Methodology

The 2022 CJEU ruling

On 22 November 2022, in joined cases C-37/20 and C-601/20, the Court of Justice of the European Union held that the AMLD5 provision making beneficial-ownership registers accessible to the general public was invalid — a disproportionate interference with the rights to privacy and data protection under the EU Charter. The ruling did not say the data could not be held; it said unrestricted public access went too far. Within weeks, member states that had run open registers took them offline. The later AMLD6 directive restored access for a defined “legitimate-interest” audience — authorities, regulated businesses, journalists, civil society, and researchers — rather than the general public.

The access-status taxonomy

DarkRegister classifies each register into one of five states:

Closed to the public

Public access was suspended after the 2022 CJEU ruling and no functioning legitimate-interest channel has replaced it.

Legitimate-interest gated

General public access was withdrawn after the 2022 CJEU ruling; the register reopened only to authorities, obliged entities, and persons with a demonstrated legitimate interest (journalists, civil society, researchers) under AMLD6.

Partial / restricted

Access is restricted in a way that does not fit the other categories — e.g. nominally public but gated behind a national e-ID that excludes the general or foreign public.

Never public

No general-public beneficial-ownership register exists; access was always limited (for example, the US registry was never public).

Public — open

Anyone can access beneficial-ownership data, online and without demonstrating a special interest.

Privacy by design — no personal data, ever

It would be self-defeating to document a privacy ruling by republishing the very personal data the ruling protected. DarkRegister therefore records only register-level policy facts — the access status, the legal basis, the date, and a source. It holds no beneficial-owner names, no addresses, no dates of birth, no individual personal data of any kind. Every claim is a statement about what a government did to a register, which is a matter of public record and accountability. This is the difference between an accountability tracker and a re-identification corpus, and DarkRegister stays firmly on the accountability side.

Sources & corrections

Each jurisdiction's status is sourced from official registry pages, EU instruments, and reputable transparency trackers (such as Open Ownership, the Tax Justice Network, and Transparency International), with a link on every row. Register-access policy changes frequently — a jurisdiction can reopen, re-close, or stand up a legitimate-interest portal between builds — so always confirm against the linked source before relying on a status. Corrections: reach us via the contact page; substantiated updates are reflected in the next build. Released under CC BY 4.0.