GDPR, a European data privacy law, takes effect on May 25th. Until then, little is known about how WHOIS, the core information of domain name ownership, will be affected.
Domain registrars, such as GoDaddy, are beginning to provide a snippet of the WHOIS information they used to display when a domain was being queried. GoDaddy went as far as to close port 43 to data queries, putting everything behind a captcha test.
Wiley Rein LLP attorney, David Weslow, has many years of experience as an IP and media attorney at law. He is well aware of the importance of WHOIS information accessibility, to perform such important tasks as domain theft identification, litigation and retrieval.
Mr. Weslow put together a comprehensive article on the changes that GDPR will bring to WHOIS and domain names in general:
“The EU adopted the GDPR in April 2016 to protect the privacy rights of EU citizens and residents. Under the GDPR, all companies processing and holding the personal data of subjects residing in the EU must take certain steps to protect “personal data” when it is held within Europe or when transferred to third countries.
The GDPR defines “personal data” as “any information relating to an identified or identifiable natural person (a data subject).” Under Article 5 of the GDPR, personal data may only be processed for specified, explicit, and legitimate purposes.”
The article is titled “Preparing for Drastic Changes to Availability of WHOIS Information About Domain Names” and can be viewed here.