The future of WHOIS is blurry.
On May 25 of next year, the European Union’s General Data Protection Regulation (GDPR) will go into full effect. The privacy regulation will have a major impact on industries that handle personal data of people in the EU, including the domain name industry.
Domain name companies are scrambling to figure out how to comply with the regulation, all while racing against the clock with unclear guidelines from the EU and ICANN.
Here are some takeaways on GDPR:
- This is going to be a big cost burden on domain name registrars, especially small ones. They might start contracting with third parties to handle Whois for thin whois domains.
- Right now registrars handle private information for .com and .net domains and publish this in Whois. These two domains are supposed to transfer to a thick Whois model, but don’t be surprised if this is delayed. Also don’t be surprised if Verisign is allowed to raise the price on .com domains after implementing thick Whois.
- New top level domain name companies are going to lean on their registry service providers for GDPR compliance when it comes to Whois. New TLDs use a thick whois that is managed at the registry level rather than the registrar.
- GDPR could impact the value of Whois privacy services, which are a big cash cow for many registrars.
Most domain investors use the Whois data to dig up contact information of possible end users, as it is the most time and cost effective way. Often both the parties belong to far corner of globe and have no other prior information about each other. The contact information on websites lead to customer support, and access to other data tools is fairly limited.
Do you think Domaining is possible without WHOIS?