This article covers:
What is GDPR?
The General Data Protection Regulation (GDPR) is a European Union law focused on data protection and privacy for all citizens and residents of the EU. GDPR regulates how companies process individual personal data in the EU. GDPR compliance has been a top priority for us over the last few months because we understand the importance of keeping your data – no matter where you live - private and secure.
WHOIS is an ICANN-mandated service that provides basic information about a registered domain, including a domain owner’s personal contact information (when Privacy Protection has not been enabled), domain availability status and the name of the registrar at which the domain is registered.
How is WHOIS data accessed?
WHOIS data is usually delivered to end users by dedicated web portals, or sometimes through an automated mechanism called "Port 43 Access." Since Port 43 Access has no protections against data harvesting, it’s become susceptible to automated bulk harvesting of domain data, which has resulted in a lot of SPAM. GDPR will help to restrict access to this information, but not remove it.
Do we still need WHOIS Privacy Protection?
Absolutely. Although some changes are being made to help protect against malicious harvesting of personal data from the WHOIS, Privacy Protection will continue to be a valuable service to domain registrants worldwide. Even when the public WHOIS data is “hidden,” it will still provide gated access - where registrant data will be made available to parties with a legitimate interest. So, while the audience for registrant data may no longer be the entire public, it will still be sizable. When Privacy Protection is active on a domain, the personal data in the registration record will remain protected from those with access to even the gated WHOIS. We’ll provide a way for third parties to contact domain owners via the Privacy service email address displayed in the WHOIS output, an option that will not be provided as part of GDPR data protection.
How will I be able to contact a Registrant whose data is not published in WHOIS?
We’ve created a web page through which you can reach out to the registered name holder of a domain. When a WHOIS search is done at www.rebel.com/Whois there is an option to contact the registrant via the web-based form, which will be delivered as an email to the registrant.
For additional questions, contact firstname.lastname@example.org