ARIN-PPML Message

[arin-ppml] SWIPs & IPv6

> -----Original Message-----
> I'm not aiming at you, I'm aiming at the people who want to get
> rid of the whois database, and institute the same kind of
> butchery to it that the DNS registrars have permitted to domain name
> contacts (ie: so-called "privacy" listings that do nothing other than to
> allow criminals to hide themselves)

This is a typically unbalanced and exaggerated claim. There are legitimate privacy concerns regarding access to contact and address data, including shielding people from cyber-criminals and spammers, and there are legal issues regarding the display of that data when natural persons (i.e., not incorporated organizations) are involved. 

Revelation of the data shielded by these so-called privacy services is notoriously easy to obtain, basically you just have to ask for it, be a real entity and have some legitimate purpose. All of these constraints are absent, of course, from anonymous, web-based whois interfaces. The idea that people can abuse the internet (correct, of course) must always be balanced by the equally valid observation that people can and do abuse unrestricted access to sensitive data. 

The implication that only criminals use DNS privacy protection services is obviously false, unless you believe that about 30% of all domain name registrants are criminals and that the numerous reputable individuals I could cite, including newspaper reporters and small businesspeople, are also criminals.  

The expectation that WHOIS/SWIP issues can be discussed independently of data protection rules and norms is a fantasy. I know Ted is a lost cause on this issue and don't frankly care; but I hope the rest of this list is a bit more mature and not populated by people who think that their convenience as technical administrators trumps any and every human rights concern.

Beyond that, to avoid the practically useless kinds of ideological debates in which Ted revels, I'd propose restricting any further discussion of this to specific proposals and operational guidelines. You can't know whether there is a legitimate privacy and/or security issue unless we are discussing real proposals in real contexts. 

--MM