This May, the much-anticipated General Data Protection Regulation (GDPR) will be hitting law books. An E.U. conjuring, the regulation will reverberate globally and potentially spawn a handful of unintended — arguably negative — side-effects.
What is the General Data Protection Regulation?
The General Data Protection Regulation (GDPR) establishes a single set of online privacy rules for the entire E.U. The statute will replace a patchwork of 28 laws currently in use.
Will GDPR Kill WHOIS?
Sounds efficient, but some cybersecurity experts believe the GDPR may unwittingly aid and abet online spammers and scammers by killing the WHOIS domain identification system.
Standardized since 1980, law enforcement and cybersecurity professionals use it to look up domain contact details.
“As an industry, one of the first things we often do is use WHOIS data to determine whether something is likely malicious, or whether there’s an indicator of suspiciousness,” said Raj Samani, chief scientist at McAfee, quoted by The Guardian. “It could be something as simple as ‘hey, look, this name is a name we find registered with other domains,’ or ‘this metadata is used for other things.’”
Are People Overreacting About The GDPR’s Effect on WHOIS?
The “pro-GDPR” side is singing another tune. They argue that registering a domain is a commercial activity with concomitant privacy rights. Moreover, they contend, individuals and businesses can already pay to anonymize WHOIS information.
Sarah Wyld, a product manager at OpenSRS, explained in a blog post last November:
“It’s certainly difficult to argue that there’s a legal basis for openly sharing contact details of a domain’s owner, administrator, or technical contact in the public WHOIS record. And we can’t claim that it helps to accomplish the original purpose for which the information was collected (registering the domain). This means that the public WHOIS system as it exists today is incompatible with the principles of data privacy that the GDPR affirms.”
“I don’t live in the E.U. Why should I care?
Even though the GDPR is an E.U. affair, any commercial website that allows European interaction must adhere to the statute.
Connect With An International Internet Law Attorney
Does your business work with European companies or collects data from European users? If so, it’s important to ready your operation for the impending General Data Protection Regulation.
As an international Internet law compliance consultancy, we can effortlessly guide you through the GDPR process.
Get in touch today. Consultations are free.
Contact Us Today ❯