Indian court moves to restrict WHOIS privacy protections to combat fake websites, major registrars protest.



An Indian court has ruled to significantly revise the handling of WHOIS privacy protection, which hides registrant information during domain registration, as a measure against fake websites. In response, Reuters has reported that GoDaddy, one of the world's largest domain registrars, is concerned that this could have a negative impact on the entire internet.

EXCLUSIVE: World's biggest domain seller fears India's fake site crackdown could damage internet | Reuters

https://www.reuters.com/world/worlds-biggest-domain-seller-fears-indias-fake-site-crackdown-could-damage-2026-07-03/



In India, cyber fraud is becoming increasingly serious as smartphones and the internet become more widespread. It is projected that by 2025, there will be 2.4 million complaints about cyber fraud, with losses amounting to $2.4 billion (approximately 390 billion yen). The problem with these fake websites is that they use domains that resemble the names of well-known brands, making them appear as legitimate sites.

A domain name is like the address of a website, and it requires registration of information such as the registrant's name, address, phone number, and email address. WHOIS is a system for looking up domain registration information, and ICANN's search tool allows you to check publicly available registration information. Privacy protection features are mechanisms to hide some of the registration information so that the addresses and phone numbers of individuals and small businesses are not widely publicized.

On the other hand, for companies and law enforcement agencies that want to track down fake websites, it becomes difficult to identify the operators if user information is hidden. In India, more than 20 companies, including Amazon, McDonald's, Microsoft, Xiaomi, and Colgate-Palmolive, have sued for brand damage caused by fake websites, and a New Delhi court blocked more than 1,100 websites in December 2025. The ruling reportedly described the fake websites as 'a large-scale fraud apparatus.'



In addition to blocking the site, the court also ordered new measures against domain registrars. Specifically, these include not providing the feature to hide registrant information for free as a standard feature, disclosing registrant information within 72 hours of request from individuals or organizations with a legitimate interest, and preventing the registration of domain names that resemble protected trademarks. The court views the feature to hide registrant information as a 'cover' to conceal the identity of fraudulent operators.

GoDaddy countered the court's decision, arguing that it could endanger even legitimate website operators. They claimed that 'weakening the privacy of registrant information would expose the names, addresses, phone numbers, and email addresses of legitimate website owners, increasing the risk of stalking and harassment.' GoDaddy also argued that it has no means to determine within 72 hours whether it has a legitimate interest.

Regarding preventing the registration of domain names similar to trademarks, GoDaddy stated that this is practically difficult. For example, in the McDonald's case, fake franchise recruitment websites became a problem, but GoDaddy argues that since 'McDonald' is also a common name of Scottish origin, extending trademark protection too far could result in monopolizing common nouns and personal names as well. Furthermore, they state that since short trademark strings are included in many English words, it is virtually impossible to register a domain name that does not contain strings that overlap with the trademark.

According to GoDaddy, because domain names are used across national borders, India's order could affect domain registration operations worldwide. Court records confirm that Namecheap and Hosting Concepts, in addition to GoDaddy, have also appealed New Delhi's decision, and the appeals are scheduled to be heard on July 16, 2026.

in Web Service, Posted by log1d_ts