Whois data is publicly available – in the opinion of the DSK (since 1 January 2014 DPA) therefore by any ‘legitimate purposes’ recyclable – EU Data Protection Working Party expressed concern about the WHOIS system – Unclear policy at NIC.AT – probably not in conformity with EU
In so-called WHOIS contact directories of domain owners are included. There are, in addition to some technical data, especially the contact information (name, address, mobile or E-mail) of the domain owner and technical managers. In Austria, for the management of .at domains nic.at GesmbH responsible, which also operates a WHOIS database.
The access to the Whois directories is always easily available to everyone. There are corresponding search templates available on the Internet with which these Whois directories can be queried.
In nic.at provides that phone numbers and e-mail addresses can be hidden, while the name and the address are each if issued.
For companies, this appears to be largely unproblematic, but here there is possibly then a problem when individual employees are forcibly given as a contact. The situation is quite different to judge in private. With the falling cost of the domain hosting more and more domains are registered by private individuals. Due to the procedure of nic.at but also their private data will be published in the WHOIS directory.
Mandatory publication of domain data, sometimes also motivated by consumer protection interests, often contributes more to the confusion as to clarify. In the e-commerce research on e-rating.at a very high proportion of anomalous data was found.
This handling of WHOIS directories was also from the Art. 29 -Datenschutzgruppe the EU critically analyzed (see FIG. Opinion 2/2003). Also in the adopted 2004 work program of the EU data protection group the WHOIS issue on the agenda.
From a privacy perspective of personal data of individuals resulting from this release some problems.
The primary purpose of the WHOIS directory is a way to create to be able to contact the owner of a domain for technical or legal problems. To achieve this purpose, the release of the data is not necessary. nic.at has already over the data and if there is a legitimate interest, this could be published by nic.at.
In § 7 para. 3 Data Protection Act 2000, the principle of least intrusive intervention is normalized in the privacy of the individual. Any further use of personal data is not permitted.
What is Whois? Some domain data are publicly accessible on the individual registries, called NICs. This includes, for example, information about who oversees a domain in the administrative or technical terms, if incurred legal or technical difficulties due to this domain or use of which may impede others.
Similarly, the domain holder is so in the case of an outgoing of the domain infringement can be determined who is possibly to avail. The accuracy of posted information is required by ICANN and is constantly reviewed. For the service by which this public information is requested, the term “whois” has for a long time (English for “who is”) naturalized.
A Whois is always the same structure:
Registrant: companies or individuals who have the right of use over the domain. The registrant is often referred to as the domain holder, or simply Owner.
Administrative contact (Admin-C): The person appointed by the domain holder natural person who is authorized and compared with the registry also act as his agent, all matters concerning the domain to take binding decisions.
Technical Contact (Tech-C): The technical contact is the domain indeca.de in technical terms.
Technical data (DNS): Here are the nameservers listed, which are responsible for the availability of the domain.
For businesses, this means that a consolidation of domains not in the uniform administration stops at one or a few providers. Rather, make sure that the Whois data are stringent and current.
The following tips will help you comply with the rules and be able to react quickly and flexibly with organizational changes in the company:
Enter the registrant only a company with address. If not explicitly required by some overseas registries, names of people, telephone number or e-mail addresses have no business here.
In most cases, the indication of a telephone contact or e-mail address is required. However, please remember that Whois data are public. If you do not want to be target of SPAM or unauthorized acquisition actions as Administrative contact, avoid the details of telephone extensions or personalized e-mail addresses. Use the contrary, the central “0” in the phone and set up a mailing list (ex. B. firstname.lastname@example.org), in which also delegates are involved. Additionally, it facilitates the necessary updates in the whois when changing the Admin-C.
The procedure of the contact design has its validity from the technical point of contact. We also recommend a nichtpersonifizierten roller contact here. (z. B. DNS service INDECA). Again, the people behind it replaced at any time without the necessity to update the Whois.
If these rules are adhered to, you contribute to a large extent help to keep sorted your domain portfolio. For an ordered domain portfolio is not just a marketing tool – it is a tool for strategic brand management!