It has officially been over a year since the European Union’s General Data Protection Regulation (GDPR) took effect and in that time, we’ve come to see both the benefits, and the very serious drawbacks of this program. While the implementation of GDPR has been heralded by privacy advocates as a major step forward in keeping the personal information of individuals safe, it has also had the unintended consequence of making it easier for individuals and/or entities with less than honorable intentions to effectively disappear online.
The WHOIS database, the formerly public registry of web domains that contained information about every registered domain including the registrant’s name and basic contact information, has been effectively rendered useless, with the information now largely redacted by domain name registrars. Methods for requesting obtaining that information is now unique to each registrar and even then, registrars are free to decide whether or not they want to comply with that request.
And within this void of unaccountability cybercriminals are exploiting this privacy loophole, as they now may launch malicious domains with anonymity. As a result, security researchers and law enforcement are finding that it’s now exponentially harder to do their jobs keeping the web safe. See EU Laws May be Hampering Pursuit of Terrorists1
Other groups facing similar problems with criminals utilizing this privacy loophole include consumer protection agencies, child advocacy groups, anti-human trafficking organizations, intellectual property rights holders and brand protection agencies, to name just a few.
IBM X-Force Threat Intelligence Research recently released a report which shows just how much of an impact GDPR is having when it comes to utilizing traditional WHOIS information for the tracking and blocking of malicious domains and other nefarious web based activities.
Comparing recent enforcement data to pre-ICANN policy changes enforcement data reveals stark statistics about the risks faced by consumers in a post-GDPR world. Prior to the implementation of GDPR, security researchers were able to identify and block 1.8 million newly registered malicious domains in October of 2017 alone. Fast forward to February of 2019 and that number drops to less than 160,000. That means that effective enforcement efforts utilizing WHOIS information is now just 9%, leaving a staggering 91% of potentially malicious domains and the sites to which they link up and running, and the criminals who run them, unhindered.
While there is no question there is a need to keep the private information of the public safe, it is clear that the GDPR as it applies to public safety should be re-evaluated. Cybercrime is a $600 billion a year business, and with GDPR making it easier for criminals to thrive with relative impunity, that number is only going to increase.
Completely eliminating GDPR and returning the WHOIS database originally public status is not the answer, which is why the need to establish regulated access for individuals involved in cybersecurity, law enforcement and web safety and security should be thoroughly explored.
For those who need to access the WHOIS database, AppDetex offers their WHOIS Requestor System (AWRS). Developed for and used by customers to obtain non-public WHOIS data, AppDetex sends customer verified, non-public WHOIS data requests for cybersecurity, consumer protection and IP enforcement activities to ICANN-accredited registrars.
Until a satisfactory compromise can be achieved, online crime will continue to thrive, making it obvious that the price of online privacy is apparently safety and security.
To learn more about AWRS, click here:
