Skip to content

Can ICANN Bring WHOIS into line with GDPR?

The following is a paraphrased excerpt of an article published by the International Association of Privacy Professionals (IAPP) on April 4, 2018.

In February, the Internet Corporation for Assigned Names and Numbers (ICANN) published a new temporary model for WHOIS that substantially modifies the philosophy of the service. WHOIS lists the names and contact details of domain name holders.

At the root of this overhaul lies a relatively old problem: bringing WHOIS into compliance with European principles on personal data protection. The aim of the new model is clear: to stop personal data being released publicly, unless the domain holder in question freely and expressly consents.

The model, dubbed “Calzone,” is designed to protect the private lives of domain name holders by guaranteeing that their names will remain confidential. In fact, the major contribution of the model is its innovative approach to confidentiality.

Unfortunately, this model doesn’t offer the greatest protection of all the models presented by ICANN during its preparatory work, and in certain aspects, differs from some very protective models, such as the model proposed by the Electronic Frontier Foundation.

Learn more about GDPR and sign up to receive updates at