These days, information is everything; the amount of raw data collected on everyday activities can be astounding.
WHOIS information is collected at the time a domain is registered or altered, and while a single domain name can’t always reveal much, data analysis across the entire WHOIS database can lead to some interesting conclusions.
Donuts, Inc., by far the largest gTLD applicant, offers a dedicated, password-protected WHOIS portal for law enforcement agencies, per the following:
“Donuts limits access to its searchable Whois service to authorized users with a legitimate purpose for searching registration data (e.g., investigation of terrorism or cybercrime by federal or international law enforcement agencies investigating potential criminal activity). Donuts will grant access on a case-by-case basis, typically to data for one Donuts TLD; however, Donuts may in its discretion provide access to data for more than one Donuts TLD. All access to and use of the searchable Whois service will be of limited duration and may be recorded by Donuts. Results from queries to the searchable Whois service may not be published without Donuts prior written permission.”
There is no clear definition of who these “law enforcement” agencies are exactly, e.g. CIA, FBI, Interpol, FSB etc.
- abuse the Whois service by issuing a query that essentially returns the entire database in the result set;
- attempt to run large quantities of queries sufficient to reduce the performance of the registry database; or
- use the searchable Whois service for personal queries.
The portal’s URL is at http://searchwhois.donuts.co.
The donuts are connected now.