The Canadian company Tucows, one of the largest domain registrars in the world, has shared information about requests to disclose domain registrants’ data. It is well-known that the EU’s adoption of the General Data Protection Regulation (GDPR) made it impossible to use the Whois protocol as it was. At the same time, the RDAP (Registration Data Access Protocol), regarded as a Whois replacement, has not yet been adopted as a single standard, and registries and registrars have to resolve this issue on their own.
In particular, Tucows offers a tiered-access system for registrants’ personal data. According to the company’s statistics, since May 2018, when this system was first introduced, Tucows has received 4,478 requests to disclose data, according to Domain Incite. The company satisfied 74 percent of them and denied nine percent of cases. Other requests were incomplete or abandoned.
The statistics from September 2020 to the end of August 2021 show that the lion's share of all requests – 87 percent – were sent by trademark holders and their representatives, apparently trying to deal with cases of cybersquatting, and nine percent of inquiries came from law enforcement agencies. It is noteworthy that cybersecurity specialists are an absolute minority. During the year, only one request was received from them. Not one percent, but one request, which is only a small fraction of a percent.
