Accurate Whois data. LEAs, ICANN and registrars

Recently I blogged on the EU-US meeting on cyber crime in Brussels. This discussion was followed up at ICANN in San Francisco this week. Here’s the link to The Register’s report. It’s good to look at both positions carefully.

The LEAs point of view
The problems law enforcement runs into because of inaccurate data are very real. The importance is shown in this very simple overview:

1. Inaccurate Whois data hinders investigations.
2. Accurate data hinders perpetrators.

However, let’s not forget that Whois is only one of many avenues where investigators find leads and proof. It’s one of the hurdles that could be in place to make life harder for criminals and one of the easy one’s. Let’s also be honest that this is not the silver bullet.

The registrar’s point of view
On the other hand I think that the comments of Go Daddys Christine Jones run true. This is a starkly commercial environment, where kicking bad guys out that can run to “colleagues” that shut a half blind eye is not the solution to this problem. The other side to this is having bad guys on their systems, costs registrars more than they take in for registering a domain name. So let’s assume that most registrars do not benefit from bad guys and would not mind to get rid of them.

An information request template
Something is implied about a template for informations requests. This I think is a smart move for both sides. Efficiency all around and more speedy procedures, at less cost. It could be an asset to improve relations between registrars and LEAs.

A RIPE NCC template
RIPE NCC and LEAs have decided to work on just such a template at their annual meeting in London yesterday. A major breakthrough!

Who’s missing here?
But one entity is missing in this equation. I’ll come back to this aspect later.

Wout de Natris, De Natris Consult

Leiderdorp, 17 March 2011


About Wout de Natris

As a consultant I specialise in establishing new and different relationships between industry, governments and law enforcement where internet safety and the fight against cyber crime are concerned. This makes me a bridge builder. Hence the blogs name. In this blog I intend to stress the need for interaction, cooperation and exchange of information in order to change the mentioned relationships. On offer: a comprehensive training on all non-technical aspects of spam enforcement and a cyber awareness presentation for companies and institutions
This entry was posted in Cyber crime, International cooperation: cross border aspects, International cooperation: IP resources, News flash and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s