WHOIS: Privacy in domain name registration [CIRA/ICANN] (2005)
WHOIS database: privacy in Domain Names (2005)
Domain name registrants must provide contact and other information to their domain name registrars for administrative and operational purposes. Most domain name registrars make this information public, via the "Whois" database. Anyone can find out who is behind a website by consulting this online database (operated separately by each top level domain name registry).
On January 12, 2005, CIPPIC filed comments in response to a consultation by the Canadian Internet Registration Authority (CIRA) on its policy of publishing contact information for domain name holders through the publicly available WHOIS database. CIPPIC strongly supports CIRA's proposal not to disclose contact information for individual registrants unless the registrant so requests. CIPPIC also supports CIRA's proposal to permit organizational registrants to request that their contact information not be published in WHOIS, but notes that the criteria for CIRA deciding upon such requests need to be specified.
ICANN has identified three problems with the Whois database: use by marketers, privacy invasions, and inaccurate data. Three ICANN task forces reported on these problems, and invited public comment on their preliminary recommendations by July 5, 2004. In its comments filed June 17, 2004, CIPPIC calls for greater privacy protection of personal information stored in domain name registry databases. CIPPIC's view is that the public benefits of a completely open WHOIS database (the current situation) are outweighed by the costs of this approach in terms of spam, privacy invasions, and an incentive for registrants to provide inaccurate data in order to protect their privacy.
In a letter dated Oct.23, 2003, CIPPIC joined over 50 consumer and civil liberties groups from around the world, calling on ICANN to limit the use of the WHOIS database to its original purpose (i.e., the resolution of technical network issues), and to ensure that personal data in the WHOIS database is subject to appropriate privacy protections.