Be Afraid

Per the BBC News:

More than 5% of the net's most popular domains have been registered using "patently false" data, research shows.

A US congressional report into who owns .com, .net and .org domains found that many owners were hiding their true identity.

Congress has just discovered that people, knock me over with a feather, do not always include all their correct personal private  and personal confidential information in online web databases that can be read by everyone:

The report found that owner data for 5.14% of the
domains it looked at was clearly fake as it used phone numbers such as
(999) 999-9999; listed nonsense addresses such as "asdasdasd" or used
invalid zip codes such as "XXXXX".

In a further 3.65% of domain owner records data was missing or incomplete in one or more fields.

I personally am a fan of (555) 555-5555 in filling out web forms.  For years, I never, ever put my correct phone number in the WHOIS registry, and only correctly filled in enough blanks to get my credit card authorized.

As is usual with every privacy reduction effort, it starts with an honest desire for better law enforcement:

Increasingly whois data is being used by law enforcement
and security companies to find out who is running a website involved in
spamming or some other scam....

The GAO recommended that more effort be made to verify
the information by domain owners and that greater use be made of
commercial software tools to check who runs a website.


I get the law enforcement issue, but I think it is dwarfed by the privacy and free speech issues.  There are a lot of really good non-illegal reasons not to want the detailed personal and private information of web site owners plastered all over public data bases, and there are particularly good reasons that web site owners might not like the government to know who they are.  Like every blogger in China, for example.  I don't think that US Government bodies (or major corporations, or political groups, or fringe groups like the KKK) are above seeking some type of retribution (e.g. audits) against folks online who criticize them, and I am sure China and Saudi Arabia are not above it.  If you start a web site criticizing your current employer, do you really want to reveal your name?  I for one thought for a long time about whether to blog as myself or anonymously.

As for hunting down phishing and other such scams, liscencing web owners in a way similar to say gun owners is not necesary.  Scams are illegal because somewhat is defrauded of money, and that money leaves an easier trail to follow than any electronic trail, even with better ICAHN data.  You can use zombie computers and other techniques to defeat most electronic tracing, but the money WILL end up in the bad guys hands and can be found.

Next up:  Requiring background checks before you can register for a web site.