Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday April 15 2018, @04:45AM   Printer-friendly
from the I-can't dept.

The Whois public database of domain name registration details is dead.

In a letter [PDF] sent this week to DNS overseer ICANN, Europe's data protection authorities have effectively killed off the current service, noting that it breaks the law and so will be illegal come 25 May, when GDPR comes into force.

The letter also has harsh words for ICANN's proposed interim solution, criticizing its vagueness and noting it needs to include explicit wording about what can be done with registrant data, as well as introduce auditing and compliance functions to make sure the data isn't being abused.

ICANN now has a little over a month to come up with a replacement to the decades-old service that covers millions of domain names and lists the personal contact details of domain registrants, including their name, email and telephone number.

ICANN has already acknowledged it has no chance of doing so: a blog post by the company in response to the letter warns that without being granted a special temporary exemption from the law, the system will fracture.

[...] Critics point out that ICANN has largely brought these problems on itself, having ignored official warnings from the Article 29 Working Party for nearly a decade, and only taking the GDPR requirements seriously six months ago when there has been a clear two-year lead time.

One company that is caught in the middle of the dispute is sanguine about the possible death of the service. "Is this the end of public Whois? Yes, in its current form," CEO of Irish registrar Blacknight, Michele Neylon told us. "But is it going to go completely dark? No."

Neylon has long complained about ICANN's refusal to acknowledge European law when it comes to the Whois service: back in 2013, he refused to sign an updated version of the contract that domain name sellers have with ICANN until it gave him a legal waiver over its data retention requirements.

"That decision probably cost us money, but if we have to choose between operating legally or illegally our path is clear," he wrote in a blog post this week.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by TheRaven on Sunday April 15 2018, @09:28AM (3 children)

    by TheRaven (270) on Sunday April 15 2018, @09:28AM (#667217) Journal

    I own several domains but I do not like the fact that my name, home address, telephone number and other information is being made public without my consent

    It isn't, unless you use a registrar that sucks. My domains are registered with Gandi.net (which provides a discount to FreeBSD developers, yay!) and the only bit of personal information in the WHOIS registry is my name. Everything else is Gandi's public contact information. Enabling this is a single checkbox in the configuration UI. My previous registrar (123reg) charged a fee for this service, which I was singularly unimpressed with.

    --
    sudo mod me up
    Starting Score:    1  point
    Moderation   +2  
       Informative=2, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 5, Touché) by fritsd on Sunday April 15 2018, @10:29AM (1 child)

    by fritsd (4586) on Sunday April 15 2018, @10:29AM (#667222) Journal

    That could be because Gandi is based in Paris, and France is in the EU.

    • (Score: 2, Informative) by Anonymous Coward on Monday April 16 2018, @12:00AM

      by Anonymous Coward on Monday April 16 2018, @12:00AM (#667414)

      Tucows/Hover has been doing the "Name: Contact Privacy Inc. Customer XYZ" & "Contact: domain-name@contactprivacy.com" for a lot of years, if not forever. They have my data on their own DB, and even asked a couple of times to recheck. ICANN wants (wanted?) information to be correct and real owner be contactable, but doesn't require information to be public, redirection is (was?) fine for them (I got no news about changes). So it's puzzling that they say they can't do it, because it's the registrars task and choice.

      So no, it's not about EU, it's about business that care about customers. Maybe you can find some of those in places like USA too (maybe not, I looked it up, and Godaddy announced months ago that they were masking things in the port 43 version, but still public in the captchaed web one... OTOH, maybe Godaddy assholinesh as always). OTOH, some ccTLD in Europe don't offer port 43 or just crap version, and force everyone into their web based service (with all the "great" things about modern web, accessibility and other crap, when you are just trying to report an abuse to the owner).

      All this fuss sounds like companies are inept, and late (but that is included in inept), and prefer to throw everything in the air instead of getting the damn job done. How much does it cost to replace all public whois data with things like "customerXYZ@registrar"? Why can't ICANN tell registrars they have to comply with laws and wash their hands?

  • (Score: 0) by Anonymous Coward on Monday April 16 2018, @05:10PM

    by Anonymous Coward on Monday April 16 2018, @05:10PM (#667707)

    namesilo.com has free whois privacy. fuck whois. It's just surveillance.