GoDaddy Says India’s Fake-Site Order Risks Global Privacy Conflict

Date:

An Indian court effort to expose operators of fraudulent websites has opened a wider dispute over domain anonymity, cybercrime and whether local disclosure rules can coexist with GDPR-style privacy protections.

GoDaddy has warned that an Indian court order intended to combat websites impersonating major brands could create global risks for internet governance and conflict with privacy laws, including the European Union’s General Data Protection Regulation.

The dispute follows litigation by companies seeking action against fake shopping, franchise and investment websites. GoDaddy argues that weakening domain-registration privacy could expose legitimate customers while failing to stop criminals who use false identities.

India faces a serious fraud problem. Authorities received millions of cybercrime complaints last year, and brand-impersonation websites can steal payments, personal data and credentials. The question is not whether enforcement is needed, but how to identify wrongdoers without publishing the details of every domain owner.

Privacy can shield both users and criminals

Domain registration historically included names, addresses, email accounts and telephone numbers in public WHOIS records. Privacy reforms and GDPR led registrars to redact much of that information.

The change protects individuals, journalists, small businesses and vulnerable organisations from harassment and identity theft. It also makes it harder for brands and investigators to identify operators of fraudulent sites quickly.

GoDaddy’s position is that broad public disclosure would make the internet less safe for legitimate users. Indian litigants argue that registrar privacy has allowed obvious impersonation domains to remain available or difficult to trace.

Both concerns are valid. The policy task is to create verified access for authorised investigators without returning to a global public directory of personal data.

A national order with global effects

Domain registrars operate across borders. A registration purchased in India may involve a US company, infrastructure in another jurisdiction and victims in Europe.

If one court requires global disclosure or new verification standards, the registrar may struggle to limit the change to a single country. At the same time, invoking GDPR cannot become a blanket reason to ignore valid legal requests.

The GDPR permits data processing and disclosure where there is a lawful basis. It also requires necessity, proportionality and privacy by default. A system that gives courts and accredited authorities targeted access can be compatible with those principles; indiscriminate publication is harder to justify.

Verification matters more than publication

Fraudulent domain operators frequently provide false details. Making the record public does little if the underlying identity was never verified.

Registrars could strengthen checks for domains that imitate well-known brands, respond faster to documented abuse and preserve records for lawful investigation. Independent review is needed so companies cannot remove critical or parody sites merely by alleging infringement.

India’s own technology ministry has acknowledged concerns about weak verification. The court case may therefore push registrars towards stronger identity assurance rather than simple removal of privacy protection.

Europe should watch the precedent

European companies and consumers are frequent targets of cross-border fraud. The outcome could influence how registrars respond to EU authorities and whether national courts claim jurisdiction over global domain data.

Brussels has already increased intermediary obligations through digital-services and cybersecurity rules. A parallel dispute over domain identity may require clearer cooperation between registries, registrars, police and data-protection authorities.

The conflict should not be framed as privacy versus safety. Poorly designed privacy can shelter criminals; poorly designed disclosure can expose victims.

A durable solution requires verified data, controlled access and rapid due process. India’s crackdown has made that global governance problem impossible for registrars to avoid.

First published on eutoday.net.
EU Global Editorial Staff
EU Global Editorial Staff

The editorial team at EU Global works collaboratively to deliver accurate and insightful coverage across a broad spectrum of topics, reflecting diverse perspectives on European and global affairs. Drawing on expertise from various contributors, the team ensures a balanced approach to reporting, fostering an open platform for informed dialogue.While the content published may express a wide range of viewpoints from outside sources, the editorial staff is committed to maintaining high standards of objectivity and journalistic integrity.

Share post:

Popular

More like this
Related

Czech Investors Eye Pirelli Stake as Chinese Control Faces Pressure

Interest from Michal Strnad and Pavel Tykač in part of Sinochem's Pirelli holding could return a strategic European manufacturer to greater European ownership while testing Italy's limits on Chinese influence.

Cook Islands Seabed Minerals Move to Centre of US-China Pacific Competition

Washington's new Pacific envoy has made access to Cook Islands seabed minerals a top priority, linking supply-chain security to a wider contest with China over influence, sovereignty and environmental risk.

Deutz Forecast Shows AI Boom Moving From Chips Into Backup Power

The German engine maker expects its energy-unit revenue to triple within five years as data centres demand resilient electricity, revealing the physical infrastructure costs behind artificial intelligence.