Security Technology

The Future of WHOIS and Why It’s Under Attack

2018 became a hallmark year for user’s privacy to data protection in the form of the GDPR. 

The General Data Protection Regulation stipulates that everyone living in Europe has the right to keep their personal data private. This changed the way how large, multinational companies and businesses who service EU individuals with goods or services think about how they process customer data. 

In paper, GDPR has some very beneficial effect to those who are protected by it. This means that the companies who have their personal information and data will be bound by law to keep it private and not share it to third parties. But outside the EU, GDPR is causing major headaches with current protocols and data security systems, including WHOIS.  

The WHOIS system, run by ICANN, or Internet Corporation for Assigned Names & Numbers, maintains a record of information regarding domain and website owners. In simple terms, the WHOIS keeps a web owner’s contact details, including name, address, phone number and email address, all of which can come in handy for various applications. 

The GDPR maintains that it’s illegal for companies to send, reveal or share their user’s information to third parties and organizations they’re in partnership with. In light of WHOIS, the agreement between registrars and ICANN is rendered non-compliant as there’s no express permission for the people to share their identifiable data during the domain registration process. 

What does the future hold for WHOIS under GDPR and the EU user’s privacy and personal data? 

Why the WHOIS Database is Useful 

WHOIS is an established information platform where anyone can request owner information for a specific registered domain. The data within has been collected for several decades and has been proven itself time and again instrumental to stopping cyber attacks, malicious websites and protecting intellectual rights. 

Some experts say that WHOIS has become an indispensable tool in fighting cybercrime. An investigator’s first stop is usually by the WHOIS database to learn more about a domain’s owner and where he or she could be found. The FBI and various intelligence agencies around the world are using WHOIS on a daily basis to keep the peace on both online and offline aspects. Journalists and private researches swear by the database as an essential tool for their work.  

WHOIS stops the flood of spam email servers, phishing sites, botnets and other nefarious online activities from culminating in an internet disaster. WHOIS queries are run by the hundreds on a day-to-day basis. 

Actions Taken By ICANN For GDPR-Compliance 

ICANN is taking the steps needed to become GDPR-compliant. In May of 2018, the non-profit organization has released a Temporary Specification, which dictates how user data is used and which parties may or may not access the personal details. 

Today, WHOIS records are only available for technical contacts or organizations who have the green light as approved by the ICANN committee. Domain owners can still enjoy a level of privacy in that they won’t be searchable by just any person, but when there’s reasonable doubt that they’re in violation of criminal law then their data will be revealed to those in the “need-to-know”. 

This new structure houses several permission levels in acquiring WHOIS data in regards to intent and use. At best, it’s only a rough sketch and ICANN is continuously working to refine it and come up with a win-win situation. Currently, law enforcement agencies and cyber-criminal investigators may still be able to dive into the database to find out information about the offending web owner and bring him or her to justice. 

The WHOIS accessibility seems to fall into two groups- a third party’s defined category, bound by conduct to preserve personal data, and for public law enforcement purposes. Recently, ICANN has bolstered WHOIS’ database security and added reinforcements to the DNS aspect in terms of DNS root cryptography. This allows security firms to continue tracking criminals even as they change IP addresses.  

What Can Be The Future Of WHOIS?  

ICANN is reviewing the Temporary Specification within a 90-day period. It’s set to expire by May of 2019, which is exactly one year after its reply to the GDPR. 

Much confusion surrounds the post-GDPR WHOIS database, and many elements of the proposal can change until the final drafts are completed. There’s reason to believe that the details stated within the Temporary Specification will become the standard after the period has passed, which means that WHOIS is set to become a multi-tier protocol. 

A suitable solution besides the Temporary Specification may still come up, but this will need more clarifications from ICANN. WHOIS, the central platform for registrar information will be ultimately changed in light of GDPR’s requirements. Some will have to fully comply while others can declare their right to privacy as long as they’re not breaking any laws. Only time can tell if it will remain the go-to source for uncovering details that can help make the internet a better place. 

About the author


Amit specializes in domains and WHOIS API tools.