
ICANN's assault on personal and small business privacy - fieryscribe
https://blog.nearlyfreespeech.net/2015/06/27/icanns-assault-on-personal-and-small-business-privacy/
======
secfirstmd
As someone who works on a daily basis (www.secfirst.org) with human rights
defenders, this policy is ridiculous and potentially life threatening to many
people. Privacy around Whois etc should not be compromised for courageous
people who are running things like democracy activist websites in China etc.

~~~
wpietri
I agree, but the flipside for me is the various shitheels who use domain
privacy to avoid accountability for bad behavior. Spammers, squatters,
criminals, network abusers.

Is there some sort of middle ground where somebody like Amnesty International
is one of the domain privacy providers? And another is, say, the Society of
Professional Journalists? I would totally trust well-established organizations
like that to make reasonable decisions about when to keep information private.

~~~
eli
But wouldn't spammers and scammers simply use bogus WHOIS information anyway?

~~~
takeda
Yep, it's not like they care about having the domain a year later after they
already used it for spam and it is banned everywhere.

~~~
AnthonyMouse
Not only that, by the time the authorities catch up to the lawbreakers they'll
have seized the domain regardless of whether it has accurate whois data. You
can't threaten wrongdoers with something they're already subject to. The
penalty is only a penalty to innocent people.

------
ianlevesque
Its mostly a problem if someone decides to target you for harassment (i.e.
SWAT-ing). It is ridiculous to expect personal websites to reveal home
addresses to the world. WHOIS is definitely another one of those technologies
leftover from a more naive time in the internet's history.

~~~
Cthulhu_
That's just one example - your use of 'mostly' implies you don't actually know
any other examples. I've got another case; I know someone who has a stalker
that threatened to abduct her (and his biological) son. She's very cautious
about her privacy online, and things like Facebook's mandatory real-name usage
policy and now this are actively threatening her and her son's personal
security. She can't properly run her business because she can't use her real
name or address and has to go through a business address and - in this case -
a registrar hiding her personal details to stay reasonably safe.

~~~
belorn
Isn't that why government grants hidden identity or new identities? In Sweden,
the .SE rules regarding WHOIS explicitly provides an exception for people with
hidden identities. Everything regarding open government has to follow those
same rules, incuding also car registration, phone registrations and home owner
registration.

~~~
pjc50
This is very rare, though.

The UK company registration system has an address exception for directors that
was put in place for and used by one very specific company: Huntingdon Life
Sciences. They are a medical research company that were targeted by activists
with death threats, arson, and other acts of minor terrorism over a 15-year
period.

------
acabal
My first thought after reading the tl;dr was, "what do I do about it"? The
answer is at the end of the article: the working group is accepting comments
on the matter at a certain email address.

Our privacy online and off is already being deeply threatened on many other
fronts. If you think this proposal is bad for our privacy and bad for our
internet, please take a moment and email your thoughts to the working group.

I wonder if a decentralized type of DNS, like blockchain-based DNS, will ever
take off. If we even have an acceptable alternative right now, I suppose the
first meaningful step towards adoption would be baking support in to a major
browser.

~~~
raquo
Note:

1) Make sure to click on a link in the follow-up email they send you in order
for your comment to go through.

2) The contents of your email (though it seems not the email address itself)
will be made public, so if you don't want your real name in the open, don't
sign with it.

------
WireWrap
_Disclosure cannot be refused solely for lack of any of the following: (i) a
court order; (ii) a subpoena; (iii) a pending civil action; or (iv) a UDRP or
URS proceeding; nor can refusal to disclose be solely based on the fact that
the request is founded on alleged intellectual property infringement in
content on a website associated with the domain name._

That's incredibly bold.

------
TTPrograms
As much as I hate broaching the topic on HN, I'm really excited about the
potential for blockchain or other distributed consensus-based technologies to
disrupt the many centralized authorities that are currently so critical to
operation of the internet. Namecoin, for example, is really interesting for
this reason.

~~~
Animats
Amusingly, NearlyFreeSpeech.net, which is a hosting provider run by
libertarians, does not allow their customers to be anonymous to them. (Except
by very special arrangement for people facing serious threats in non-US
countries.) [1] They accept payment in Bitcoin, so, technically, they could
offer a fully anonymous service.

So they want to prohibit anonymity when it might hurt them, but allow it when
it might hurt the customers of their hosting clients.

[1]
[https://www.nearlyfreespeech.net/about/faq#Anonymous](https://www.nearlyfreespeech.net/about/faq#Anonymous)

~~~
icebraining
Why do you say they are libertarian? Or do you mean libertarian in the strict
sense of supporting free speech?

I think requiring real names from their clients but opposing it for _publicly
accessible_ WHOIS records is perfectly consistent with their views:

 _Since we started back in 2002, one of the things that 's repeatedly been
made clear to us is that governments aren't the biggest threat to free speech.
They certainly bear watching and perpetual wariness, but they're just not the
source of the everyday threats to our members' ability to express themselves._

 _The most common threats come from corporations and the pressure they can
bring. Not a week goes by that we don 't hear from some cheap lawyer about how
mad some company is that some website said something that they don't like and
what horrible things they're going to do to us if we don't hop to and do their
bidding._

If the WHOIS records were only viewable by the courts, or at least ICANN, your
implication of hypocrisy would carry some weight, but they're viewable by
everyone, and that makes it a much larger threat.

~~~
Animats
_" Why do you say they are libertarian?"_

They themselves say they are libertarian.[1]

[1]
[https://www.nearlyfreespeech.net/about/faq#Normal](https://www.nearlyfreespeech.net/about/faq#Normal)

~~~
asymmetric
Actually, what they claim to have is a

" _libertarian attitude toward personal responsibility_ "

Not exactly the same thing.

------
kijin
NameCheap sent out an email about the same ICANN proposal a few days ago.
Unfortunately, the NameCheap email focused almost exclusively on the lack of
privacy for businesses. It merely glossed over the more important issues, such
as ambiguity about what counts as a a business, as well as the requirement
that privacy services disclose their customer's identities to anyone who asks.

This is bad. Very bad. The NameCheap email probably gave a lot of people the
wrong first impression about what ICANN's proposal really means. Seriously, it
sounded like they were just complaining about their bottom line. And since a
lot more people use NameCheap than NearlyFreeSpeech, not many people are going
to read the more thorough analysis and urgent call to action that the
NearlyFreeSpeech article contains.

If anyone around you has read the NameCheap email, please tell them to forget
about it. Tell them to read this article instead.

~~~
jpmoral
I read that email, here's an excerpt:

>"Commercial activity" casts a wide net, which means a vast number of domain
holders will be affected. Your privacy provider could be forced to publish
your contact data in WHOIS or give it out to anyone who complains about your
website, without due process. Why should a small business owner have to
publicize her home address just to have a website?

>We think your privacy should be protected, regardless of whether your website
is personal or commercial, and your confidential info should not be revealed
without due process.

I can't say that it "glosses over what counts as a business" or the
requirement to disclose customer identities.

Sure, their bottom line is at stake, but it didn't feel to me that that's all
this is about.

~~~
kijin
The paragraph you quoted begins with:

> Under new guidelines proposed by MarkMonitor and other organizations who
> represent the same industries that backed SOPA, domain holders with sites
> associated to "commercial activity" will no longer be able to protect their
> private information with WHOIS protection services.

Maybe it's just me, but this gives the impression that the remainder of the
paragraph only applies to sites associated with commercial activity. This
impression is reinforced by the last sentence, which again focuses only on
commercial activity.

The email does mention "without due process", but that's pretty vague. The
landing page of their petition site is slightly more informative, as it says:

> Let ICANN know that you object to any release of personal information
> without a court order.

But even this is misleading. The issue is NOT that ICANN will release your
information without a court order. The issue is that _ICANN wants to force
third parties to have weak privacy policies_. Now that sounds ridiculous,
which it should, because it is indeed a ridiculous demand.

------
geographomics
Could this be worked around by using a pseudonym, registering a PO Box
address, and using the number from a pay-as-you-go SIM card? Not false
information as such, but not particularly revealing either.

Alternatively, one could enter information that looks plausibly valid but is
in fact completely invented. How often does one receive articles in the mail
or phone calls to the whois contact points anyway? As far as I've experienced,
any communication is to the email address. I suppose it depends what the
penalties are if you're somehow found out.

~~~
raquo
> Could this be worked around by using a pseudonym, registering a PO Box
> address, and using the number from a pay-as-you-go SIM card? Not false
> information as such, but not particularly revealing either.

No. They will require PO box providers to be accredited with ICANN and subject
to all these crazy rules, giving you no privacy.

> Alternatively, one could enter information that looks plausibly valid but is
> in fact completely invented.

This is exactly what all the real crooks will do, but you and me will not be
able to, because we don't want to lose our domains.

~~~
techsupporter
> No. They will require PO box providers to be accredited with ICANN and
> subject to all these crazy rules, giving you no privacy.

Well, I'd be very interested to see how ICANN could get post offices, like the
United States Postal Service or Royal Mail, to go along with submitting to
ICANN accreditation. That aside, data on people who own USPS-provided post
office boxes and boxes held at commercial mail receiving agencies (CMRAs, like
the UPS Store, and so on) can be obtained from the USPS, per 39 CFR
265.6(d)(5)(i) through (iii):

(i) To a federal, state or local government agency upon prior written
certification that the information is required for the performance of its
duties.

(ii) To a person empowered by law to serve legal process, or the attorney for
a party in whose behalf service will be made, or a party who is acting pro se,
upon receipt of written information that specifically includes all of the
following: (a bunch of things)

(iii) In compliance with a subpoena or court order, except that change of
address or boxholder information which is not otherwise subject to disclosure
under these regulations may be disclosed only pursuant to a court order.

[https://www.law.cornell.edu/cfr/text/39/265.6](https://www.law.cornell.edu/cfr/text/39/265.6)

~~~
raquo
Well USPS being unaccredited will obviously be the domain "owner"s' problem,
not ICANN's.

------
dkbrk
There seems to be yet another threat to our collective privacy every month or
so. Normally, I sit firmly on the side of an individual's right to privacy,
but in this case, I think ICANN have a legitimate point even if they're being
quite heavy handed about it.

WHOIS is an extraordinarily valuable protocol with a heritage dating back to
the ARPANET days. As an example, for quite a while we've had this ideal of the
semantic web we're trying to move towards, but in practice each website is its
own special snowflake with more concern given to legacy rendering in Internet
Explorer than making sure that contact information is easily findable and
semantic. But it's mostly okay, because if I _really_ need to contact someone
there's this almost 40-year-old protocol which gives me unfettered access to
information such as a technical contact email and an address.

Many registrars don't seem to pay much attention to the quality of their WHOIS
records and most people or businesses probably don't give it a second thought
or check the records after registering a new domain. But they should; and I
applaud ICANN for their efforts to uphold the quality and integrity of WHOIS.

That said, the right to freedom of speech implies that one should have the
ability to disseminate ideas with complete anonymity. ICANN's proposal would
completely undermine this, which is unacceptable.

I think there is space for a middle ground, where ICANN can ensure that the
WHOIS records aren't what amounts to a blantant lie in the case of anonymous
registrations (i.e the registrar providing their _own_ details as the contact
information). The current situation is pretty bad: if I want to contact the
owner of such a domain, all I can reasonably expect is for any email sent to
be blackholed by the registrar. I'm not talking about attempting to
deanonymise the owner of such a domain, merely the idea that a domain is a
named endpoint with an owner who is contactable through freely available
means.

Imagine if ICANN created a new class of domains where it was made _explicit_
in the WHOIS that the owner wished to remain anonymous, but nonetheless
provided accurate information such as a pseudonym and a means of contact
without violating their privacy. This means of communication could be some
form of email hosted by a trusted third party, or potentially something more
esoteric such as a GPG-encrypted message embedded in the bitcoin blockchain.

This would preserve the correctness and utility of the WHOIS database while
respecting the rights I believe ICANN have a responsibility to uphold.

~~~
tomjen3
There won't be much semantic web left in anybody who is posting interesting
things are too afraid to talk about them.

Also under your system I could still blackhole the email or just let it go
straight to gmails archive.

You may need to contact me, but that doesn't mean I give a rats ass about what
you have to say - frequently not being able to be contacted is more valuable
than being able to be contacted (for one thing if you can't contact me you
can't threaten me with a lawsuit if I don't remove some content that you
object to) and anyway my blog accepts comments.

------
kijin
I'm curious how this policy will affect ccTLDs where the registry already has
a policy of not publishing whois information.

For example, individual owners of Canadian .ca domains can have their contact
info hidden, whereas corporations can't. Similar policies are in effect in a
number of other countries, as well as .eu.

Will these countries need to change their policies so that individuals who
have ads on their blogs will have their contact info exposed? Will they have
to change the way they respond to requests for disclosure?

Or does the ICANN policy only apply to gTLDs?

~~~
realityking
I don't know the specific of this proposal, but generally ICANN policies only
apply in very limited ways to ccTLDs. That makes them an incredible headache
for registrars as they all of their own special rules and regulations and many
don't even use EPP.

~~~
talideon
Even gTLD operators are special little snowflakes in their own way: if the EPP
RFCs and ICANN regs give them any leeway to do something silly, they'll do it.
Some of them, such as Neustar, don't even bother responding with correct
greeting documents.

Dealing with registries, be they ccTLD or gTLD registries, is just a massive
pain in the ass.

------
alfiedotwtf
I'm going to start my own root zone, with .blackjack and .hookers TLDs

------
talideon
[Disclosure: I work for a domain registrar based in the EU, and I implemented
pretty much 95% of the company's infrastructure as far as us acting as a
registrar goes.]

I think there are some major misunderstandings around what ICANN are doing
with WHOIS privacy.

ICANN have pretty much _always_ required that registrants provide registrars
with accurate contact information. ICANN required that registrars periodically
escrow this data with an escrow provider (Iron Mountain, usually, though there
are now more).

When you use registrar-provided WHOIS privacy, the registrar is still able to
escrow the _correct_ contact information. This is not the case with third-
party WHOIS privacy providers. The difference now is that, due to the demands
of law enforcement agencies, they're now _requiring_ that information be
validated and verified.

Third-party WHOIS privacy services always existed in a legal grey area,
whereas registrar-provided WHOIS privacy did not. Even before the 2013 RAA
came in, you were risking having your domain being taken from you by using a
third-party provider and providing their contact information to your registrar
as it meant that the registrar had inaccurate contact information and thus
could not provide accurate information to the escrow provider.

Before the LEAs got all antsy about this, the WDRP emails you get from your
registrar, giving you a list of domains and their WHOIS data and a warning of
the consequences of providing inaccurate data, were the most ICANN required in
practice. It was an honour system, and the requirement to provide accurate
data - _which has always been a requirement_ \- wasn't actively enforced. All
that's changing now is that ICANN are actively enforcing a part of the
registrant contact they previously had been laissez-faire regarding.

The requirement on third-party WHOIS privacy providers is to normalise their
situation so that they have the same requirements to record information
correctly and escrow it that domain registrars already have had to do for
_ages_. And it's not that onerous a requirement: actually implementing an EPP
client is orders of magnitude more difficult that writing the code needed to
do data escrow: [https://www.icann.org/en/system/files/files/rde-
specs-09nov0...](https://www.icann.org/en/system/files/files/rde-
specs-09nov07-en.pdf) \- you can implement that in an afternoon. The
accreditation process for a WHOIS privacy provider is nowhere near as horrible
as it's being made out to be. All you need to do is show that you can
accurately escrow data.

Everybody's so late to the party on this one. The registrar constituency in
ICANN fought pretty hard against this. If you think what ICANN are requiring
now is bad, the LEAs were demanding much crazier stuff during the
negotiations. If you're an EU citizen or using an EU registrar, you're even
better off, as EU data protection law meant that some of the requirements of
the RAA were illegal in the EU, so EU-based registrars are able to get an opt-
out of certain requirements of the RAA. We still do have to validate, verify,
and escrow contact details associated with domains we manage, however.

~~~
WireWrap
_All that 's changing now is that ICANN are actively enforcing a part of the
registrant contact they previously had been laissez-faire regarding._

All that will be changing on the data collection, verification, and escrow
front, you mean? That isn't an aspect that people seem focused on at the
moment. Almost everyone is focused on REVEALS and what processes will become
mandatory.

Have anything to say about that and/or RELAYS?

~~~
talideon
'Relays' isn't a big deal. In fact, it was already a requirement for
registrars to deal with registrants in the first place. After all, registrars
were required to send out WDRP notices and potentially schedule a domain for
deletion if those emails bounced. Moreover, registrars required valid email
addresses so that domain transfers could take place and, also, so that people
could be billed.

'Relays' requires that email forwarding works on the provider's side when
WHOIS privacy is in place. There are other complicating factors that can cause
issues here, such as SPF records for the domain that don't mention the
forwarding mailserver, but that's really it.

'Reveal' is a consequence of the situation with third-party WHOIS privacy
services being normalised. Up until now, you were effectively in breach of
your contract with ICANN as a registrant if you used a third-party WHOIS
privacy/proxy service because the _registrar_ had invalid contact details for
the registrant.

'Reveal' does _not_ mean that just anybody will be able to ask or demand that
the provider disclose the contact details behind a private registration. Most
registrars have LEA liaisons who they use to validate that a request from a
law-enforcement agency is genuine. If we get a legal demand disclose to
disclose details, that goes straight to our solicitors, and we would only
reveal them if there's a genuine legal reason for doing so. Any other requests
are invalid and, at least here in the EU, giving out the contact details of a
proxy registration would be against data protection law. So no, the argument
that this would be a conduit for doxxing isn't a valid one. The exact baseline
requirements for the reveal process haven't been locked down yet, but they
will likely be similar to what I've outlined.

You see, both of these processes are already mandatory based on other parts of
the registrar-registrant relationship and existing legal requirements. The
_difference_ is that it wasn't explicitly formalised and non-registrar WHOIS
privacy was a massive grey area.

If you think this is bad, just be happy that you don't live in Germany,
Switzerland, or Austria:
[https://en.wikipedia.org/wiki/Impressum](https://en.wikipedia.org/wiki/Impressum)

~~~
WireWrap
I'm generally supportive of privacy providers being required to forward
important communication to the registrant. I hope the finalized requirements
will be sensible, and I hope there will be no attempts to equate contacting
the privacy provider with having given registrants sufficient legal notice.

I, like most of people, live outside the EU and lack experience with EU
privacy protection laws. So it is difficult to evaluate your optimism.

Here in the USA, for example, we'd be concerned about not only LEA requests
but also requests by individuals and corporations. We just don't have privacy
laws that are sufficient to protect against inappropriate disclosures to such
parties.

Here, and in many other places I suspect, the best case would be privacy
providers voluntarily adhering to a standard where they refuse to disclose
registrant information to any party unless compelled to do so by law. If
language like "Disclosure cannot be refused solely for lack of any of the
following: (i) a court order; (ii) a subpoena;" remains in the final cut,
privacy providers won't be able to do this and remain accredited.

------
z3t4
Just register the domain with a bogus name that sounds real. I don't think the
domain provider will care as long as the bill gets paid.

I do not however like that companies can be totally anonymous on the Internet.
It's not like the average person checks out the people behind a company before
they buy some commodity from them. I do however whois a domain if I'm
suspicious and a common thing is that most use anonymous registrars. Even
serious companies use anonymous registrars now a days, witch is weird, or
maybe I'm the only one who thinks it's important to know who the people behind
a company are before you do business with them.

~~~
kuschku
Well, where I live, if the domain ever runs out, or you want to transfer it,
they’ll send a letter to the name and address you gave with a code. This is to
prevent shady registrars from taking your domain away from you, but it also
means the registry knows your address.

Luckily, the organization that administrates .de domains has 4 types of
contact data: zone-C, the person managing the whole DNS zone, Tech-C, the
person managing the servers of the specific domain, Admin-C, the person
practically owning the domain, and OWNER, the person who gets the letters.
Only Tech-C and Zone-C are available through WHOIS.

------
zekevermillion
In the US it is already relatively easy to compel disclosure of an anonymous
registrant. It is also easy to use false ID on registration, and I'm sure will
remain so even if higher verification standards are implemented. Ultimately if
you want to find someone who is careful, you have to get to their ISP or
correlate their activity with other accounts.

------
kudu
I have a more general question: why is ICANN such a piece of shit, and is
there any way that can ever change?

------
jayess
I honestly don't understand why people don't just use a fake address then.
I've never gotten anything other than spam mail when using a real address on a
domain registration. It's not like ICANN can in any way verify addresses.

~~~
yc1010
You are quite likely to lose the domain then if there is a complaint about
false data.

~~~
jayess
Are there any examples of this actually happening?

------
fweespeech
Folks, if this actually happens, is there anything technically preventing us
from all just renting PO boxes and using those?

Iirc, that is a perfectly legitimate option and relatively cheap for those of
us with numerous domains.

------
jakeogh
Headline: ICANN jeopardises the DNS from which they derive relevance.

/>10yr NFSN client

------
jakobegger
In my country, every business is required by law to provide detailed contact
information and registration numbers on their website. It baffles me whenever
I see one of those US startup websites with no contact info, not even an
address or a PO box, and still they expect their customers to provide detailed
billing info and share private data.

How can I trust a business when it hides behind an anonymous registrar? If
something goes wrong with my order, I'd have no way to even determine who is
behind the company.

Of course, the free speach argument is mostly irelevant. There are plenty of
ways to share anonymously either on other people's domains, on TOR, or using
just IP addresses. If my privacy was important, I wouldn't rely on Godaddy to
protect it.

~~~
RexRollman
You are acting like only businesses register domain names.

------
raquo
I'm honestly so tired of crap like this. My hopes of living in a reasonable
society are being crushed every single day. Things should be improving as time
goes on, not going downhill. Ugh.

~~~
marincounty
"The more laws, the less justice" Marcus Tullius Cicero

"The more laws that governments pass, the less individual freedom there is.
Any student of history will tell you that. Totalitarian countries ban pretty
much everything.

Bill O'Reilly (He couldn't be the first one to coin this?)

~~~
mahouse
Interesting you mention those quotes, taking into account this problem is due
to the government externalising some critical infrastructure.

~~~
icebraining
I think this is a naive view of the situation. The authority still belongs to
the US Department of Commerce -ICANN just has a contract, which incidentally
expires this year- and multiple governmental organizations have publicly
argued that fake WHOIS records impede their regular activities.

The apparent externalization is great for shifting blame, though.

------
Animats
I'm in favor of "outright banning the use of (WHOIS) privacy services for any
domain for which any site in that domain involves e-commerce." In California
and in the European Union, attempting to conceal the identity of the business
behind an e-commerce site is a criminal offense.

Individuals have privacy rights. Businesses do not. The EU is very clear on
this. The European Privacy Directive covers individual privacy. The European
Directive on Electronic Commerce covers business privacy online. They're very
different.

~~~
raquo
That depends on the definition of "e-commerce", you know. LLCs required to
identify themselves – fine.

But an author selling an e-book or a lone developer earning a side income from
ads should not be required to publish their home address and cell phone
numbers. This is ridiculous.

Somehow I doubt that the definition will be a reasonable one, given everything
else in the article.

~~~
Pyxl101
They are not being required to publish their home address or phone number.
Businesses are being required to publish their business address. If you're
engaged in trade as a business, this is a reasonable requirement. (Otherwise,
how do your trading partners reach you if they need to for legal reasons or
any other legitimate reason?)

At the same time, it should be perfectly reasonable for a business to hire a
registered agent and supply their contact information. The point is that the
business be reachable.

~~~
raquo
You seem to be talking about registered businesses, while ICANN is targeting
_all_ commercial activity, which is much wider.

Why should I be required to publish my home address just because I run ads on
my website? If I sell ebooks and someone wants to dispute their purchase
they're free to do a chargeback on their card if I run off with their money.

Whatever stupid requirements ICANN introduces, the real scammers will easily
bypass them while legitimate sellers will be robbed of their privacy.

------
gcb0
that is already the case for people that don't have means to pay anonymously
this premium privacy registrars. i.e. almost everyone.

but icann never checked anything anyway. you can register a domain as bill
gates right now if you wanted.

the problem is always payments.

------
fapjacks
What a bullshit power grab.

------
tomjen3
Awesome, now we can dox icanns board members and their families.

------
SFjulie1
And how do you contact a NOC without whois database to:

\- contact a sysadmin who is creating BGP instabilities? \- contact a domain
with an openrelay? \- contact the webadmin that is hacked? \- contact
technician when programs are creating infinite loops by ping ponging bogus
messages? ... (see this link as a "story from the trenches: why whois contacts
are important": [https://archive.icann.org/en/comments-
mail/01apr99-30apr99/m...](https://archive.icann.org/en/comments-
mail/01apr99-30apr99/msg00085.html))

How do you check an operator has really the use of the IPv4/v6/AS BGP...
resources if you cannot find the contact and correlate with the RIR who
allocated?

How do you check a set of IP address given to be routed in Europe (for
defragmentation purpose of the BGP stream) is indeed routed in Europe without
whois?

You know all network protocols are far from perfects and don't always detect
"infinite loops" and whois database really needs to exists.

If you had to deal with serious scale sys/net admin you know why this article
is as stupid as "having a national ID is a privacy violation and I don't want
alien on my territory".

Internet cannot work without all sysadmins communicating together by the means
of the contacts given in whois database. Or nanog for the big one in america.

~~~
finnn
You are talking about whois information for IPs and ASs. This is not about
that (based on my brief skimming of it - I'm not sure how I feel about IPs and
ASs having their identities obscured). This is about domain whois privacy.

