Michele Neylon opines about registrar accreditation negotiations.
Earlier this month I wrote about what various law enforcement agencies would like you to do before registering a domain. Although well intentioned, the requirements would wreak havoc on the domain name ecosystem.
Michele Neylon, who runs Irish domain registrar Blacknight, just posted a blog entry about what he thinks the changes would mean for domain registrants.
The title is spot on: Don’t Make Us Treat Our Customers Like Criminals!
Neylon is well versed in ICANN and the current negotiations over the contract for domain registrars. He understands the nuance of every proposal out there. So it’s worth reading his take.
He also had recent experience partnering up with Google to give small businesses in Ireland a free web site. Most shied away from Ireland’s .ie domains since they had to jump through more hoops to register them — which is exactly what law enforcement wants to require of all domain registrants.
When you get into an arena where you’re demanding that people handover loads of data AND that they already have working email AND working phones AND verifiable physical addresses etc., you’re immediately narrowing the field. You’re stopping some people from getting online. And these are innocent bystanders. They haven’t committed any crimes, but they’re being treated like criminals. In fact we all are and we’re being forced to play “piggy in the middle”.
George Kirikos says
For a long time, I have been in favour of registrant validation as a proactive means to reduce abuse. Look up Twilio.com, if one thinks it would be expensive to automate phone/SMS verification
Andrew Allemann says
@ George – I suspect many of these verification tools are easy if you live in the first world. But what about third world countries?
George Kirikos says
Some of those “third world” countries have better/cheaper mobile plans than here in Toronto!
Also, mail is universal. If someone has a credit card to pay for the domain, how are they getting invoiced by the credit card company? Or, how are they getting statements from their bank? Or, how did they get the $10 to register the domain name in the first place?
Or, how are they going to be reached, in the event of a lawsuit? That’s ultimately the question, as you simply can’t live 100% online, and not be accountable/reachable in the physical world.
Rob says
some comments on this issue make out as though it will be a major headache to do this. rubbish.
when we jump on a plane we go through such “major” inconvenience. ditto for opening a bank account, getting credit, buying a house, car, getting a driver’s license, blah blah blah blah blah. this is unfortunately a sign of the times in that we must verify everything about ourselves because of all the criminal activity going on.
first of all, just get over it and get on with it. second, if we can in some way contribute to making it harder for the crims wouldn’t we want to do that? or are we too lazy and “inconvenienced”?
Jeroen says
@George,
Having lived in a third world country for several years myself, I can assure you a verification by regular mail would be a major obstacle.
I’ve had the luxury of having a European based address with paypal an cc while being there. Our home didn’t have an address but instead a physical description of the area. Try entering this kind of information in a whois or official registration form.
Nowadays, it’s already hard enough for locals to have access to credit card, paypal or a domain name. A verification system will make it nearly impossible for many individuals to obtain a domain name and once again, they would be left behind.
George Kirikos says
Jeroen: So are you suggesting that people who cannot be located in the physical world, and are thus unable to reached for a lawsuit in the physical world, are *entitled* to a domain name? Having unaccountable entities owning domains is simply irresponsible.
I would suggest that if verification was required, that the market would adapt and that no individuals would be “left behind”. Services would spring up to provide those individuals with physical addresses, etc., to comply with any verification requirements. To some extent, they already exist (e.g. EarthClassMail.com). Since they’re non-free, they’re not infinitely-supplied “throwaway” credentials that criminals can exploit indefinitely.
theo says
I see a chance for ccTLD’s who deal with this matter in a better fashion.
help says
“Having unaccountable entities owning domains is simply irresponsible.”
We already have and unaccountable entity running the whole system …