January 19, 2006

First Thoughts on ICANN's "Whois" Report

I just glanced through ICANN's Whois Report - or more properly it's Preliminary task force report on the purpose of Whois and of the Whois contacts.

Much seems centered around two different points of view of the purpose of whois data.

But I notice a very glaring omission in both points of view:  Neither defines who is the intended beneficiary of this violation of privacy.

Both formulations are ambiguous with regards to the intended beneficiary of the information.  Is the beneficiary intended to be the owner of the domain in the sense that publication allows the owner to learn more quickly that something might be awry?  Or is the intended beneficiary meant to be the person who feels somehow wronged or harmed by the actions of the domain name owner?

How can one grant any validity to this report if it can not define the intended beneficiary of this highly intrusive, privacy-busting, heavy-handed, one-sided regulation of internet activity?

This document makes many claims that the destruction of privacy would create some benefits to certain groups.  But privacy is a balancing of equities and this document merely piles up anecdotal benefits without engaging in a principled weighing of the competing equities.

Nor does the document address any measures to remediate the intrusion - measures such as requiring those who wish to view whois to state, in writing on a permanent record, the grounds and facts that create a need to view the information, such as requiring that those who view whois to identify themselves into a permanent record and authenticate that identity, such as publishing statistics about how many times each viewer has examined whois, etc etc.

And missing from the voices in the document are the victims - the people whose personal privacy is penetrated and whose families and lives could be, and have been, harmed and endangered by ICANN's policies.  ICANN long ago excluded the voice of the public.  But without that voice this document must be considered vacuous, the product of systemic bias, and as nothing more than an instance of Benjamin Franklin's two wolves and a lamb voting on what to have for lunch.

The document makes claims based on some sort of notion of inertia deriving from "historical uses" of whois.  I am one of those people who have been part of the internet since the early 1970's.  My name is to be found in many of the early versions of whois - such as the ARPAnet directories from that era.  And I can state from my own experience that the original purpose of such publications was a quasi-private roster of friends in a small club and not a directory that was intended to be open to public access.  In other words, the so-called history mentioned in the report is nothing more than hearsay, gossip, and fantasy that diverges from the reality experienced by those of us who were actually there.

On a minor note - the formatting of the document, in a word, sucketh.  The business, registrar, ISP, and intellectual property constituency statements are all headed by text in grand 20+pt font while the non-commercials are hidden under a 12 point header that is lost in the numbering system.

As a whole, the document is worthless.  Only the Non-Commercial constituency approaches the questions based on a principled analysis; the other groups are simply making self-aggrandizing assertions.

I wonder - how many companies of the business constituency, lawyers of the intellectual property constituency, and members of the other constituencies would be willing to put their personal contact information and their company and law-firm org-charts, and phone and address directories, up for anonymous public browsing 24x7?  My guess is that the number would closely approximate zero.  Yet these same people, who most likely stamp every one of their company directories with non-disclosure labels, are the most willing to condemn internet users to a hell that they themselves are not willing to endure.

Posted by karl at January 19, 2006 1:48 AM