The Delhi High Court (HC), in a significant ruling, has held that e-KYC (electronic Know Your Customer) is mandatory for all domain name registrations in India, thereby signalling a new legal requirement for domain name registrars (DNRs) to verify the identity of online domain name registrants at the point of registration, and also periodically after that.
Notably, the court issued these directions in the context of widespread misuse of internet domain names to perpetrate fraud and consumer deception. In particular, the single-judge Bench of Justice Prathiba M. Singh held that anonymous domain ownership is a key enabler of such scams. Pertinently, the court identified more than 1,100 infringing domain names during the proceedings.
For context, the present case arose from a civil suit filed by Dabur India Ltd., which involved the misuse of infringing domain names to host websites impersonating well-known brands. In its 248-page judgment, the HC noted that lax identity verification by domain name registrars had enabled fraudulent operators to register and use domains for activities such as phishing, fake franchise offers, and bogus job listings. Consequently, these practices have harmed both businesses and consumers.
What Does The Court Order Say?
The Delhi HC issued a comprehensive set of directions aimed at tightening accountability across the online domain name ecosystem, while also warning of legal consequences for non-compliance. To begin with, the court directed DNRs to disallow anonymous and proxy registrations, and to ensure that all registrants undergo mandatory e-KYC verification.Â
Registrars must collect accurate, authentic, and verifiable identity information, retain intellectual property (IP) logs, timestamps, and activity records, and must maintain this data securely. Crucially, the court held that these records must be furnished to law enforcement agencies, courts, and legitimate entities within 72 hours whenever formally sought.
In parallel, the court restrained registrars from offering privacy protection by default, allowing such services only when explicitly requested by a registrant. It further prohibited the use of temporary or disposable email addresses at the time of registration and during the lifecycle of a domain name. At the registry level, the court directed operators to deploy technical safeguards, like status codes to prevent infringing domain names from being recycled or re-registered.
Significantly, the court also warned that DNRs that fail to implement these due-diligence measures or comply with court orders may lose safe harbour protection under Section 79 of the Information Technology Act (IT Act).
Additionally, the court suggested that the National Internet Exchange of India (NIXI) could function as a data repository for domain registration information, with domain name registrars required to maintain verified registrant details and furnish such data to NIXI within three working…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
