Has the GDPR killed the Whois domain

ICANN: General Data Protection Regulation must be applied to Whois

The Internet Corporation for Assigned Names and Numbers (ICANN) is "a kind of data controller" as the guardian of the personal data of domain owners. It must therefore implement the European General Data Protection Regulation (GDPR) from May 25 this year, recognized the CEO of the private name administration, Göran Marby at the ongoing meeting of his organization in Puerto Rico. He urged the European governments represented in the ICANN government advisory board to present themselves to their respective national data protection officers in order to advertise a "balanced Whois".

"We have different things in our contracts, but no policy on how to balance the right to confidentiality and the need for access," said Marby. But that is exactly what the GDPR demands from ICANN for the first time. Violations could be costly for ICANN given the penalties provided. Marby called on the European government representatives to clarify in the Article 29 working group of European data protectors how much access to Whois must be restricted.

At the ICANN conference, a battle rages between those who want maximum access to names, e-mail addresses and other data of private domain owners secured and those who have long considered the Whois to be illegal under data protection law. In talks with registrars, the US supervisory authority NTIA even threatened legislative steps to make the publication of Whois data mandatory in the USA. In the government advisory board, a representative of the Federal Trade Commission advocated making at least the possibility of access to the Whois a precondition for an adaptation to the DGSVO. (anw)

Read comments (50) Go to homepage
Ad ad