ICANN's Threat To Privacy Is Not Theoretical

from the a-very-real-threat dept

Tue, Jul 7th 2015 1:38pm — Mike Masnick

A few weeks ago we wrote about ICANN's new attack on whois privacy, laying out a proposal to deny private/proxy registrations to anyone involved in "commercial" activity on their websites. While it may be difficult for some to comprehend why this is a big deal, it is not a theoretical concern at all. Cathy Gellis has a great story over at Popehat reminding everyone of the time litigious lawyer Charles Carreon was able to uncover the identity of a critic, who he then threatened repeatedly.

As we wrote at the time, even though the critic had used Register.com's privacy guard tool, when Carreon showed up, the company coughed up his identity, and Carreon used that to threaten the critic, making it quite clear that he was doing so just to piss off the critic. In a letter to the critic's lawyer, Paul Levy at Public Citizen, Carreon noted "there is essentially no statute of limitations on this claim" and "I have the known capacity to litigate appeals for years." Eventually, Carreon was forced to cough up money for the bogus legal threats.

Gellis was co-counsel with Levy in defending Carreon's critic and her Popehat post details how that experience makes it even clearer as to just how bad ICANN's proposal is:

It is a proposal that is extraordinarily glib about its consequences for any Internet speaker preferring not to be dependent on another domain host for their online speech. First, it naively pre-supposes that the identifying information of a domain name holder would only ever be used for litigation purposes, when we sadly already know that this presumption is misplaced. As this letter to ICANN points out (linked to from the independently expressive domain name “icann.wtf”), people objecting to others’ speech often use identifying information about Internet speakers to enable campaigns of harassment against them, sometimes even with the threat of life and limb (for example, by “swatting”).

Secondly, it pre-supposes that even if this identifying information were to be used solely for litigation purposes that a lawsuit is a negligible thing for a speaker to find itself on the receiving end of, when of course it is not. In the case of Carreon’s critic he was fortunate to be able to secure pro bono counsel, but not everyone can, and having to pay for representation can often be ruinously expensive.

Thirdly it pre-supposes that there is somehow an IP-related exemption to the First Amendment, when there most certainly is not. Speech is speech and it is all protected by the First Amendment. Attempts to carve out exemptions from its protections for speech that somehow implicates IP should not be tolerated, particularly when the consequences to discourse are just as damaging to speech chilled by IP owners as they are by anyone else seeking to suppress what people may say.

If you haven't yet seen it, that icann.wtf letter to ICANN is worth reading. It's not only a rare case where anti-harassment advocates and free speech advocates can actually come together and agree on a really, really bad idea, but it lays out the arguments for why this Hollywood-backed proposal is just incredibly stupid and dangerous.

If you want to contact ICANN to explain why this policy is a problem please do so today -- as it's the last day they're accepting comments on the proposal.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: bullying, charles carreon, privacy, whois
Companies: icann

18 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Mason Wheeler (profile), 7 Jul 2015 @ 2:11pm

From the quotes on the respectourprivacy.com site:
Using a WHOIS privacy service is no more suspicious than having an unlisted phone number.

That example made me wince a little. When I receive a call from an unlisted number, I don't even bother picking up, because experience has shown that they're always telemarketers, debt collectors, fraudsters, or other inherently suspicious and sleazy types. So trying to use that as an analogy is a perfect example of "not helping your case here."
[ link to this | view in chronology ]
- Anonymous Coward, 7 Jul 2015 @ 2:26pm
  
  Re:
  Apples and Oranges! or rather... context, context, context!
  
  Unlisted means unlisted, NOT won't show on caller ID. There is a big difference between caller ID and your information listed in public database.
  
  You don't even have to get into the details of intentionally false or broken caller ID can be as well.
  [ link to this | view in chronology ]
- Vidiot (profile), 7 Jul 2015 @ 3:25pm
  
  Re:
  Fallacious reasoning, I say: Because some spammers/fraudsters won't list their phone numbers, then anyone who de-lists is a spammer/fraudster. Including old Aunt Peggy, who chose a nonpublished phone number to avoid calls from spammers/fraudsters. Very clever, Aunt Peggy... seems you're the real villain here, eh?
  [ link to this | view in chronology ]
- John Fenderson (profile), 8 Jul 2015 @ 6:38am
  
  Re:
  You're talking about numbers that block caller ID. That's entirely different than an unlisted number. An unlisted number just means that your number isn't available in the directory. It doesn't mean that your number won't appear on caller ID.
  [ link to this | view in chronology ]
Anonymous Coward, 7 Jul 2015 @ 2:57pm

So, you'd be telling me that I can't be saying things like litigious lawyer Charles Carreon is a complete and utter shitbag in my humble opinion?
[ link to this | view in chronology ]
Bill Silverstein (profile), 7 Jul 2015 @ 3:17pm

And what about bad actors?
What about the bad actors using privacy services to hide their illegal activities? Using privacy services to register domain names for spam have been found to be federal crime.

Since drivers who will become transgender will get into car accidents that will kill people, then will must eliminate all drivers because they may become transgender and kill people.
[ link to this | view in chronology ]
- Mike Masnick (profile), 7 Jul 2015 @ 3:35pm
  
  Re: And what about bad actors?
  What about the bad actors using privacy services to hide their illegal activities? Using privacy services to register domain names for spam have been found to be federal crime.
  
  There are still ways to go through a legal process to uncover private registrations. This doesn't change that. Strawman argument.
  [ link to this | view in chronology ]
  - That One Guy (profile), 7 Jul 2015 @ 3:39pm
    
    Re: Re: And what about bad actors?
    But that takes work, and presenting sufficient evidence to back up your claims before a judge. Much easier just to skip the whole 'legal process' bit and go straight to the intimidation and threats of lawsuits.
    [ link to this | view in chronology ]
Jigsy, 7 Jul 2015 @ 4:06pm

I was reading an article on the Guardian earlier about how ICANN backtracking on privacy would increase to more doxxing and swatting situations.

Then I thought something completely different...

1. Someone finds a website (of someone they don't like)
2. Get the persons details from the WHOIS report
3. Load up Tor and falsely accuse the person of being a child molester
4. Wait for mob mentality to kick in and the person gets murdered as a result

And I live in the UK, a country that has a general "kill first, ask questions later" mentality when it comes to people accused of being pedophiles and child molesters.

So, yeah, this is pretty fucking bad.
[ link to this | view in chronology ]
Ninja (profile), 8 Jul 2015 @ 4:36am

icann.wtf

That's an amusingly fitting suffix for the situation...
[ link to this | view in chronology ]
Anonymous Coward, 8 Jul 2015 @ 4:59am

Why exactly should privacy apply to public communications by a business?? Simply don't take money from advertisers, fund your website out of your own pocket and you can keep your domain proxy.
[ link to this | view in chronology ]
- John Fenderson (profile), 8 Jul 2015 @ 6:40am
  
  Re:
  And right there's a huge part of the problem. Having ads does not necessarily make the site a business.
  [ link to this | view in chronology ]
  - Anonymous Coward, 8 Jul 2015 @ 3:56pm
    
    Re: Re:
    A business hires you to advertise for them and you aren't in business? That's a little twisted.
    
    From Florida fictitious name law 865.09:
    
    “Business” means any enterprise or venture in which a person sells, buys, exchanges, barters, deals, or represents the dealing in any thing or article of value, or renders services for compensation.
    
    If you are using a domain proxy, this means if you haven't filed a fictitious name for your website name where you disclose your name and address and publish it in the paper for the prescribed period of time you are operating illegally.
    
    I'm sure other states define a business similarly. Its pretty universal that if you want to take money for doing something you need to disclose who you are publicly if you don't use your own name. There is no expectation of privacy in the law when you start dealing with money.
    [ link to this | view in chronology ]
    - John Fenderson (profile), 9 Jul 2015 @ 7:52am
      
      Re: Re: Re:
      The IRS disagrees with you. Having an income stream does not a business make. One of the criteria, for instance, is that you have an intent to make a profit.
      
      There are plenty of sites that are hobbies and carry ads to defray some of the costs. They don't intend to make a profit, and never will. They are not businesses.
      [ link to this | view in chronology ]
      - Anonymous Coward, 9 Jul 2015 @ 10:25am
        
        Re: Re: Re: Re:
        Apples and oranges. The Internal Revenue Code is irrelevant it only applies to taxation of income, not with requirements imposed by states and counties to register fictitious names. Business is defined in a broader sense that doesn't hve anything to do with making a profit by the fictitious name laws I have looked at.
        [ link to this | view in chronology ]
        
        John Fenderson (profile), 9 Jul 2015 @ 3:43pm
        
        Re: Re: Re: Re: Re:
        Then our conversation has shifted. I was talking about what is or is not a business, not about the use of fictitious names.
        [ link to this | view in chronology ]
Charles Roth (profile), 8 Jul 2015 @ 1:45pm

ICANN comment didn't work
I followed the link to send a comment to ICANN, which in turn sets up and prepares to send an email. When I hit "send", the email bounced back with this error:

: connect to
pechora1.icann.org[2620:0:2d0:201::1:71]:25: Network is unreachable

: connect to
pechora1.icann.org[2620:0:2d0:201::1:71]:25: Network is unreachable
[ link to this | view in chronology ]
Anonymous Coward, 14 Jul 2015 @ 3:00pm

Get rid of ICANN.
[ link to this | view in chronology ]