New NTIA chief pushes back on effort to scale back Whois information.
David Redl, the new head of the U.S. National Telecommunications and Information Administration, told an audience at State of the Net 2018 today that Whois data must remain available.
Speaking about efforts to obscure Whois information to comply with the EU’s new privacy law General Data Protection Regulation (GDRP), Redl said:
Here are the facts: the text of the GDPR balances the interests of cybersecurity, law enforcement, and consumer protection, and many European officials have noted that limited changes to the WHOIS would be necessary to achieve GDPR compliance. Still, there are some who are trying to take advantage of the situation by arguing that we should erect barriers to the quickly and easily accessible WHOIS information. Some have even argued that the service must go dark, and become a relic of the Internet’s history.
Today, I would like to be clear — the WHOIS service can, and should, retain its essential character while complying with national privacy laws, including the GDPR. It is in the interests of all Internet stakeholders that it does. And for anyone here in the U.S. who may be persuaded by arguments calling for drastic change, please know that the U.S. government expects this information to continue to be made easily available through the WHOIS service.
This seems to set up a battle with registrars and registries that have decided to reveal less information.
Also notable about the speech, Redl did not mention anything about “clawing back” the NTIA’s contractstate with ICANN that was relinquished under President Obama.
The full text of Redl’s comments is here.
Good news in my opinion.
Take that GoDaddy.
The WHOIS database should provide law enforcement (and anyone else reporting abuse) an accurate POC to the direct service provider. In today’s world this is more critical than ever before.
Good news for domainers.
I am in the UK and own a batch of mainly .coms. I would hope they provide an opt in/opt out (whichever way round) as I would want my details in WHOIS to stay as they are as it’s still the best avenue for getting approaches and offers for domains.
Well, in that case, transfer to a registrar that will enable a consent-based voluntary reveal function. Key-Systems will…
Too bad that no one proposing that whois can remain as it is or only needs cosmetic changes can explain how to legally do that.
GDPR is a fact.
In the end who will you be able to contact to eventually stop and take down “Skynet” fast enough if whois info is barricaded off too much?
No-one is saying that WHOIS data won’t be available. It just should not be public. LEAs and brand owners will still be able to have access but in a different way. I agree with Volker, GDPR is here to stay and we need to abide by it.
LEAs and brand owners, but who else? Should brand owners get access to Whois but I don’t get access for reporting purposes?