GoDaddy Challenges Indian Court Order Over Domain Privacy and Internet Governance Rules

 

A legal battle in India over online fraud could have major implications for privacy and regulation of the internet around the globe, as domain name registrar Go Daddy takes exception to a Delhi High Court ruling that would impose severe restrictions on domain registration, privacy, and trademark protection. 

The ruling comes in response to an uptick in cyber fraud in India. Government figures from last year show that authorities received 2.4 million fraud complaints, resulting in $2.4 billion in losses. In recent years, Amazon, McDonald’s, Microsoft, and other companies have taken legal action against fake websites that misled consumers into giving away personal information or making purchases.
Last December, the Delhi High Court ordered removal of more than 1,100 fraudulent websites. 
With that, the court issued additional directives concerning the management of domain names and registrars. These mandates include forbidding registrars from offering privacy protection services by default, disclosing private domain owner information to third parties upon request if that party can demonstrate a “legitimate interest,” and prohibiting domain name registrations that use trademarks of others.
Go Daddy argues in a petition to a larger bench of the Delhi High Court that those measures go significantly beyond what’s needed to combat fraud. 
The company believes such restrictions, if applied consistently, would disrupt internet governance worldwide.
Go Daddy also objects to the requirement that domain ownership information be disclosed to anybody demonstrating a “legitimate interest.” The company argues in its petition that the language could prove too broad and that domain registrars shouldn’t be tasked with reviewing requests for domain owner information and deciding whether they meet a “legitimate interest” standard. The firm says the language could create “significant legal and operational challenges.” 
The company raises additional concerns about the order’s potential impact on international domain name sales, arguing that because the global internet isn’t bound by one jurisdiction, requiring local registrars to follow the kind of rules set out in the December ruling would, in essence, require them to follow Indian law for all international transactions. 
Go Daddy further argues that the privacy restrictions could run contrary to India’s data protection laws as well as the European Union’s General Data Protection Regulation (GDPR). By mandating that privacy protections be revoked by default for domain owners, India’s data laws and the GDPR would instead be weakened. 
Many internet governance experts believe the ruling places India at risk of negatively impacting citizens, particularly journalists, activists, bloggers, and small businesses, and that it fails to consider tactics bad actors will use to exploit weaknesses in the domain system.
Other domain name registrars have raised similar objections to the December ruling, including Namecheap and Hosting Concepts. 
These companies expect that the ruling will spark similar actions in other jurisdictions.
Delhi High Court is set to hear the challenges on July 16, with implications for the future of internet governance and fraud prevention measures yet to be determined.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: