Striking the Right Balance between Privacy and Public Protection

Ian G Batten I.G.Batten at ftel.co.uk
Fri, 25 Oct 2002 13:11:33 +0100 

On Fri, 25 Oct 2002, Richard Clayton wrote:
> There's just been a heated debate on (effectively) this topic relating
> to the proposed change in the Nominet "whois" data. I would characterize
> those who took part in this heated debate as being "the General Public",
> albeit those in the avant garde who already own a domain name :)

I don't agree with the analogy.  One of the reasons I flipped back to
batten.eu.org from batten-family.org.uk was this particular row, and I
think disclosure in that scenario is unwarranted.  The distinction, I
think, is that it's very difficult indeed to operate meaningfully
without disclosing a domain name, and there are many scenarios when one
would wish to advertise a domain name without advertising the physical
contact details.  This applies in many cases even to outbound use.

However, in the case of telephony, if you want to make outgoing calls
it's trivial to not disclose a phone number, and if you want to
advertise a service by phone without revealing a physical address,
mobiles, 0845, 07020 and other number ranges exist which impose an
indirection which would require a warrant to break.  Note this _isn't_
like the Nominet `PO Box' solution, which fails because a PO Box will be
disclosed to anyone who asks.

>         a) if their web sites contained pictures of children then
>         there'd be a queue of paedophiles outside their front door
> and
>         b) they had controversial material on their websites and feared
>         reprisals.

And c) it's a list of people with expensive gear in their houses.

> Mention was also made of what one might call traditional "anonymity
> seekers" such as battered wives and Huntingdon Life Sciences directors.

Both categories unlikely to use their vanity domains, but I take your
general point.

> I think that the main effect of the "available to any person" regime
> would be (just as looks likely to happen in the Nominet domain) to cause
> a very significant number of people to remove any useful information
> from the directories.

This dispute, for those of us over thirty five, was hashed out in the
mid to late eighties over address details in the uucp maps.  I helped
Peter Houlder sort out the LatLong details, and we started to find a few
people with home uucp links (Pete Collinson, Klaus Schallhorn).  They
were in some cases reluctant to have their home addresses listed, mostly
because of theft concerns.

However, I'm not sure the same argument applies to reverse lookups of
phone numbers.  Possession of a phone doesn't mark you as rich, and to
actually keep your home address private from a remotely resourced
opponent is almost impossible.  I'm not sure that being able to
translate my (XD) home phone number to my home address makes finding me
any easier.

> You may be asking whether the oversight for this level of intrusion
> should include after-the-event reporting to the data subject. Leaving

That's a good distinction.  I don't know.

ian