Key Takeaways
Three domain companies have asked India’s court to reconsider a recent ruling that they say could change their role as registrars.
In December, the High Court of Delhi ruled that domain registrars must share customer information within 72 hours to anyone claiming what is considered a legitimate interest.
As for what qualifies as a “legitimate interest” remains unclear. But we do know that GoDaddy, Namecheap and Hosting Concepts have appealed it. They’ve argued that this ruling would expand their responsibilities as registrars well beyond what they are actually responsible for, possibly forcing them and other registrars to leave the Indian market.
The Delhi High Court is scheduled to hear those appeals on Thursday, July 16, in New Delhi, though the exact time has not been reported. GoDaddy and Porkbun both declined to comment before the hearing, understandably so.
Why India Stepped In
India has long been battling cybersquatting, trademark infringement, and fraudulent websites impersonating well-known brands. It’s common for a bad actor to register a domain like mcdonalds-india.com, create a fake webpage, use it to phish/spread malware, and ultimately delete it before authorities can trace them. Then, they do it again.
As India’s digital economy has grown, especially with its 5G rollout, so has fraud. In 2025 alone, it received 3 million cybercrime complaints. That’s one complaint every 11 seconds. The U.S. saw a similar spike during its peak internet era: The FTC in 2001 said that the eCommerce boom had created “fertile ground for fraud” — internet fraud complaints jumped from less than 1,000 in 1997 to more than 25,000 in 2000, a 25x increase in just three years.
Twenty-five years later, India is experiencing something similar. It’s part of what led Amazon, McDonald's, and Microsoft to sue, citing fake websites impersonating their brands/infringing on their trademarks. The court ultimately agreed, but also that taking the site down wouldn't be enough.
What’s ironic is that domain registrant privacy has been moving in the opposite direction for years.
Just look at WHOIS: Today, it’s not easy to find personal information about a registrant. In the early '00s, it was more like a public phone book where information can be found about anyone. Having accessible records like that attracted plenty of problems — spam, phishing, harassment, doxxing.
When GDPR went into effect in 2018, ICANN also updated its registration data policies to redact a lot of that information from the public.
Why Are Registrars Pushing Back?
Though the High Court’s ruling allows sharing information to anyone with a “legitimate interest” — again we don’t know exactly what that means — the Internet Infrastructure Coalition (i2Coalition) says it’s a hard line to balance.
Its executive director Christian Dawson sent a letter to ICANN warning the ruling could create expectations the industry isn’t capable of meeting. And that if other countries adopt similar rules, global registrars could end up dealing with dozens of different legal frameworks all around the world — it could delay processes, create compliance issues, open new loopholes.
His bigger concern is where those expectations go next. Today, it's handing over customer information within 72 hours; tomorrow, it could mean permanently blocking domains that are merely similar to well-known trademarks.
GoDaddy used "McDonald" as an example, arguing that "blanket injunctions" could effectively "confer a monopoly" over a common surname. If that's the standard, does every domain containing "McDonald" automatically become infringing?
We'll see what the court says on Thursday. The Delhi High Court typically posts its orders and judgments on its official website and may stream on the court’s live streaming portal. India is 9.5 hours ahead of the U.S. Eastern Daylight Time (EDT), so North American viewers will likely need to tune in early.




