Daily Archives: 2014-06-22

A Study of Whois Privacy and Proxy Service Abuse

Long time readers will recall that last year ICANN published the draft report of our study into the abuse of privacy and proxy services when registering domain names.
At WEIS 2014 I will present our academic paper summarising what we have found — and the summary (as the slides for the talk indicate) is very straightforward:

  • when criminals register domain names for use in online criminality they don’t provide their names and addresses;
  • we collected substantial data to show that this is generally true;
  • in doing so we found that the way in which contact details are hidden varies somewhat depending upon the criminal activity and this gives new insights;
  • meantime, people calling for changes to domain ‘privacy’ and ‘proxy’ services “because they are used by criminals” must understand:
    • the impact of such a policy change on other registrants
    • the limitations of such a policy change on criminals

To give just one example, the registrants of the domain names used for fake pharmacies are the group that uses privacy and proxy services the most (55%) : that’s because a key way in which such pharmacy domains are suppressed is to draw attention to invalid details having been provided when the domain was registered. Privacy and proxy services hide this fakery. In contrast, the registrants of domains that are used to supply child sexual images turn to privacy and proxy services just 29% of the time (only just higher than banks — 28%)… but drawing attention to fallacious registration details is not the approach that is generally taken for this type of content.

Our work provides considerable amounts of hard data to inform the debates around changing the domain Whois system to significantly improve accuracy and usefulness and to prevent misuse. Abolishing privacy and proxy services, if this was even possible, would affect a substantial amount of lawful activity — while criminals currently using these services might be expected to adopt the methods of their peers and instead provide incomplete and inaccurate data. However, insisting that domain registration data was always complete and accurate would mean a great many lawful registrations would need to be updated.