Why Whois Must Evolve

Oct 09, 2021 | AUTHO: Think Tank

As a result of changes to data privacy laws such a General Data Protection Regulation (GDPR) and Protection of Personal Information Act (POPIA), changes are required to ensure WHOIS remains compliant.

WHOIS is a publicly available directory where one can look up information regarding who is responsible for a domain name.

POPIA currently takes precedence over other pieces of legislation that are governing data privacy and protection in South Africa. This is particularly important the Act comes into full effect on 1 July 2021. It is important for WHOIS to be aligned with POPIA to ensure that Registries and Registrars also comply to the ICANN’s policies.

Palesa Legoze, Chairperson of the .za Domain Name Authority (ZADNA) board, recently discussed how WHOIS must evolve under POPIA. Legoze was speaking at a webinar hosted by ZADNA, which looked at evolving online privacy laws.

The changes required by privacy laws should not cause the WHOIS database to lose its functionality – particularly in the context of law enforcement personnel who use the WHOIS data to conduct their investigations.

“The question is, in the South African context, what systems should be put in place to ensure that law enforcement agencies have access in real-time to WHOIS non-public information, to ensure that they can conduct their investigations without delay and hindrance,” noted Legoze.

Other third parties, such as cybersecurity professionals and those involved in Intellectual Property protection, must also have access to this non-public information when they have a legitimate purpose.

Legoze said that South Africa needs to have a framework to enable the third parties to have access to information in real-time. It is therefore critical for those who use WHOIS data for their investigation to actively participate in the process of the evolving WHOIS Policy so that their needs can be incorporated.

If not, the struggles that many law enforcement agencies and cybersecurity investigators experienced in places such as Europe and the USA when Temporary Specifications were implemented are evidence of what can go wrong.

ICANN implemented the Temporary Specifications to ensure that Registry operators and Registrars comply with GDPR, while maintaining the existing WHOIS system to the greatest extent possible. These have been replaced by the Interim Registration Data Policy, which in essence are the same.

“Some of the concerns that have been raised include the fact that the current WHOIS system’s ability to meet law enforcement needs had been drastically reduced,” said Legoze.

“Secondly, investigations were discontinued or delayed due to not getting access to the information as and when it is required – in real-time.”

Legoze indicated that that many cybersecurity professionals did not have the knowledge of how to request access to this important WHOIS data which was previously publicly available and has now been redacted. Additionally, many were denied access even after following the proper protocols.

ZADNA is committed to engaging all stakeholders, Registries, Registrars, Law Enforcement etc. on this important matter.

Legoze also highlighted that DNS abuse is on the rise and it threatens to undermine trust and confidence that users have in the Internet. She noted that cybercriminals often piggyback off the names of big events and phenomena – such as the COVID-19 pandemic.

“It has been widely reported that criminals are taking advantage of the pandemic by launching malicious online campaigns,” said Legoze.

“There has also been a spike in the number of COVID-related domain names being used to distribute malware, launch phishing and pharming scams.”

She added that consideration should be given to collaboration with registries and registrars around the world, as well as joining the Public Interest Registry that recently launched an institute to combat DNS abuse.

Share This