EFF has joined 46 organizations and 105 individuals to oppose a new domain registration proposal in front of the Internet Corporation for Assignment of Names and Numbers (ICANN). From Academy Award-winning documentary film director Laura Poitras to the National Council of Women's Organizations to Chayn, an organization that works to combat domestic violence in Pakistan, the vast array of organizations and individuals signed on to this letter reflects just how misguided this proposal is. We hope ICANN will reject the flawed proposal, which comes from a smaller ICANN Working Group, especially in light of this unified opposition.
ICANN is the nonprofit corporation that oversees the global domain name system, and it sets the policies that govern domain name registrar companies. Every domain name has an entry in the public WHOIS database that anyone can view, and it includes, at the least, a name, mailing address, and phone number.
Domain registrants have long been able to use domain privacy services, sometimes called proxy registration. When using a privacy service, the service’s own contact information appears in the WHOIS database instead of the domain owner’s. The Working Group’s new proposal would require privacy services to turn over the domain registrant’s private contact information or even list that information in the public database, based on a mere accusation of copyright or trademark infringement—no court order required.
Even worse, a few members of the Working Group would like ICANN to ban privacy services entirely for websites that are used for a “commercial purpose”—which is broadly defined and includes “handling online financial transactions for commercial purpose.”
As the coalition letter points out, this proposal threatens a wide range of people who have good reason to want to keep their information private:
- women indie game developers who sell products through their own online stores
- freelance journalists and authors who market their work online
- small business owners who run stores or businesses from their homes
- activists who take donations to fund their work, especially those living under totalitarian regimes
- people who share personal stories online to crowdfund medical procedures
Even without the ban on privacy for “commercial” websites, the proposal creates serious privacy problems for website owners. Accusations of copyright and trademark infringement are easy to make and easy to abuse, and the working group proposal doesn’t impose any consequences for false or abusive accusations.
The danger posed by having a home address made public is serious:
"Doxing" is the malicious practice of obtaining someone's personal information (e.g. home address, phone number, etc) and making that information more readily and widely available. Doxing makes possible a wide range of crowdsourced harassment and intimidation, which includes everything from unwanted pizza deliveries to unrelenting barrages of rape and death threats.
And as Katherine Cross, a sociologist specializing in research on online harassment and gender in virtual worlds points out, “A WHOIS search is by no means the only way to dox someone, but we should be making it harder to acquire such information, not greasing the skids… Would-be doxers don’t need help from the Internet’s custodians.”
She’s absolutely right. Doxing and other forms of harassment that involve the use of someone’s home address can be profoundly damaging to the free speech and privacy rights of the people targeted—and these types of harassment are frequently used to intimidate and silence the most marginalized groups. Privacy isn’t a philosophical question. For some, it's a matter of access to the Internet, especially for those who need it most. That’s often women, minorities, and people with unpopular political views.
That’s why we’re excited to have such a broad coalition signed on to this letter. Digital rights groups like Fight for the Future and EFF have signed on alongside a plethora of anti-domestic violence advocacy and women’s rights organizations from around the world. Celebrities like Chris Kluwe, Ashley Judd and Amanda Palmer have joined voices with Internet luminaries like Richard Stallman, president of the Free Software Foundation, and Harvard Professor Jonathan Zittrain. The signatories also include the Tor Project and Wickr, recognizing that real security and anonymity would be impossible for many should this proposal become policy.
Who does support this proposal? Certainly not everyone in ICANN, or even most of the Working Group. The Noncommercial Stakeholders Group, which is part of the Working Group, is fighting to keep strong privacy protections in the policy. And most of the Working Group opposes the idea of treating “commercial” domains differently. The Working Group’s report notes:
The WG agrees that the status of a registrant as a commercial organization, non-commercial organization, or individual should not be the driving factor in whether [privacy and proxy] services are available to the registrant. Fundamentally, P/P services should remain available to registrants irrespective of their status as commercial or non-commercial organizations or as individuals.
We agree. No special treatment of "commercial" domains is warranted. The Working Group should stay the course on rejecting that distinction.
In fact, as we’ve already pointed out, this proposal seems to be almost exclusively supported by the entertainment industry and major commercial brands, who say that they need to be able to discover the identities of website owners on request, without a court order, in order to enforce their trademarks and copyrights.
This isn’t necessary. Copyright and trademark infringement can be investigated using existing legal processes, like subpoenas, under a court’s supervision. While court oversight isn’t a perfect system in any country, it generally provides for notice to those whose privacy is threatened, a way for them to challenge a loss of privacy, and avenues of appeal. The working group proposal would give entertainment companies and commercial brands a cheaper and potentially faster way to get the identities of website owners, but those entities already have ample tools that are less prone to abuse.
You can read the whole letter and see the signatories here. ICANN hasn’t made any decision on this proposal yet, so it’s important that they hear from lots of different people and organizations who may be affected. That’s why we’re proud to join this coalition letter, and that’s why you should submit your own comments to ICANN today, the last day of the public comment period. You can make yourself heard by signing the petition at https://www.savedomainprivacy.org/. With your help, the proposal to create barriers to privacy, or even ban it altogether for some websites, won’t advance any further.
Ultimately, whether ICANN adopts this proposal comes down to a very simple question: what does ICANN care about more? The safety and security of vulnerable Internet users, or a little expediency for corporate trademark and copyright holders?