How some of the world's 'most-dangerous' websites have this common address – Times of India
he Icelandic Phallological Museum, housed in a modern building near the harbor, is renowned for its unique collection of mammal penises. However, to those familiar with the darker corners of the internet, the museum’s address, Kalkofnsvegur 2, holds a different significance. According to an exclusive report in NewYork Times, “…the building also has a reputation as a virtual offshore haven for some of the world’s worst perpetrators of identity theft, ransomware, disinformation, fraud and other wrongdoing.”
As per the NY Times report, it is also the registered address for ‘Withheld for Privacy‘, a company that provides domain privacy services, allowing website owners to conceal their identities.While this practice can be beneficial for protecting against harassment or spam, it has also become a tool for those engaged in illicit activities such as identity theft, ransomware, and disinformation.
‘Shield’ for thousands of questionable websites
Iceland has emerged as a global hub for such activities, largely due to its robust privacy laws. ‘Withheld for Privacy’, established by Namecheap, one of the world’s largest domain registrars, has shielded tens of thousands of questionable websites. “”The company — created in 2021 by Namecheap, one of the world’s largest providers of websites — has effectively shielded tens of thousands of sketchy internet sites. Even local authorities said they had tried and failed to reach the company’s representatives when problems had arisen,” said the NewYork Times report.
Researchers at Syracuse University discovered the connection between the penis museum and fraudulent political advertising targeting Donald Trump supporters. The scam involved a website that spent $1.3 million on deceptive ads, eventually shut down by Facebook.
The report adds that the internet is rife with similar scams, and proxy services like Withheld for Privacy make it difficult to identify and hold perpetrators accountable. Jon Stromer-Galley, a researcher at Syracuse University, likened the situation to “the internet version of giving me the bird.”
Kalkofnsvegur 2 has been linked to various online forums and activities, including those associated with white supremacist groups, phishing scams, and Russian influence campaigns.
‘Criminal abuse’ of Iceland’s privacy laws
Iceland’s privacy laws, initially intended to protect individuals from authoritarian governments, have been exploited by criminals. Mordur Ingolfsson, a former Icelandic parliament member, acknowledged that the country’s efforts to create a “Switzerland of bytes” had been misused.
Both Withheld for Privacy and Namecheap have not responded to requests for comment. Valborg Steingrimsdottir, head of Iceland’s Data Protection Authority, emphasized the need for legal changes to address this issue.
Growing demands for a complete ban
The rise of proxy services and the opacity of the domain registration industry have raised concerns about online privacy and security. Tech companies are facing increasing pressure to take responsibility for how their products and services are used.
Iceland’s Data Protection Authority, along with other government agencies, is advocating for legislation to ban services like ‘Withheld for Privacy’ from operating in the country.