ICANN Reboots Work on Controversial WHOIS Privacy Rules

ICANN (Internet Corporation for Assigned Names and Numbers) has revived its work on the contentious WHOIS privacy rules, which have been a subject of debate among stakeholders. The WHOIS database contains personal contact information of domain name registrants, and the new rules aim to balance privacy concerns with the need for law enforcement and intellectual property holders to access this data.

The WHOIS database has been a vital tool for identifying and tracking online criminals, but its public accessibility has raised privacy concerns. The European Union’s General Data Protection Regulation (GDPR) has further complicated the issue, as registries and registrars have restricted access to WHOIS data to comply with the regulation. This has made it more challenging for authorities to combat online abuse and cybercrime.

ICANN’s revised procedure for handling WHOIS conflicts with privacy law was published in 2017, outlining steps to be taken when a registrar or registry indicates that local privacy laws prevent them from complying with ICANN contractual requirements regarding WHOIS data. The procedure aims to inform registries and registrars of the steps ICANN will take in such situations.

The ICANN Board adopted the policy recommendations of the Privacy and Proxy Services Accreditation Issues Working Group in 2016, which included measures to improve the accuracy and accessibility of WHOIS data. However, the implementation of these recommendations has been on hold since 2019 due to overlapping issues with ongoing work.

ICANN is now seeking volunteers to assist in the implementation of the policy recommendations, particularly those with a deep understanding of the Final Report and its recommendations. The implementation review team will serve as a resource to ICANN on policy and technical questions, review implementation documentation, and advise on technical and operational details.

The revival of ICANN’s work on WHOIS privacy rules comes amid growing concerns over online security and the need for a balanced approach to data protection and access. As the internet continues to evolve, the importance of finding a solution that addresses both privacy and security concerns cannot be overstated.


Scroll to Top