What the heck is a WHOIS you ask? It is an official database in order to determine the owner of a domain name, an IP address, or an autonomous system number on the Internet. Currently, when a domain name is entered into the CIRA WHOIS look-up service, the name of the Registrant and the personal information about the contact(s) for that domain name, such as their address and telephone number, is made available to the public. This will change due to tight privacy regulations in Canada. As of June 10, 2008, CIRA will no longer release information about individual registrants without their permission.
I quote a good explanation of all this from the Canadian Internet Registration Authority (CIRA) website
"In
January 2004, the Personal Information Protection and Electronic
Documents Act (PIPEDA) took effect in Canada. This Federal law provides
guidelines for the collection, use, and disclosure of personal
information by private organizations. Under this act, the situations
where an organization can disclose an individual’s personal information
are strictly limited and require consent."
"In response to the
introduction of PIPEDA, CIRA conducted an exhaustive series of
consultations with Registrars, Registrants, Lawyers and Law Enforcement
Personnel to develop an approach that would protect the privacy of
individual consumers while continuing to allow access to information
pertaining to corporations, organizations, and institutions."
"The resulting policy balances the
need for PIPEDA compliance and individual domain name holder privacy
while allowing WHOIS searches for commercial, legal, and law
enforcement purposes to continue."
Under the new .CA WHOIS Policy, information about individual
Registrants and their Administrative and Technical contacts will no
longer be displayed. Individual Registrants may “opt-in” to display
their information. Information about corporate Registrants will be
displayed by default and can "opt-out"
They, like many registrars who offer anonymous services, will create a way to pass correspondences from interested parties to the hidden Registrants. This too will be available June 10, 2008.
I can see how an individual might want to keep their information private (as I do the same thing with my personal/vanity domains), but I am unsure why a corporation would opt-in for this service. In fact, I would say that most PUBLIC companies should keep their contact information public in the WHOIS system and up-to-date so that if something goes wrong, like spamming, that anyone could contact them ASAP. Not saying I don’t like privacy laws, heck I’m the privacy officer for Eloqua, but I’m just saying what are they hiding? As Jack Carlson said and I agree "The policy recognizes that corporate information does not raise specific privacy concerns since corporate information does not constitute personally identifiable information."
Big companies, don’t opt-in for the privacy WHOIS part. No reason to.
-Dennis
Eloqua
P.S. I applaud Canada for again leading the way to protecting our personal information once again.. Wake up U.S.
Last 5 posts by Dennis Dayman
- European Data Protection "Upgrades" - January 30th, 2012
- Return Path acquires OtherInbox - January 10th, 2012
- How NOT to react to spam complaints - January 9th, 2012
- Care2 breach is something to care about - January 3rd, 2012
- The passing of a great mind and great friend - November 17th, 2011
very interesting, so is valid only for .ca domain? or .com too?
bye
nickel
What I have always found baffling is how does one separate an individual from a business, as CIRA does for different privacy levels, and as ICANN's last WHOIS study suggested before it died aborning. If I have an individual site, wholly owned (rented if you'd rather) and managed by me, and I add affiliate links or banner ads which give me a net profit (as many 'individual' sites do), at what point do I become a commercial entity?
water softening