Thursday, March 10, 2005

Ruling on '.us' Domain Raises Privacy Issues
Ruling on '.us' Domain Raises Privacy Issues

By David McGuire Staff Writer

People who own Internet addresses ending in ".us" will no longer be allowed to keep their personal contact information private, a move that has drawn objections from some consumer advocates and from companies that sell third-party Web registrations.

The decision, issued by the Commerce Department in February, bans the practice whereby Web site operators pay a "proxy" company to register an Internet address for them. Instead, people who own .us addresses must provide their phone numbers and street addresses for listing in publicly searchable databases by January 2006 or lose their registrations.

Each country has its own two-letter domain -- like .uk in England, .de in Germany or .tv in Tuvalu -- and sets the policies for registration. The United States restricted .us registrations to city and state governments and other official entities until 2002, when it opened the domain to all U.S. citizens and businesses.

The federal agency that oversees the domain maintains that the decision, handed down in February, is not a change, but simply a clarification of its existing policies. "The U.S. Department of Commerce has never authorized or permitted the offering of proxy or anonymous domain-registration services in the .us addressing space," National Telecommunications and Information Administration spokesman Clyde Ensslin said in a prepared statement.

But opponents say the decision is a step backward in the fight to preserve the privacy rights of Internet users.

"This is a very disappointing development for consumers and for privacy," said Alan Davidson, associate director of the Center for Democracy and Technology, a Washington-based advocacy group. "Proxy registrations have been viewed as a sensible market-based solution to allow people to keep their privacy, but still gives law enforcement what they need. One would hope that the United States would be leading the way with the best practices in this area, but instead the U.S. government is continuing to ignore the privacy interests of registrants."

"We've always believed that that [proxies are] important in order to protect the privacy of free speech," said Lee Tien, senior staff attorney for the Electronic Frontier Foundation. "Being able to speak through a proxy, particularly if you're a human-rights dissident in a third-world country, can mean the difference between life and death. For .us it may not be as important, but it sets a bad precedent for Internet speech all around."

Bob Parsons, president of Scottsdale, Ariz.-based registrar GoDaddy, said his biggest fear is that the new rule will be viewed as a test case for similar policies in more popular domains like .com and .net, which account for nearly 40 million Web addresses registered worldwide. There are approximately 900,000 .us addresses.

The Internet Corporation for Assigned Names and Numbers -- the nonprofit body responsible for worldwide generic domains like .com, .net and .org -- has been debating a change to public-listing rules for several years. General counsel John Jeffrey said ICANN takes no official position on the .us policy change, and had no comment on whether a similar ruling could be forthcoming on generic domains.

NTIA has always required that .us registrants submit accurate contact information. Government investigators, intellectual-property owners and attorneys use these searchable collections of registration data -- known as "whois" databases -- to trace the sources of online fraud and copyright infringement. But in recent years, the companies that sell Internet addresses have offered, for an additional fee of about $9 a year, to list their own contact information in the whois database on behalf of customers who seek anonymity.

Network Solutions and GoDaddy said they make customer information available to official parties, but keep it hidden from casual seekers. "It's not intended to be Switzerland. It's just intended to give law-abiding citizens a right to privacy," Parsons said.

GoDaddy has provided proxy services for 23,000 of the 311,000 .us addresses it has sold, according to the company. Network Solutions, based in Herndon, Va., has sold roughly 78,000 .us addresses and acts as a proxy for 2,500 of them, according to chief executive Champ Mitchell.

Mitchell said that although .us addresses are a "minuscule" part of the company's business, Network Solutions will "do everything in its power" to protect the privacy of its hundreds of thousands of proxy customers in all domains.

Neither company would make any of its proxy customers available for immediate comment. Parsons said he has been discussing the policy on his blog at and that some users have e-mailed him expressing fear that their personal data will be made public.

Mitchell and Parsons said they will appeal to the Commerce Department and to Congress to overturn the decision before it takes full effect in January.

Although the Commerce Department has allowed .us site operators the rest of the year to supply their names for the whois database, registrars were required to stop selling .us proxy services by Feb. 16. Companies that did not comply must do so by today or risk losing their accreditation to sell .us addresses.

All registrars who were offering the proxy service have agreed to comply, according to Jeff Neuman, NeuStar's director of law and policy. Neither Neuman, who issued the order on behalf of the Commerce Department, nor the NTIA would reveal how many registrars were affected by the decision.

originally published Friday, March 4, 2005