Your real name, home address, phone number, and email — publicly visible on every domain you register. Not because you chose transparency, but because a judge in Delhi decided anonymity enables fraud. That’s the scenario GoDaddy is warning about. A December 2025 ruling from India’s Delhi High Court, targeting over 1,100 phishing and brand-impersonation domains, issued 14 directives that would reshape how every major registrar handles identity and privacy — and not just for users in India. The risks echo concerns raised by a recent surveillance app scandal, where exposed personal data was weaponized against ordinary people.
What the Court Actually Ordered
Justice Prathiba M. Singh’s ruling turns registrars into identity gatekeepers with tight disclosure deadlines and zero tolerance for default anonymity.
The Ashok Kumar / Dabur India case wasn’t abstract. Scammers had built domains impersonating Dabur, Tata Sky, Amul, Bajaj Finance, Meesho, and ITC — running fake franchise offers, counterfeit storefronts, and investment schemes targeting newer internet users. The court’s response was sweeping:
- e-KYC required: Government ID verification mandatory at signup, not self-declaration
- No more free privacy by default: WHOIS masking becomes a paid add-on, available only after identity verification
- 72-hour disclosure window: Registrant personal data must be handed to courts or rights holders on request
- Trademark domains blocked at registration: Domains resembling known brands prohibited before going live
- Non-compliance means blocked: Registrars who refuse risk being cut off from India entirely under Section 69A
Legal analysts describe anonymous registrations as a “key enabler” of fraud, making it “difficult for brand owners, banks, and law enforcement agencies to trace offenders in time,” according to reporting by the CADE Project. That framing carries real weight — India’s fraud problem is genuine, and over a thousand infringing domains is not a rounding error.
Why GoDaddy Says This Breaks the Whole Internet
Because registrars run globally unified platforms, complying with India’s order could mean applying these same rules to your domain registered anywhere in the world.
GoDaddy has appealed to a larger Delhi High Court bench, with a hearing scheduled for July 16, 2026. Namecheap and Hosting Concepts have joined the challenge. The registrars’ core argument: their platforms are globally unified. Carving out India-specific compliance isn’t like flipping a switch — it’s rebuilding the plumbing from scratch. Tech governance experts cited by Reuters say the order has “rewritten rules of internet governance” by imposing specific practices through a national court rather than through consensus bodies like ICANN.
Meanwhile, GoDaddy reportedly still advertises “free privacy protection” on its website, according to Reuters — a gap between a ruling technically in force and actual enforcement that signals just how complicated this gets in practice.
The situation mirrors the content moderation conflicts of the early 2020s, where rules designed to stop bad actors inevitably caught ordinary users in the blast radius. The court isn’t wrong about fraud. GoDaddy isn’t wrong about the risks of exposing bloggers, activists, and small business owners to harassment and data misuse. Both problems are real, and the July 16 hearing is where they collide.
With the larger bench’s decision pending, registrars face a stark choice: invest in expensive region-specific compliance systems or apply India’s transparency standards to everyone, everywhere. Either outcome puts free domain privacy as you currently know it squarely on the table.




























