Your Guide to the WHOIS to RDAP Transition

For decades, anyone on the internet could look up the owner of a domain name using a public directory called WHOIS. Now, as digital privacy becomes more important, the rules are changing. A major, required shift is happening right now, and it affects how your domain registration information is shared with the world.

Effective August 21, 2025, a new policy from ICANN (the organization that helps coordinate the internet’s domain system) will be fully in place. This policy moves the industry away from the old WHOIS system to a new protocol called RDAP. Here’s what you need to know about this important transition.

Navigating the Transition From WHOIS to RDAP

Think of WHOIS as a phonebook—simple and completely public. The Registration Data Access Protocol (RDAP) is its modern replacement, designed for the age of data protection laws like Europe’s GDPR.

This change applies to all ICANN-sponsored generic top-level domains (gTLDs) like .com, .org, .net, .shop, etc. It’s important to note that these new policies do not apply to country-code domains (like .us, .uk, or .ca). While 101domain’s WHOIS system is still running for convenience, it is being phased out. RDAP is now the official standard.

Changes to How Your Data is Published

The biggest change you’ll notice is how domain registration data is now published. Under the new RDAP rules, certain data is no longer included in the public output by default.

Data Not Published by Default:

To comply with global privacy laws, most of your personal contact details will no longer be published in the public directory. This includes:

  • Registrant Name
  • Street Address & Postal Code
  • Phone Number
  • Email Address

If your email address is hidden, a secure web form will be provided. This allows legitimate parties to contact you without exposing your email to spammers and bots. You will be notified whenever someone uses the form to send you a message.

Data That Will Remain Public:

Certain essential data points will always be disclosed to ensure the stability and transparency of the domain name system:

  • Domain status (e.g., active, expired)
  • Nameservers
  • Important dates (registration, expiration)
  • Country

The Continued Value of Private Registration

While the new RDAP rules provide a baseline for how your data is handled, they are a universal standard, not a dedicated security solution. To achieve full protection and build your best defense against spam, data miners, and security risks, you need Private Registration.

Here’s what our Private Registration service provides:

  • Completes Your Data Protection: RDAP’s rules don’t cover all domains (like many country-code TLDs) and some data, like your Country, can still be public. Private Registration replaces this information with a proxy, providing a uniform shield across your entire domain portfolio.
  • Acts as a True Shield Against Spam: While RDAP redacts your email, it often provides a webform for contact. Our service acts as a full proxy, filtering inquiries and preventing your details from being scraped by data miners targeting new domain registrations for spam and telemarketing lists.
  • Adds a Vital Layer of Security: Using proxy information protects you from identity theft, makes it more difficult for hijackers to initiate fraudulent domain transfers, and keeps your list of owned domains private from competitors or the public.

We strongly recommend you continue to use Private Registration for the most complete control over your digital footprint and additional layers of data protection that are not affected by these ICANN policy changes.

A Crucial RDAP Update: The “Organization” Field is Now Key

This is the most important action item for domain owners, especially businesses. How you use the Organization field has fundamentally changed.

  • The Organization is the Legal Owner: If you have information listed in the “Organization” field, that entity is now considered the official Registered Name Holder and legal rights-holder for the domain.
  • The Registrant Name is the Contact: The individual listed in the “Registrant Name” field is now considered the administrative point of contact for that organization.

RELATED ARTICLE: How to Set Your Domain Admin Up for Success

By default, your organization’s name will not be disclosed in the public RDAP directory.

If you want your business or organization’s name to be publicly visible (for transparency, branding, or legal reasons), you must request it. For now, you can do this by opening a support ticket. In the future, you will be able to manage this setting directly from your control panel.

What You Need to Do Now

The Organization field now determines the legal ownership of your domain so it is critical to ensure it is accurate.

  1. Review Your Domains: The best way to check your current information is to log into your account and export a complete list of your domains. This will show you the full contact information associated with each one.
  2. Update the Organization Field: Check the “Organization” field for every domain. Is it blank? Does it list an old company name? Update it to reflect the correct legal rights-holder. Visit our support page on “Updating WHOIS Contacts for a Domain” for instructions.

These changes, driven by ICANN’s RDAP policy, aim to standardize how domain data is handled globally, balancing the need for public information with modern data protection principles.

If you have questions or need assistance during this transition, don’t hesitate to reach out to our support team.