WHOIS is the name for a response protocol used to query databases – specifically, the databases that store the information of registered users of an Internet resource. More specifically, it contains information on domain names, IP addresses, and more. The information is retrieved and presented in a human-readable format.
In addition to being available to the general public, the WHOIS information is also helpful to law enforcement when investigating legal violations such as spam. Or phishing by tracking down the owners of domains responsible for the violations.
The History of WHOIS
The beginnings of the current WHOIS format go back to the early 1970s. Elizabeth Feinler set up a server in the Stanford Network Information Center (a predecessor to the current Internet) specifically intended to retrieve information about specific people or entities. She and her team also created the concept of domains by dividing devices into categories based on their physical location.
By the early 1980s, when the modern Internet went live, WHOIS was standardized and could be used to look up domains, people, and resources related to registered users/devices. All registrations and logging at the time were managed by one organization. Which meant that it was straightforward and convenient to retrieve the information that was always stored in the same, standardized format.
During the following years, the Internet and similar networks went through rapid changes, and new organizations came up to replace existing ones. And by the 20th century, the WHOIS system had changed a fair bit – the searches were highly open. And looking for a last name would return all people who shared that last name – the same thing went for keyword searches. Searching for the keyword ‘car’ would return all domains that contained that keyword. Naturally, this was almost immediately abused by scammers, spammers, and other unethical actors. So-called wild-card searches were quickly banned to protect the privacy and security of registered members.
This removal of wild-card searches prompted criticism of the system – few parties have real-time access to the entire database. They are accessing the complete data stored, even when necessary, isn’t easy. Another issue is the accuracy of information. When someone buys a domain, they must register certain bits of information in the WHOIS databases.
WHOIS and ICANN
The actual registration isn’t done by the individual but rather by the registrar they got the domain from. Correcting false information can take time and lead to issues, and that’s if the user is even aware of the incorrect information. Because just retrieving it can take time and require multiple steps as domains can be resold.
A meaningful name here is ICANN – the Internet Corporation for Assigned Names and Numbers, a non-profit organization coordinating and maintaining databases relating to namespaces and information such as the WHOIS data. Naturally, it’s no longer possible for everything to be done by one company. Instead, many domain registrars register their customers’ information on their behalf by collecting the info needed and passing it along.
Generally, the minimum information required is an email address, phone number, and physical address. By default, that info is made public within the WHOIS system. Of course, plenty of people are unwilling to reveal their information like that. For this reason, domain privacy services are available for cheap and allow users to hide their data. Since entry in the WHOIS database is mandatory. The registrar substitutes their knowledge, usually as a forwarding service.
Much information is available even with such privacy services (and, of course, with many users not wanting to pay for them). The plain-text nature of WHOIS searches makes it relatively easy for shady actors to get their hands on contact info this way. For this reason, many of the now multitudes of WHOIS servers worldwide have strict restrictions on how many searches a specific IP address can perform. It also implements CAPTCHAs to make it more difficult to abuse the available information.
WHOIS and GDPR
The General Data Protection Regulation or GDPR laws have been in effect in the EU since May 2018. They offer extensive privacy protections not otherwise mandated worldwide, leading to many services having to completely redo how they handle customer data and information. Some websites based in the US didn’t want to comply and ended up locking their services to EU users indefinitely. Unsurprisingly, the requirement to register in the WHOIS database violates what the GDPR mandates.
For this reason, ICANN stated in 2017 that there would be no punishments for non-compliance with the registration requirements as long as registrars worked on alternative solutions to provide necessary data. The implementation of the GDPR marked the first major legal issue with WHOIS registration. And the first notable exception from the requirement to register information there.
In some cases, the interim solution is that registrars collect the information required. But do not pass it along to the international WHOIS databases. Instead, storing it securely on their own. Interested parties would need to contact the registrar directly to access the information. Not an ideal solution for users who are not trying to scam. Or spam anyone but need the information there for legitimate purposes.
The Future of WHOIS
While the GDPR only affects the EU, the ongoing issues it caused have, for the first time since the inception of WHOIS, cast doubts on whether the system is still suitable in its current form. At a minimum, the general concept of WHOIS would need to be reworked to comply eventually. But another possible solution would be to abolish it entirely and create an alternative solution.
WHOIS has had other problems (such as text encoding issues for database content that doesn’t match the US-ASCII code). So creating a more internationally-suitable system could be a good choice for everyone. The original WHOIS was unsurprisingly centered around the US only, which quickly led to issues when it went international, and names, addresses, . And more was added to it that required letters and characters not found in the US-ASCII, for example.
WHOIS is a protocol and database system designed to provide and store identifying information about the owners of domains. The intent is to be able to identify a contact point for legitimate purposes such as purchasing. Or selling the domain or for law enforcement action. However, the enormous treasure trove of personal information proved helpful to spammers. So anonymity services popped up that would provide their company information to protect the real domain owner’s privacy.
With the GDPR essentially banning the publicizing of personal data in the way WHOIS requires, there is currently an exception to providing the data. Efforts are underway to modernize the WHOIS system to be more internationally friendly and to respect user privacy more.
Did this help? Let us know!