BALANCING CYBERSECURITY AND INDIVIDUAL PRIVACY – NEW WHOIS DATA PROTECTIONS IN 2018

By Tim Chen, CEO, DomainTools

Whois data is at a crossroads in 2018, under duress from EU data protection regulations, from within ICANN itself, and even from the Registrars and Registries that collect and store this data. Yet the security and protection of individuals, employees, customers, brands, Intellectual Property and a host of other important assets and constituencies depend on understanding who owns and controls resources on the internet.

For nearly 20 years DomainTools has been at the forefront of enabling Whois data for productive use by security practitioners. We look forward to continuing to do so for the next 20 years, but to accomplish this we need to be part of the solution and take extra steps to ensure we are never part of the problem. Our enduring goal in 2018 is continued access to Whois data and the research tools it enables for individuals and organizations fighting all types of online abuse.

A limited number of nefarious actors continue to abuse Whois data, mostly to run spam campaigns against new domain registrants. The right response here is to fight that abuse rather than redesign or regulate a working system, especially one where the benefits to cybersecurity are orders of magnitude greater than the costs of the limited abuse. In the spirit of fighting Whois abuse, DomainTools has a strong history including limiting anonymous Whois lookups, using image files so email addresses in our Whois records cannot be scraped, and applying strong know-your-customer and use-case validations for any Enterprise-level customers with access to higher volume query tools. But we need to do more.

As of today, unauthenticated users of the DomainTools Whois Lookup tool will not see personally identifiable information for the registrant parsed out in the results, and will be required to submit a CAPTCHA to see the full raw domain name Whois record. Phone numbers in the parsed results have been replaced with image files, much the same way emails have always been rendered. DomainTools iOS and Android apps, as well as the DomainTools Developer API, have also been deprecated as anti-abuse measures. In addition, on February 20, DomainTools will be deprecating legacy tools that allow individual users to do high volume Whois lookups, as these are the most prone to potential abuse. We aim to maintain effective tools for all our users while focusing the higher volume and more sophisticated research tools on Enterprise customers who by definition are individually qualified by the DomainTools team. Affected customers have been notified of these pending changes. Enterprise-level customers of DomainTools are not affected by these changes.

Whois data plays a critical role in the security and stability of the Domain Name System, a distributed, open, trust-based system that has stood the test of time. DomainTools believes that a fair balance can be achieved between security and privacy on the Internet. It remains our hope that organizations who are gatekeepers of Whois data, whether in policy or in function, will continue to work constructively towards an outcome which preserves the necessary and useful functions of today’s Whois protocol. DomainTools will be doing our part as well, and today’s actions are an example of that.