Whois

Whois / Recently Commented

The Fight Is on to Save Access to WHOIS: A Call to Action for Brand Owners

Late last week, ICANN published the guidance from the Article 29 Working Party (WP29) that we have been waiting for. Predictably, WP29 took a privacy maximalist approach to the question of how Europe's General Data Protection Regulation (GDPR) applies to WHOIS, a tool widely used by cybersecurity professionals, businesses, intellectual property owners, consumer protection agencies and others to facilitate a safer and more secure internet.  more

GDPR and WHOIS - Winners and Losers

I think we are all hoping that when ICANN meets with the DPAs (Digital Protection Authorities) a clear path forward will be illuminated. We are all hoping that the DPAs will provide definitive guidance regarding ICANN's interim model and that some special allowance will be made so that registrars and registries are provided with additional time to implement a GDPR-compliant WHOIS solution. more

Holocaust Remembrance Day

Today is Holocaust Remembrance Day. Today we remember that the Nazis rounded up Jews, Roma, political dissidents, and other "undesirables" using the best data and technology of the day and sent them off to concentration camps. We don't normally deal with this type of political reality in ICANN, but now is the time to do so. In 1995, the recently formed European Union passed the EU Data Protection Directive. more

ICANN Cannot Expect the DPAs to Re-Design WHOIS, but Asking for a Reprieve Makes Sense

We are on the brink of the most serious threat to the open and public Internet for decades. ICANN, under pressure from domain name registrars and EU data protection authorities, has proposed an "interim" plan that will hide critical information in WHOIS. Security, threat intelligence, and anti-abuse professionals rely on WHOIS to track down bad guys and keep the Internet as safe and secure as possible. more

ICANN IPC & BC to Host Cross-Community Call on Accreditation/Access Model for Non-Public WHOIS Data

The ICANN Intellectual Property Constituency (IPC) and Business Constituency (BC) will be hosting a community-wide discussion regarding the proposed accreditation and access model for non-public WHOIS data, which was first circulated to the community during ICANN 61. The discussion will take place via ICANN-supported remote participation and/or audio bridge this Friday, April 6, 2018, from 1400-1600 UTC. more

Accreditation & Access Model For Non-Public Whois Data

In the current debate over the balance between privacy and Internet safety and security, one of the unanswered questions is: "How will those responsible for protecting the public interest gain access to the non-public data in the WHOIS databases post General Data Protection Regulation (GDPR)?" In an attempt to prevent WHOIS data from going "dark," several community members have been working for the past weeks to create a model that could be used to accredit users and enable access to the non-public WHOIS data. more

ICANN Proposed Interim GDPR Compliance Model Would Kill Operational Transparency of the Internet

ICANN has consistently said its intention in complying with the European Union's General Data Protection Regulation (GDPR) is to comply while at the same time maintaining access to the WHOIS domain name registration database "to greatest extent possible." On February 28, ICANN published its proposed model. Strangely, while ICANN acknowledges that some of the critical purposes for WHOIS include consumer protection, investigation of cybercrimes, mitigation of DNS abuse, and intellectual property protection, the model ICANN proposes provides no meaningful pathway to use WHOIS in those ways. more

GDPR and What Comes Next: The Parade of Horribles

The compliance deadline for the European Union's General Data Protection Regulation (GDPR) is nearly upon us, the unveiling of a proposed model to bring WHOIS into compliance is said to come from ICANN next week, and everyone is scrambling to understand all that's involved. Implementation of a revised WHOIS model is clearly on the horizon, but what comes after may be the real story! Specifically, if WHOIS information becomes more than nominally restricted, what's the consequence to the data controllers (ICANN and the contracted parties) who implement this revised model? more

WHOIS Inaccuracy Could Mean Noncompliance with GDPR

The European Commission recently released technical input on ICANN's proposed GDPR-compliant WHOIS models that underscores the GDPR's "Accuracy" principle - making clear that reasonable steps should be taken to ensure the accuracy of any personal data obtained for WHOIS databases and that ICANN should be sure to incorporate this requirement in whatever model it adopts. Contracted parties concerned with GDPR compliance should take note. more

GDPR - Territorial Scope and the Need to Avoid Absurd and Inconsistent Results

There is an urgent need to clarify the GDPR's territorial scope. Of the many changes the GDPR will usher in this May, the expansion of EU privacy law's territorial scope is one of the most important. The GDPR provides for broad application of its provisions both within the EU and globally. But the fact that the GDPR has a broad territorial scope does not mean that every company, or all data processing activities, are subject to it. more

First Do No Harm: Ensuring Compliance with the EU's GDPR While Preserving Access to WHOIS Data

There is growing concern about how ICANN will comply with the EU General Data Protection Regulation (GDPR), whose enforcement sanctions come into force in May of 2018. How will ICANN comply with GDPR without unduly restricting global Internet users' access to the public WHOIS database? For nearly the past 20 years, Internet users, businesses, law enforcement and consumer protection agencies have relied on WHOIS as a necessary resource. more

WHOIS: How Could I Have Been So Blind?

A colleague was recently commenting on an article by Michele Neylon "European Data Protection Authorities Send Clear Message to ICANN" citing the EU Data Commissioners of the Article 29 Working Party, the grouping a determinate factor In the impending death of WHOIS. He is on point when he said: What the European Data Protection authorities have not yet put together is that the protection of people's mental integrity on the Internet is not solely due to the action of law enforcement... more

GDPR: Registries to Become Technical Administrators Only?

On 11 December 2017, about 25 participants from Europe and the US attended the public consultation for the brand new GDPR Domain Industry Playbook by eco (Association of the Internet Industry, based in Germany) at the representation of the German federal state Lower Saxony to the European Union in Brussels. The General Data Protection Regulation (GDPR) poses a challenge for the Registries, Registrars, Resellers and ICANN. more

Eliminating Access to WHOIS - Bad for All Stakeholders

Steeped deep in discussions around the European Union's General Data Protection Regulation (GDPR) for the past several months, it has occurred to me that I've been answering the same question for over a decade: "What happens if WHOIS data is not accessible?" One of the answers has been and remains the same: People will likely sue and serve a lot of subpoenas. This may seem extreme, and some will write this off as mere hyperbole, but the truth is that the need for WHOIS data to address domain name matters will not disappear. more

Some Whois Lookup Services Might be Broken

There are thousands of sites and services on the 'net that offer domain name whois lookup services. As of last night, many of them may have stopped working. Why? Many of them rely on fairly rudimentary software that parses the whois from Verisign (for .com and .net) and then relays the query to the registrar whois. The site or service then displays the whois output from the registrar's whois server to you. more