Earlier this year, I wrote glowingly about the new CIRA whois policy, which took effect today and which I described as striking the right balance between access and privacy. The policy was to have provided new privacy protection to individual registrants – hundreds of thousands of Canadians – by removing the public disclosure of their personal contact information (though the information is collected and stored by domain name registrars).
Apparently I spoke too soon. Faced with the prospect of a privacy balance, special interests representing law enforcement and trademark holders quietly pressured CIRA to create a backdoor that will enable these two groups (and these two groups alone) to have special access to registrant information. In the case of law enforcement, police can bring cases to CIRA involving immediate risk to children or the Internet (ie. denial-of-service attacks) and CIRA will hand over registrant information without court oversight. In the case of trademark holders (as well as copyright and patent owners), claims that a domain name infringes their rights will be enough to allow CIRA to again disclose registrant information.
This represents a stunning about-face after years of public consultation on the whois policy.