WHOIS stalking me?

Dreamhost, my website hosting company of choice, posted about a debate ICANN is having on WHOIS accuracy. I'm glad they did, since I never would have noticed that in Section 1.3.3 of their Initial Report, they ask for comment on:

“domains used for online financial transactions for commercial purpose
should be ineligible for privacy and proxy registrations.”

This phrase says that, if a domain is used for commercial purpose, the WHOIS info must have your address, not the address of a proxy.

What is WHOIS

When you register a domain, you have to give a full, valid address. This goes into the WHOIS database, which is publicly accessible. Anyone with an internet connection and 1 second to spare can look up that address.

Luckily, for privacy reasons, you are allowed to put in a proxy, so horsefire.com's WHOIS info has Dreamhost's address, not mine.

  • If someone needs to get ahold of me, they can. Any mail that Dreamhost gets on my proxy address will be forwarded to me.
  • If someone has a legitimate need for my address, they can get it. We have courts to determine legitimacy, and they can produce a court order compelling Dreamhost to disclose my address.

So I'm not "getting away" with anything, since anyone can still contact me. What I'm protected against, is some jerk who didn't like my blog post looking up my address and coming to my house to attack me.

Downside of this change

It's not too hard to come up with a real example of a victim if this change goes through: any female tech expert

  1. Our tech expert registers a domain for her blog
  2. She uses the website for people to contract her for speaking engagements
  3. Now that her website is considered "commercial", she updates the WHOIS database with her real address
  4. She writes about or speaks about the elephant in the tech room (our industry has a crippling problem with mysogony and sexism, with a generous helping of rape and death threats)
  5. The internet CHUDs come out, and our blogger is buried under a rancid torrent of electronic hate, with disturbingly specific threats
  6. With her home address public knowledge, our blogger is forced to leave her home.

This is not a strawman or an exaggerated example. I'm constantly, unpleasantly surprised with how much abuse is directed at people online, and forcing anyone with a domain that somehow touches commerce to post their address publicly will make the problem exponentially worse.

What to do?

I e-mailed the ICANN comment address for this issue. They are (atleast verbally, if not in good faith) asking for comments, and I intend to take them at their word and voice my objections. Given that there is already 160 pages of feedback, and my spotchecks showed 100% against the proposed change, I hope they listen.