The Delhi High Court has mandated strict e-KYC verification for domain name registrants to combat online fraud and phishing. The court emphasized the need for identity checks by domain name registrars to prevent consumer deception and misuse of well-known brands. Registrants in India must adhere to KYC requirements outlined in the CERT-In Circular dated April 28, 2022, both at registration and periodically thereafter.
Justice Prathiba M. Singh rejected the practice of “privacy by default,” highlighting how anonymity in domain registrations facilitates financial fraud. The court stressed the importance of verified registrant details to enable timely tracing of offenders by brand owners, banks, and law enforcement agencies. It ordered domain name registrars to verify identity details at registration and share the data with NIXI for domains under its administration.
Failure to comply with KYC and disclosure requirements could lead to registrars losing safe harbor protection under the IT Act and facing potential blocking under Section 69A. The court underscored the necessity of safeguarding consumer trust and business interests by preventing fraudulent activities through robust system safeguards. It also urged the government to consider implementing a uniform e-KYC framework for all domain name registrars operating in India, similar to the system used by NIXI.
