What Does the Future of Whois Hold?
WHOIS is a free service for obtaining information about registered domain names. It is provided through agreements with the Internet Corporation for Assigned Names and Numbers (ICANN). The process is decentralized through the administration of multiple registrars and registries
The WHOIS database is made up of clients, servers, data stores, and domain name registration records. It saw considerable strain about a decade ago. In November 2012, the reinventing process began to better accommodate the future of the Internet. Two main objectives lead the redesigning of the system:
- Improve the system’s oversight to better service Internet users
Europe’s General Data Protection Regulation (GDPR) came into effect on May 25th.
This extends beyond WHOIS database download. Concerns specific to WHOIS pertain to the listing of personal information. Previous WHOIS database were under less obligation to EU data protection law.
- Redefine its purpose and scope to break the deadlock from inaccuracies
The newly enacted GDPR rules allow for more stringent penalties if the personal information of European domain name registrants is not protected. For parties with WHOIS agreements, this means they will still be expected to collect information as before. In regard to Internet users, access to WHOIS information will become limited.
ICANN will likely determine the new method for the Internet’s handling of global domain name organizations. The implications are important for intellectual property (IP) because the ICANN WHOIS database is usually the initial reporting medium following trademark infringement. Expectations are that enforcing IP rights will be challenging. Regulators expressed this concern as they look at ICANN’s compliance with the GDPR.
Important to note, is that while WHOIS database download extends beyond European GDPR requirements, the whole global system changes. Information that identifies the contact emails of registrants will need to be removed. Reverse WHOIS searches are directly impacted. How this will be implemented is being debated.
Another important change is the accreditation program. The goal is to develop a requester code of conduct. Accreditation determines to be the method for increased access of standard public information.
The impacts far exceed the perceived amount of changes. This effect becomes clear once one considers the sensitivity of the information in question. IP rights have always been a concern since the advent of the internet. The development of these new rules determines the future of infringement issues.
From ICANN recognizing the ineffectiveness of WHOIS to Europe’s GDPR heightened requirements, the future remains uncertain. Further complicating matters is that the current solution focuses on short-term GDPR compliance. Significant efforts will be needed for a viable long-term solution.
The new rules impact information collection. Domain name registrars now have less incentive to meet preexisting ICANN standards. This caused conflict between GDPR and ICANN. While third parties maintain interest in accessing WHOIS data, ICANN must again rethink its position, most notably for GDPR compliance. These issues impact the whole world. Previously free and readily available information is at stake. Solving them requires more effort than initially expected.