back to article Domain name 'admin' role eyed up as latest victim of Whois system's GDPRmeggdon

The long-standing but outdated "admin" role associated with every internet domain name will be killed off under new recommendations designed to update the Whois registry and make it compliant with European data privacy rules. In addition, the "tech" role may be made voluntary, email addresses associated with domain owners will …

  1. N2 Silver badge

    Hooray

    But I suspect Fasthosts will still try and charge 3 quid for it.

    1. Danny 14 Silver badge

      Re: Hooray

      no different from companies flogging extended warranty. just say no ta.

  2. A.P. Veening

    picking a fight and losing. ®

    picking a fight and losing again. ®

    Fixed that.

  3. Anonymous Coward
    Anonymous Coward

    Data minimisation isn't just GDPR. The data protection act has always stated you should only hold the required information.

    1. Lee D Silver badge

      It's not a question of what they hold. Of course them holding technical and administrative information for the intellectual properties they are renting out is reasonable.

      What's NOT reasonable is displaying that information to all-and-sundry on any request whatsoever to the extent that you have a public API to do so.

      Law enforcement need it. Sometimes the technical people need it. But why do you have to have it as a publicly available list of names, addresses and emails? I don't get that for, say, the people who sell on eBay.

      Why not just remove the information from public view entirely and replace it with a contact form? Exactly the same effect - genuine grievances and trouble can be notified to the right people, but the average spammer can't just trawl the whole list and spam them, and no personal user is ever identified against their will.

      It's not a question of what they HOLD (though that is affected by GDPR, it's hardly different to what they need to do), it's a question of what they DISTRIBUTE. Which should, quite literally, be... nothing.

      1. big_D Silver badge
        Pint

        @LeeD very well put and a great solution. I can see that you have never worked on a quango committee...

      2. Mark 85 Silver badge

        It's not a question of what they HOLD (though that is affected by GDPR, it's hardly different to what they need to do), it's a question of what they DISTRIBUTE. Which should, quite literally, be... nothing.

        The answer is in the article and other articles... lawyers. They want free access. It's particularly the media lawyers for take down notices, fines, and lawsuits. When in doubt, follow the money.

    2. Gene Cash Silver badge

      Sure, but the data protection act has no teeth. The GDPR does.

      1. big_D Silver badge

        The DPA is the UK implementation of GDPR.

        1. FrogsAndChips Bronze badge

          Re: "The DPA is the UK implementation of GDPR"

          DPA 2018 is the UK implementation of GDPR.

          Data minimization was already one of the principles of DPA 1998.

        2. Doctor Syntax Silver badge

          "The DPA is the UK implementation of GDPR."

          The current DPA implements GDPR. There have been previous DPAs.

    3. This post has been deleted by its author

    4. Jellied Eel Silver badge

      I don't get it

      Data minimisation isn't just GDPR. The data protection act has always stated you should only hold the required information.

      So the required information is a contact. admin@.... is a perfectly fine contact, and not being personally identifiable, fits with GDPR. I can see why lawyers may not like that, ie sending a threatogram to Admin doesn't have the same weight as sending to a named individual who may have left the target company some months/years ago.

      For everyone else, it's more a case of whether anyone actually looks at the admin mailbox. If LEOs want to find out more, they can ask the registrar for the billing contacts.

  4. TheresaJayne

    Ok, Someone has stolen my domain name, and all i can see is that they are in russia, How can i get it back how can i raise a dispute? its stupid there should be a way to get the owner so that I can raise a dispute and get my domain back....

    1. Paul Hargreaves

      They haven't stolen your domain name. You don't own it, you've just purchased rights to use it.

      You need to go back to the person you paid money to and ask them to sort it out since you have a contract with them which now they are in breach of.

      1. Doctor Syntax Silver badge

        "since you have a contract with them"

        If she didn't renew she might not even have a contract.

    2. Lee D Silver badge

      What makes you think for a second that someone who stole your domain name would put their genuine home address onto the WHOIS when they did so?

      If someone stole your bike, would you be expecting them to register it as their own on a public list of bike-owners? And if they did, would you assume those details to be correct? And if they did, would you pile into that person or would you be expected to - for example - go to the police/courts who'll determine who really has it, return it to you if possible, and you'll have precisely ZERO dealings with any ensuing law enforcement action beyond providing a witness statement (they won't tell you the criminal's home address!).

      The equivalent here would be "file a complaint to ICANN". That does NOT need YOU to have public WHOIS information for every domain name in the world.

      Your argument is one of the weakest arguments I've ever heard in my life.

      1. John Robson Silver badge

        "Your argument is one of the weakest arguments I've ever heard in my life."

        Considered downvoting you for suggesting that an argument had been presented..

        But can't work out an appropriate alternative descriptor...

  5. Spanners Silver badge
    Holmes

    " entrenched interests – in particular US intellectual property lawyers"

    If they don't like it, that is a huge indicator that this is a good idea.

  6. sveinskogen
    Flame

    Primary reason

    The Primary reason EU are waging war on Whois, under the pretense of "data protection", is that Whois made it far too easy to spot websites funded by "Open Societies Foundation" and their ilk.

    The unelected Eurocrats do NOT want their secondary paycheck providers exposed for their meddling.

    1. DJV Silver badge

      "unelected Eurocrats"

      Oh, you mean MEPs. The ones who are ELECTED every few years by the PUBLIC. Idiot!

      1. sveinskogen
        FAIL

        Re: "unelected Eurocrats"

        No, not the parliament that only gets to vote "yay" or "try again". The commision. Who aren't elected.

        Your arrogance is inverse proportional to your competence, Sir.

        1. Anonymous Coward
          Anonymous Coward

          Re: "unelected Eurocrats"

          Oh, you mean the EC, the people which are selected, as you say, by, err, governments elected in each country by the public, voted in by the MEP, and who are in charge of implementing the MEP's decisions?

          I'm not so sure your competency claims hold much water, sorry.

          Seriously, it's all available online, there's no mystery to it:

          https://europa.eu/european-union/about-eu/institutions-bodies/european-commission_en

    2. Anonymous Coward
      Anonymous Coward

      Re: Primary reason

      "The Primary reason EU are waging war on Whois, under the pretense of "data protection", is that Whois made it far too easy to spot websites funded by "Open Societies Foundation" and their ilk."

      Whois also makes it easy to spot so-called PR firms hired to attack anyone with a differing opinion.

    3. TheVogon Silver badge

      Re: Primary reason

      The EU haven't done anything to WhoIs directly. ICANN decided on their own to make idiots of themselves in court.

  7. Version 1.0 Silver badge
    Thumb Up

    phb@domain.com

    Time to update all our admin addresses I guess - OK, I got that sorted.

  8. mark l 2 Silver badge

    How many times can you keep appealing a courts decision purely because you don't like the outcome? I think after loosing 4 appeals, if ICANN appeal again and loose the court should fine them for wasting the courts time.

    1. Pascal Monett Silver badge

      A fine is too clean. Public flogging would be sure to make them think again before trying.

    2. Rich 2
      Pint

      Losing @ mark l 2

      You need grounds for an appeal. If you have no grounds, or the court thinks your "grounds" are groundless then they will not allow the appeal.

      In ICANN's case, I can only think the court allowed all these appeals because they fancied a laugh

      1. lglethal Silver badge

        Re: Losing @ mark l 2

        Actually, the best way to stop this sort of nonsense is to put the punishment on the lawyers. The threat of being disbarred, should stop most lawyers from pursuing ridiculous appeals.

        Oh right, sorry, lawyers are immune from punishment, because they write the laws in the first place. Silly me forgot that.

        1. grumpasaur

          Re: Losing @ mark l 2

          Lawyers don't create laws, MPs create laws.Lawyers get paid to help you make sense of them.

          Want better laws then start voting for competent people who might spend more time doing their job and less time being directors of random firms, politicking and appearing on TV.

          If politicians did a better job of creating laws and took the time to vote through an explantory leaflet explaining what they intend, half of lawyers' work would disappear.

          1. A.P. Veening

            Re: Losing @ mark l 2

            QUOTE

            Lawyers don't create laws, MPs create laws.Lawyers get paid to help you make sense of them.

            Want better laws then start voting for competent people who might spend more time doing their job and less time being directors of random firms, politicking and appearing on TV.

            If politicians did a better job of creating laws and took the time to vote through an explantory leaflet explaining what they intend, half of lawyers' work would disappear.

            END-QUOTE

            That is indeed how USAians politics works, in general we have somewhat less bad (still not good) MPs in Europe.

  9. Pascal Monett Silver badge

    "who is allowed to gain access to the non-public portions of the database"

    The answer to that is simple : anyone who has a warrant.

    That means probable cause, approved by a judge and enforced by proper police force.

    Of course, that also means that US-based IP lawyers can go fuck themselves, which is an outcome I entirely approve of.

    1. Anonymous Coward
      Anonymous Coward

      Re: "who is allowed to gain access to the non-public portions of the database"

      The answer to that is simple : anyone who has a warrant

      - in the Jurisdiction of the registrar NOT just their friendly district judge in whichever state in the USA they happen to have lobbied with large "donations" to campaign funds.

      so a UK court for .co.uk etc

      and a French court for .fr

      an Australian court for .au

      ETC

  10. DougMac

    Just Admin Contact?

    Aren't all the contact data fields of questionable value? None of my customers care what goes in there, It could be all folded down to one contact (with mostly fake info) in all cases.

    There, I just saved a "committee" months of "work".

    1. Danny 14 Silver badge

      Re: Just Admin Contact?

      i did check our public facing web declared email box once. It was ONLY used for web domains and it wasnt pretty.

  11. stiine Bronze badge

    ok?

    So, how many form submissions reporting abuse (email spam or port probing) should it take before a domain (any domain from stupidgame.co.uk to www.bmw.de) can be disabled due to ignored or unanswered complaints?

    I'd be especially interested in a response from Lee D.

    1. Robert Carnegie Silver badge

      Re: ok?

      So after we close down Microsoft.com with complaints, what do we do with the domain name? License it to a men's sexual problems clinic?

    2. FrogsAndChips Bronze badge

      Re: how many form submissions?

      The same as the number of unanswered emails sent to whichever false contact address a spammer would give the registrar in the first place.

      Your point was?

  12. Kevin McMurtrie Silver badge
    Stop

    The cloud will save us

    How long until a company offers domains that are 100% secure against prying eyes. Nobody can prove ownership - not even the owner. It sounds like a perfect CloudFlare product.

    I'm all for privacy but GDPR jumps the shark in some areas. At some point people need to be responsible for the crap they throw onto the Internet. Pay somebody else to manage your domain if you don't want to be the admin.

    1. SImon Hobson Silver badge

      Re: The cloud will save us

      At some point people need to be responsible for the crap they throw onto the Internet

      I think you've missed the point. I'm happy to manage my domains - it's really not that difficult.

      But why should I have to have my name, email, and home address splashed across the internet when that "splashed across the internet" bit is 100% not required in order for the registry operator to perform their part of the contract ?

      Yes, the registry (and reseller) need my details so they can bill me etc - that's basic contract stuff. But that information is really only relevant to the three of us involved - not every tom, dick, or harry on the internet. GDPR is clear on that - neither the reseller or registry can make allowing me to have a domain name contingent on me agreeing to collection of data that isn't needed for the contract, or publishing what data they do collect. In both cases they may ask me - but I can simply say no.

      THAT is what the debate is about.

  13. suburbazine

    Unicorn startup idea

    Let's start a new company called EUROCANN. We'll make a billion GDPR compliant Euros in a year.

  14. EricWiltsher

    Terrorists Charter

    I cannot believe the mess created and still being created by the snowflakes who appear to love GDPR for just about any reason.

    The WHOIS should continue to offer data of people who are about to share content with the online world. Should they decide to defame a citizen, why should that citizen not have the instant right to challenge one of the many trolls who act in this fashion?

    The bad guys must be rubbing there hands with joy. Who needs the dark web when the main-stream web has built in protection for terrorists. I hope the people who are pushing this through can sleep at night. What is liberal about allowing terrorits to peddle there foul content enabling normal people to be murdered - please explain that to me.

    1. MrReynolds2U
      Facepalm

      Re: Terrorists Charter

      @EricWiltsher... you genuinely think that trolls and terrorists (not happy to have those in the same sentence) would be putting up genuine contact details?

      It's never been difficult to use fake information when setting up a domain. That's primarily because most registrars only care about the money. WhoIs information has never been particularly useful unless you're dealing with genuine companies and even then it's often out-of-date.

    2. Anonymous Coward
      Anonymous Coward

      Re: Terrorists Charter

      @EricWiltsher - What the f**k! You can not be seriously suggesting that a terrorist or troll would register a domain with a legitimately traceable address/email/name?

      Tell me, has it caught out a few simpleton trolls who spewed their asinine vitriolic diatribe?

      Maybe this is how the Five-O manage to catch all the terrorists in the past? 'Hey Bobbie, can you lookup them terrorist in the WHOIS so we can nip round and pick em up for trial (actually lets skip the trial bit) and for a spell in Gitmo?'

      Looks like we can expect all terrorists and trolls from this point onward to walk among us for eternity without having their collars felt by Five-O! Damn GDPR <big ferocious grrr> has surely ended the Five-O's ability to catch them terrorist chaps forever without public access to the WHOIS DB.

      + what @MrReynolds2U said

    3. Anonymous Coward
      Anonymous Coward

      Re: Terrorists Charter

      @EricWiltsher

      Wow privacy vs terrorism pushed to the nth degree!

      However assuming you do actually believe your own argument, can you cite any example in the world where a terrorist has been collared due to their information being available on whois. Or where their material has been taken down due to whois information rather than just contacting the host or DNS to remove or block the content?

      For each one you do, I will match it with 100 examples of when I have been spammed for using genuine details, as required, telling me falsely that I need to renew my domain to avoid losing it, or that someone is trying to register a similar domain and I have a chance to register it first.

  15. Suncoast

    I would prefer an option allowing me to display my name or my company name.

    There was a time early on when a network admin would attempt to contact another admin for BGP, hacking, or spamming issues. Nobody I know does that anymore.

    Doesn't seem fair to the registrars to shoulder this increased burden (cost) of fielding requests going forward. I have some domains paid up for 10 years. If it ends up anything like DMCA notices, the overhead could be significant.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019