Latest news of the domain name industry

Recent Posts

Empty Whois a threat to the US elections?

Kevin Murphy, September 5, 2018, 12:27:16 (UTC), Domain Policy

Could a lack of Whois records thwart the fight against attempts to interfere in this year’s US elections?

That’s the threat raised by DomainTools CEO Tim Chen in a blog post, and others, this week.

Chen points to recent research by Facebook, based on an investigation by security company FireEye, that linked a large network of bogus news sites and social media accounts to the Iranian state media.

FireEye’s investigation used “historical Whois records”, presumably provided by DomainTools, to connect the dots between various domains and registrants associated with “Liberty Front Press”, a purportedly independent media organization and prolific social media user.

Facebook subsequently found that 652 accounts, pages and groups associated with the network, and removed them from its platform.

The accounts and sites in question were several years old but had been focusing primarily on politics in the UK and US since last year, Facebook said.

Based on screenshots shared by Facebook, the accounts had been used to spread political messages bashing US president Donald Trump and supporting the UK’s staunchly pro-Palestinian opposition leader Jeremy Corbyn.

Google’s research, also inspired by FireEye’s findings and Whois data, linked the network to the state-run Islamic Republic of Iran Broadcasting.

The actions by Google and Facebook come as part of their crackdown on fake news ahead of the US mid-term Congressional elections, this November, which are are largely being seen as a referendum on the Trump presidency.

Because the domains in question predate the General Data Protection Regulation and ICANN’s response to it, DomainTools was able to capture Whois records before they went dark in May.

While the records often use bogus data, registrant email addresses common to multiple domains could be used to establish common ownership.

Historical Whois data for domains registered after May 2018 is not available, which will likely degrade the utility of DomainTools’ service over time.

Chen concluded his blog post, which appeared to be written partly in response to data suggesting that GDPR has not led to a growth in spam, with this:

Domain name Whois data isn’t going to solve the world’s cyberattack problems all on its own, but these investigations, centering on an issue of global importance that threatens our very democracy, likely get severely impaired without it. And this is just the tip of the iceberg, a few uniquely important investigations among the hundreds of thousands of cyberattacks going on all day every day all over the globe by people and organizations that can now hide behind the anonymity inherent in today’s internet. It’s reasonable that domain names used for certain commercial or functional purposes should require transparent registration information. Whois is not a crime.

DomainTools is one of the founders of the new Coalition for a Secure and Transparent Internet, a lobby group devoted to encouraging legislatures to keep Whois open.

Representatives of Facebook and Iran’s government are among the members of the Expedited Policy Development Process on Whois, an emergency ICANN working group that is currently trying to write a permanent GDPR-compliant Whois policy for ICANN.

Tagged: , , , , , , , , , ,

Comments (6)

  1. Richard Funden says:

    DomainTools, a company that finances itself partially in repackaging and selling third parties’ private information is probably the least trustworthy source when it comes to claims for “needs” for this data.
    Since data was redacted abuse has not increased, spam has not increased, fraud has not increased, all of which had been claimed in the pre May 25 doomsday messages from various parties.
    Seems they are really getting desperate and grasping at straws to save their illegal business models.

  2. Theo Geurts says:

    I guess the answer to your headline question is no?

    I mean we got a very colorful politician in the white house since November 2016 and ever involved with a ton of “fun”.

  3. elliot noss says:

    I commented but, surprise(!), it was not published.

    We should recognize that those trying to hack elections will also suffer (like spammers, scammers, phishers and others) from lack of access to whois data. They were also GREAT beneficiaries of the massive trove of public (for no reason) information.

Add Your Comment