DomainTools | Sept. 4, 2018
“2018 has been a tough year to be a domain name Whois record. For years Whois has been a favorite and uniquely effective tool of security researchers and law enforcement to battle cybercrime and cyberattacks, yet now that data will be kept under wraps to be metered out, if at all, under the watchful eye of domain name registrars whose strongest orientation in this matter is to their own legal certainty and the privacy of their customers. The situation DNS finds itself in is the unfortunate result of today’s privacy-centric global policy regimes.
It used to be the case that, if you wanted to register a domain name and, say, use it to host a website that sells things to people, or use it to send email to people, or use it to host a service that collects information from people, one had to enter identifying registration information in the public Whois database. Which seemed to make reasonable sense. Individuals or organizations interested in hiding their identity had cost-effective options to do so, yet less than 25% of domains enabled this service.
Things are much different today. As a result of GDPR, all this identifying data is redacted from Whois. And proponents of the anonymization of the internet are saying that “see, the sky is not falling, Whois didn’t really matter after all. Except that it does matter. It matters a great deal to the very same people GDPR is designed to protect.”
Read full article here.