WHOIS in peril?

Presented at VB2017, Oct. 4, 2017, 4 p.m. (90 minutes)

On 25 May 2018, the European Union General Data Protection Regulation [http://ec.europa.eu/justice/data-protection/reform/index\_en.htm](http://ec.europa.eu/justice/data-protection/reform/index_en.htm) comes into effect. WHOIS, one of the data systems critical to anti-abuse work, is profoundly affected by these new privacy laws. Some personal data, for example the email addresses of registrants, may be redacted from WHOIS. To further complicate matters, ICANN has re-designed the WHOIS publication protocol, and there is a simultaneous move to switch to the new method, RDAP, which is currently being rolled-out. [https://www.icann.org/news/announcement-2017-09-05-en ](https://www.icann.org/news/announcement-2017-09-05-en) There are several groups within ICANN dealing with the changes envisioned to make WHOIS GDPR-compliant, none more hands-on than the GNSO RSD PDP working group, currently in discussions as to how best to comply with the GDPR, while maintaining a viable WHOIS service [https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg ](https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg) * How will GDPR affect WHOIS? * Will domain registrations all begin to look like those of .eu? or the unparsable image of .be? * What does an anti-abuse work look like in a world without a deep WHOIS service? * Is there any saving WHOIS from this fate? * What are the next steps politically? Legally? Please join us for a discussion of all aspects of these impending changes.

Presenters:

• Neil Schwartzman - CAUCE
  Neil Schwartzman Neil Schwartzman is a management consultant working with such clients as Apple Inc. and Mailchimp Inc. and has been involved in cybersecurity since 1994, when he wrote the world's first distributed spam filtering software. Mr Schwartzman is the Executive Director of the Internet's oldest end-use advocacy group, the Coalition Against Unsolicited Commercial Email (CAUCE.org). In this capacity, he has been the Co-chair of the Messaging Anti-Abuse Working Group's (M3AAWG.org) Awards, Hosting, and Public Policy Committees, a founding member of the UCENet (a.k.a. The London Action Plan), a representative to the Anti-Phishing Working Group, the Stop Spam Alliance and the Anti-Spyware Coalition, and an appointed member of Canada's Federal Ministerial Task Force on Spam. In 2012, he helped spearhead a yearlong external review and augmentation of cybersecurity and messaging anti-abuse best practices of the Organization of Economic Co-operation and Development's Anti-spam Toolkit undertaken by the London Action Plan, Industry Canada, MAAWG and CAUCE and presented these findings to the OECD, in Paris, France. He has participated in working groups of the U.S. Federal Communications Committee's 'Communications Security, Reliability and Interoperability Council' II and III specifically focused on the impact of malware and botnets. Schwartzman won the first annual M3AAWG.org Mary Litynski Award for lifetime achievement in his work in anti-abuse. @spamfighter666

Links:

• https://www.virusbulletin.com/conference/vb2017/abstracts/whois-peril

Similar Presentations:

• H2K2 (2002) / Fucking Up the Internet at ICANN: Global Control Through the Domain Name System and How to Escape
• VB2018 / Panel discussion: Will WHOIS go dark? Threat intelligence in the post GDPR era.
• WAHCKon 2013 / ICANN & the DNS Root