FWIW I 99% agree with you, maybe 100%. I've said about the same thing for many years. If you do business with the public you have to disclose your identity. "Identity" is generally defined, as a minimum, as someone and some place to serve legal notices. And sufficient to identify any business licenses or equivalent, corporate filings, trademarks, case law, etc. Most countries of any legal sophistication have long required this in general, long before the internet. No doubt there will be gray areas but as the expression goes: Hard cases make bad law. They can be worked out, they have been worked out in the non-online world, this is not a new idea. On July 20, 2025 at 13:58 mysidia@gmail.com (Jay Acuna) wrote:
On Sat, Jul 19, 2025 at 6:46 PM Dorn Hetzel via NANOG <nanog@lists.nanog.org> wrote:
None of my personal domains have any sort of privacy turned on, never have (it didn't exist when the oldest ones were registered via SRI), and never
I'd suggest one of the problems is the registry's failure to distinguish between a domain to be managed by a network operator or a business/organization properly for conducting commerce, such as selling products, or soliciting payments, through the online presence attached to their domain; Versus a domain used and owned by an individual for personal usage; such as a personal blog, or personal email box.
Personal domains should merit privacy, I would think, and there should be a means of displaying the hosting provider or network operator's contacts in WHOIS, instead of the registrant's home information for a personal domain. To avoid exposing their home address and other such personal info.
But for a business: there should be no "Privacy", and the registration ought to list contacts at their office or place of business. Which also are not subject to GPDR protections, since they are the Information for a business and not a person's personal details.
For example; If I find the online website of a business considering to do business with them, then I expect to find verifiable business Information in WHOIS, and it is necessary information to help confirm the legitimacy of an ecommerce website or commercial email message.
A WHOIS indication on the business domain showing masked details or missing information would be a strong indicator that the domain is used by scammers, phishers, etc. You ought to always be able to WHOIS a business domain and see the purported administrative business contact details for their network or company.
Personally, it feels skanky to do it, but I guess that's just one opinion. -- -JA
-- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: +1 617-STD-WRLD | 800-THE-WRLD The World: Since 1989 | A Public Information Utility | *oo*