GDPR and Domain Privacy

In this article, we will focus on how GDPR affects domain registrants.

What is GDPR?

The legal terms and details of GDPR are described in articles like What is the GDPR?, Does the GDPR Affect Non-EU Businesses?, How the GDPR Affects You and What HostPapa is Doing With These Changes, GDPR Compliance for Email Marketing.

What is the public WHOIS database?

The WHOIS database has a long history, beginning in the early ‘70s. We will not get too technical regarding the evolution of this database in time; the most important point is that WHOIS is a public service that provides information about a domain registrant, administrative, billing, and technical contact details. This public data sharing has been enforced by ICANN since 2009 and suffered some amendments later.

Access to such information can be very useful for law enforcement agencies in order to prevent frauds, identify and combat inappropriate use of the Internet and also allow the public to determine if a domain name is available for registration.

On the other hand, this policy attracted many spammers, direct marketers, identity thieves, or other attackers to use the data for unlawful purposes.

What is Domain Privacy?

Domain Privacy, WHOIS Protection, WHOIS Privacy, or other similar service names have one single purpose: protect domain registrant identity and hide domain contact details in public WHOIS databases.

How does GDPR affect domain registrants?

After May 25th, 2018 when GDPR came into effect, many domain registrants asked themselves if Domain Privacy service is still needed.

The answer is YES, definitely.

No matter how the WHOIS system will change in the future, Domain Privacy will remain a valuable service to registrants worldwide. Even after the public WHOIS stopped showing domain contact details, there is still a gated WHOIS, where registrant data is available to parties with a legitimate interest. This is where Domain Privacy comes in: if Privacy is active on a domain, the personal data in the registration record will remain protected from those with access to the gated WHOIS.

WHOIS results displayed for a domain name without Privacy service (notice the link to contact domain registrant through gated WHOIS):

WHOIS results displayed for a domain name with Privacy service (notice that the contact is like

Of course, there will be people thinking that they can simply provide false information when registering a domain name like Jane Doe with a P.O. Box’s physical address and unreachable phone number/email address. Why would Domain Privacy be needed in this case?

Before doing this, please remember that all gTLDs (like .com, .net, .org, .cloud, .online, etc) are bound to the ICANN rules and regulations. The ICANN agreement specifies that domain registrants must provide accurate and reliable contact details and must keep these up to date. Also, when it comes to proving domain ownership, fake contact details will not be useful. Finally, domains under the ICANN umbrella must be verified annually and the verification is made via email.

Moreover, there are also ccTLD registries (like .sg, .ie, .uk, .ca, etc) which established their own verification processes in order to ensure that domain registrants’ contact information is accurate.

Breaching the agreements may lead to domain suspension and even cancellation.

If you have any other questions, you can contact our award-winning support team 24/7/365 via email, phone, or live chat.

Related Articles

Get online with our affordable web hosting

Get online with our affordable web hosting

Learn more now
HostPapa Mustache