It is an important principle in the [EU Data Protection] Act that people should be able to register for the service without thereby disclosing their private information. At the same time, we and others want to ensure that people violating laws and policies can be tracked down and sites taken down when required.
The compromise position is the .name Whois - where anyone can get basic, non personal information, that will serve technical purposes very well. With the basic information, the Registrar and nameserver operators can be tracked down and the domain can be taken off line. However, for those in need of detailed personal information, the .name Whois provides it, provided that the requestor can be identified, either via 1) a token credit card payment, or 2) a contract with Global Name Registry for persistent access. The latter is free, the former a token $2. High volume requestors like law enforcement will use the second method.
We believe this is the best possible compromise between two very different positions - both legitimate - on one side, that personal information should be protected, as per the EU Data Protection Act, and on the other side, that bad registrations should be identified and remedied.
As an aside, Whois was a technical tool that evolved from its legacy into a vastly differently accessed database today than 15-20 years ago, both in purpose and in outreach and volume. The ICANN Whois working groups have identified that Whois is probably not the vehicle to solve the problems you outline, it is a slow process and we hope a different access method for those with legitimate needs can be made available outside of Whois, thereby protecting personal data in the process, once the policies have been set.
