What is the GDPR Effect on WHOIS Domain Name Data?
On May 25, 2018, the GDPR (General Data Protection Regulation), went into effect. GDPR, regulations that apply to individuals in the European Union, essentially protect the data of individuals who reside in the European Union countries. Many questions still remain about whether or not companies and website owners need to comply with GDPR regulations. While I recommend that you contact your lawyer or GDPR compliance professional, I can tell you that I personally do whatever I can to protect users’ data, whether or not they are in the European Union or not–and it’s our policy here at Verified Domains to protect our users’ data and comply with GDPR even though we are not based in the European Union.
What About GDPR and WHOIS Data?
Here at Verified Domains, our job is to investigate domain names and provide you with a complete background check on a domain name. That way you can be absolutely confident and certain that the domain name you’re going to buy is clean. When you’re going to use a domain name for your business, you don’t need the hassle of your domain name not being found in the search engines or your emails not getting to their destination because of its history.
One main portion of our domain name background checks involves WHOIS data and relies on our access to up to date information, as well as the past history of domain name ownership. While we do not reveal our sources of this data, you can be assured that while GDPR has gone into effect, we are taking measures to ensure that we get the most up to date and correct WHOIS data possible. This ensures that we can still provide our service and our unmatched guarantee on our domain name background check service.
Depending on the registrar and where a domain name is registered, certain registrars are still maintaining domain name WHOIS records. GoDaddy, for example, is still providing full WHOIS record data if the domain name is registered to someone outside of the European Union. But, for EU residents, this help topic suggests that they close their GoDaddy account.
Verified Domains will continue to use our proprietary methods and access to data, including WHOIS data and archived WHOIS data, to perform our services. We may even pick up the phone and call previous domain name owners in an effort to ensure the integrity of our background checks.
It has been very difficult for the Board of Directors of the Internet Corporation for Assigned Names and Numbers (ICANN) to make changes to the WHOIS system so that it is GDPR compliant. ICANN enacted a temporary specification for gTLD registration data in an effort to comply with GDPR. The spec has provided “temporary requirements to allow ICANN and gTLD registry operators and registrars to continue to comply with existing ICANN contractual requirements and community-developed policies in light of the GDPR” according to the specification’s background data. In certain cases, they registrars are contractually required to provide WHOIS data–but that may change, since this is only a temporary specification. I’m sure it will change and be updated.
For now, what I recommend is that if you’re looking for WHOIS data, you have a few options:
- Look up the WHOIS data for the domain name like you normally would. If some of it is not provided, then check another registrar, they may have different WHOIS data for the same domain name.
- Check the WHOIS archive data. Look at key data, such as the expiry data, name server data, and other data that IS provided and compare that with the WHOIS archive data. If name servers and other key data hasn’t changed, then most likely domain name ownership has not changed. There is a chance it has, but if you look at certain data, it may indicate that it has not changed.
- Look at the WHOIS archive data and make some phone calls. Send an email and get in touch with the previous owner. They may be the current owner after GDPR went into effect, and they may be willing to verify that they are the current owner, at least verbally.
Now that the GDPR is in full effect, the WHOIS records of certain domain names may have changed if a domain name is owned by and individual or company based in a European country. That shouldn’t stop you from getting in touch with the domain name owner. If you have any questions about domain name ownership, feel free to get in touch with us.