First there was GDPR, now things are changing and once again it’s the European Union (EU) rocking the boat of WHOIS data.
Citing new cybersecurity initiatives, a pending legislation in the European Union seeks to have domain WHOIS data less private.
The legislation upsets those that believe in the power of anonymous activism and whistleblowing, all while it’s welcome by cybersecurity firms, one of which is DomainTools.
The US based company handles domain data, among which is WHOIS information; since the introduction of the GDPR in Europe, DomainTools has been redacting extensive information from its database, including historical WHOIS.
Now, if things change, DomainTools has reasons to welcome such a reversal of course in WHOIS data storage and privacy. Chad Anderson, senior security researcher for DomainTools, told The Daily Swig, a Cybersecurity news and views publication, that access to registration information would offer a vital tool for network security defenders.
“We’ve certainly found other ways of fingerprinting actors based on tactics, techniques, and procedures (TTPs), but taking down large swaths of domains tied to a single individual is much quicker when they can actually be tied to that individual and time is increasingly of the essence.”
Whistleblowers and other activists should not depend on WHOIS privacy alone but also utilize proxy networks such as Tor, according to DomainTools.
More info here.
The purpose of whistleblowing is to communicate information to the public. And most people don’t use Tor.
An anonymous domain to use with clearnet is mandatory.
Also, if Tor is allowed, why shouldn’t anonymous domains be allowed? If possible, politicians would have tried to regulate Tor as well.