May 17, 2018 09:30:00

The possibility that "WHOIS" data including contact information of domain owner etc. will be temporarily unpublished due to the effect of GDPR entry

byRafael Poveda

Personal information protection rule of EU enforced from May 25, 2018GDPR (EU General Data Protection Rule), "WHOISIt is prohibited to disclose the name of the domain owner and contact information as obtained by ". Maintain maintenance of domain informationICANNAlthough we are considering a provisional model that can fulfill our previous mission while conforming to GDPR, it is pointed out that it is highly likely that WHOIS data will be unusable for around half a year from the entry into force of GDPR.

A Dark Time for Data: WHOIS Blackout Period Likely Starting in May
https://www.cooley.com/news/insight/2018/2018-04-18-whois-blackout-period-likely-starting-in-may

ICANN contracts with registrars and domain operators to provide WHOIS data including domain creation date, expiration date, owner, registrant, contact information, etc. in an accessible state. WHOIS data is very valuable information, for example trademark owners and lawyers can examine the registrants / owners of malicious domains and exercise their rights.

However, companies that collect data on EU citizens by "GDPR" for the purpose of protecting the privacy and data of EU citizens are prohibited from disclosing information that identifies individuals. Personal information of domain registrants included in WHOIS data is also information that is prohibited from being disclosed.

Therefore, since the EU Council adopted GDPR in April 2016, ICANN has considered about a provisional model that can simultaneously protect "its mission" and "obligation of GDPR", and access to information It is expected to shift to a new model that requires approval.

However, it is difficult to shift to a new model at the same time as the entry into force of GDPR, and it is expected that it will be impossible for WHOIS data to be referenced for at least half a year. In the latter half of 2018, various parties may suffer from various problems not.

In addition, it is not EU sphereCountry code top level domain (ccTLD)A person who says that a person who registered himself has been commenting on Hacker News that the administrator's contact was "not displayed because it is in violation of GDPR", and some view that correspondence with GDPR has already begun .

WHOIS blackout period likely starting in May | Hacker News
https://news.ycombinator.com/item?id=17075514

Related Posts:

May 17, 2018 09:30:00 in Web Service, Security, Posted by logc_nt