My weekly technology law column (Toronto Star version, Ottawa Citizen version, homepage version) revisits the disappointment with CIRA's implementation of its new whois policy. While dot-ca registrants across the country were being advised of the new policy last April, special interests representing law enforcement and trademark holders were quietly pressuring CIRA to create a backdoor that will enable these two groups to have special access to registrant information. Just days before the new policy took effect, CIRA caved to the behind-the-scenes pressure and took a major step backward in the implementation of its policy.
CIRA has defended the changes by arguing that the policy will be reviewed in 12 months and that it falls to the government to provide legal protection for whistleblowers. Yet CIRA could just have easily retained the no-exception policy and reviewed its effect one year later. Moreover, it is CIRA's policies – not government law and policy – that leaves online activists stuck between the proverbial "rock and a hard place." The CIRA whois database is one of the largest publicly-accessible databases of personal information in the country. The agency's last minute about-face represents a significant setback for those registrants who were promised better privacy protection.