News & Updates
New Report Shows Widespread Issues with Domain Name System Registration Accountability
A new report reveals widespread problems with access to and the reliability of domain name registration data systems (WHOIS). These failures have real-life security implications, which are being seen in the current wave of cybercrime accompanying the COVID-19 pandemic.
EU Parliament asks the EU Commission for a Response on Outstanding WHOIS Access Issues
On February 11, 2020 the EU Parliament submitted questions to the EU Commission on outstanding WHOIS access issues.
CSTI Statement on U.S. House of Representatives Resolution on WHOIS Access
In response to the introduction of a House Resolution by Congressman Bob Latta (R-OH) that highlights the need for transparency online, the Coalition for a Secure and Transparent Internet (CSTI) issued this statement.
DEA and DOJ Speak at CSTI’s Capitol Hill Briefing
The Coalition for a Secure & Transparent Internet (CSTI) hosted a Capitol Hill briefing entitled: “What is WHOIS: Understanding One of Our Most Critical Cyber Assets.”
‘EU Privacy Laws May Be Hampering Pursuit of Terrorists’
The European Union’s strict new privacy rules may hamper work such as a previous crackdown on the militant group Islamic State’s online propaganda network.
‘New Lobby Against EU’s Domain-Name Privacy Rules Sparks Congressional Interest’
Eight months after Europe’s General Data Protection Regulation sent shockwaves across the tech industry, a new lobbying organization aiming to scuttle one of its most disputed provisions is gaining traction on Capitol Hill.
Since beginning its life last fall, the Coalition for a Secure and Transparent Internet has picked up the support of The App Association, the Motion Picture Association of America, the Recording Industry Association of America, the Alliance for Safe Online Pharmacies, the Center on Illicit Networks and Transnational Organized Crime, and several other high-profile groups.
‘EU Privacy Rules Hobble Online Sleuthing’
Cybersecurity stakeholders are pushing U.S. lawmakers to rescue WHOIS, a tool for identifying internet domain ownership that’s been hamstrung by the European Union’s privacy regulations.
Why it matters: WHOIS has been a public address book for domain owners since the earliest days of the internet. A bevy of online investigators — from law enforcement authorities to human rights groups to cybersecurity researchers — have long relied on its data. But the EU’s General Data Protection Regulation (GDPR) deems the information in WHOIS to be too personal to share without a thorough consent agreement.
CSTI to Host 2/7/19 Briefing: “How the Loss of Open, Accessible WHOIS Data is Turning the Open Web Into the Dark Web”
Since the dawn of the internet, law enforcement and security experts have relied on open, accessible bulk WHOIS data to protect networks, fight crime, and investigate online abuse. Companies and consumers also use on WHOIS data, directly and derivatively, to determine from whom they are buying goods or services. WHOIS data is the contact and technical information that registrants provide when setting up a domain name, much like the white pages of the internet.
FDA Cybercrimes Investigations Unit Presents Testimony to Senate Caucus
“Conducting online investigations is not easy, and FDA has a narrow, but important role in combating the online sale of opioids. For good or bad, much of the Internet ecosystem, including dark nets, have adapted and changed to build in anonymity. Public information about the owner of a domain name, known as “whois” data, is now often impossible to access with the implementation of the European General Data Protection Regulation (GDPR)…”
– Daniel Burke, Senior Operations Manager, Cybercrime Investigations Unit of the U.S. Food & Drug Administration
How Has GDPR Affected Spam?
“The real answer is that it is far too early to tell. Various articles currently state that ‘nothing has happened’ as a result of GDPR or ‘spam has fallen slightly’; however, the true effects of GDPR providing anonymity to domain owners will take a long time to play out. The main crux of the matter isn’t the effect GDPR is having on spam levels, but how it’s hampering organizations from effectively stopping career cybercriminals from defrauding innocent people.”