Tag: PII

Playing a game of “Guess Who”: the domain name dispute process post-GDPR

Share

Since the European Union’s General Data Protection Regulation (GDPR) went into effect in late May, its impact continues to be felt by cybersecurity researchers, investigators, law enforcement officials and – perhaps less obviously – anyone who relies on the information provided by the Internet Corporation for Assigned Names and Numbers’ (ICANN) WHOIS service. This includes lawyers, like us, who routinely check WHOIS to ascertain the identity of a domain name registrant.

ICANN requires domain name registrars to collect information, such as basic contact information, from domain name registrants. Previously, absent a paid privacy shield service adopted by the registrant, the information collected was made publicly available by the registrar through the WHOIS database. Now, in an effort to avoid liability under the sweeping GDPR, registrars are refraining from publishing this information. Instead, per a temporary specification developed by ICANN, many are providing a randomized email address or web-based contact only, which can be used to contact the registrant anonymously.

Continue reading “Playing a game of “Guess Who”: the domain name dispute process post-GDPR”