Online privacy: Big Brother Plans from ICANN

Online privacy: Big Brother Plans from ICANN

What do ICANN plans for a centralised WHOIS database mean for domain name registrants? What are the risks and how will privacy be protected? Internet governance expert, Emily Taylor, offers us her insights.

ICANN Accreditation (Stasi Concept by Patrick Taylor)

Buy a domain and your personal details will be held in a giant database by a controversial nonprofit in California. And this is the same time that the world of domains is being hugely expanded. The Internet itself works and has worked because it is decentralised. The only component that isn’t – ICANN – naturally enough thinks everything should be centralized and given to it.  But the problems are obvious and huge.

In June 2014, a year after Edward Snowden’s revelations of mass surveillance, a group of experts proposed to fix ICANN’s WHOIS policy by centralising all the data in a single, über-database. It is a measure of how insular the world of ICANN has become, that this grim anniversary was marked with so little sense of irony.

The limitations of consent-based online privacy models

This week, the New Yorker’s article on the Right to be Forgotten quotes from Oxford Professor Viktor Mayer-Schönberger, and his prescient book “Delete: the Virtue of Forgetting in the Digital Age”, to describe how big, centralised, accurate databases can be repurposed in sinister ways.  This is not simply a theoretical risk. 70 years before the NSA and Snowden, the Dutch government set up a registry, which sounds a little bit like the WHOIS – quite bland, just a list of names and addresses, and religion of every citizen. When the Nazis invaded, they used it to track down Jews and Gypsies.

“the burden for managing online privacy falls heavily on the consumer, who is usually unable to understand legalese privacy policies” 

The EWG shows unswerving faith in “purpose based contacts” to guarantee online privacy.  This reflects privacy law’s reliance on the data subject’s prior consent for data processing, for legitimate purposes.  The trouble is, the concept doesn’t work in practice.

Subscription Form

Related Articles:
Latest Articles:

Already a subscriber? Login
RELX (UK) Limited, trading as LexisNexis, and our LexisNexis Legal & Professional group companies will contact you to confirm your email address. You can manage your communication preferences via our Preference Centre. You can learn more about how we handle your personal data and your rights by reviewing our  Privacy Policy.

Access this article and thousands of others like it free by subscribing to our blog.

Read full article

Already a subscriber? Login

About the author: