Protecting privacy shouldn’t come at the expense of a safer, more secure internet

Catching bad actors on the internet is a challenge both for law enforcement trying to protect citizens and for those operating the networks that provide internet access. When information on who runs a website is blocked, malware, scammers, spammers, and criminals can flourish online. This challenge was a major topic of discussion at ICANN61, a recent meeting of the Internet Corporation for Assigned Names and Numbers (ICANN) and various internet stakeholders.

Via REUTERS

As I’ve written previously, the forthcoming implementation of the European Union’s General Data Protection Regulation (GDPR) and its effects on the domain name industry have created an intense discussion on how to manage the long-standing Whois database, which collects and disseminates a variety of information on who runs websites. In response to the GDPR, ICANN has proposed to limit public access to key information about websites, and a plan to allow more detailed data to accredited law enforcement and cybersecurity professionals hasn’t eased fears about the changes.

A domain name’s activity history and possible security threats it may pose help domain name holders understand how to manage online security and anti-abuse programs. Enterprise IT departments and cybersecurity companies use published registration data records for millions of domain names to detect network security threats and investigate digital crimes. They use this information to block threats such as phishing, malware, and spam using reputation feeds and block lists. This information can also help protect consumers from bad actors because malicious registration behaviors can be traced back to previous scams or illicit internet behavior.

As David Redl, assistant secretary for communications and information and administrator of the National Telecommunications and Information Administration at the US Department of Commerce, said in his keynote remarks at ICANN61, the Trump administration wants “ICANN to remain committed to its accountability mechanism.” Redl noted that the preservation of the Whois service is important for allowing governments, businesses, intellectual property rights holders, and individual internet users around the world to monitor and report domain name abuse.

Redl also called for continued access to the most registration data possible for legitimate purposes. This request may sound counterintuitive in the era of data breaches and calls for more privacy protection, but it is when the identities of people or entities registering for a domain name are obfuscated that challenges begin to mount for those investigating online criminal activity. Closing off access to the registration data for domain names means scammers may end up being the winners.

Nobody would be happier to see the Whois data shut down than the crime-as-a-service crowd. Cybercrime continues to grow, with more malware, spam, and phishing attacks helping to create a global criminal online economy worth $600 billion annually. Malicious actors that target both private and public entities would love to have the information on who runs any part of the network operation limited. The potential change in who can access data on domain name registrants could mean criminals become the unintended beneficiaries of new privacy directives, and specifically the GDPR.

While the information around the domain name system (DNS) is not a panacea for stopping cyber criminals, it’s a good starting point. Cybersecurity professionals use internet traffic indicators and DNS lookup tools to combat cyberattacks and online fraud. Law enforcement, trademark holders, and intellectual property rights holders have been working with the DNS industry (companies that register websites) to continue to develop tools and mechanisms to help investigate and eliminate bad actors. The DNS Whois also helps protect consumers by mitigating scams and fraudulent transactions and is used by government agencies around the globe.

ICANN and its many dedicated stakeholders who have been creating models to manage the Whois challenge need to keep the importance of legitimate access to registrar data at the forefront of their decision. Finding the right level of transparency in the management of the internet is important for combating bad actors and will go a long way toward ensuring a safe and secure internet for all.