Save on Streaming Android 13 Best iPad Best Samsung Phone Best Password Manager Sony Headphones Deal Gym Membership Savings MLB 2022
Want CNET to notify you of price drops and the latest stories?
No, thank you

Whois at heart of congressional hearings

The launch of seven new top-level domains is fueling concerns about the thoroughness and privacy of the publicly searchable database.

The launch of seven new top-level domains is again highlighting concerns about the thoroughness and privacy of publicly searchable databases.

Whois, a database that contains personal contact information of people who register Web sites, is the subject of an oversight hearing before a House Judiciary subcommittee on Thursday.

People representing privacy groups, trademark holders, copyright owners and software makers will testify before the committee, which is using the event as a fact-finding mission. There is no specific Whois-related legislation planned.

Copyright and trademark holders say a thorough, accurate database is necessary to pursue people who pirate their works and post them for free on the Web. But privacy advocates worry that a single, centralized system makes it easier for everyone from marketers to stalkers to abuse people's privacy rights.

Jason Catlett, president of anti-spam company Junkbusters, says that at the very least, people should be able to use pseudonyms when registering their domains. "Given that the compilers of marketing lists have for years used Whois registration information as a source of personal information, concerns over data privacy are well justified," Catlett wrote in testimony to be submitted Thursday to the House Judiciary Subcommittee on Courts, the Internet and Intellectual Property. "Most people avoid putting their home address on their Web sites, and they should be able to register a domain name without effectively giving up this precaution."

But it's not just the marketers that are compiling the information.

VeriSign, the largest domain name registrar, already has come under fire for organizing the contents of its Whois database and selling packages of the information to marketers. VeriSign's Network Solutions used to be the sole keeper of Whois information, but that duty is now split among about 80 companies that register domain names.

As the new domains go online, the database of Web site owners will become even more fractured than it already is, because dozens of new registrars will be in charge of gathering the information and sending it on to one of several separate database keepers. People searching for owners of specific Web sites may have trouble finding them because they'll have to look in several databases.

Although keeping accurate records is one of the prerequisites for becoming a registry--or a retail seller of domain names--the requirement is not often enforced, meaning that many Whois records are often outdated or just plain wrong. Copyright and trademark owners worry the problem will worsen as more domain names become available.

"The Whois database is the first step that people who've been duped can take to find out who is doing the deed they want stopped," said Susan Wilson, senior policy counsel for the International AntiCounterfeiting Coalition, a trade group representing major trademark holders including Microsoft and Levi Strauss. IACC's president, Tim Trainer, is scheduled to testify Thursday. Other speakers expected to participate include Doug Lowenstein, president of the Internet Digital Software Association, and Lori Fena, chairman of privacy seal group Truste.

Congress has taken an increasing interest in the actions of the Internet Corporation for Assigned Names and Numbers, or ICANN, the body charged with overseeing administration of the Internet. In the spring, the House held hearings on ICANN's planned launch of the new domains. The Thursday hearing is a follow-up to that because many people expressed concerns over Whois. The committee also may hold hearings to investigate the progress of the new domains as well as the rise of address systems that don't adhere to ICANN's rules.