Internet users are being asked what they think about a year-old policy that boosts privacy protection for individuals who have registered dot-ca domain names.

The non-profit company that manages the domain has launched public consultations on the disclosure policy introduced in June 2008 for its Whois online directory. Whois is a tool that allows internet users to search for particular internet domain names to:

• See if they are available.
• View contact and technical information for the owner.

"The focus is we've made these changes, we've had 12 months' experience," said Michael Stewart, general counsel for the Canadian Internet Registration Authority.

"We wanted to revisit the issue to make sure we balanced the … desire for privacy and the desire for getting access to information where people have a legitimate need for it."

Prior to the changes, people could look up information such as names and email addresses for both individuals and businesses that had registered particular domain names, Stewart said.

Since the new policy was introduced in June 2008, information about businesses remains listed, but individuals' information is not disclosed. Those individuals can only be contacted via an online message delivery form.

The policy does have an exception allowing two groups of people to request access to the restricted information:

• Law enforcement authorities.
• Lawyers and others involved in disputes related to alleged identity theft or copyright, patent, or trademark infringement.

The new policy was based on previous public consultations, Stewart said.

However, when it was introduced, CIRA promised to hold more consultations after a year to see if the policy needed fine tuning or had unintended consequences.

Public invited starting July 6

The new consultations, launched on June 4, include:

• One-on-one interviews with some key stakeholders.
• A survey of registrars, registrants and CIRA members.
• A CIRA online member forum starting July 6.
• An open microphone session for members at CIRA's annual general meeting on Sept. 22.
• An open consultation with the Canadian public via an online forum on CIRA's website starting July 6.

CIRA manages only the Whois directory for only the dot-ca domain. Other internet registration authorities have their own Whois directories.

"We're probably the most advanced as far as protecting individuals' privacy," Stewart said. "It's a bit all over the map in other jurisdictions."

Whois directories are used by a variety of individuals, including network administrators seeking to register a domain name, law-enforcement officials and internet service providers chasing hackers and fraudsters and lawyers pursuing alleged trademark and copyright infringements.

However, the directories are also mined by spammers for email addresses. That is one of the problems that has led to increased privacy concerns about information in Whois directories in recent years.

When CIRA first introduced its new policy last year, privacy experts said the exceptions for law enforcement and those involved in legal disputes were too broad. Meanwhile, intellectual property rights advocates said the policy was too restrictive, making it difficult to pursue legal action against cybersquatters.