Whois: a paradox of privacy vs. public need

Ever since Tim Berners-Lee created the browser-editor and the Web, the Internet has truly become a web of intrigue. One particularly intriguing area is the ethical question of privacy vs. the right to use the Internet as a legitimate business tool.

Two years ago, I wrote a column about how the Whois database was open to data mining - the adverse use of information gleaned from the database. In late 1997, Network Solutions, Inc. (NSI) finally addressed the openness of Whois by slowing the pace at which the database will reply to repeat inquires from a specific IP address. However, this did not stop the data mining.

In September 1997, a company named Domainsondisc announced it had harvested "practically all registered .com, .net, .edu and .org domain names" on the Internet. For $999.95 plus shipping and handling, the company was selling a CD containing all administrative, technical, billing and address information for these registered users, including their e-mail addresses. Shortly after the announcement, due to strong negative comments from the Internet community, Domainsondisc pulled its product.

Fast forward to September 1998. Domainsondisc claims to have more than 3 million domain names for sale. This time, however, the CD the company is selling does not include these registered users' e-mail addresses. Why? Because Domainsondisc does not want to propagate unsolicited e-mail. But apparently the company doesn't have a problem propagating nonstop telemarketing via phone and fax.

In the snail-mail world, the Direct Marketing Association has specific policies regarding use of an individual's address. Unfortunately, we don't have a similar presence on the Internet - yet.

The Internet needs to remain free and unencumbered. However, the right to privacy must be weighed against the freedom to use the Internet as a communication tool for conducting legitimate business.

Is there a solution to this paradox?

Chris Clough of NSI said a few months ago: "We need to go back to original intent of Whois, which was for the technical contacts to be able to work with each other to fix problems. The technical community needs the ability to contact each other, so some information must be available, but we want to limit the information so that spammers will not use the database."

Additionally, NSI is looking into such issues as an "opt-out" policy, which would presumably limit what information is listed in the database.

I know one solution that did work and will work again. Voice your disapproval to these "marketeers" and those who follow them by sending comments to www.domainsondisc.com, the Internet Society (www.isoc.org) or the Coalition Against Unsolicited Commercial Email (www.cauce.org).

Internet users shut down Domainsondisc once; they can do it again.

Spivak is president and owner of SBA*Consulting, an IT consulting firm, and SBA.NET.WEB, an Internet consulting company. He can be reached at wspivak@sbanetweb.com.