Tucows, one of the leading registries in the world, has presented its statistics of requests to disclose the Whois data it has received. The company has been hiding its registrants’ contacts and personal data in the Whois database since last May in accordance with the GDPR demands. GDPR still remains debatable. In particular, the provision of access for law enforcement agencies and cybersecurity researchers in order to counter illegal use of domain names is widely discussed. Tucows statistics present a clear picture of who is most interested in registrant data.
Since May 2018, Tucows has received 2,100 requests to disclose data, with only 1 percent coming from cybersecurity researchers and 2 percent from law enforcement agencies, while 92 percent come from “commercial interests.” Of this 92 percent, 76 percent were sent by Facebook. This means that Facebook and its proxy AppDetex comprise 65 percent of all requests to disclose the personal data received by Tucows. AppDetex has developed a special tool that allows it, or its clients, to semi-automatically send out Whois requests to registrars whose domain names may resemble trademarks that belong to Facebook. According to Domain Incite, it sent at least 9,000 such automatic requests between June and October.
Tucows is among the companies that oppose this. Its representatives believe (and reasonably so) that this makes the work of registries more difficult as the majority of these automatic requests turn out to be groundless. It is also ironic that Facebook shows so much interests in the personal data of others while it has been repeatedly found to handle its users’ data so loosely recently.
