Why threats to WHOIS access raise concerns for online security and law enforcement.
Senior Vice President, Global Innovation Policy Center, U.S. Chamber of Commerce
June 08, 2023
What’s happening: The Policy Forum for the Internet Corporation for Assigned Names and Numbers (ICANN) is scheduled to take place during the week of June 12, 2023, with the captive WHOIS database being a prominent topic on the agenda.
”WHOIS” is not an acronym but a shorthand for “Who is responsible for this domain name?” The WHOIS database functions as a publicly accessible directory that houses the registration details of websites. This includes information such as ownership, contact details, and registration dates. It is a valuable resource for identifying and connecting with the owners of specific domain names or websites.
Role in crime fighting: The WHOIS database has been vital in internet system administration since domain names were introduced. While practical, it’s also valuable in combating online abuses like IP infringement, phishing, impersonation, counterfeiting, and child sexual exploitation. However, since 2018, public access to information has significantly decreased.
Access to WHOIS data has been threatened by registries and registrars associated with ICANN throughout the history of the internet. However, implementing the European Union’s (EU) General Data Protection Regulation (GDPR) in 2018 provided a legal basis for these threats to have a global impact. Consequently, malicious entities know that a valuable investigative tool has been eliminated, making it more challenging for authorities to hold them responsible for abusive domain name registrations and related illegal activities.
Fortunately, there are practical approaches to tackle and reduce the adverse effects of an inaccessible WHOIS database. Although ICANN recognized its limitations in resolving the problem, the EU adopted the Network and Information Security (NIS2) Directive. This directive mandates that registries and registrars collect detailed information, known as “thick WHOIS,” and provide free access to accurate WHOIS data. Despite these advancements, ICANN must update its WHOIS policy to align with NIS2, as contracted parties argue against necessary changes. Nevertheless, all EU member states will implement NIS2 by October 2024.
The negative consequences of such an outcome are clear, and it could set an unfavorable precedent both within the U.S. and globally.
“Web 3.0” domains are emerging as decentralized alternatives to ICANN-controlled extensions. Operating on blockchain technology, these domains operate independently from ICANN’s root server system. While the potential of this technology is promising, it needs effective governance measures. These domains lack associated registration data and mechanisms to handle cybersquatting issues, such as ICANN’s Uniform Dispute Resolution Procedure (UDRP).
For businesses with an online presence, whether a simple website or a full-fledged e-commerce platform, expressing concerns about WHOIS policy is crucial. While privacy advocates calling for an inaccessible WHOIS database may have good intentions, their actions have led to unintended consequences. This approach hampers investigations into threat actors, allowing them to engage in criminal activities while leaving consumers with limited recourse. Europe acknowledged this unintended consequence and emphasized the need for an accessible WHOIS system for law enforcement, child protection, and cybersecurity. The United States should likewise recognize this and prevent further erosion of WHOIS access.
Kilbride is senior vice president of the Global Innovation Policy Center (GIPC).
View this online
View all topics