[AktiviX-discuss] Domain name hosting
paul m
tallpaul at ml1.net
Wed Jan 20 21:24:07 UTC 2016
On Wed, Jan 20, 2016, at 06:49 AM, bou wrote:
> I wanted to make a list to recommend people, as most seem to go with 123
> reg or whatever, ending up with their names, surnames and home addresses
> publicised on whois.
>
> But I only came up with two that were offered on this list in 2008, if
> any one has more please email back?
>
Nearlyfreespeech.net offers this as a standard add-on to all therir
domain registrations.
You should be aware, however, that ICANN is currently in the process of
implementing new policies regarding the use of privacy/proxy services
when registering domain names that will impact the effectiveness of
privacy/proxy services and can lead to your contact details being
disclosed to people complaining. These aren't in place yet but the final
report and recommendations are out.
TL;DR:
Under the new policies (if the recommendations are adopted) using a
privacy/proxy service doesn't mean your contact details won't be handed
over. If someone alleges copyright or trademark infringement there is a
good likelihood they will be unless you can prove its not true (or would
be in danger). They fact that they are not legally obliged to had over
by a court order etc isn't enough to prevent disclosure.
It will probably stop your details being handed over to random trolls
but not ones with lawyers. They can reveal your details by canceling the
service and sticking your details in WHOIS if thats how the they decide
to do it, or force you to hand over domain rather than have your
details disclosed.
Summary of the gory details:
These policies have not been implemented yet but the Privacy & Proxy
Services Accreditation Issues Working Group has issued it's final report
along with a number of recommendations that are likely to be adopted.
You can find it here:
http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20151208/03ad1d8c/PPSAIFinalReport-submitted-7Dec2015-0001.pdf
It's 93 pages long, and rather dense, so I haven't had the time to read
through it though it has an executive summary at the start.
For those who were aware of the issues raised by the working groups
initial report its worth first noting that they are no longer
recommending that the use of privacy services be prohibited for websites
engaged in 'commercial activity' has been dropped. This was of concern
for a lot of people as it potentially cast a very wide net.
A rough summary of the proposals follows:
ICANN will develop an accreditation system for privacy and proxy
services. This forces accredited providers to follow certain rules and
procedures. Domain registrars will be required to only accept
registrations from accredited services.
Accredited services must:
1. Verify the contact details for the person or organization who own the
domain
2. Provide a link on their website to a request form or (equivalent
list) containing a list of the minimum criteria required foe them to
"comply with third party requests, such as for the Disclosure or
Publication of customer identity or contact details"
3. Publish terms of Service for customers that include:
i. "The specific grounds upon which a customer’s details may be
Disclosed or Published or service suspended or terminated, including
Publication in the event of a customer’s initiation of a transfer of
the underlying domain name"
ii. "Clarification as to whether or not a customer: (1) will be
notified when a provider receives a Publication or Disclosure request
from a third party; and (2) may opt to cancel its domain registration
prior to and in lieu of Publication or Disclosure."
iii. "Clarification that a Requester will be notified in a timely
manner of the provider’s decision: (1) to notify its customer of the
request; and (2) whether or not the provider agrees to comply with
the request to Disclose or Publish"
4. Must relay all communications "required by the RAA and ICANN
Consensus Policies"
5. For all other (thrid party) requests follow one of two options
i. " Relay all electronic requests received (including those
received via emails and via web forms), but the provider may
implement commercially reasonable safeguards (including CAPTCHA) to
filter out spam and other forms of abusive communications"
or
ii. "Relay all electronic requests received (including those received
via emails and web forms) from law enforcement authorities and third
parties containing allegations of domain name abuse (i.e. illegal
activity)"
It is worth noting that the report contains a very expansive definition
of "law enforcement authorities". Not just the police but also "consumer
protection, quasi-governmental or other similar authorities designated
from time to time by the national or territorial government of the
jurisdiction in which the privacy or proxyservice provider is
established or maintains a physical office" Presumably this covers RIAA
etc.
At this point the report talks about an "illustrative Disclosure
Framework to apply to Disclosure requests" i.e. giving your contact
details to somebody who complains. but notes " Although the WG has
reached consensus on an illustrativeDisclosure Framework for handling
requests from intellectual property (i.e. trademark and copyright)
rights -holders, it has not developed a similar framework or template
that would apply to other Requesters, such as LEA or anti -abuse and
consumer protection groups."
This is set out in Appendix B.
For requests involving copyright and trademark disputes the following
will apply, providing the minimum criteria have been been met (e.g.
providing contact details, "Information reasonably sufficient to
identify the copyrighted work" etc).
Privacy/proxy services will be required to contact you about the
complaint giving you 15 days to respond.
5 business days after your reponse or 2 business days after the 15 days
is up (if you don't respond) the will be required to
A. Disclose your details
or
B Reply to the requester stating their reasons for not doing so.
It then lays out the reasons it can use for this.
"i.the Provider has already published Customer contact details
in WHOIS as the result of termination of privacy/proxy service;
ii.the Customer has objected to the disclosure and has provided
a basis for reasonably believing (i) that it is not infringing the
Requester’s claimed intellectual property rights, and/or (ii) that its
use of the claimed intellectual property is defensible;
iii.the Provider has a basis for reasonably believing (i) that
the Customer is not infringing the Requester’s claimed intellectual
property rights, and/or (ii) that the Customer’s use of the claimed
intellectual property is defensible;
iv.the Customer has surrendered its domain name registration in lieu of
disclosure, if the Provider offers its Customers this option;
v.the Customer has provided, or the Provider has found, specific
information, facts and/or circumstances showing that the Requester’s
trademark or copyright complaint is a pretext for obtaining the
Customer’s contact details by effecting removal of the
privacy/proxy service for some other purpose unrelated to
addressing the alleged infringement described in the Request;
vi.the Customer has provided, or the Provider has found,
specific information, facts, and/or circumstances showing that
disclosure to the Requester will endanger the safety of the Customer; or
vii.the Requester failed to provide to the Provider the
verifiable evidence of wrongdoing"
It also notes that:
"Disclosure cannot be refused solely for lack of any of the
following: (i) a court order; (ii) a subpoena; (iii) a pending
civil action; or (iv) a UDRP or URS* proceeding; nor can
refusal to disclose be solely based on the fact that the Request is
founded on alleged intellectual property infringement in content on a
website associated with the domain name"
* Domain name dispute IIRC.
(Also its worth noting that you can only get this report from the
mailing list archives AFAIK, it not published on the ICANN site unlike
the initial report).
--
paul m
tallpaul at ml1.net
More information about the AktiviX-discuss
mailing list