Re: Is WHOIS going to go away?

[Florian Weimer <fw () deneb enyo de>]

* Filip Hruska:

> On 04/14/2018 07:29 PM, Florian Weimer wrote:
> > * Filip Hruska:
> >
> > > EURID (.eu) WHOIS already works on a basis that no information about the
> > > registrant is available via standard WHOIS.
> > > In order to get any useful information you have to go to
> > > https://whois.eurid.eu and make a request there.
> > >
> > > Seems like a reasonable solution.
> > Why?  How does the protocol matter?
> >
> > Either you may publish individual personal information for use by the
> > general public, or you may not.  Adding a 4 to the port number doesn't
> > change that.
>
> The EURID webwhois cannot be scraped, there are anti-bot measures in 
> place (captcha, throttling, all information displayed in images).
> Scraping WHOIS systems for thousands domains at once using the WHOIS 
> protocol is easy though. There are "WHOIS History" sites which scrape 
> all domains and then publish the data along with the date of retrieval.
>
> GDPR contains this in relation to the right to erasure:
>
>  1. Where the controller has made the personal data public and is
>     obliged pursuant to paragraph 1 to erase the personal data, *the
>     controller, taking account of available technology and the cost of
>     implementation, shall take reasonable steps, including technical
>     measures, to inform controllers which are processing the personal
>     data that the data subject has requested the erasure* by such
>     controllers of any links to, or*copy or replication of, those
>     personal data*.

Wouldn't that require a channel to the recipient of WHOIS data, so
that the controller can notify those who have accessed it once erasure
is requested?

A simple webform doesn't achieve that because it's not much different
from the way traditional WHOIS works.