Labeled as information in Legal Discussion started by equity78, Aug 2, 2019.
How much is a UDRP?
They are not one and the same. One is a cookie control notification and the other is data sharing disclosure. They should both be good and fit for purpose.
It depends which provider you go with though, that varies the cost and whether you have a single panelist or multiple.
GDRP is a very bad thing for small webmasters. It's extremely difficult to understand the requirements as there are tons of things to read. It can kill small webmasters completely, especially the ones based in EU. Internet is already a monopoly.
Firefox + ublock origin plugin
There are 6 lists that can be added to "annoyances" section at ublock origin settings. One of them permanently removes cookie notices from all websites.
@equity78 @eternaldomains @poweredbyme @MadAboutDomains @ksusha64 @Kingslayer @DomainRecap @jamesall
@stub @Ron Jackson @Bob Hawkes
Don't make mistakes here :
The GDRP is a European regulation since 23/5/2018 that sadly has conequences for whois (what is shouldn't). Stricly speaking it's only for lists of people that companies own and that they have to take care what do with it. That's the primarly goal. BUT
Strictly speaking somebody (a European) that DOESN'T WANT PRIVACY in the whois of a .com, .net etc... he owns ('or leases), should be able to do that (make his whois NOT PRIVATE).. And THAT they can't do that IS THE NEGATIVE POINT OF THE GDRP for the moment. They (Europe) want to protect privacy where people sometimes DON'T WANT privacy in many cases (in the whois). They use a bazooka to kill a mouse. They simply say : ALL has to be private in the whois according to the GDRP. This leaves their citizens no choice. It's an obligatory privacy for the whois. (for the moment, because that can change).
And the UK-citizens (probably even if Brexit comes- will have hidden whoisses. (I saw that on a list I got from Godaddy of all the countries involved).
(NOTE I also discoverred that .TV doesn't bother and shows the full whois anyway).
Last year I contacted already several European MP's about this (of my country), but sadly the GDRP goes about a lot more then the whois, and you don't immediately get the MP on the phone but his or her co-worker or assistent.
They always ask to put it on paper and send it through. And my time is limited. And there were also the European elections recently.
What I do know : After my explanation to the asistents of theseEuropean MP's, they all said : "This was not at all the intention of de GDRP, as we see it." It's an uninteded consequence of the GDRP, that has to be fixed. But it will take time to change that.
Because the GDRP is not a mini-law. It regulates a lot of things. (not only whois), and has some very good things in it.
I also called a newspaper-specialist about internet and related things (PC, smartphones, etc...). He wasn't friendly at all on the phone. He only saw that I spoke for my own intention or profit. He didn't see for instance that a non-private whois is better in many cases : If I see a website for instance, and I think it's malicous, I check the whois to know who I'm dealing with. But if nearly everything is private, you can't check that (unless there's a court order to release the whois).
I certainly will contact him again by email with the above article.
A UDPR is something totally else existing already a long time, it's a procedure from somebody where a person or company finds that the current user or owner of the domainname maliciously (or with false intent), registerred a domanname, alhough the complainer has already a Trademark. (It's not 100% 'having a trademark, it's more complicated then that; but I don' have time to explain it totally here), and this is not handled by a regular court, but by a special domainnamecourt (so an inner ICANNcourt) about that, residing in Switzerland.. To start a UDRP-procedure against somebody who has a domainname that should be yours (according to you, because lots of reasons you think you have for that name) costs 1.500 USD to begin such a procedure.against somebody (an you can't recuperate this money, even if you win the courtcase - or better the inner-ICANN-courtcase).
Above MESSAGE also for @James Iles @christopherjohn @DN.com @Infinity @johnn @Kenny @DomainNameBroker.com @Ritesh Chauhan @Rob Monster @masonzhang @namesilo @lolwarrior @Silentptnr @equity78 @eternaldomains @poweredbyme @MadAboutDomains @ksusha64 @Kingslayer @DomainRecap@jamesall @NameDeck @eurorealtor
@stub @Ron Jackson @Bob Hawkes @Joe Styler @Allen999
@Paul Nicks @AlanShifflet @Bram C. @BrandXDomains @Dynadot
ALL THE ABOVE +
ADDENDUM : For domains registerred at GODADDY, they (godaddy) use a trick : You are able to send a message of a particular domain (that has to be registerred at Godaddy) : It goes like this : you use whois.godaddy.com and search for the owner : You don't see much in case owner is European person, BUT WHEN YOU SCROLL TO THE BOTTOM OF THAT PAGE YOU SEE THAT YOU CAN CLICK A SENTENCE TELLING "SEND MESSAGE TO THE OWNER". So via this system you can send an email to the person who'se hidden. (and he or she even sees your emailaddress) if he tries to reply or he directly see his emailladdress..
So if you get such a reply you will see that (Godadddy sends you an email that a message has been sent to you this way and what the message is).
GDPR this and that.
What do you mean bad idea? Because of a bunch of domainers?
Back to school guys. If you think that the blatant abuse of people's privacy is ok, like publishing hacked address lists on flower sites... even secret addresses of women who then get murdered by their ex spouses then you need to really look at what this is about.
In Sweden anybody can be called a wife beater, rapist, etc by some of the crazy women, in the family courts where custody etc is decided. Those are not criminal courts, they are family courts, so they can say what they want there without being punished, and it is based on Germanic law not English so let's not get into that. A woman can scream her head off there and the man has to just take it. Yes there is a way to stop it. Don't get together with a crazy person (like 99% of foreigners do here - Yes even some of our crazy people are extremely attractive outwardly). Anyway even these people now have the right to request privacy for the documents the courts used to spew out.
Other people have the right to be removed from being in the mainstream. Not to appear in Search Engine results etc.
This can be a good thing.
ps. Swedish relationships never last. ds
You answer to @ksusha64 's question in the beginning of the thread. Not what I'm telling here above. In my last messages I already wrote that for several things protecting privacy is good. But not if it's obliged in the whois. People must have the right to show information of their belongings (a domainname) if they want to ; and that they not be obliged to hide their name address telephonenumber by default. We must have the possibility to show and not have privacy in whois by default, or it should be made possible for Europeans to turn "privacy" off, if they want to.
Indeed GDRP is for lots of things good. But there are unintended consequences (= We can call them beginnerfaults of a new law once the law goes into effect), like default privacy in whois, for domainnames, without having the possibility as European citizen to wave the privacy, so that people can find their emailadress, name etc...For me a hidden whois was in my mind before 23/5/2019 suspicious (unless if is were some specific domainnames where privacy is adviced). And that's the whole point. I want to have the possibility to put on "non-private the whois" and not obliged to be hidden. (despite the junk I'm getting if I do that, but my email-program is sorting out most of the fake mails / spam etc)).
SOMETHING ELSE : I urge the REGISTRARS TO SET UP SOMETHING LIKE GODADDY DOES : SENDING EMAILS THROUGH TO PRIVACY-users (from EU, where that is by default private) as explained in my previous message. Because now the market is disturbed by this mumbo jumbo. Of course the registrars have to warn the registrants and there have to be a possibility to keep privacy. But there should be certainly an opt-in to sending emails though to "no-privacy"-owners of domains by Europeans. (they should have the possibility to approve sending emails through despite private whois).
I thought that ICANN mandated that they have to provide this already...?
Thanks, I didn't know that, I hope they will do that in the future.
In any case I'm already a long time busy with domainnames, and only 1 dutch company sent an email through (and it was of a visible whois-domain LOL ).
THIS SENDING THROUGH SHOULD BE INDEED ALWAYS THE CASE. THANKS FOR THIS !!!!.
TO EVERYBODY : SEND EMAILS TO YOUR REGISTRAR TO ASK TO INTRODUCE THIS, IF THEY HAVEN'T BEEN DOING THAT !!!
@jamesall @Dynadot @namesilo @ @dynadot_sam @Joe Styler @GILSAN @Sufyan Alani
@.WS Registry - WebSite.ws registry
We do forward all non-spam emails to domain privacy users currently, and for TLDs that still show the full WhoIs record (such as .com) we allow the privacy to be removed by the registrant if they wish to. Unfortunately for TLDs that have the WhoIs record redacted at the registry level this isn't possible.
Thanks to Dynadot for replying to my @Dynadot above.
I have also to write here that in message 32 of this thread, I mistakenly talked about 23/5/2019 as startdate of the GDPR, although in the earlier messages I wrote 23/5/2018. It has to be 23/5/2018.
The system that I'm talking about is of course that registrars should put in every whois that's private, an emailaddress that isn't the real emailadress of the owner of that domainname, where yet somebody can send a message to that actually arrives in the inbox of the emailaddress of the real owner of the domainname, OR that on whoispages (like godaddy does) : a link like "SEND MESSSAGE TO THE OWNER".
BUT THIS SHOULD BE VERY VISUAL and not somewhere at the bottom of a private whoispage (andalso in case of a non-private whois) like godaddy does, but somewhere in the whois or on their site, so that people FIND THIS VERY QUICKLY. @Joe Styler
I remember vividly that I called last year (and maybe again in the beginning of this year) the Godaddy premier employees find this problem (the private whois for all registrations of Europeans for nearly all extentions) the biggest problem of the year. They even contacted the European Comission or somebody of the European Union, and got a no at the request to change that (I think the pressure has to go up). But of course FIRST EUROPE WILL HAVE TO FEEL THAT WHAT THEY AREDOING IS st*p*d.
OTHER REASON FOR Nnon-private whoisses is the following.
I'm used to check always the whois of sites I don't trust fully (or that I visit for the first time for instance to buy something from their website). I take the emailaddress or the name of a personal owner or the company out of the whois-searchresult of the domainname of the site I'm visiting, and put it in google (or another searchsite) to see who I'm dealing with. (Encription may is interesting to play safe, but a non-private whois is also important IMO).
In any case for European citizens and companies should be alarmed by the article from the starter of this thread and the enormous impact GDPR has : and especially the following sentence of the article :
"GDPR is taking a hit out of European website traffic and e-commerce. A recent study shows that since GDPR went into effect, page views are down by 9.7% and revenue decreased by 8.3% due to GDPR."
Personally I love and have private whois enabled on my domains for over 15 years, long before GDPR. When asked I always recommend private whois to other domain owners. Even I paid extra for private whois in my newbie years. However private whois must be optional for those who disagree on its importance.
PS. I read your post and replied as you quoted my username.
For web surfers there is a solution to get rid of the cookie notices. But if you run a website there is no easy solution.
On the surface, intention of GDPR looks like protecting privacy of EU citizens. GDPR is a joke. All servers log IP addresses of visitors. Without logging IP addrress servers can not run. IP address should not be defined as a private data or EU must give free VPN to everyone. There is no other solution.
Actually the cookie issue has nothing to do with GDPR, that came in several years before hand. This actual issue was due to be addressed by follow on legislation from GDPR.
Completely disagree. GDPR is purely about keeping users data secure and making sure companies are accountable with what they do with that date. I highly encourage you to read GDPR if you have not already done so. Alternatiely watch the following video that was recorded at a conference I attended last year. The speaker is well versed on GDPR (privacy by design is what GDPR was modelled on)
Again nothing to do with GDPR, this preceeded GDPR
Why would ICANN make more money from this? If you have a legal right to the detils of WHOIS they would still be available if for example you were bringing court proceedings against the owner. Why if hiding the whois details in general a bad idea?
It has everything to do with it. The GDPR legislation forced websites to seek explicit consent for cookies that track or contain 'personal information'. Implicit consent was no longer an option. So now we're all forced to answer the stupid question on every site we go on rather than it just being a semi annoying banner that could just be ignored.
It's not a bad idea. However, in practise as someone who has had to defend their registered trademark rights I can tell you now that even though registrars bleet on in their registrant agreements that they will release information to trademark holders, they don't always.
At this point you're left with UDRP (ICANN, or other providers) or real court proceedings.
One is cheaper than the other and makes ICANN money and doesn't require details to be sought. However if we could contact the registrant directly it could potentially be resolved outside of court and without UDRP.
If registrants didn't tighten their belts since GDPR, then it would be fine. But they did, because they stopped making troughs of money out of privacy.
If Namecheap gave those details out on a simple request basis they would be breaking GDPR. I very much doubt the meaning of the statement on the T&Cs was that anyone could contact them and ask for a domain owners details. What the T&Cs will be covering is when they are presented with a court order for such information or if ICANN come knocking.
It would be foolish for Namecheap to give put a customers details simply on an ask from someone and would potentially rewsult in a GDRP complaint unless the company was instructed to do so by the courts (which of course would then absolve them due to legal responsibility)
Show me that in GDPR and explain why the changes were made several years before GDPR were finalised.
No. It's their terms explicitly. Simples. Also they say they will cancel a domain - they didn't.
You're instantly assuming that my claim wasn't legitimate. It was, identifiably so.
Also you're explaining why it's all dumb, privacy providers using GDPR as an excuse to protect people that is. It's not there to shield people that break laws, it's there to legitimately protect personally identifiable information from misuse.
The changes to websites that asked for permissions to place a cookie in the user browser. The law that introduced them was actually introduced in 2011 (earlier than I recolected) and was qualoquially known as the Cookie Law. This Register article talks about the updates to the laws that were intended to straighten out some of the problems, they were meant to be introduced in time with GDPR however were delayed.
To be quite frank it makes no difference what so ever how they phrased it, There terms do not superceed laws.
Also I never claimed your request was not valid however what should Namecheap do to validate the claim? Namecheap have to comply with the laws of the countries they operate in as well as (in the case of GDPR) the countries in which the users involved are based. For Namecheap to comply with the law they would need to be supplied with paperwork from a court or similar establihment that had the rights to order the release of said information. Not some Tom, Dick or Harry that was making a random request (regardless of how valid said request is).
Previously you stated that:
What makes Namesheap (or any other registrar) Trademark experts? If they were required to validate your claim they would need to have extensive knowledge on the inner workings of Trademarks. Surely this is better for the courts or ICANN, who both (depending on the type of court of course) have extensive knowlege on how Trademarks work, therefore they are in a position to validate the merit of a claim and seek the details required.
Peter you really seem to be lacking a basic understanding of GDPR and how it relates to cookies. If cookies can be combined with other information (be it on the server or elsewhere) then consent needed to be requested as of last year. Before GDPR legislation it didn't, which is why the cookie notifications were implicit and didn't badger the user on every website.
Back to Namesheep, they don't need permission to "break the law". GDPR doesn't prevent the exchange of personal information with third parties, it requires them to disclose exactly what information is collected, who their information will be shared with and why and how their data will be processed. They did so in their registrar agreement, so they have done their duty. Therefore no breaking the law.
There's nothing wrong with logging visitor's ip addresses. The GDPR does not restrict you in logging this info.
The GDPR however does protect their citizens by not allowing their ISP to give up information about who is using that specific ip address without a court order.
There's a lot of debate at the moment about whether ips should be concidered personally identifiable information but as of now that's not really the case.
I will agree the GDPR causes a lot of issues as implement as of now. I don't feel this law is to blame, rather the neglect of peoples online privacy in the first place.
Moving forward at the speed we're at now, some measures have to be taken to protect peoples online privacy.
As for the annoying Cookie notifications, they're working on a law which would force browsers to include setting that would allow you to accept or decline cookies depending on their function by default so you'd be done with all these popups.
I know it hurts business in certain areas but in retrospect, these are things that should have been taken into consideration before we even 'started' the internet.
If your registrar does not forward email from your private whois, ditch them or settle for the consequences. It's not the law you should blame, it's the registrar offering you a subpar service compared to your needs.
I don't think GDPR is THE answer but at least it's trying to undo some of the basic issues we created regarding privacy in the first place. It's surprising to me that outside of the EU there is so little support for this. We're all ditching Facebook, hating Google but on what grounds if we don't support laws like the GDPR? We're not ok with them harvesting all our data yet we condemn laws prohibiting them from doing so just because people can't see our whois details? Bollox.
No, you are misssing the understanding that the cookie law was introduced in 2011 that said you had to gain consent for placing a cookie on a machine at all. This had nothing to do with GDPR. Please go investigate the cookie law. IT WAS INTRODUCED IN 2011. 7 YEARS BEFORE GDPR.
GDPR is about protecting what can be considered personal identifiable information. Cookies could be impacted by this but are not necessarily. As I have already said there was legislation that was intended to complement GDPR that was meant to bring the cookie law into line with GDPR but this was delayed.
Im sorry but that is exactly what GDPR does, it protects user data and what organisations are allowed to do with said information. It restricts them from sharing said informsation with 3rd parties unless required to do so by law, is required to operate as a business or is done so with the consent of the user.
You seem to beleive you are an expert on GDPR however do not seem to have grasped the basics here. I stronly urge you to read GDPR as I have done.
To be honst this is exactly why when you see people such as Mark Zuckerberg in front of the US Comitees they cite EU regulations and proceedings, They do not have anything at present that really protects user information. The current US laws really only kick in once you can prove that you as a user have been financially hurt from such actions (there are several states looking to address that however with their own GDPR like legislation). The EU tries to err on the side of protection to stop it happening in the first place
Separate names with a comma.