Registrar is more selective about which Whois records will be redacted in wake of GDPR.
With the GDPR deadline quickly approaching, the world’s largest domain name registrar has been mostly silent on its plans. Over the past week, I connected with GoDaddy (NYSE:GDDY) to understand what it plans to do to comply with the EU’s privacy law, especially as it relates to Whois.
Unlike many of its competitors, GoDaddy does not plan to redact Whois information for domain names registered by people outside of the EU. It will continue to publish contact information like it always has for web-based Whois searches. Because it has to redact information for EU residents, GoDaddy will no longer sell DomainsByProxy to people in the European Union but will continue to offer it to people in other regions. (Some countries are routed through others for purchasing due to common currencies and/or languages. For example, customers in Morocco are routed to GoDaddy’s France website. They will be treated like EU residents for purposes of Whois.)
GoDaddy’s decision doesn’t surprise me too much. GoDaddy was an early pioneer of Whois proxy services and has aggressively pushed the paid and high-margin product to its customers. I’m not sure how much money GoDaddy makes from DomainsByProxy but I imagine it’s significant.
Of course, GoDaddy won’t come out and say that Whois privacy revenue is the reason for its decision. SVP & GM – Domains, Kevin Doerr told Domain Name Wire:
There were many reasons we looked at keeping Whois the way it is globally. GoDaddy welcomes the privacy changes that come with GDPR, but we wanted to be thoughtful about impacting our global customers. So GoDaddy will closely monitor the impact of GDPR, as well as regulatory requirements from governments around the world, before making decisions on how to evolve our privacy and Whois practices for every customer.
Whatever the reasons, as a proponent of more public data, I’m in favor of GoDaddy’s decision.
GoDaddy will continue to restrict data on Port 43 lookups, however. Port 43 lookups will contain technical data, state and country only. This will apply to people who currently have whitelisted port 43 access, too.
GoDaddy has restricted Port 43 data since January to cut down on spam. The company has been criticized for Port 43 blocking, but the final GDPR Whois spec from ICANN is essentially in line with what GoDaddy has already done.
The net effect should be little to no spam for domain name registrants but people with a good reason to contact them will still be able to by performing individual Whois lookups on GoDaddy’s website.
Tucows, the world’s second-largest domain registration company, has announced that it will treat all Whois records the same regardless of where the registrant is located. They will all be redacted.