WHOIS is Dying, Here's Why We Should Be Worried
In the past year or two, the modern conversation about the internet and what to do with it has mostly been revolving around data protection and privacy regulations, which were frighteningly lax in many situations. Last year, the EU responded by passing the GDPR (General Data Protection Regulation), a comprehensive suite of regulations centered around bringing the modern idea of data protection up to speed. While this event is a great milestone, the ramifications are wide-reaching – and many are unaware that the GDPR is actually causing a major upheaval in the current state of internet security.
One victim of the GDPR is a reputable and well-known domain lookup service, the WHOIS database. The WHOIS database is run by ICANN, a non-profit organization that is responsible for maintaining the domain namespaces on the internet, and it's a service that allows anyone at any time to request information on the owners of a specific domain. While this is, according the the new GDPR, a flagrant violation of data privacy policies, historically, it's been one of the greatest advantages cyberdefenders have had in their war on cybercrime. Investigators at the FBI have claimed that they use the database nearly every day, and some private security researchers and journalists went on record as saying that they would often run hundreds of WHOIS queries in a single day.
ICANN requires each person with a registered domain name to input and update their contact information regularly with harsh penalties imposed on those who do not follow their regulations. This can be extremely useful for cyber investigators trying to shut down bad actors acting through websites that host bot nets, phishing sites, spam e-mail servers, or a variety of other nefarious activities. Domain lookups aren't just for criminals, as contacting a domain owner to let them know their domain is compromised is another common use. With a quick check, even the less internet-savvy people can even the odds against cybercriminals.
ICANN is working as hard as it can to update the WHOIS database to be GDPR-compliant. However, even while they're working on a temporary solution, the state of internet security is most certainly in dire straits. Assuming that they can even permanently address the situation by only giving the information to approved sources – the police, for example – the added restrictions are going to vastly change the landscape of public domain lookups in the years to come. Those dedicated to internet security are going to have to find work-arounds they may never have needed in previous years. As the landscape unfolds, some companies predict that public lookup will live on in various ways, but nearly everyone will agree that the current implementation is dead.