GDPR on ICANN Affects Cybercrime Forensic Mitigation and Investigation

October 31, 2018
GDPR on ICANN Affects Cybercrime Forensic Mitigation and Investigation

Last 2017 the world was fazed by USA’s controversial issues and decision on Net Neutrality in which he tried to analyze how it would affect cyber security as it involves laws and processes in cybercrime which we have discussed on

The good thing is it did not much globally affect the security of the cyber space which is a good win on securing the internet on 2017, however another year came and as expected a new challenge shook the internet not by surprise rather its effect globally. This 2018 the European Union has passed a law called GDPR which was an act to secure the privacy of the people within the EU when it comes to exposing their personal information online. This affected almost every activities from emails to web contents.


Direct effect on cybercrime and cybersecurity

Our main concern here is its effect on security and mitigating cybercrime and the early stages of cybercrime.

Which information are redacted by default? Just look at the image from above.

APWG-M3AAWG made a joint survey for cybercrime professionals who responds to online abuse. According to Peter Cassidy who is the APWG Secretary General, there were 327 professionals who responded where the following results came to be known about:

  • Losing the ability to attribute domain names to criminals
  • Victims of abuse has irreparably eliminated their capacity to issue warnings about new abuses that known bad actors are perpetrating
  • WHOIS registrant data is pseudonymous.

Also, analyses of responses from the survey reveals the following:

  • Cyber-investigations and mitigations are obstructed because investigators are unable to see complete domain name registration data.
  • Requests to view non-public WHOIS by legitimate investigators for legitimate and lawful purposes under the provisions of ICANN’s Temporary Specification for gTLD Registration Data.


Impediment of legitimate anti abuse operations

As we mentioned ICANN has responded to EU’s GDPR by issuing a temporary specification for gTLD Registration data, thus affecting legitimate investigations on the following:

  • Ransomware attacks
  • State sponsored fake news and disinformation
  • Massive phishing attacks conducted by a threat actor
  • Cyber squatters


What good does it do when a supposed solution created more loopholes? Thus the current policies will need some call for amendment.

About the author

Leave a Reply