Whois May Be Retired, Says ICANN
The Associated Press is reporting that ICANN may consider shutting down the Whois system, which lets Internet users search for domain name registration information, because of disagreements over how it works. Privacy advocates in favor of shutting down the database feel that individuals should not be forced to give out private information -- which is then potentially available to spammers or scam artists -- in order to register a domain name on the Internet. Those who want to keep the Whois database operational, feel that it is a valuable tool for doing business and making sure you know who you are dealing with.
As the AP writes, the Whois database has many uses, "Law-enforcement officials and Internet service providers use it to fight fraud and hacking. Lawyers depend on it to chase trademark and copyright violators. Journalists rely on it to reach Web site owners. And spammers mine it to send junk mailings for Web site hosting and other services." There have also been reports that some registrars use Whois search data to register domains that could be lucrative in the domain aftermarket, a practice the New York Times likens to insider trading.
Some proponents of the "sunset" plan that would end the Whois database, don't necessarily want it shut down. Ross Rader, an executive at Tucows who is the chief sponsor of the plan, has indicated that he only wants to force discussion on the issue. "What removing the status quo will do is force all of the actors to come together without the benefit of a status quo to fall back on and say, 'We are now all screwed. What will we do?'" Rader told the AP. "It will lead to better good-faith negotiations."
My opinion is that nixing the Whois database would be a mistake. There are certainly better ways to conceal contact information, or to keep spammers from scraping the information, but the database has a lot of practical applications and is very helpful to a large number of honest users. I often use it to track down information on web site owners for stories, or to verify information about a web site I may be considering doing business with, for example. Losing it would negatively impact a substantial number of people. "The sense of shock that would settle around certain people would be rapid and immediate," said Syracuse University professor Milton Mueller. I agree.
What do you think? Do the benefits of the Whois database outweigh the potential for abuse? Leave your thoughts in the comments below.
Share
Comments
Subscribe to comments for this post OR Subscribe to comments for all ReadWriteWeb posts
It's hard. There are pros and cons to making this data available: on one hand, sometimes anonymity is a good thing. On the other, enough fraud happens on the Internet to make whois useful, and it seems like a bad idea to make that information only available to a select few.
Just 2 weeks ago, I found a domain name of great interest for one of the major digital news site in France. The domain was already registered but not in use. Through whois, I learned that it had been registered long ago and thus may not have a purpose anymore. Whois also gave the contact information for the owner, who happened to leave in France too.
I passed on the information to the digital news portal looking for a new domain, and they were able to make a deal on the next day to get the domain transfered. That was all benefits for both the previous owner and the new one.
Another one? Back a few more weeks, I was able to spot with help from whois that a company that was posting curious ads to french users of FaceBook (promoting a software client for download) was owned by the same group as another company that had been caught distributing some kind of spyware. That's what I call information of interest.
No one would take the time to look for anything like this if any third-party or intermediary had to be involved.
No Whois would be a major loss. I swear, the things people will do out of fear of spam. You're never going to get rid of spam and it's not going to kill you. Privacy is certainly a valid concern, but if you've registered a chunk of the web - default exposing who you are makes sense to me.
I got slammed by trackback spam on my personal blog today, and does it make me want to shut off trackbacks? No! The web is a messy, chaotic place - hiding info to try to control communication online is messed up.
I wouldn't want it to go away. I regularly use this for many of the same reasons you do Josh. I am a website publisher and this information definitely comes in handy. In fact, I would love a way to view the history of a domain much like archive.org maintains the history of a website.
The .uk registrar has a good compromise system. If you register a domain as an individual, rather than as a business, you can display your name but conceal your home address under the "opt out".
It's important to have a system that tells you who owns a domain, but there are definitely privacy concerns around that.
A suggestion would be to make less of the data available for free - only the name and the e-mail-address. The complete address and contact data of the person should be behind a small pay-wall. Nothing that makes me a poor man if I want to check the owner of a domain, but enough to make mass-indexing of this information less lucrative. (Think of 50ct per domain, or so.)
This data should of course be available from just one central location, which should be a non-profit. (Is the ICANN a non-profit? I think so.) There's a problem with the fact that different registrars control the different domains, but that's something that can be solved...
I would like the Whois to evolve, not disappear. Make it harder for spammers to scrap personal information while allowing legitimate uses. Displaying only the name and the email address in case of individual buyers is a good idea, and so is coming up with a centralized database that shows the history of a domain name along with its current owner.
Making such a useful tool to disappear from the scene would be accepting defeat against spam!
I agree with the sentiments above. Whois has a place, but do all the contact details need to be totally exposed to the public? Surely name and email address (and potentially a phone number of choice) would be sufficient for most purposes, with further details like address available on request, particularly for personal domains?
Without WHOIS, a lot of advertising services would have to shut down. The CC fraud rate is on the brink of unmanageable, and losing the ability to check if the guy that just bought $10,000 in advertising with a US credit card is actually in Russia would push it over the edge. Same goes for web hosting.
I totally agree with you, Josh. I have several times used the database to track down copyright violators. I also belong to the Project WhoIs and use it often in researching the backgrounds of new clients. I will truly miss it if they close it down. :(