Abion / Blog / Why having the right domain name partner will be vital post-GDPR
Bild på person som jobbar vid ipad och kommer behöva document signing

At this stage, articles about GDPR are like Swedish summer flies; they probably (but not definitely) serve a purpose, nobody likes them and yet they are everywhere.

However, the other day we posted an article about the implications of GDPR on the WHOIS. The WHOIS is basically the public information about a domain name, including (but not limited to) owner information, contact information, name servers, current registrar and more. In short, GDPR will affect most top-level domains (i.e. .COM, .SE, .NET, .DE and so on). In most cases the public information accessible in the WHOIS will be drastically reduced, and in some cases even completely hidden from public eye.

ICANN, the body governing gTLD registration data (gTLD being a “generic” top-level domain, such as .COM, .NET and .ORG), has published a “Temporary Specification” that stipulates how contracted parties should treat WHOIS going forward. This temporary solution drastically reduces the public information in the WHOIS to only include Registrant organization (if provided), State/Province and Country. The specification will most likely be updated, tweaked and reformulated several times until May of 2019, when a permanent solution is to be formulated.

However, as we concluded in our earlier article, GDPR will have a real impact on the WHOIS, on the short term and most likely on the long term. Something that right now is sending ripples through the industry.

Most people involved in domain names, both at the supplier side (like yours truly) as well as on the client side, are probably feeling like their hands are tied right now.

Working with domain names, you are literally dealing with something that is intangible. Even though many find it hard to admit, there is often a sense of uncertainty with intangible things and consequently a need to have means of validating and make sure all is as it as it should be. The WHOIS is an objective and “true” statement on the current state of things. Wondering which registrar handles your specific domain name? Check the WHOIS. Wondering if the owner transfer of that .COM domain name you acquired for the launch of your new brand has been completed? Check the WHOIS. Wondering which person in your organisation that registered that .SE domain name once upon a time, and where it is administered today? Check the… Well, you get the idea.

With the loss of the “full” WHOIS, there is no more security blanket. Being able to do an external verification on the ownership, contact details and/or registrar on a specific domain name will now (depending on the top-level domain) be everything from hard to damn near impossible for most people.

Up until now, many organisations, large and small, have depended heavily on the WHOIS. A common scenario is that the responsibility of an organisation’s domain names is placed on someone in the IT-department that does not see the need to consolidate the domain name portfolio with one provider. Instead, the WHOIS of the domain names has been the thing that has been used to try to control the domain names that during the years have been scattered across different providers, with different contact/invoice details.

In some cases, that has worked without any business critical consequences. In other cases, it has not.

Looking at how the discussions are going, there is a likely possibility of a “layered” structure when it comes to accessing the full information in the WHOIS. This will potentially enable ICANN-accredited registrars and IP-firms involved in online brand protection to have access to more information, provided they have a “legitimate” interest.

If this is the case, the result will be a division where some parties are on the inside, and the rest on the outside.

From our perspective as a domain name registrar, being on the “inside” will greatly facilitate everything from being able to transfer domain names, carrying out domain name investigations, sending cease-and-desist letters and carrying out domain name disputes.

From a domain owner perspective, the need for consolidating domain names with an ICANN-accredited provider, preferably one involved in intellectual property management and/or online brand protection, has never been greater.

Related reading

Insights Microsoft Defense Report

Key Takeaways from the “Microsoft Digital Defense Report 2024”

Domain Management
Websecurity
English
DDOS attack
Domain Hijacking
Phishing
21, November 2024
From the rise of sophisticated ransomware to the increasing use of AI by both attackers and defenders, the report...
Domain NIS2

Understanding NIS2 – the EU’s New Cybersecurity Directive

Domain Management
English
8, November 2024
European Union policymakers are introducing more legislation to heighten cybersecurity standards and curb online f...

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at Abion AB, corporate identity number 556633-6169 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data