ICANN Files Legal Action in Germany to Preserve WHOIS Data

I respect ICANN for the most part but the publicity of WHOIS data is seriously awful. On one of my new domains, I made the mistake of forgetting to turn on WHOIS privacy. A couple days later I finally realized that I'd forgotten, after wondering why I was suddenly getting so many spam calls and emails. Two years later, I still occasionally get the spam... Every time I'm woken up by a robocall telling me about a $10000 business loan I die a little inside.

The idea of having to post my full name, phone number and address publicly on the Internet is absurd. It is dangerous and doesn't actually serve any purpose (especially when WhoisGuard exists). But, like many things related to ICANN (think domain parking), it is just another way to squeeze money out of us. I have no doubt that the people selling "WHOIS anonymization" have a lot of pull in the ICANN. The GDPR is a great excuse for this. We need more registars and registries to start resisting - they can't sue everyone.

WHOIS data is worthless nowadays. A lot of people host content on Wordpress, Github, Medium, etc. where the WHOIS data doesn&#x27;t tell who is actually responsible, and the shady sites are using services to hide the true WHOIS data anyways.<p>Edit: There seems to be a misconception (or a lack of reading comprehension). Hiding is not shady, but shady sites hide WHOIS information always. So it&#x27;s eventually useless for the one thing it should do: give information about the owner in case of unlawful content.

The registrars already ruined any transparency, that WHOIS was supposed to offer by offering &quot;WHOIS protection&quot; services.<p>So those who couldn&#x27;t afford WHOIS privacy addons, now get them for free. All good in my book.

It&#x27;s a hard balance.<p>On the one hand public resources (like domain names - or plots of land) have traditionally always been publicly recorded.<p>But spammers have made that unpleasant.<p>Does the GDPR apply to records documenting the owner of a house in England? It&#x27;s not really all that different with domain names.

Personally I think this data should be private. There should be some type of pass through so that A domain name owner doesn’t have to worry about their personal information being connected with the domain. We know it’s possible because of the proxy services, that should just become standard.

2things. 1, Spam that contains my Whois data is very much more concerning, especially if it looks like a legitimate service I may already be using. 2, if a company collects my Whois data, and justifies monetising it to me or you, especially under the guise of ‘its for my&#x2F;your security’, and I am not financially compensated for it, or I am unaware of it, or unable to change the terms and conditions of access&#x2F;usage of it, then I consider it stolen.

And I don&#x27;t want my home address, phone number, email, name or the name of my company on there.

ICANN are desperate for this to keep the copyrighters and DMCA people happy. They had years for this and did nothing. We absolutely need to diversify from ICANN.

Imho whois private data should have one mandatory field: holder&#x2F;owner. It details who controls the domain, be it a individual, an association, a company, and so on. There is no need for phone numbers of emails there (unless the controller wants to add that).<p>This is how it works with .fi domains and I find it perfect. You can still get enough data that should you really wish you can contact the owner but you can&#x27;t really automize it.

&gt; If EPAG&#x27;s actions stand, those with legitimate purposes, including security-related purposes, law enforcement, intellectual property rights holders, and other legitimate users of that information may no longer be able to access full WHOIS records.<p>Aren&#x27;t most registrations private now? Such as &quot;1&amp;1 Internet, Inc.&quot;, &quot;Whois Privacy Corp., and &quot;Whoisguard&quot;.

I think there is a simple solution, make the VHOIS data private and the hosting would have to provide this 1 a form that would allow you to send an email to the domain owner without revealing the email 2 a form for requesting name and phone number but with restrictions, if you request the data you must have an account so measures to prevent abuse would be implemented, you must have a reason and domain owner should have the option not to allow the information to be made available.<p>Since there are already services to protect your identity why not make them default by law, what is ICANN losing by this? or is pressure from the companies that want to sell the &quot;private mode&quot; ?

If the official purpose is to be able to reach out to people the domain belongs to, it is a stupid design.<p>I have a car. When police wants to know who the car belongs to they ask the registrar for the match between the number and my name.<p>I live in France and only French police can check that. If US police need this info, they will contact the French police.<p>I have a .fr domain. It should be managed by a French entity, which would hold my contact data and reveal them to the autorities.<p>ICANN would like to have this authority everywhere in the world, no surprise that prior put bogus data.

For anyone who this might help, Namesilo is a registrar that gives everyone whois protection by default, at no extra cost. That&#x27;s especially great since they&#x27;re already pretty much the lowest cost registrar around. I feel like in a way they&#x27;re the Let&#x27;s Encrypt of the registrar world.<p>Their website looks like it&#x27;s from the 90s, and I don&#x27;t really like it, but I like everything else about them.

This makes me wonder when we&#x27;ll see a viable alternative to ICANN and the current DNS system for domains in general. Maybe the answer is to remove control from companies and similar organisations and set up a more decentralised system that requires simply running a Let&#x27;s Encrypt style process to register and maintain a domain name.<p>Do that, and consign this whole system to the dustbin of history.

I do not really understand what they may need except for login and password in order to sell me a domain name.<p>Would be really cool if I could buy a domain without providing all my real life details. That is really disturbing.

Looking at this release, it looks like they are simply requiring Namesilo to keep <i>collecting</i> the data. I see no mention of it being required for a public WHOIS.