By now you’ve received countless emails pouring into your inbox over the past few days and months all regarding the same topic of interest. You’ve probably read or at least skimmed a dozen emails from companies updating their privacy policies and addressing customers on how they plan to comply with the EU’s new data privacy law, the General Data Protection Regulation (GDPR).
If you’re still having trouble understanding what the GDPR is and how it affects you here’s a quick video that demonstrates the changes going on.
Not to sound like a broken record, but 101domain sent an email out to our customers on Monday about changes to our privacy policy.
As an ICANN-approved registrar operating under a system that directly contradicts the new data privacy regulation, you could say we have a few tough issues to consider. We are aware there are flaws in the domain system, specifically regarding WHOIS.
The number one complaint from customers in our industry is in direct relation to the mandatory and public WHOIS database. Customers are often (and understandably) upset when they are spammed with unsolicited phone calls and emails after registering domain names. Few people know that we are obligated to provide this contact information. WHOIS is an industry-wide requirement placed on all domain registrars by ICANN, the domain governing body. If you want to register a domain name you need to provide this information, but that doesn’t mean it has to be accessible to everyone on the Internet via the public WHOIS lookup.
In today’s society, it is more important than ever to protect our customers. Believe it or not when 101domain employees go home for the day, we are regular people just like you. We use the same Internet and desire the same respect for our online privacy. Our digital footprint is essentially our intellectual property and we have the right to want to protect our personal data from being exploited by brands.
We advocate for solutions that aim to shield our customer’s personally identifiable information, but unfortunately other than Private Registration, there are few such solutions that exist in the current format we operate under.
It’s time that changed. The EU has given the world the motivation we needed. As unpleasant as change can be sometimes, change is good when it is progressive.
We have always followed best practices in collecting and handling our visitor’s personal information and will continue to make this a priority moving forward. Our new policies describe how and what personal information we collect from you, how it is retained and used, as well as your rights in requesting, correcting, and deleting the personal information we have collected from you.
Changes at 101domain
Starting on May 25, 2018, our public-facing WHOIS database will no longer display any personally identifiable information. Our new WHOIS database will only display the state and/or providence and country of the domain registrant along with a 101domain email address that will be used to relay legitimate contact requests to domain holders.
WHOIS information for companies will continue to be displayed, except for anything which contains personally identifiable information. For example, if small business employee/owner John Doe registers a domain name for his company with his personal email address, [email protected], we will display all relevant information besides his personally identifiable email address.
Recommended Action
We expect to see more changes in the domain industry over the next few months. ICANN is still working out a permanent solution that satisfies both the GDPR requirements and the interests of law enforcement.
Country Code domains (ccTLDs) are an exception in and of itself. They do not necessarily have to comply with the GDPR because they do not under ICANN. Each country has their own method and requirements for publishing a domain registrant’s personally identifiable information. In the mission of protecting your personal information online, it is of interest for many people to shield this data anyways.
Private Registration ensures the personal information required by many domain registries is still met by providing our data privacy service’s information in its place. This way you are guaranteed protected from any unwanted communications and unauthorized disclosure of your information.
The best thing domain registrants can do is to continue to use our Private Registration service as an additional layer of protection. In accordance with the GDPR, visitors attempting to contact domain owners will be able to through a contact form on our site. As we transition into this new era of GDPR compliance, the way in which the domain industry operates is highly susceptible to change over the next few months. The one consistency that will remain is our promise to keep your personal information discreet.