Are Domain Owners and Investors Getting the Shaft?

[clasione]

I'd like to get some opinions about what is going on in the domain marketplace as far as the Whois data, lists of domains owned, spammers, solicitations, and prying eyes. I consider my domains as investments, and sometimes personal information or if registered to one of my companies, a trade secret or business strategy which I wish to remain private. I also have two websites, one for each of my children which I do not wish for people to know about unless I tell them about them.

Private domain registration is sometimes the answer, but problems with it are growing and whois data is being scraped, collected, organized, archived similar to www.archive.org, and even sold to the public.

I spoke with a partner and friend today who is a stock broker and licensed securities advisor. He noted that he can not discuss another clients portfolio, as it is an invasion of privacy, and he could be sued, and/or loose his license. These inquiries must be handled by a special division of the U.S. Securities and Exchange Commission called the Office of Public Documents (http://www.sec.gov/about/whatwedo.shtml).

I think it's time for determined individuals to begin to step up and examine the entire Whois system, the Freedom of Information Act (http://www.usdoj.gov/oip/) and the Privacy Act (http://www.usdoj.gov/oip/privstat.htm).

I've always wanted to speak with my attorney on this, but it's slipped my mind each time I see him and seems like it would be a long drawn out mess of a case to tackle. What is everyone else doing with this? Where do you stand?

I'd rather not have to register all my domains privately, because I'm not a scammer or a crook and I always thought it appears you're hiding something when you do so, but what is everyone else doing about these things. What registrars are you using, and what protections do they offer if any? As the owner of hundreds of domains, this is becoming a serious issue that I would like to cover every base of our rights as domain owners and investors.

My biggest issues right now are the following:

1 - Archived incorrect domain ownership data
(Which leads to bozos bothering me with solicitations, phone calls,
and lawyers sniffing around for domains I don't own)

2 - "John Doe" owns 1200 Domains, Click here to buy the list for $89.95
(This seems a lot like, "John Doe" owns 50 shares of Berkshire,
click here to analyze his portfolio for $499 - Learn to trade like John!)

[tinner666]

I'm at a loss myself and can't afford a lawyer. I suppose we could get a petition of some sort together. I would sign it.

[exponent]

SIGN THE PETITION TO MAKE WHOIS DATA PRIVATE:

http://www.ipetitions.com/petition/whois

[Acro]

Just sue data miners.

[Focus]

it's a big time pain in the a$$ actually...and everyone is losing alot of money and domains as a result of this invasion of privacy

[jdk]

This is why registrar's offer private registrations. It is the same as looking up who owns certain corporations or LLC's and mailing them solicitations. Only being online they are able to create scripts to mine the data automatically instead of doing the actual digging themselves. I am not for it, and I would like to see something done about it. I am just not sure if there can be without doing private registrations.

[Luc]

Here is the thing. While I agree that there are some privacy issues here, I also think that if you don't have anything to hide, you shouldn't be worried.

If your portfolio is mostly TMs and you hate public whois because you know that some lawyer out there will be able to find one of your TMs and quickly identify you as a cyber squatter (due to other TMs being liked to the same email), then you're already breaking the law and have NOTHING to complain about. In fact, you should find something else to do because the typo squatters give the entire industry a bad name.

If you're not a typo squatter but don't want someone following your portfolio registration patterns, use privacy whois which many registrars offer free of charge now or just use an e-mail like you@thisdomains.com and forward all e-mails to a central e-mail address. Configuring this takes about 2 minutes and doesn't require server knowledge.

I personally like the archived whois feature, it comes in extremely handy when buying domains from owners (which from my experience, guarantees the best price and the smoothest transaction). If I want to buy some name, I'll do a whois on it to see if the owner is a known domainer or just some random guy. If it's a known domainer, I may make my offer, but probably not since the price might be too high. If it's a random guy I don't recognize, or someone who doesn't own many domains, I'll make my offer via e-mail and phone.

Classic example of a bad whois is the .co.uk whois records which store almost nothing. No e-mail, sometimes a phone, sometimes a physical address and no way to contact a person or make your offer.

Many registrars already began to unplug port 43 (whois port) and began to only offer whois lookup service on their sites, which require a captcha to protect against data mining. This is likely to follow (GoDaddy, and a few big registrars are already doing this) but my original point stands, those with nothing to hide shoudln't really have anything to worry about.

[mulligan]

I'd like to get some opinions about what is going on in the domain marketplace as far as the Whois data, lists of domains owned, spammers, solicitations, and prying eyes. I consider my domains as investments, and sometimes personal information or if registered to one of my companies, a trade secret or business strategy which I wish to remain private. I also have two websites, one for each of my children which I do not wish for people to know about unless I tell them about them.

Private domain registration is sometimes the answer, but problems with it are growing and whois data is being scraped, collected, organized, archived similar to www.archive.org, and even sold to the public.

I spoke with a partner and friend today who is a stock broker and licensed securities advisor. He noted that he can not discuss another clients portfolio, as it is an invasion of privacy, and he could be sued, and/or loose his license. These inquiries must be handled by a special division of the U.S. Securities and Exchange Commission called the Office of Public Documents (http://www.sec.gov/about/whatwedo.shtml).

I think it's time for determined individuals to begin to step up and examine the entire Whois system, the Freedom of Information Act (http://www.usdoj.gov/oip/) and the Privacy Act (http://www.usdoj.gov/oip/privstat.htm).

I've always wanted to speak with my attorney on this, but it's slipped my mind each time I see him and seems like it would be a long drawn out mess of a case to tackle. What is everyone else doing with this? Where do you stand?

I'd rather not have to register all my domains privately, because I'm not a scammer or a crook and I always thought it appears you're hiding something when you do so, but what is everyone else doing about these things. What registrars are you using, and what protections do they offer if any? As the owner of hundreds of domains, this is becoming a serious issue that I would like to cover every base of our rights as domain owners and investors.

My biggest issues right now are the following:

1 - Archived incorrect domain ownership data
(Which leads to bozos bothering me with solicitations, phone calls,
and lawyers sniffing around for domains I don't own)

2 - "John Doe" owns 1200 Domains, Click here to buy the list for $89.95
(This seems a lot like, "John Doe" owns 50 shares of Berkshire,
click here to analyze his portfolio for $499 - Learn to trade like John!)

These are the people you need to 'talk' to

http://www.icann.org/
Use the search bar ... ask them in 'person'

Otherwise all you will get is 'speculation' (and a high likelihood of not getting a direct answer to your question(s) .. even if you do 'talk' to ICANN)

[jdk]

I just set up a PO BOX and use a generic email address. This way if they send junk, which I get only a handful a month, it goes there and into the trash.

[acronym007]

While it would be great to have the option of protection without paying it is cheaper to pay a registrar for whois protection than to hire an attorney to tackle this issue. Collectively, domain owners are very powerful but we exist separately and that hurts our efforts as a body.

I think we will eventually see some changes when more people join the ICA and other organizations that will combine their efforts to force change rather than hope for it.

[friday]

Good on you Clasione. You identify the areas of the law where the data miners have crossed the line, specifically the right of publicity which is also known as publicity rights and is enacted in some form or another in most countries. This can only be resolved by a class action suit by registrants, nothing else. We need someone behind us like Kamber Edelson LLC. Jay Edelson set up Class Action Connect to bring together aggrieved complainants. He also was the attorney behind the register.com class action suit a few years back.

[sashas]

Here's the problem when you compare domains with stocks: all stocks are legal. You cannot hold a "TM" stock. But you can hold a TM domain.

Making all whois privacy would be unfair to a TM holder whose name is being squatted on. Tell me, if you were the owner of a growing website, wouldn't you want all the typo owners to be prosecuted? A private whois would only make it harder.

[friday]

Here's the problem when you compare domains with stocks: all stocks are legal. You cannot hold a "TM" stock. But you can hold a TM domain.

Making all whois privacy would be unfair to a TM holder whose name is being squatted on. Tell me, if you were the owner of a growing website, wouldn't you want all the typo owners to be prosecuted? A private whois would only make it harder.

Making whois private would make no difference whatsoever to TM holders, redress remains the same. Equally, government agencies, national police forces and courts would be unaffected by whois privacy.

[Bill Roy]

Europe has started to awaken to this problem, by accessing the data or even having the data transmitted to you is against the data protection laws, such information is already private. BUT, the problem as with all laws is getting the authorities to firstly enforce it and secondly for the courts to hand out meaningful punishments to those who breach the laws.

Of course there is another way that I can imagine some people might follow, and I would not suggest for one second that any body does it, but I can foresee people actually gathering data on the owners of sites who mine such information and publish the information on the web.

[sashas]

Making whois private would make no difference whatsoever to TM holders, redress remains the same. Equally, government agencies, national police forces and courts would be unaffected by whois privacy.

So you're saying that its OKAY for the government and the military to invade your privacy, but not the random domainer or your neighbor? This amounts to an erosion of the basic rights for individuals, and that government agencies are not palpable to the laws as stated in the constitution.

The right to privacy is universal, to be upheld by everyone, including the government.

[Dave Zan]

Making whois private would make no difference whatsoever to TM holders, redress remains the same. Equally, government agencies, national police forces and courts would be unaffected by whois privacy.

Heh, tell that to the law enforcement and IP lobby groups at ICANN.

[friday]

So you're saying that its OKAY for the government and the military to invade your privacy, but not the random domainer or your neighbor? This amounts to an erosion of the basic rights for individuals, and that government agencies are not palpable to the laws as stated in the constitution.

The right to privacy is universal, to be upheld by everyone, including the government.

Where oh where did I say anything about a government or military having a right to invade your privacy? You have deducted this out of thin air.

What I said was if whois privacy is implemented the status quo would hold for TM holders, Govt's etc. I never commented on the rights/wrongs of existing policy.

[sashas]

Equally, government agencies, national police forces and courts would be unaffected by whois privacy.

I think this amounts to the same.

[friday]

2 - "John Doe" owns 1200 Domains, Click here to buy the list for $89.95
(This seems a lot like, "John Doe" owns 50 shares of Berkshire,
click here to analyze his portfolio for $499 - Learn to trade like John!)

This is where your right of publicity laws are being violated the most. No where in a whois directory is the information published as to how many domains a registrant owns. This information is only being made available by data mining whois directories (often more than one) and generating and publishing "new data" from these reports. At no stage has the data miner ever received permission from the registrant to publish this new data.

Also, as been pointed out elsewhere on DNF, data mining and selling extrapolated data from whois is in contravention of ICANN's own regulations. We can assume that similar regulations may also apply to other registries. Their inaction to act on implementing their own regulations make cost them in the long term.

[katherine]

...
Many registrars already began to unplug port 43 (whois port) and began to only offer whois lookup service on their sites, which require a captcha to protect against data mining.
...

Isn't it a breach of the Icann't Registrar Accreditation Agreement precisely ?