The privacy of countless website owners is at risk, thanks to a proposal in front of the byzantine international organization at the heart of the Internet: ICANN. If adopted, the new proposal could limit access to proxy and privacy services, which protect domain registrants from having their home addresses exposed to everyone on the Internet.

When you register a domain, you must post information, including an address, phone number and email to a global database called WHOIS. The information is easily available online via a terminal command or an online lookup tool. If a domain registrant doesn’t want the Internet masses to know their address or phone number, they have two options: enter modified information, or use a privacy or proxy registration service that hides the information behind that of a company.

WIRED Opinion About Sarah Jeong is a journalist who graduated from Harvard Law School in 2014. She writes about technology, policy, and the law. Kendra Albert is a Harvard Law School JD candidate and affiliate at the Berkman Center for Internet and Society. She tweets about video games and tech law at @KendraSerra.

Both the authors of this op-ed use privacy services. For example, if you run a WHOIS search on sarahjeong.net, it will return:

Registrant Name: WHOISGUARD PROTECTED

Registrant Organization: WHOISGUARD, INC.

Registrant Street: P.O. BOX 0823-03411

Registrant City: PANAMA

Registrant State/Province: PANAMA

Registrant Postal Code: 00000

Registrant Country: PA

Registrant Phone: +507.8365503

Registrant Phone Ext:

Registrant Fax: +51.17057182

Registrant Fax Ext:

Registrant Email: FDDD70C4319D4C4E8ED157FA6D26C118.PROTECT@WHOISGUARD.COM

The proposal in front of the ICANN working group would limit privacy and proxy domain protection to websites that are not commercial and transactional—which sounds reasonable. However, the working group’s current definition of commercial could include the website of any small business owner who sells goods via an online store, or the website of an activist who takes donations to cover her living expenses.

Why is this information available at all? WHOIS is an archaic remnant from the earliest days of the Internet whose “fathers” neglected to think about the consequences of requiring domain owners to make their physical addresses public. In the early days, the physical address was usually a university building, not someone’s home, and the population of people online was orders of magnitude smaller. The Internet is a very different place today, one where the consequences of having your address online can range from prank pizza delivery to the arrival of a SWAT team with guns drawn (called SWATing). For many, particularly those who become the targets of online harassment, WHOIS proxy or privacy protections are vital for their safety. The Geek Feminism wiki, for instance, advises people who are being attacked on the Internet, or are worried about being attacked on the Internet, to use a domain privacy service for their website. Just over the past year, many game developers, journalists, and activists have had their home addresses maliciously exposed (popularly known as “doxing”) as part of the widespread harassment campaign known as Gamergate. “I fucking *moved* to get away from this shit,” tweeted Zoe Quinn, a game developer who has been the target of coordinated harassment since 2014. “And now ICANN might just be like ‘lol that was pointless enjoy the swatting.’”

Of course, the creators of the proposal weren’t intentionally trying to endanger activists, journalists, and other targets of online harassment. This policy change has been pushed by the American entertainment industry since 2013, says Mitch Stoltz, a staff attorney at the Electronic Frontier Foundation. The policy was crafted to make it easier for the MPAA or RIAA to go after the owners of commercial websites. It’s not yet clear what definition of “commercial” ICANN will adopt, but in the past, the entertainment industry has claimed that sites that merely run Google ads are commercial in nature.

WHOIS privacy services are a de facto tax on targets of online harassment: personal safety should come as a default, not as a premium service. But this premium service is, for many, what keeps them safe from real, imminent danger. The time is ripe to update WHOIS, but this is a step backward, not a step forward.

How can the ICANN proposal be stopped? It’s difficult, actually. According to Stoltz, ICANN listens to public comments “when they come from insiders who have actually invested in the policy-making process,” but it’s not so clear that they take “one-off public comments” seriously. Stoltz notes that such investment in the policy-making process is expensive, since meetings take place all over the world.

But there is some hope. A handful of dissenters inside the ICANN working group have made good points inside the official report, documenting serious internal controversy about the policy proposal and the definition of “commercial.” They note that “fundraising and membership drives are often performed by the very groups and organizations seeking privacy/proxy registration for protection, including minority political groups, minority religious organizations, ethnic groups, organizations committed to change of racial policies, gender orientation groups, and publications engaged in freedom of expression.” We can only hope that ICANN will listen to these working group members.

The ICANN working group and the entertainment lobby didn’t set out to aid and abet online harassment, but that is what this proposal would do. For many, including women who run their own businesses, being able to keep their WHOIS private is the difference between being harassed and being safe online. No lobbying group can ignore the weighty consequences of their policy proposals on members of marginalized groups. It’s time that we start taking online harassment seriously, and start thinking about how our governance structures and technical systems can be rewritten to protect people, not to make them more vulnerable.