fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

EU Legislation Introduced To Ban Anonymous Domain Registration

EU Legislation Introduced To Ban Anonymous Domain Registration

The European Union is drafting legislation that could soon end individuals registering domains anonymously on the continent.

When an Internet domain is registered, a registrar will collect information such as the purchaser’s name, address, email, and phone number. However, this information is not verified to be accurate and could contain false information.

The EU’s new directive will add new provisions regarding how domain registrars collect information from registrants and who will have access to said information.

More specifically, registrants of new domains will be required to provide a valid telephone number belonging to them, while their full name, email, and physical address will have to be verified too.

Also Read: Top 10 Data Protection Cases That You Must Know About

At this time, registrants are only required to provide a name and address, but no verification bodies check these to approve or disprove the new domain ownership.

“In order to ensure the availability of accurate, verified and complete domain name registration data, TLD registries and entities providing domain name registration services should be required to collect domain name registration data. They should aim to ensure the integrity and availability of such data by implementing technical and organisational measures, such as a confirmation process for registrants,” reads an amendment in a draft of the new EU legislation.

“In particular, TLD registries and entities providing domain name registration services should establish policies and procedures for the collection and maintenance of accurate, verified and complete registration data, as well as for the prevention and correction of inaccurate registration data.”

Who’s lobbying for this?

The Internet Corporation for Assigned Names and Numbers (ICANN) has taken a clear stance in favor of the new directive along with various copyright holder representatives and organizations.

The problem that these entities see with anonymous domains is that they are often used for illegal activities such as distributing malware, the unlicensed dissemination of copyright-protected works, and more.

As long as the owners and operators of these platforms remain anonymous, they are free from law enforcement disruption.

Even if the domains are reported and taken offline by the registrars, the owners can hop to a new one and start over.

Also Read: Unbelievable Facts About NRIC Check Digit Algorithm

A threat to free speech

However, banning all anonymous domain registrations isn’t without consequences to a desirable free circulation of information on the Internet.

As MEP Patrick Breyer (Pirate Party) warns, the new directive threatens the safety of activists and whistleblowers by ending their anonymity, which is, in essence, the only layer of protection they have.

“This indiscriminate identification policy for domain holders is a big step towards abolishing anonymous publications and leaks on the Internet.

This policy endangers website operators, because only anonymity effectively protects against data theft and loss, stalking and identity theft, doxxing, and ‘death lists’.

The right to anonymity online is particularly indispensable for women, children, minorities and vulnerable persons, victims of abuse and stalking, for example. Whistleblowers and press informants, political activists and people in need of counselling, fall silent without the protection of anonymity.” – MEP Patrick Breyer.

Germany’s top-level domain (.de) registry DENIC also expressed concerns about the new directive.

In feedback to legislators, DENIC welcomes proposals for enhancing cybersecurity across the EU but feels that new requirements on collecting registration data will not necessarily provide increased DNS security or prevent abuse.

“We would also like to point out that identification of the registrant does not provide information about the entity exercising actual technical control over the delegated namespace and even less so about entities providing content or services within that namespace.” – DENIC.

The next steps

The lead industry committee will adopt its position later this month, and negotiations with the EU Council will follow soon after.

The controversial provision may be removed, but the law passes in its current form, it may force those who seek anonymity online to host their websites on the dark web.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us