This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")
- Previous message (by thread): [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")
- Next message (by thread): [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Volker Greimann
vgreimann at key-systems.net
Thu Jan 16 18:14:39 CET 2020
Hi, do you talk to your mother with that mouth? Does she know how you behave yourself on the internet? Whatever you assume I know about the volume of illegal use, I dispute that. Most of our customers are legitimate businesses using their domain names in legitimate ways. Your vitriole will not change that. Amongst our resellers that are sending abusive registrations are some of the largest, most reputable and most well known internet companies that even you probably use every single day. Even they don't seem to be able to prevent these registrations from happening. When we do see domain names registered for abuse through our direct portals, there is a high likelihood that these registrations will cost us. There is no profit in abuse as the first victims of the abusers are usually the registrars where the registrations were requested using stolen identities and credit cards. As the abuse using domains registered through us usually does not happen on our networks, we have zero ability to detect it in advance, all we can do is take care of them after the fact, which we do dilligently. We have a team tasked exclusively with reviewing abuse complaints and taking appropriate action. No money in that at all, but we still do it because we feel that is the right thing to do. > There are, at last count, something like eighty seven thousand ICANN > Accredited domain name registrars, and 98% of them would be out of > business tomorrow if it were not for the snowshoe spammer trade, because > there is NO real money to be made just selling domain names, one or two > at a time, to butcher shops and dentist's offices. You are just porcine > animals, feeding at the trough of a corrupt trade made possible by what > amounts to your over-arching industry lobbying organization, ICANN. 90% of these registrars deal in registering expiring domain names for the secondary market. This has nothing to do with abuse. > I really don't give a rat's ass what self-serving fradulent > justifications > ICANN has put out to try to excuse their own inaction *or* your non-compliance > with your contractual commitments. The fact remains that GDPR *does not* > restrict domain registrars from displaying the Organization: fields in > WHOIS records, specifically when the named organizations represent things > other than natural persons... which is almost always the case... and yet > I can name right now any number of ICANN Accredited domain name registrars > that are, and that have been, for quite some time now, very deliberately > suppressing literally *all* WHOIS data fields, period. How do you justify > that? How does your corrupt industry justify that? Clearly you have never looked at what normal end users put in the Org fields. In our experience, they put anything in there, not just org names. There simply is no good way to identify which org field shows personal information which must be protected and which does not. > Screw that! This is just a clever smoke-screen, invented by your corrupt > industry to try to fool naive and stupid people into believing that > there is really some complex issue here when there isn't. The Organization: > field of each and every domain name WHOIS records is quite clearly SUPPOSED > to contain the name of the non-natural-person to which the domain name is > registered. So why do most domain name registrars suppress this data? > What is your excuse for that, when GDPR clearly does not apply? It is supposed to but in the decades users have provided it, they have never been consistent in that use. If you have the perfect method of differentiating between personal data and non-personal data, you could do a lot of good by sharing that instead of mouthing off. > small-time hackers and spammers, so your industry-wide plan is to > proceeding according to these two phases: Oh, we have a plan now? So this is all a conspiracy? I'll be sending your limited edition tinfoil hat... > 1) Suppress *all* WHOIS information, even for entities not covered > by GDPR, and then... As I said, we'd be happy to publish non-personal information, if we can be sure it is that. > 2) When people complaint that you are violating your clear contractual > commitments to ICANN (which ICANN, which also profits handsomely > from the snowshoe spammer trade, is conveniently doing nothing > about) then your industry offers to "compromise" by allowing WHOIS > access *only* to untrained, ineffective, and mostly uninterested > law enforcement. Not all law enforcement is Seargant Plodder. I have met some highly efficient and interested Law Enforcement people in my time in this industry, with whom it is a pleasure to work. And access would be granted to anyone who can demonstrate a legitimate interest in accordance with Article 6 1 f GDPR and who meets the other requirements of GDPR as well. > Actually, I must complement your whole industry for being so clever about > all of this. You all set out, with a unity of purpose, to try to screw > Internet end users and to preserve your industry and its ability to make > fat profits from spammers and phishers, all while making sure that WHOIS > became entirely off-limits to the public at large, just so that none of > those nosey busybodies could call you out publicly for the fact that > you are all these days catering, mostly, to spammers and phishers . And > your plan is so far working beautifully for you. You are all working > together to screw and disappear the entire WHOIS system which has existed > since the very beginning of the Internet, all just so that you guys in > your industry can make fat profits without even the smallest smidgeon of > public accountability. Actually, when it comes to whois, we mainly care about protecting the privacy rights of our customers. Not the abusers though. > I hope that you are proud of what you and your industry have accomplished. > But I just have to ask: Does your mother know what you do for a living? Actually, I am proud of what this industry has accomplished and how we have contributed and continue to contribute to the safety and stability of the internet. So thanks, I guess? -- Volker A. Greimann
- Previous message (by thread): [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")
- Next message (by thread): [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]