EU could ban anonymous registration of domain data

2021-10-14T14:48:00+01:00

No comments

In a bid to boost security and anti-privacy efforts, the EU is planning to ban anonymous registration of domain data.

The European Union is drafting legislation that could soon prohibt individuals registering domains anonymously.

When an internet domain is register, information regarding the purchaser’s name, address, email, and phone number is provided. However, the accuracy of this information is not verified, and may be false.

The new directive will add provisions on how domainr registrars collect information from registrants and who will have acess to said information. Most specifically, registrants of new domains will be required to provide a valid telephone number, full name, email and physical address which will also have to be verified.

“In order to ensure the availability of accurate, verified and complete domain name registration data, TLD registries and entities providing domain name registration services should be required to collect domain name registration data. They should aim to ensure the integrity and availability of such data by implementing technical and organisational measures, such as a confirmation process for registrants,” reads an amendment in a draft of the new EU legislation.

“In particular, TLD registries and entities providing domain name registration services should establish policies and procedures for the collection and maintenance of accurate, verified and complete registration data, as well as for the prevention and correction of inaccurate registration data.”

The proposed directive is facing some criticisms by privacy activists who have warned that it could endanger activists by removing anonymity.

“This change in posture shows just how important registrant information can be for defenders. We’ve certainly found other ways of fingerprinting actors based on tactics, techniques, and procedures (TTPs), but taking down large swaths of domains tied to a single individual is much quicker when they can actually be tied to that individual, and time is increasingly of the essence,” argued Chad Anderson, senior security research, DomainTools, to Infosecurity Magazine.

“For those that say this will be a hit to whistle-blowers and activists that’s hogwash as they should all be using Tor and pre-built sites anyways to protect their anonymity.”

Topics

No comments

Article
US utilities struggling to meet demand of energy-thirsty AI

2024-04-19T11:53:00Z

In the US, demands for power are outstripping availability as energy-thirsty technologies such as generative AI pile pressure on national electrical systems.
Article
Banks poised for increased risk due to AI

2024-04-19T09:06:00Z

A leading banking regulator has issued a stern warning over the risks that financial institutions face as they move to integrate artificial intelligence (AI) and machine learning (ML) into governance operations.
News
Chicago Gears Up for GRC Connect: Sharpen Skills, Network, and Navigate the Future of GRC

2024-04-15T11:39:00Z By Jonathan Sumner, Chief Digital & Marketing Officer, GRC World Forums.

Get ready, Chicago! GRC Connect kicks off tomorrow, bringing together the brightest minds in governance, risk management, and compliance (GRC) for two days of insightful learning, valuable networking opportunities, and expert guidance on navigating the ever-evolving GRC landscape.