Hi Benoit As far as I see, the common understanding of the GDPR of most registrars is that they need to protect the personal data if the domain holder is a private person. If the domain holder is an organization, the holder and tech-c can be published, but most registrars are paranoid because of the fines in the GDPR and don’t publish anything. ICANN sued one registrar (EPAG) for not publishing, but lost the initial court case:
https://www.icann.org/resources/pages/litigation-icann-v-epag-2018-05-25-en For .ch there is still the VID that requests the whois data to be published: Art. 46 Öffentlich zugängliche Daten 1 Folgende Angaben müssen in der WHOIS-Datenbank abrufbar sein: a. Bezeichnung des zugeteilten Domain-Namens und entsprechenden ACE-String; b.1 Name und Postadresse der Halterin oder des Halters des betreffenden Domain-Namens; c.2 bei einem aktivierten Domain-Namen: die Daten der zugeteilten Namensserver; d. und e.3 … f.4 Name und Postadresse der technisch verantwortlichen Person; g. die Angabe, ob ein Domain-Name durch das DNSSEC-System gesichert ist; h. Datum der ersten Zuteilung des Domain-Namens; i. der vollständige Name des Registrars, der im Auftrag der Halterin oder des Halters des betreffenden Domain-Namens handelt. 2 Die Registerbetreiberin trifft geeignete, namentlich technische, Massnahmen, um eine missbräuchliche Verwendung der öffentlich zugänglichen Angaben, insbesondere ihre Verwendung zu Werbe- oder Verkaufsförderungszwecken, zu verhindern. Best regards Michael ------------------------------------ Michael Hausding, Competence Lead DNS & Domain Abuse SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 77, incident phone +41 44 268 15 40 michael.hausd...@switch.ch http://securityblog.switch.ch > Am 02.07.2018 um 09:45 schrieb Benoit Panizzon <benoit.paniz...@imp.ch>: > > Dear Swinogers. > > I run a couple of .com and .ch domains, which are registered via > Gandi.net > > About one week ago, Gandi activated 'privacy protect' on my .com > domains, hiding all my contact data in the whois output, without me > asking them to do so. They sent an email though, that they would do > so because of the GDPR. > > I asked them how GDPR entitles them to do so, in my opinion the GDPR > aims for more transparency and thus, this is contra productive. > > Also, such domains usually quite quickly get a bad reputation as hiding > the whois data is something the 'bad guys' do. Also it becomes a bit > more difficult, to verify if a domain is legit or not to decide upon > well crafted phishing emails. Or to contact the owner in case of > security incidents. > > I told Gandi about my concerns, but only got the reply that they > were forced to hide whois contact information on all domains registered > via their service because of GDPR. Having the contact data published > now is optional and has to be activated manually by the domain owner. > > This surely is not the case, as my .ch domains registered with gandi > still show my complete contact. > > So I asked Gandi for how the GDPR exactly forces them to hide their > customer's whois data. I haven't got a reply to this yet. > > So I wonder if somebody on this list knows the background why gandi acts > this way and if other registrars do the same. > > If I get the whois data for some well known domains like: > > microsoft.com > google.com > swiss.com > credit-suisse.com > > NONE has 'privacy protect' activated. > > Mit freundlichen Grüssen > > -Benoît Panizzon- > -- > I m p r o W a r e A G - Leiter Commerce Kunden > ______________________________________________________ > > Zurlindenstrasse 29 Tel +41 61 826 93 00 > CH-4133 Pratteln Fax +41 61 826 93 01 > Schweiz Web http://www.imp.ch > ______________________________________________________ > > > _______________________________________________ > swinog mailing list > swinog@lists.swinog.ch > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
