Whois Database: What It Is And Why We Need It
You probably have noticed that when you register a domain name you provide a lot of personal information. You may have noticed that registrars promote a service that is called whois privacy (or similar). But why does that happen? Who can have access to your personal details since you only provide them to your domain registrar?
All this data is stored in something that we called the Whois database. So, what is the whois database? The Whois database is a collection of data from all the domain name owners. Everyone has access in that database and he can search for the domain name owner details unless a domain name privacy (whois privacy) is enabled.
What Is The Whois Database (Full Explanation)
Every time a person completes a domain name registration, a new record is created in the whois database. The domain owner (the registrant) provides details such as full name, address, email, and phone number. He can just do it that once and then the registrar (such as Godaddy) will assign that details for the next domains too.
The Whois database includes details of 3 different contacts: the Registrant Contact, Administrative Contact, and Technical Contact. In most of the cases, those 3 different contacts have the same details of the same person. There are cases when a company owns a domain name so you can see different information there.
We can also see when a domain was created and when was the last update in settings. We can also see which registrar the owner used for the domain name registration. Another useful information is the current status of the domain name and what are their current nameservers. From the last detail we can find out where he hosts his site (if he has one) or if he is using specific domain parking services.
Here are some sites that you can use to access the Whois database:
https://www.whois.com/whois/ , https://whois.domaintools.com/ , https://lookup.icann.org/lookup
Here is how a whois search looks like:
There is not just one single entity responsible for adding information there, updating, and maintaining it. There is a cooperation between the registrars (the retailers such as Godaddy and Namecheap) and the registries ( like Verisign – they are administrators of the records).
As a domain name owner (registrant) you should provide accurate info for various reasons. A registrar will use the email from whois records to send a verification email if you request a domain name transfer. In case of a conflict for a domain name ownership you can easily prove that you are the legimate owner.
Providing false information or not updating it can lead to a cancellation of your domain name registration.
*Registrant : the domain name owner
*Registrar : The site he used to register the domain (ex. Godaddy, Namecheap)
History Of Whois Database
Whois database has its origins back in the 80s. Before the internet there was another network with the name: ARPANET. It was established by the United States Department of Defense and it was mostly for research purposes. Various researchers and students were the main users of this network.
It really shaped the protocols we currently use for today’s internet but it was on a smaller scale. There was a directory for all the users of ARPANET and it was the initial base for the whois database as we know it today. The main difference was that one server (specialized computer) was storing all this information.
Eventually, the internet was doing its first steps, and private companies such as Network Solutions in 1993 started to offer domain registration services. Initially, the whois database was easier for bulk searches. For example, you could easily see how many and which domain names a contact owns. You could also see all the details for domains that contain a specific keyword.
Many spammers and people used this information for unethical reasons so the decision-makers in the space limited these bulk searches. They decide a more minimalistic approach for the whois database and that seems to be the long-term vision for this tool.
Why Is Whois Database Public?
The Whois database is public for some good reasons:
1.) It is essential for the domain name transfer. Your new registrar should be able to validate that you are the legimate owner so it can initiate the transfer.
2.) It proves the domain name ownership. In unfortunate situations like when a domain registrar goes out of business, you might need to claim your domain in a new registrar.
3.) Domain trademark infringement issues. If a domain violates a trademark of another company you can locate the owner. For example if someone registers misspelled domains of popular brands so he can get some of their traffic. Another example is if someone got a domain (maybe because expired) of an existing brand with an active trademark status.
The owner of that kind of domain should have legal sequences or at least he will transfer the domain to the company with the active trademark.
4.) It is essential for cybersecurity professionals or law enforcement entities. Although a hacker or spammer probably will enable domain privacy to hide his details there is still valuable information. You can still see who is the domain registrar and who is responsible for keeping the online content live for a domain name ( you find out from the nameservers).
The cybersecurity professional can contact both of the previous entities so they can find out more for the domain owner or ask from the registrar to cancel the current usage of the domain.
For example if there is a website that provides torrent movies without the consent of the creator then the domain can be suspended. Another case is the hosting company (you can see that from the nameservers) that stores the website can stop servicing the particular site.
How Do I Hide Whois Information?
For those that they don’t want their personal details to be online they can activate whois privacy from their domain management dashboard. Every domain registrar offers this kind of service. Many they offer it for free such as Namecheap, Namesilo, and Dynadot.
In that case your personal details are hidden and they are replaced with some generic information from the organization that provides you the privacy. If someone wants really to contact you, he can send a message to that generic email or complete a form.
Only then, the domain registrar will redirect that message to your email inbox. The sender will not find out your real email unless you decide to answer him.
Here how it looks a whois search for a domain name that uses privacy:
*If you are a European citizen you might not need to activate or purchase privacy, read my paragraph for the recent whois updates.
Is Whois Legal?
Although there are concerns over the time about the personal details of users, the whois database is legal. ICANN (Internet Corporation for Assigned Names and Numbers) is the organization that oversees the overall policies for that database.
There are cases that the whois database conflicts with the local law where personal privacy is protected. In that case a registrar can ask for an exception from ICANN and it can hide most of the personal information from the whois database.*If you are a European citizen and you want to learn more about the whois database legal issues check this paragraph recent whois updates.
Whois Database Download, Is It Possible?
The American Registry for Internet Numbers seems to provide this information for free but only under a specific agreement. You need first to complete a form and then if your request is accepted you can have access to the data.
Please pay extra attention to his section of the request form:
“Thus, by way of limited example, the ARIN Bulk Whois Database and the data contained therein may not be used for advertising, direct marketing, marketing research, or similar purposes, whether conducted by email, instant messaging, direct mail, telephone, facsimile or any other means now known or hereafter invented”https://www.arin.net/about/corporate/agreements/bulkwhois.pdf
Here is the section of the site where they mention the bulk whois data:
Here is the form:
There are also many paid solutions but please do your own research before using them:
The prices there are not cheap so be aware for that fact.
Whois Database Recent Updates (GDPR)
From 25 May 2018 European Union implemented a new legal framework with the name GDPR (General Data Protection Regulation). The role of this framework is to provide rules on how companies/organizations handle the data of other persons (ex. customers).
GDPR is now a law for all the countries that participate in the European Union. It is more strict and there are big fines for those that don’t comply. The guidelines are related to how you handle the personal data, for how long you keep the records, and how you protect them from unauthorized usage.
The whois database seems that don’t comply with the rules from GDPR. For example anyone can have access to the personal details of a domain name owner. Only that part is enough to violate GDPR rules.
ICANN after consulting with various legal experts and entities that participate in the domain industry, established the Temporary Specification for gTLD Registration Data to comply with GDPR.
With the new guidelines when someone performs a whois search for a domain owner that lives in the European Union he can’t see most of the personal details since they will be hidden.
These are the details that are hidden for privacy reasons:
Registry Registrant ID
Registrant Postal Code
Registrant Phone Ext
Registrant Fax Ext
Here is how a whois search looks like for a domain with an owner from European Union:
The reality is that already ICANN was thinking to move to a new model for the whois database. In the new model only interested parties (like trademark lawyers, law enforcement entities) can have access to the personal details of the domain name owner. The general public will be able to see only some generic details for the domain such as where it is registered, when it was created, and the current nameservers.
Whois History Lookup
Many people are interested to find out the history of a domain name, for example how many different owners had in the past. Another request is to find out how many more domains a current owner has.
Here are some sites that you can use but you need to pay or you only have limited searches before you need to move on to a paid plan:
I hope I clarified most of your questions for the whois database. Please share the post on social media if it was helpful!