Unlocking the secrets behind low malicious domain rates in EU ccTLDs

EU ccTLDs have low spam rates due to data accuracy practices, balancing privacy laws. The NIS2 Directive, ratified in 2022, legally mandates data verification in line with industry best practices, raising questions about EU ccTLDs’ compliance.


In a recent report published by the DNS Research Federation, an organization dedicated to researching the Domain Name System (DNS), the team delved into the factors contributing to the remarkably low rates of spam, phishing, and malware-related domain names within European Union country-code Top Level Domains (EU ccTLDs). A key factor behind this achievement is the implementation of data accuracy practices within these EU ccTLD registries. These practices must navigate the challenge of balancing the importance of accurate, publicly accessible domain registration data with compliance with privacy laws. Meanwhile, ongoing policy debates within ICANN regarding WHOIS registration data publication have remained unresolved, exacerbated by the impact of GDPR, which caused WHOIS to ‘go dark’ and highlighted the lack of a legal obligation in EU legislation to collect and maintain WHOIS data.

To learn more about the study please consult the following page.