In the wake of GDPR, public whois records are 100% redacted. There is lots of work going on to attempt to provide the data without violating privacy laws, but no one is there yet.
This came up because today I got email from Tucows asking me to verify and, if necessary, update my whois data. Now, Tucows is the registrar, so they know all of the data. But they sent me this
Gee, thanks. That’s so helpful.
There’s a lot of discussion going on about just what GDPR requires, and of who, and in which jurisdictions. German organizations in particular have been more aggressive than most about wanting to see opt-in confirmation for years and now seem to be adding “because GDPR” to their arguments.
I’m still not sure how this is going to shake out, but I’m beginning to see list owners take externally visible action.
I’ve been a subscriber for four or five years – it’s a good mailing list, run well, and I doubt it has any delivery issues beyond the unavoidable.
So this is a permission pass solely because they’re not sure whether I’m an EU resident, and aren’t 100% sure their opt-in confirmation data is squeaky clean (I subscribed as part of downloading an app of theirs, but after five years I couldn’t tell you whether that was technically confirmed opt-in or not, and I’m sure they can’t either).
Zoomdata aren’t taking any chances on confirmation. This isn’t a single “click to confirm you want to stay on the list” permission pass, rather it goes to a form that asks whether I’m an EU resident and if I am requires me to check an “Opt-in to email communications” checkbox and then click on a link in a confirmation email.
I’m not an EU resident today but may be an EU resident in the near future – yet my email address won’t change and nor will my mailing list subscriptions. That does make me wonder how valid it is to be capturing opt-in permission solely for recipients who are EU residents today.
Also are non-EU residents likely to claim they live in the EU because they’ll be treated better as far as their privacy is concerned, much the same as telling Facebook or Twitter you live in Germany provides you with better content filters?
I guess I’ll be seeing more of this in my inbox over the next few weeks. How are all y’all handling GDPR compliance?
Twitter has some opinions on #GDPR.
— @rianjohnson (Yes, the director of The Last Jedi)
I’ve talked before about reasons not to hide commercial domains behind whois proxies. Al found another one: if you use a proxies you cannot list your domains with abuse.net. Al has a good write up of whois, and why this is important. So go there and read it.
Read More