Teeming with anonymous and otherwise hard-to-find Web-site operators, the Internet has proved a frustrating place for Canton (Conn.) trademark attorney Julianne Bochinski. Sometimes it's impossible, she says, to find a scrap of contact information, be it a phone number, or even just a name, of a site owner who's infringing on a client's trademark. "It's very tangly out there right now," she says.

When all else fails, Bochinski turns to what's commonly called WHOIS (www.rs.internic.net/), the database of Internet domain registrations run by Network Solutions Inc., the company that maintains some 3 million .com, .net, .org, and .edu Web addresses. In the Net's universe of elusive cyber-identities, WHOIS -- a spartan, but favorite tool among Web techies -- is one of its few outposts of real-world accountability. Type in a domain-name search into the free WHOIS database, and it spits out technical locating information, as well as a contact name, telephone number, and billing address of the company or person who owns the given domain name. (The data is actually Network Solutions' own billing records.) "Who knows anybody out there on the Internet?" wonders Bochinski, who has sent cease-and-desist letters to site owners she first located using WHOIS. "You want to have some way to contact people. It's important."

Soon, however, this well of contact info might dry up. Company officials confirmed on Dec. 23 that Network Solutions is considering limits on the amount of information it releases via WHOIS. The reason: To protect registrants' privacy. Though no final plans are set yet, that may mean dismantling the current WHOIS database, or more likely limiting access to some of the database -- such as phone numbers or individuals' names.

Or Network Solutions may create a new system altogether, which might provide contact information for legitimate business users only. No one is sure what will happen yet, say the officials. "The whole issue of privacy and what information is displayed through WHOIS is not a simple issue," explains David Graves, Network Solutions' director of business affairs. "There are a lot of things that balance and counterbalance each other."

"DOUBLE-EDGED SWORD." Indeed, the tug of war WHOIS is caught in exemplifies the tension gripping the maturing Internet. Users now expect that personally identifiable information will be held from public view, away from the wide eyes of marketers and scamsters. But as more day-to-day activities move online, users also want to know who's on the other end of a site. Originally developed and still used as a way for Web-site administrators to quickly find one another in event of technical problems, WHOIS has become an all-purpose look-up service -- for better or for worse.

"It's a double-edged sword," observes Ken Weiss, who runs computer networks at the University of Califonia, Davis. "The problem with being accessible to the public is you're accessible to the public." Further, he notes, "It can be used as a worldwide White Pages service. It can work for that. But a lot of people prefer to have unlisted phone numbers."

Network Solutions' coming changes point to a growing concern about Web privacy among U.S. and European regulators. Under what's known as the European Union "Privacy Directive," Web users must, for instance, be able to choose whether their personal data is publicly posted. On WHOIS, site owners -- who are Web users, by definition -- have no choice. Further, says the Electronic Frontier Foundation's Barry Steinhardt, users have the right "to know what's being collected and how it's being used."

Steinhardt falls into the camp that thinks WHOIS ought to be more circumspect about what info it makes public. "There are no limitations on the disclosure of information," he says of the database. "I think it is time for WHOIS to reassess its privacy policies...and bring them up to date with emerging concepts of privacy online."

ERRANT CALLS. UC-Davis' Weiss, for one, says the information provided in his school's WHOIS entry yields dozens of errant phone calls, all coming to a person who should be handling only technical calls about the UC-Davis network. "When you put someone's name down, you do it knowing that person is going to spend between 5 to 10 hours per month doing unproductive silly things," says Weiss.

Like-minded critics point to a string of more serious incidents in which the WHOIS data has been harvested by junk E-mailers, or spammers. That has riled people listed in the database, especially because they have no say over whether their information is released.

"I've listed bogus information simply for purposes of avoiding [crank calls]," says Ray Everett-Church, an attorney and lobbyist for the anti-spam group Coalition Against Unsolicited Commercial E-mail. As Everett-Church points out, WHOIS is full of other bogus data posted by those who simply prefer their privacy, as well as by registrants who are spammers, adult-site operators, and other shifty types. Laughing, he says he has seen WHOIS information from a spam site that "placed the owner as being somewhere from Mars."

Network Solutions says it cannot verify all the data for millions of domain registrations. To maintain accuracy, it counts on the fact that the WHOIS database is essentially a billing database. If someone submits false contact information, they won't get their invoice, and thus will likely lose a domain name. "We have anecdotal evidence that there is false information," concedes business manager Graves. "But I can't imagine how we would verify the accuracy of information on an application from Bosnia."

PLAN FOR ACCESS? The quality of its data aside, the possibility that Network Solutions will shore up its privacy policy and restrict the amount of data it provides rankles some who've become dependent on the WHOIS service. "It would certainly make life more difficult for lawyers representing clients for trademarks," says David Maher, a leading Internet and patent attorney at Sonnenschein Nath & Rosenthal in Chicago. "Ultimately, I think there has to be some internationally agreed means of making the database available for legitimate purposes," he adds.

Maintaining networks without WHOIS will only worsen the effects of security breaches, speculates Russ Hobby, director of advanced network applications at UC-Davis."If someone from another site is attacking your site, you want to contact that network administrator," says Hobby. "You need someone who is local, but you need to find out who that is in the first place."

Adds Network Solutions' Graves: "We are trying to balance what are sometimes mutually exclusive issues." Just how the company does that will shape how the Net's anonymous masses get to know one another.

By Dennis Berman, staff reporter, Business Week Online