GDPR has seismic implications for the way data is processed on the internet, protecting the rights of EU citizens to privacy and imposing huge fines on organizations who fail to comply. However, the redaction in PII data that GDPR has facilitated within Whois, the Internet’s domain ownership database, may have done exactly what the legislation was designed not to do – make the Internet a more dangerous place.
Whois data was used by security researchers to establish concrete links between domains associated with malicious activity and the individuals behind them. By reducing the availability of this data, GDPR has inadvertently empowered scammers ability to act with impunity, and gagged the security researchers working tirelessly to stop them. Tim Chen, CEO of DomainTools, has been working at the coal face of this process for over 15 years, and can talk about the following:
- Whether GDPR may have bitten off more than it can chew, making the Internet a safe space for scammers
- How DomainTools have diversified their data sets to ensure their customers remain capable of detecting threats
- Why the type of contextual background data DomainTools supply is so important in understanding who is acting maliciously online