ICANN Launches Service to Help With WHOIS Lookups – Krebs on Security

neub9
By neub9
3 Min Read

Redacting personal data from public domain registration records has been a trend for over five years. Recently, the non-profit organization overseeing the domain industry has launched an online service intended to make it easier for researchers, law enforcement, and others to access this information directly from registrars.

In May 2018, the Internet Corporation for Assigned Names and Numbers (ICANN) instructed all registrars to redact customer information from WHOIS in response to the General Data Protection Regulation (GDPR) enacted by the European Parliament. While registrars continue to collect this information, it is not publicly available. ICANN promised to develop a system to facilitate access to this data.

At the end of November 2023, ICANN introduced the Registration Data Request Service (RDRS), a centralized system for submitting registration data requests to participating registrars. A video from ICANN provides a demonstration of the system.

Participation from accredited registrars is voluntary, but ICANN is encouraging all registrars to join. ICANN asserts that the RDRS utilizes a standardized request form, making it easier to provide the correct information and supporting documents to evaluate a request.

ICANN emphasizes that the RDRS does not guarantee access to requested registration data and that all communication and data disclosure between registrars and requesters occurs outside of the system. The RDRS cannot be used to request WHOIS data for country-code top-level domains (CCTLDs), such as .de (Germany) or .nz (New Zealand).

The RDRS portal.

As Catalin Cimpanu writes for Risky Business News, the RDRS aims to honor requests from “verified” parties faster and with a higher degree of trust than the current process of filing legal requests or abuse reports with each individual registrar.

While the registrar community generally views public WHOIS data as a nuisance issue, security experts argue that WHOIS data is extremely useful in combating online abuse. These experts emphasize the importance of WHOIS data in mapping the extent of malware, phishing, and scamming operations, regardless of whether the information provided is accurate.

Despite doubts about whether participating registrars will be more likely to share WHOIS data through ICANN, the potential usefulness of the RDRS is acknowledged by KrebsOnSecurity. It is noted that another European law, the Network and Information Security Directive (NIS2), will likely place additional pressure on registrars to respond to legitimate WHOIS data requests starting in 2024.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *