Industry Collaboration to Improve Registration Data Services

[News]

The challenge with WHOIS is that it was designed for use at a time when the community of users and service operators was much smaller and there were fewer concerns about data privacy. Today it's possible to use WHOIS to collect personally identifiable information (PII), such as physical residence addresses, telephone numbers, and email addresses associated with an individual's domain name and IP address registration activity. This is a cause for concern in many places where people care about personal privacy, and unfortunately, there's no easy way to address these concerns using WHOIS because it's an "all data is available to everyone all the time" service. Thankfully we now have new tools available in the form of the Registration Data Access Protocol (RDAP), which was designed to address the many deficiencies of WHOIS — including the lack of security services needed to provide data privacy.

It's important to note that there is a relatively new ICANN working group that was "tasked with analyzing the purpose of collecting, maintaining and providing access to generic top-level domain (gTLD) registration data and considering safeguards for protecting that data; determining if and why a next-generation Registration Directory Service (RDS) is needed to replace WHOIS; and creating policies, and coexistence and implementation guidance to meet those needs." While this group's mandate is limited to the services provided by gTLD registrars and registries, there is a very good chance that the work will also provide benefits to the users and operators of ccTLD and RIR RDAP services...

Read More