or otherwise, on the Internet.  (Doesn't EPIC know this?)
>
> Second, nobody who truly wants to be anonymous should even WANT a
> domain
> name: after all, registering it creates a record, directly traceable
> to them, at their registrar.  It also -- if they, let's say, contract
> for
> web
> hosting someplace -- creates a record there.  Those records are
> available
> to personnel at those companies, to anyone who can access them via
> legal
> discovery processes, to anyone who can penetrate registrar/host
> security,
> and to anyone with enough cash-in-hand to either cut a backroom deal
> with registrar/host or just bribe their personnel.  (Have the latter
> happened?
> I have no idea.  But I think it's a legitimate question to ask how all
> the
> spammers that are selling CDs full of this information got their hands
> on
> it.)
> Bottom line: registering a domain name is a dumb move if you really
> want to
> remain anonymous.
>
> (Oh, and let me not forget to mention: some registrars ARE spammers.
> Pop quiz: how long will "private" information entrusted to their care
> stay that way?)
>
> (Oh, one more thing, just one word: ChoicePoint.)
>
> Third, domain names are Internet operational resources.  The Internet,
> as a whole, cannot afford to permit those controlling operational
> resources
> to be anonymous -- because, as we've seen thousands and thousands of
> times,
> it's an open invitation for abuse.  Lots and lots of abuse.
>
> Is this a pity?  Yes, it is.  But unfortunately, the failure of the
> NON-abusive anonymous holders of Internet operational resources to
> demand that this situation be rectified (by the only people in
> position
> to rectify it: the registrars) has allowed things to deteriorate so
> badly that "anonymously registered domain" is becoming more and
> more synonymous with "probable spam/abuse source domain".
>
> By the way: an excellent rule-of-thumb is that any domain registered
> in
> the .us TLD which is _not_ part of a geographic hierarchy (e.g.
> k12.pa.us)
> is suspect.  Oh, I've found a few such domains that are legitimate:
> I've also found over 1200 belonging to well-known, prolific spammer
> Steve Goudreault.
>
> ---Rsk
>
>
> ------ End of Forwarded Message
>
>
> -------------------------------------
> You are subscribed as PLEVY () citizen org
> To manage your subscription, go to
>   http://v2.listbox.com/member/?listname=ip
>
> Archives at:
> http://www.interesting-people.org/archives/interesting-people/
>
> ------ End of Forwarded Message
>
>
> -------------------------------------
> You are subscribed as djweitzner () csail mit edu
> To manage your subscription, go to
>   http://v2.listbox.com/member/?listname=ip
>
> Archives at: 
> http://www.interesting-people.org/archives/interesting-people/
--
Daniel J. Weitzner 
+1.617.253.8036 (MIT)
World Wide Web Consortium                       +1.202.364.4750 (DC)
Technology & Society Domain Leader      <djweitzner () w3 org>
http://www.w3.org/People/Weitzner.html


------ End of Forwarded Message


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/