Is WHOIS going to go away?

Florian Weimer fw at deneb.enyo.de
Wed Apr 18 20:51:49 UTC 2018


* Filip Hruska:

> On 04/14/2018 07:29 PM, Florian Weimer wrote:
>> * Filip Hruska:
>>
>>> EURID (.eu) WHOIS already works on a basis that no information about the
>>> registrant is available via standard WHOIS.
>>> In order to get any useful information you have to go to
>>> https://whois.eurid.eu and make a request there.
>>>
>>> Seems like a reasonable solution.
>> Why?  How does the protocol matter?
>>
>> Either you may publish individual personal information for use by the
>> general public, or you may not.  Adding a 4 to the port number doesn't
>> change that.
>>
>
> The EURID webwhois cannot be scraped, there are anti-bot measures in 
> place (captcha, throttling, all information displayed in images).
> Scraping WHOIS systems for thousands domains at once using the WHOIS 
> protocol is easy though. There are "WHOIS History" sites which scrape 
> all domains and then publish the data along with the date of retrieval.
>
> GDPR contains this in relation to the right to erasure:
>
>  1. Where the controller has made the personal data public and is
>     obliged pursuant to paragraph 1 to erase the personal data, *the
>     controller, taking account of available technology and the cost of
>     implementation, shall take reasonable steps, including technical
>     measures, to inform controllers which are processing the personal
>     data that the data subject has requested the erasure* by such
>     controllers of any links to, or*copy or replication of, those
>     personal data*.

Wouldn't that require a channel to the recipient of WHOIS data, so
that the controller can notify those who have accessed it once erasure
is requested?

A simple webform doesn't achieve that because it's not much different
from the way traditional WHOIS works.


More information about the NANOG mailing list