back to article Europe fires back at ICANN's delusional plan to overhaul Whois for GDPR by next, er, year

On March 26 – two months before new privacy protections come into effect in Europe – Goran Marby, CEO of DNS overlord ICANN, sent a letter [PDF] to each of Europe's 28 data protection authorities (DPAs) asking them to hold off punishing it over Whois. Whois is a set of databases of domain-name owners, overseen by ICANN, and it …

Page:

  1. Anonymous Coward
    Anonymous Coward

    The other course of action would be for ICAAN to stick 2 fingers up at the EU and say, "No public details, no domains" and just ban anyone from the EU owning/registering a domain unless the issue gets solved.

    Sit back and wait for the explosions, pass the pop-corn someone please.

    1. Lee D Silver badge

      That's a good way to lose 50% of your revenue overnight, not to mention be involved in hefty lawsuits (with governments no less, let alone corporations), and to instantly lose your claim to being an international institution.

      You think that if they did that, the EU wouldn't be able to set up a bunch of rootservers overnight, inform all their registrars that they were the definitive rootservers for the EU domains now, and then ICANN wouldn't be forced to offload all queries for .uk, .eu, .fr etc. to those servers in order to restore connectivity?

      People forget just how large a market the EU is. In many cases it generates American companies more revenue than the continent of America itself.

      1. Anonymous Coward
        Anonymous Coward

        "People forget just how large a market the EU is."

        i.e. it has a greater GDP and a larger population than the USA,

        1. mutin

          The World is still bigger than EU

          Let EU do its own domains and the rest of the nworld will stick with the US. So far only EU rulers objected current system on the ground its own regulation. So, keep your regulation for yourself (EU) and do not disturb other people who are OK with the current system.

          1. JohnFen

            Re: The World is still bigger than EU

            "keep your regulation for yourself (EU) and do not disturb other people who are OK with the current system."

            Just because someone isn't in the EU doesn't mean they're OK with the current system.

          2. Anonymous Coward
            Anonymous Coward

            Re: The World is still bigger than EU

            "Let EU do its own domains and the rest of the nworld will stick with the US"

            Far more likely the rest of the world would follow. The EU is after all a larger trading block with greater global influence.

      2. Anonymous Coward
        Anonymous Coward

        "People forget just how large a market the EU is. "

        "People forget just how large a market the EU is. " , let me re-phrase that for you ...

        Yanks are ignorant as to how large a market the EU is.

        Putting the obvious Brexit jest comments aside for a moment, I suspect you would not find many people outside the US who don't readily realise what a large market the EU is.

        The problem is yanks are brainwashed from a young age into some weird mid-20th century 1950's dreamland picture of America.... you know, the days when the president actually was a role model and deserved respect, when the economy was thriving, when America really *was* "the land of the free" and when people were actually nice to each other and didn't shoot each other every two minutes.

        The trouble is whilst America has been busy telling itself its the best, the world has moved on.

        America's attitude to this world ? Adapt ? Hell no. Let's just use what's left of our financial might to shit on everyone else's heads and bully them into submission. And that has never been more the case than with the current "America First" administration.

        Rant over !

      3. Doctor Syntax Silver badge

        "You think that if they did that, the EU wouldn't be able to set up a bunch of rootservers overnight"

        Well, just a single rootserver for all the domains, fragmentation wouldn't be good. And easy enough to stand one up. Just select one of the current mirrors and make that definitive. I doubt the EU itself would even need to do anything. If the European registrars haven't got together and hatched a contingency plan for this I'd be surprised. The old saying is that the internet routes round damage; ICANN is starting to look like damage.

        1. The Nazz

          Just imagine if Domain Registry was a "sport"

          You would have several countries/cities/local councils (certainly here in the UK ) actually bidding obscene amounts of public money to be the special ones to *host* such a rootserver. Sod paying ICANN for the privilege.

          "ah, but it increases the local economy by £400m" they argue. Yep, a theoretical £400m that may or may not be spent in the area, and which, in fact, would more than likely have been spent away from the area in any event. Net gain < zero.

          For example, a midlands council having to outlay £400k of public money because a cycle race ( ha ha, a race indeed ), for the chosen 140 or so, passed along 6km of their area.

        2. Missing Semicolon Silver badge

          EU-only root servers

          While that allows EU citizens to look up EU addresses, .eu would cease to exist for the rest of the world. EU citizens would not be able to own .com addresses as the registrar would not be GPDR compliant.

          1. JohnFen

            Re: EU-only root servers

            ".eu would cease to exist for the rest of the world."

            Only until the rest of the world updated their systems to query the .eu servers.

          2. Doctor Syntax Silver badge

            Re: EU-only root servers

            "While that allows EU citizens to look up EU addresses, .eu would cease to exist for the rest of the world"

            Who said anything about EU-only root servers? The rest of the world would be free to use them. And why would they set themselves up as just for EU domains? If the rest of the world decided to treat a non-US server as the definitive global root then either the US follows suit or .com etc, as you put it, ceases to exist for the rest of the world.

        3. Alan Brown Silver badge

          " ICANN is starting to look like damage."

          What do you mean "starting to", dear boi?

      4. mutin

        You simply do not understand how EU stuff works

        One cannot overcome a few people who think they are smart but were not smart enough to understand how what they invented will work. I mean GDPR and EU Commission. EU Commies are sitting on their hairs and feeling they are gods on Olympus. They expect everybody across EU and around the world will become compliant. Did they issue any recommendations how to do that in a form of a framework? No, they did not. But I DID. In 2012 when it was the draft. It is very complex implementation and 99% still have no clue that it is not about security controls but mostly about privacy controls. Very different story.

        So, shortly - one story it to write the regulation. Completely different story is to implement. Guys please come down to us from your EU Olympus and explain how to implement what you've invented.

        1. Doctor Syntax Silver badge

          Re: You simply do not understand how EU stuff works

          "Guys please come down to us from your EU Olympus and explain how to implement what you've invented."

          It's very simple. You do one of two things. One is you look at the rights it says data subjects should have and give the subjects those. The alternative is that you pay the fines.

          If you weren't abusing the data subjects in the past option one isn't that onerous. If you find it difficult it says a lot more about the operation you run than it does about the EU being out of touch.

    2. Warm Braw

      ICANN don't register domains, the registrars contract with ICANN to offer that service to their customers.

      The GDPR will invalidate part of the contract between the registrars and ICANN insofar as it involves doing business in the EU - you can't be bound by a contract to break the law - but the rest of the registrars' contracts with their individual custmoers will remain in force.

      If the registrars fail to abide by the GDPR they will be prosecuted by the appropriate authority in the relevant EU country. If they withdraw their services they will be subject to claims for breach of contract by their customers and lose a significant part of their revenue.

      With luck, it will be ICANN that explodes, but the more useless and idle an organisation is, the longer it seems to persist in its irrelevance.

    3. Anonymous Coward
      Anonymous Coward

      The other course of action would be for ICAAN to stick 2 fingers up at the EU and say, "No public details, no domains"

      Right, right. Because Whois can't sort themselves let someone else fight over it.

    4. Anonymous Coward
      Anonymous Coward

      No public details, no domains

      That would make a good argument for the organisation to be disbanded and put under the control of a global body.

      1. Anonymous Coward
        Anonymous Coward

        Re: No public details, no domains

        I get a terrifying feeling of (inter)National Socialist deja Vu whenever I hear the phrase 'control of a global body'

        Having just finished reading 'Guns Germs Steel' the main conclusion is that Europe became dominant in technology because they were NOT under a single rule, Eurasia was the place where everything originated and spread, due to geography, but Europe was the place it carried on developing, because of geography.

        Its small countries separated by natural barriers.

        The EU is in fact counter evolutionary. It was the monolithic nature of Chinese bureaucracy and culture that allowed all the major inventions it made to be suppressed for millennia. We are seeing the same thing now with e.g. nuclear power in the EU.

        Wars push development at fearsome rates. The Internet is the response to a need for a missile proof command and control military network. The integrated circuit is the result of cold war missile development. So is GPS. The computer itself owes its origins to the need to crack advanced ciphers. The Jet engine to the need for advanced fighters and bombers.

        The EU likes to claim that it has kept the peace in Europe. But at what price? Europe is scarcely at the forefront of anything any more, except mass immigration.

        1. Pascal Monett Silver badge

          Re: "Europe is scarcely at the forefront of anything any more"

          Yeah, because having the most reliable and most powerful space launcher technology, which demonstrates a wide swath of technological and industrial expertise, counts for peanuts.

          Go back to your Fox News now, everything will be all right.

          1. Anonymous Coward
            Anonymous Coward

            Re: "Europe is scarcely at the forefront of anything any more"

            Also, US has depleted the reserve of German scientists and engineers who propelled its technology in the 50s and 60s... the rest mostly came from UK.

        2. Anonymous Coward
          Anonymous Coward

          "Europe is scarcely at the forefront of anything any more,"

          Its ironic really that you put that phrase after a paragraph of American examples from the last century !

          The internet ? Last century.

          ICs ? Last century.

          GPS ? Last century.

          Jet Engine? Last century.

          I would say going by that list, the US is "scarcely at the forefront of anything any more" !

          And if you want to play the last century game, two can play at at that game:

          The internet is American you say ? Tim Berners-Lee, Calliau one or two others may wish to have a word.

          The LCD monitor you typed your comment on ? That would be a British invention.

          That ARM processor that's in any number of gadgets surrounding you? That would be a British invention.

          The space suit ? That was not invented on US soil.

          Cinematography ? The US may have Hollywood, but the Europeans invented the technology.

          Submarines ? The US boast about their submarines. The invention ? Yup, European.

          Telephones ? What's that ? You forgot about some Scottish chap called Graham Bell ?

          Loudpeakers ? That would be a European invention.

          Printing press ? That would be European.

          Glasses ? Contact Lenses ? Yup... European

          Parachutes ? Yup.. European

          Need I go on ?

          Oh, perhaps one more ....

          Irony of all ironies ....

          The bullet proof vest.

          That would be a European invention.

          1. Stoneshop

            Re: "Europe is scarcely at the forefront of anything any more,"

            a paragraph of American examples from the last century !

            [...]

            Jet Engine? Last century.

            Eh, neither Frank Whittle nor Hans von Ohain were US citizens or even residents at the time they developed the first jet engines.

            1. Anonymous Coward
              Anonymous Coward

              Re: "Europe is scarcely at the forefront of anything any more,"

              "Eh, neither Frank Whittle nor Hans von Ohain were US citizens or even residents at the time they developed the first jet engines."

              Thanks for the correction ! I kinda knew that in the back of my mind when I wrote the above reply, but the primary point I was making was about "last century". You are quite right though, I should have pointed it out.

              The Americans probably think they invented the English language too. ;-)

          2. Doctor Syntax Silver badge

            Re: "Europe is scarcely at the forefront of anything any more,"

            "Jet Engine?"

            Cough. Frank Whittle. Cough.

        3. Stoneshop

          Re: No public details, no domains

          Its small countries separated by natural barriers.

          If you look at the amount of trade and, with it, exchange of people and information that happened as far back as the 12th and 13th century[0], then those natural barriers apparently weren't as much of a hindrance as you think they were. And while there are some major natural barriers[1] between a couple of European countries, going by their borders at various times in history, barriers at least similar to those are often slap bang in the middle of several countries.

          [0] easily twice as far back as that colonisation stuff in what's now the US.

          [1] never mind that the technology that made those barriers much less of a bother has been doing just that for at least a century.

        4. Anonymous Coward
          Anonymous Coward

          Re: No public details, no domains

          The computer itself owes its origins to the need to crack advanced ciphers.

          Best we dig up Charles Babbage and let him know.

      2. Doctor Syntax Silver badge

        Re: No public details, no domains

        "That would make a good argument for the organisation to be disbanded and put under the control of a global body."

        That global body would be the ITU. There are a number of governments wanting to do just that with the internet. That should be enough to concentrate ICANN's mind. ICANN's mind? What a strange concept.

    5. Anonymous Coward
      Anonymous Coward

      They seemed to have missed the simplest solution - just turn off Whois. It's mostly just used by copyright cartels to sue people anyway.

      1. Anonymous Coward
        Anonymous Coward

        "They seemed to have missed the simplest solution - just turn off Whois. It's mostly just used by copyright cartels to sue people anyway."

        Seems to be mostly used to spam domain owners with dubious offers of web design and SEO work.

        Yes, I forgot to tick the privacy option for one of the domains I host. Doh.

      2. Doctor Syntax Silver badge

        "It's mostly just used by copyright cartels to sue people anyway."

        I think what you're saying is that you haven't worked out how to use it for your own benefit. E.g. to check on the origins of a suspicious email? If you haven't I can assure you many of us have. It belongs with ad-blockers and Noscript as part of our everyday internet security measures.

        1. Fazal Majid

          The public data in WHOIS is so often obfuscated as to be useless. Copyright lawyers have access to a private database with full details, that’s what this whole debate is about.

          ICANN’s delusion is because they are used to the capricious arbitrariness of (British-inspired) Common Law rather than the rules-based (Roman) Civil Law where judges don’t have the latitude to give their buddies or fellow members of the elite a break just for the asking.

        2. JohnFen

          You actually trust the accuracy of the Whois database?

        3. Ken Hagan Gold badge

          "E.g. to check on the origins of a suspicious email? "

          Given the large numbers of people posting here who report that they've pushed complete crap into the WHOIS database and got away with it because there is exactly zero budget for checking user-submitted data, just exactly how do you use the information to check on anything? Particularly when the only thing you know about what you are checking is that is seems suspicious. It's like asking someone "Are you a crook?" and expecting a useful answer.

          1. Doctor Syntax Silver badge

            "just exactly how do you use the information to check on anything?"

            Big hint: you can whois IP addresses as well as domains.

        4. TheVogon

          "you haven't worked out how to use it for your own benefit. E.g. to check on the origins of a suspicious email?"

          Seeing as the vast majority of dodgy emails originate from hacked boxes and botnets Whois is of close to zero value for that. Not to mention that much of the data is inaccurate, set to private, or simply resolves to large ISPs and hosting providers.

      3. Mark 85

        They seemed to have missed the simplest solution - just turn off Whois. It's mostly just used by copyright cartels to sue people anyway.

        Exactly. How hard can it be to turn of the display of the fields that need to be hidden? For those that get access to the full Whois, turn the fields on for them when they log in.

        I would think that if they had cut out a few trips to exotic locations for "fact finding" and "discussions" and then actually thought about it, that the problem would have been solved by now.

      4. Yes Me Silver badge

        ... mostly just used by copyright cartels

        It's mostly just used by copyright cartels to sue people anyway.

        No. It may well be used for that, since a lot of people seem to think that the copyright laws don't apply to them personally, but it's intended for use to fix operational problems by identifying the responsible operator for an address block or a domain. (As I said re a previous story, which people don't seem to get, judging by the number of downvotes.) It's true that you don't need a personal name to provide that; it could be BOFH@example.co.uk, but that hasn't been the historical approach since whois was invented 30+ years ago.

        Doesn't change the fact that ICANN is heading for a fall on this.

    6. Anonymous Coward
      Anonymous Coward

      "The other course of action would be for ICAAN to stick 2 fingers up at the EU and say, "No public details, no domains" and just ban anyone from the EU owning/registering a domain unless the issue gets solved."

      And cut off the US from the largest trading bloc in the world? (EU has a GDP of 20 trillion dollars, versus 19 for the US and 12 for China).

      1. Jaybus

        "And cut off the US from the largest trading bloc in the world?"

        It wouldn't cut anybody from anything. WHOIS could be turned off completely and hardly anyone would notice. They should just limit it to showing only the owner and registrar names. Nobody needs all the rest of the info anyway, and surely GDPR is not about secretly-owned domain names. If it is, then why should the rest of the World be subjected to this level of paranoia?

    7. Doctor Syntax Silver badge

      "The other course of action would be for ICAAN to stick 2 fingers up at the EU"

      Fair enough, but what does ICANN have to do?

    8. Stoneshop
      FAIL

      The other course of action would be for ICAAN [sic] to stick 2 fingers up at the EU

      ICANN is essentially a US organisation, so that would be a single, middle, finger.

    9. Teiwaz

      ICAAN to stick 2 fingers up at the EU and say...

      That would involve ICAAN actually pulling said fingers out of it's arse first.....

      Provided it manages to beg enough time to work out how.....

      1. I ain't Spartacus Gold badge
        FAIL

        ICANN tell you that...

        It's not ICAAN.

        The correct name of the organisation is ICAN'T

        Apperently just making it policy that the registrars aren't allowed to charge for the privacy policies they already offer is so hard that it's taken them years to fail to come up with as their new policy.

        I think it's all that first class air travel and free champagne does it. It rots the brain I tell you. That's why I stick to walking and Special Brew...

    10. JohnFen

      "Sit back and wait for the explosions"

      What you'd hear wouldn't be the sound of explosions. It would be the sound of ICANN imploding.

      1. Anonymous Coward
        Anonymous Coward

        "Sit back and wait for the explosions"

        What you'd hear wouldn't be the sound of explosions. It would be the sound of ICANN imploding.

        Oh but I had the joy of hearing lots of explosions, what I really love is the whizzzzzzzzzzzzzz noise keys make as they try to break the sound barrier while exiting keyboards.

        The only pity is I hate popcorn, still can't have everything.

  2. Anonymous Coward
    Anonymous Coward

    Special process...

    I'd suggest to organize forcefully their next meeting in a Brazilian favela, or near a toxic dump in Africa, in a refugees center on some Mediterranean island, or in a base at the South Pole now that Winter is coming. And don't let them out until a solution is found. I'm sure they will come up with it in far, far less than one year.

    1. ArrZarr Silver badge

      Re: Special process...

      To be fair to ICANN, although god knows they don't deserve it, they have a solution already, it's implementation time that's the stickler.

      1. Doctor Syntax Silver badge

        Re: Special process...

        "it's implementation time that's the stickler"

        Just start proceedings next month and you'll be surprised how short implementation time can be.

      2. Stoneshop
        FAIL

        Re: Special process...

        it's implementation time that's the stickler.

        Indeed, finding those particular printf statements so that private data is not printed, and replacing them with the registrar's contact data a Herculean task beyond the capabilities of the most competent programmers[0].

        [0] employed by ICANN, that is, as they're just a bunch of pen-pushers.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like