Its board of directors Internet Corporation for Assigned Names and Numbers (ICANN) reportedly running and not reaching. In the days leading up to the implementation of the GDPR he will have to find a way to convert the WHOIS tool, the main database that lists who owns the domain names, to comply with the European Union General Data Protection Regulation.
ICANN had requested a grace year to deal with them problems which was present in the WHOIS data collection, but apparently failed.
If there is no moratorium, we will no longer be able to … maintain WHOIS. Without resolving these issues, the WHOIS system will become fragmented … A fragmented WHOIS will not be able to uses now a common framework for generic top-level domain (gTLD) registry services.
This is bad…
Domain registration companies will be responsible and will have penalties from GDPR up to 20 million euros or 4% of the annual turnover, which can exceed 20 million. them - whichever is larger. Another bad side effect for domain registration companies is that many of them now charge extra to keep domain owners' information private. However, with the implementation of the GDPR for the protection of privacy, there will be no need for this service.
GDPR will treat WHOIS as another set of data and not as an integral part of how it works Internet, which is incredibly short-sighted.
Intelligence expert Angela Gunn says: "Security researchers, researchers, webmasters, and ordinary people alike will pay dearly for hiding.
Or, as Cherine Chalaby, chair of ICANN's board of directors, said, "WHOIS is an important system, and preserving it allows us to have a key tool in the ongoing fight against cybercrime, against malicious factors. The proposed model aims to prevent WHOIS fragmentation and ensure that WHOIS remains available. ICANN's role in providing technical coordination of global WHOIS is a unique matter of public interest.”
So what is the problem? Site registers continue to collect new registration data as they always have. Data includes registration information, data communication of the domain owner but also of the technical support teams/responsible. Most personal data will not be publicly available and if someone needs it, they will be able to access it through the providers. This can be done through an anonymous online form.
This creates a very serious issue. Domain registrants are required to publish the data in the WHOIS database of the global ICANN authority, which is in conflict with the requirements of the upcoming GDPR.
ICANN could not find a way to provide "reasonable access" to this data to third parties with "legitimate interests".
So there seem to be a lot of questions left, while the clock is still ticking. Whether or not ICANN is ready, the GDPR will take effect on May 25, 2018.
