Senators Wyden and Warren urge NTIA to protect ‘highly sensitive’ domain registration information

Several members of Congress on Wednesday called on the National Telecommunications and Information Administration (NTIA) to do more to protect the privacy of domain registration information.

U.S. Senator Ron Wyden (D-Ore.) and U.S. Representative Anna G. Eshoo (D-Calif.) led a group of lawmakers in criticize the NTIA for failing to protect “highly sensitive” personal information used to register .US domains.

The records contain usernames, addresses, phone numbers, and email addresses.

Members of Congress said it was “very concerning” that the NTIA has not directed its contractors administering .US domains to enact protections for such sensitive information since at least 2005.

“Automatic public disclosure of users’ personal information puts them at increased risk of becoming victims of spoofing, spamming, spoofing, doxxing, online harassment, and even physical harm” , lawmakers said in a letter to NTIA Deputy Secretary and Administrator Alan. Davidson.

They also wrote that “anonymity is a necessary component of the American right to free speech.”

The NTIA did not respond to requests for comment.

The lawmakers claimed there was no reason for the information to be released publicly and suggested the agency automatically offer privacy for free upon registration.

The NTIA should also require users to provide affirmative consent “for the transfer of user data to third parties, including public disclosure,” the letter states.

Lawmakers say government entities, including in the United States, should be required to seek a warrant to request access to .US user data, and users should be alerted if such access is granted.

The letter argues that the government should set an example for the rest of the world by creating a “more secure and private system for registering Internet domains through its control of .US.”

Alongside Wyden and Eshoo, Senators Brian Schatz (D-Hawaii) and Elizabeth Warren (D-Mass) joined U.S. Representatives Ted Lieu (D-Calif.), Sara Jacobs (D-Calif.), Zoe Lofgren ( D-Calif.), Ro Khanna (D-Calif.), Tom Malinowski (DN.J.) and Stephen F. Lynch (D-Mass.) signing the letter.

The letter comes after several government agencies around the world have highlighted domain cybersecurity as a matter of concern in recent weeks as domain registrars have been hacked in the past.

A spokesperson for Wyden told The Record there was no international coordination on the announcements, but noted that it had been a long-standing concern among privacy experts.

Last year, a .US advisory body asked NTIA for increased privacy among .US domainsnoted the spokesperson.

“Within the larger framework of ICANN [International Corporation for Assigned Names and Numbers] community, debates continue on how to protect the privacy of registrants,” the spokesperson said.

“This letter signals that Senator Wyden and other privacy leaders want to ensure that the interests of those who want to access this data do not outweigh the privacy rights of those who register domain names.”

Jonathan has worked around the world as a journalist since 2014. Before returning to New York, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.