NordVPN Promotion

Home / Industry

The High Cost Of Privacy In A Post-GDPR World

Protect your privacy:  Get NordVPN  [ Deal: 73% off 2-year plans + 3 extra months ]
10 facts about NordVPN that aren't commonly known
  • Meshnet Feature for Personal Encrypted Networks: NordVPN offers a unique feature called Meshnet, which allows users to connect their devices directly and securely over the internet. This means you can create your own private, encrypted network for activities like gaming, file sharing, or remote access to your home devices from anywhere in the world.
  • RAM-Only Servers for Enhanced Security: Unlike many VPN providers, NordVPN uses RAM-only (diskless) servers. Since these servers run entirely on volatile memory, all data is wiped with every reboot. This ensures that no user data is stored long-term, significantly reducing the risk of data breaches and enhancing overall security.
  • Servers in a Former Military Bunker: Some of NordVPN's servers are housed in a former military bunker located deep underground. This unique location provides an extra layer of physical security against natural disasters and unauthorized access, ensuring that the servers are protected in all circumstances.
  • NordLynx Protocol with Double NAT Technology: NordVPN developed its own VPN protocol called NordLynx, built around the ultra-fast WireGuard protocol. What sets NordLynx apart is its implementation of a double Network Address Translation (NAT) system, which enhances user privacy without sacrificing speed. This innovative approach solves the potential privacy issues inherent in the standard WireGuard protocol.
  • Dark Web Monitor Feature: NordVPN includes a feature known as Dark Web Monitor. This tool actively scans dark web sites and forums for credentials associated with your email address. If it detects that your information has been compromised or appears in any data breaches, it promptly alerts you so you can take necessary actions to protect your accounts.

It has officially been over a year since the European Union’s General Data Protection Regulation (GDPR) took effect and in that time, we’ve come to see both the benefits, and the very serious drawbacks of this program. While the implementation of GDPR has been heralded by privacy advocates as a major step forward in keeping the personal information of individuals safe, it has also had the unintended consequence of making it easier for individuals and/or entities with less than honorable intentions to effectively disappear online.

The WHOIS database, the formerly public registry of web domains that contained information about every registered domain including the registrant’s name and basic contact information, has been effectively rendered useless, with the information now largely redacted by domain name registrars. Methods for requesting obtaining that information is now unique to each registrar and even then, registrars are free to decide whether or not they want to comply with that request.

And within this void of unaccountability cybercriminals are exploiting this privacy loophole, as they now may launch malicious domains with anonymity. As a result, security researchers and law enforcement are finding that it’s now exponentially harder to do their jobs keeping the web safe. See EU Laws May be Hampering Pursuit of Terrorists.

Other groups facing similar problems with criminals utilizing this privacy loophole include consumer protection agencies, child advocacy groups, anti-human trafficking organizations, intellectual property rights holders and brand protection agencies, to name just a few.

IBM X-Force Threat Intelligence Research recently released a report which shows just how much of an impact GDPR is having when it comes to utilizing traditional WHOIS information for the tracking and blocking of malicious domains and other nefarious web based activities.

Comparing recent enforcement data to pre-ICANN policy changes enforcement data reveals stark statistics about the risks faced by consumers in a post-GDPR world. Prior to the implementation of GDPR, security researchers were able to identify and block 1.8 million newly registered malicious domains in October of 2017 alone. Fast forward to February of 2019 and that number drops to less than 160,000. That means that effective enforcement efforts utilizing WHOIS information is now just 9%, leaving a staggering 91% of potentially malicious domains and the sites to which they link up and running, and the criminals who run them, unhindered.

While there is no question there is a need to keep the private information of the public safe, it is clear that the GDPR as it applies to public safety should be re-evaluated. Cybercrime is a $600 billion a year business, and with GDPR making it easier for criminals to thrive with relative impunity, that number is only going to increase.

Completely eliminating GDPR and returning the WHOIS database originally public status is not the answer, which is why the need to establish regulated access for individuals involved in cybersecurity, law enforcement and web safety and security should be thoroughly explored.

For those who need to access the WHOIS database, AppDetex offers their WHOIS Requestor System (AWRS). Developed for and used by customers to obtain non-public WHOIS data, AppDetex sends customer verified, non-public WHOIS data requests for cybersecurity, consumer protection and IP enforcement activities to ICANN-accredited registrars.

Until a satisfactory compromise can be achieved, online crime will continue to thrive, making it obvious that the price of online privacy is apparently safety and security.

By Appdetex, Global Brand Protection Leader

Appdetex solves business problems related to digital risks. With deep roots in intellectual property law and applying technical innovation to securing brands, Appdetex is dedicated to the success of brand protection and security professionals and serves the world’s most-trusted financial institutions, media platforms and top-of-the-charts gaming and software companies.

Visit Page

Filed Under

Comments

Commenting is not available in this channel entry.
CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byRadix

NordVPN Promotion