Clearly the registrars could be deploying earlier and more sophisticated checks on the data (or accepting third-party sources for such data that they trust, as discussed above). Depending on how strongly the legitimate registrants feel about the inadequate protection of the data by ICANN, they could still foil some of these methods. It certainly seems that the situation is currently so dire that ICANN probably isn’t in a mood to demand that registrars deploy methods with really high attribute assurance, because it’s costly to do so. So the legitimate resisters will continue to get mixed in with the fraudsters, which is a shame.

My guess is that treating the data with more respect, and publicizing that they’re doing so, would probably cause more good guys to give real data. What are the real use cases for random people looking up domain owners? Could that be throttled a lot more?

With the inaccurate data and people not wanting to disclose it, I think we do unfortunately have to look at motive.

For those whose motive is what I’d call typical “privacy protection” then there are legitimate services that provide this capability today. Unfortunately evidence has shown that the vast majority of private-proxy registrations are actually by those not with privacy motives, but illegal motives.

The real trick here is unfortunately going to be how to structure the system so that the system is general privacy preserving to the extent it should be, but that it still allows for unmasking of those behaving illegally.

I don’t yet know where that balance point is unfortunately.