On Thursday, October 17,the Coalition for a Secure & Transparent Internet (CSTI) hosted a briefing on Capitol Hill entitled, “What is WHOIS: Understanding One of Our Most Critical Cyber Assets.” The briefing was an opportunity for Congressional offices to hear from federal law enforcement officials and coalition members on how they use WHOIS, which serves as a database for information about domain name registrations and registrants, to protect consumers online.
The event was timely given the ongoing negotiations underway at ICANN regarding a revised WHOIS model that can restore access to a vital resource for law enforcement, intellectual property owners, businesses and consumer advocates alike. Access to WHOIS data has been limited since the implementation of GDPR (European data protection regulations) in May 2019. Per an April 2019 letter from the National Telecommunications Information Administration (NTIA), the division of the U.S. Department of Commerce that oversees the U.S. Government's interest in Internet policy matters, the Administration has targeted next month’s ICANN meetings as a deadline for seeing “substantial progress” toward are solution of a WHOIS access model.
Jae Chung, Assistant Special Agent in Charge, Pharmaceutical, Chemical &Internet Investigations Section of the U.S. Drug Enforcement Administration and Jason Gull, Senior Counsel, Computer Crime & Intellectual Property Section,U.S. Department of Justice, detailed how WHOIS is used by their offices to pursue criminal enterprises on the Internet. Chung and Gull spoke to the fact that their investigatory and legal work, respectively, has become increasingly challenging and time-consuming in light of the limited access to and redaction of WHOIS registration data. Both U.S. Government speakers also discussed the important role that third-party organizations and investigators play in identifying bad actors online through use of WHOIS data.
Coalition representatives from the National Association of Boards of Pharmacy (NABP), Kroll, and the Motion Picture Association of America (MPAA) spoke on a second panel as to how their use of WHOIS data in order to protect their Intellectual Property has been extremely hampered by the EU GDPR and further explained why consumers are less secure online as a result of these increased enforcement challenges. In particular, the lack of ready access to WHOIS data can result in delays and complications in connection with identifying and taking action against infringers meaning that consumers are more likely to be misled or defrauded on a variety of levels. For example, consumers who think they are accessing authentic goods and services may be directed to pirated entertainment content or counterfeit pharmaceuticals resulting in financial loss or even health and safety concerns.
The briefing was well-attended by staff from the U.S. House of Representatives,Senate, and Executive branch offices interested in hearing more about how access to WHOIS data benefits consumers, legitimate businesses and law enforcement, as well as the harms, risked when access is limited. These advocacy efforts with Congress and the Administration will continue in order to ensure awareness regarding the important role WHOIS plays in corporate brand enforcement, consumer protection, and cyber-security responsibilities. For more information on the importance of WHOIS, the impact of GDPR, and opportunities for advocacy to restore access to WHOIS please reach out to Winterfeldt IPGroup at firstname.lastname@example.org.