DomainTools must take down .NZ Whois records while lawsuit proceeds.
The United States Court of Appeals for the Ninth Circuit has ruled in favor of .NZ domain manager Domain Name Commission in a fight against DomainTools.
Domain Name Commission (DNC) sued DomainTools last year for harvesting New Zealand’s .NZ Whois records for its service. A Federal District Court granted a preliminary injunction against DomainTools that prevent DomainTools from collecting more .NZ Whois records and required it to remove previously published records while the lawsuit proceeded.
DomainTools appealed against the injunction, but the appeals court just affirmed (pdf) the lower court’s decision. This means that DomainTools will have to comply with the injunction while the lawsuit proceeds.
DNC recently filed a similar lawsuit against Whois API.
Could this be an existential threat to DomainTools?
That would depend on other registries taking legal action against Domaintools. It has been repositioning itself in the market as a security company rather than a provider of whois records.
What’s stopping other registrars from going to DomainTools now and saying take it off or pay up? Verisign comes to mind.
Not an attorney but the Versign WHOIS moved to a distributed whois system under control of the registrars a few years ago. This might mean that it might be up to individual registrars to act rather than the registry. This might make it more complex than a situation where the registry is the sole source for WHOIS data. There are approximately 2,400 ICANN accredited registrars though many of those are dropcatcher registrars. There could be other legal approaches but this case will probably be used as a precedent and there’s still a massive GDPR problem with old WHOIS data.
ICANN plans to move .com to a thick whois system in which Verisign has all of the data. But this is on hold in wake of GDPR, and I bet a lot of registrars will push back.
There was, I think, an option for registrars to charge for bulk WHOIS access. The GDPR thing has caused serious problems for ICANN and though RDAP (the sucessor to WHOIS) was meant to solve some problems it is has to deal with GDPR. GDPR has affected a lot of important work that depends on WHOIS access.