CIRA’s Backdoor Access in New WHOIS Policy

My weekly technology law column (Toronto Star version, Ottawa Citizen version, homepage version) revisits the disappointment with CIRA's implementation of its new whois policy. While dot-ca registrants across the country were being advised of the new policy last April, special interests representing law enforcement and trademark holders were quietly pressuring CIRA to create a backdoor that will enable these two groups to have special access to registrant information.  Just days before the new policy took effect, CIRA caved to the behind-the-scenes pressure and took a major step backward in the implementation of its policy.

CIRA has defended the changes by arguing that the policy will be reviewed in 12 months and that it falls to the government to provide legal protection for whistleblowers. Yet CIRA could just have easily retained the no-exception policy and reviewed its effect one year later. Moreover, it is CIRA's policies – not government law and policy – that leaves online activists stuck between the proverbial "rock and a hard place." The CIRA whois database is one of the largest publicly-accessible databases of personal information in the country.  The agency's last minute about-face represents a significant setback for those registrants who were promised better privacy protection.


  1. How Can They Ignore Canadian Privacy Law
    Canadian privacy laws were enacted to prevent abuse by police and powerful corporations as much as anyone.

    I called them recently asking for referrals to several registrars that provide \”bulk registration\” services (this is extremely rare for .ca registrars – in fact I haven\’t found one yet). They weren\’t the least bit interested in helping me, and told me they couldn\’t give out that information!

    So they can\’t provide information about their own services and registrars to help a customer, but they can give out my information whenever some bozo makes a frivolous trademark claim.

    Typical 3rd rate Canadian bureaucracy at work stifling innovation and competitiveness.

  2. Who are the stakeholders?
    Are not the police and trademark owners also stakeholders? I presume that these groups gave input during the consultation. Why should CIRA force the police or trademark owners (i.e. seeking a court order at the cost of thousands of dollars and stretched court resources) to address a $30 domain name registration that is in violation of another’s rights? Your issue with the exception seems to be with the process — (that it happened at the last minute). By your own admission – the exception is very narrow and not unreasonable. Can’t you give CIRA credit for doing something that no other ccTLD organization has done? We are breaking ground here in Canada.

  3. largest publicly accessable database
    Btw, the Toronto White Pages phone directory is a much larger publicly accessable database to personal infromation that CIRA’s whois service.

  4. Glen A. Pearce says:

    I opt to display my .ca WHOIS info publicly anyways. Of course the address listed is my P.O. Box. So I’ve really had the degree of privacy that I’ve required since day 1 when I first registered a .ca domain name. ^_-

    That’s enough to keep my residence private. People can phone and E-mail and snail mail me all they want.