ARIN-PPML Message

[arin-ppml] SWIPs & IPv6

On Dec 3, 2009, at 10:37 AM, Milton L Mueller wrote:

>
>> -----Original Message-----
>> I'm not aiming at you, I'm aiming at the people who want to get
>> rid of the whois database, and institute the same kind of
>> butchery to it that the DNS registrars have permitted to domain name
>> contacts (ie: so-called "privacy" listings that do nothing other  
>> than to
>> allow criminals to hide themselves)
>
> This is a typically unbalanced and exaggerated claim. There are  
> legitimate privacy concerns regarding access to contact and address  
> data, including shielding people from cyber-criminals and spammers,  
> and there are legal issues regarding the display of that data when  
> natural persons (i.e., not incorporated organizations) are involved.
>
> Revelation of the data shielded by these so-called privacy services  
> is notoriously easy to obtain, basically you just have to ask for  
> it, be a real entity and have some legitimate purpose. All of these  
> constraints are absent, of course, from anonymous, web-based whois  
> interfaces. The idea that people can abuse the internet (correct, of  
> course) must always be balanced by the equally valid observation  
> that people can and do abuse unrestricted access to sensitive data.
>
> The implication that only criminals use DNS privacy protection  
> services is obviously false, unless you believe that about 30% of  
> all domain name registrants are criminals and that the numerous  
> reputable individuals I could cite, including newspaper reporters  
> and small businesspeople, are also criminals.
>
> The expectation that WHOIS/SWIP issues can be discussed  
> independently of data protection rules and norms is a fantasy. I  
> know Ted is a lost cause on this issue and don't frankly care; but I  
> hope the rest of this list is a bit more mature and not populated by  
> people who think that their convenience as technical administrators  
> trumps any and every human rights concern.
>
> Beyond that, to avoid the practically useless kinds of ideological  
> debates in which Ted revels, I'd propose restricting any further  
> discussion of this to specific proposals and operational guidelines.  
> You can't know whether there is a legitimate privacy and/or security  
> issue unless we are discussing real proposals in real contexts.
>
> --MM

Sigh. Is it really so hard to send a message to this list without  
accusing someone of ideological transgressions?

Since you've raised this issue yet again (c.f., June 10 ~ Aug. 31  
2009), perhaps now you'll be willing to share with us your view of the  
proper balance between "legitimate" privacy concerns and "convenience"  
of technical administration? Rephrasing the two queries that went  
unanswered last time:


1. Would you say that the proper balance between these two opposing  
goals is reflected in current DNS whois arrangements? Is that the kind  
of balance that you would advocate as a goal for protocol number- 
related registration data and its public presentation ala whois?

2. Are the "legitimate privacy concerns" of artificial persons (i.e.,  
corporations) different from the "legitimate privacy concerns" of  
natural persons? If so, how -- and how should the differences be  
reflected in rotocol number-related registration data and whois?

Thanks,

TV