Internet

WHOIS On First?

|

dog

Right now, anyone can look up the real name of the owner of a website on the WHOIS database. You can see, for example, that this site is owned by the Reason Foundation (surprise!). This is a handy tool when people start behaving badly online, but also means that when Fido registers sexydaschunds.com, anyone who's interested can find out that he is, indeed, a dog.

Recently, this convention has been challenged by privacy advocates:

A panel on Internet names voted Wednesday to conduct further studies on the databases containing names, phone numbers and other private information on domain name owners, deferring long-simmering questions over whether such details should remain public.

The committee of the Internet Corporation for Assigned Names and Numbers, or ICANN, which oversees Internet addresses, also rejected a proposal to give Internet users the ability to list third-party contacts rather than their own private data in the open, searchable databases called Whois.

So no decision yet. Should the ICANN offer true anonymity to domain owners? I'm torn. I don't think there's an absolute right to privacy here–you can choose not to own a domain, and simply lurk anonymously on other people's sites, thus protecting your privacy. As far as I know, Blogger doesn't require ID to start a blog, so the existing structure of the Internet is not really even throwing up serious barriers to those who would like to anonymously produce content. On the other hand, I like the idea that I might be in a flame war with a dog and have no way of knowing it and that dogs who are enemies of the state could build truly anonymous online empires. Your thoughts?

More on Internet privacy here and here.

NEXT: Rip, Mix, Vote

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. That’s kinda neat. A lot of my queries came back with Godaddy.com as the registrant, but some even gave home addresses.

  2. Surprise, surprise! The free market has already come up with a solution. It’s called proxy hosting. It costs two to three bucks a month.

    Absolutely no need to whine to gub’ment about this.

  3. If it ain’t broke, don’t fix it.

  4. There are services that will hide the identity of the registrant. You pay a couple of bucks and they act as a proxy for you. Publically, the database points to them, but they route all mail back to you.

  5. I like the idea that I might be in a flame war with a dog

    Been posting with Edward lately?

  6. ICANN haz privasee?

  7. I like the idea that I might be in a flame war with a dog

    Been posting with Edward lately?

    Edward is not a dog. Dogs are noble intelligent mammals. Dogs are man’s best friend.
    Edward is a reptile. Case closed.

  8. Woof Woof Woof

    that’s my other dog impersonation.

  9. Holy crap. I’ve known about WHOIS since the days when I got on the net through a UNIX mainframe. But I didn’t realize the amount of detail out there. My freaking home address and phone number popped up for the site I own.

  10. Holy crap. I’ve known about WHOIS since the days when I got on the net through a UNIX mainframe.

    So what you’re saying is, you gave your home phone number and home address to a robot on the internet when you registered a domain name, and now you’re surprised it’s out there? Would that be a “freak accident”?

  11. So what you’re saying is, you gave your home phone number and home address to a robot on the internet when you registered a domain name, and now you’re surprised it’s out there? Would that be a “freak accident”?

    Caveat emptor.

  12. I’m torn. I don’t think there’s an absolute right to privacy here–you can choose not to own a domain, and simply lurk anonymously on other people’s sites, thus protecting your privacy.

    It has nothing to do with lurking on other people’s sites, and everything to do with

    1) the fact that they publish all of the site owner’s contact information for every wanna-be-stalker to see. Split up with the psycho-boy/girl? Want to hide so s/he can’t find you? Guess you have to get rid of your website then!

    2) the fact that the second you register a domain every salesweasel in existence who might conceivably at some point in their career think about selling some product or service that might in some universe be useful to someone who owns a website starts sending you several metric tons of junkmail per week (I exaggerate only slightly; the amount of physical junkmail I got after buying a domain was annoying – I went from emptying my mailbox weekly to having mail held if I didn’t empty it daily)

    WHOIS is one of those hangovers from the early days of the internet when people designed stuff for what was technically convenient at the time, without considering how the assholes of the world would abuse it (also see: email).

  13. J sub D

    Correction @ 5:26pm noted.

    The thought of a flame war with a reptile bothers me though. Scales are much more flame resistant than fur.

  14. Brandybuck, Matt S – yes, you can use a proxy hoster, but then you have to count on that party to protect your privacy. That’s a little better, maybe, but hardly the end-all-and-be-all of privacy.

  15. You can register a domain name under any name, address, and phone number you want, real or fictitious. The only link I can see between a real identity and an assumed one comes about when you pay for it. To get around that problem you can buy a pre-charged credit card, with cash, from a 7-11. Just so you don’t get successfully bio-scanned by the 7-11 surveillance cameras, I suggest you dress-up and buy the credit card tonight. Wear gloves and contain your bodily fluids.

  16. When I first signed up for a domain, I had no choice but to provide an email address. That email address was published on the Internet without my consent and scraped by bots compiling lists of email addresses. As a result, I received so much junk email that I had to abandon the address all my friends and customers used when they wanted to contact me.

    I don’t trust ICANN to manage information responsibly.

  17. @Mick

    You are a moron

    @everyone else

    As someone who is responsible for IT security – contact information is not only useful its vital. We get hit by bots that exist behind corporate and personal firewalls all the time. Without contact information on a domain – we have little if no information to go by to track down someone who is responsible for that domain that machine sits on so we can contact them. I don’t buy the “I get SPAMMED” argument … that is the cowards way out and shows you have no clue how things work. Its called responsible management of your online assets. Stand up and take responsibility for your network and for your domain names. You have no “right” to privacy here.

  18. Tim,

    Hurling insults is the best way known to man to undermine your own credibility.

  19. Use a p.o. box or a fake address.
    Use a free e-mail account specifically set aside for junk mail.
    Don’t put your phone number or your home address.
    Incorporate and list the corporation as the owner.
    Set up a trust and list the trust as an owner.

    There are lots of ways to protect ones privacy online. They all start (but do not end) with not using your private data in the first place and most of us have or can easily obtain alternatives (see above list).

    Incidentally, trusts, corporations, mail drops, p.o. boxes, unlisted phone numbers are just some of the many ways people protected their privacy BEFORE the mighty internet came along.

    As for ICANN protecting ones privacy, the organization has a habit of stealing domains from rightful owners and giving them to corporations on the flimsiest of rationale so I don’t expect sensible behavior from them.

  20. Should the ICANN offer true anonymity to domain owners? I’m torn. I don’t think there’s an absolute right to privacy here–you can choose not to own a domain, and simply lurk anonymously on other people’s sites, thus protecting your privacy.

    And if you think income taxes are immoral, don’t work. Problem solved!

  21. @tim:

    I don’t see why you really need domain contact info for security reasons. It makes things a little easier sometimes, but it’s not crucial. What you need is the whois contact info for the allocated IP blocks, which is an entirely different issue. I agree that *IP addresses* should not have hidden contact info, but I don’t think anyone’s proposing that.

  22. I do want to make a point — people don’t need domain names to run their own website.

    Granted that a numeric IP address is harder to remember than a domain name, it’s still perfectly functional: http://72.3.135.24/ get you to Reason just as well as https://reason.com.

  23. @Warmongering Lunatic:

    Actually, that won’t work for most web hosting plans. Usually, a shared web hosting environment will have several sites sharing an IP. A web site with a unique IP is considerably more expensive.

    That said, there are plenty of places that sell third-level domain names, (so you could register foo.no-ip.org, for example) which will work perfectly fine. Regional domains usually don’t have working WHOIS servers, either; you’ll note you can’t do a whois on my domain scarborough.chicago.il.us.

  24. Oh, certainly, that it requires expensive hosting is another aspect of it being a sub-optimal solution.

Please to post comments

Comments are closed.