Everyone from Mom & Pop shops to Google has a domain for their site, if not a few. Domains are integral to how the internet works. It’s quite literally your web address – if someone wants to find you and your web presence they’ll need your domain.

There are over 370 million domains registered as of Q3 of 2020, with an average of 30,000 registrations per day in the United States alone. Many website hosts act as registrars where one can go and purchase a Top Level Domain (TLD) such as a .com or .net. That’s a lot to keep track of, so just how is it done?

ICANN & Domains

The Internet Corporation for Assigned Names and Numbers is tasked with the supremely crucial bookkeeping for things related to TLDs. Without this non-profit entity, the internet just wouldn’t work. ICANN is sort-of like the government of the web: they create and enforce laws to keep order. However, as with any form of criminal activity, having the laws are in place isn’t always the best deterrent.

ICANN has put forth a living set of bylaws by which domain registrars and people registering domains must abide by to ensure law enforcement can get the information they’re needing should a criminal act take place on the web. These standards are constantly under review to ensure they’re doing the job.

What is WHOIS?

One of these bylaws aimed at internet transparency is called WHOIS – which may seem like a fancy acronym. It’s not. If anything, it’s more of a question.

WHOIS (now also commonly known as Registration Directory Service) data is what you provide to domain registrars when purchasing a domain which typically includes your name and mailing address for technical, administrative, and billing purposes. This data is not located in a centralized database over at ICANN, but rather is the responsibility of registrars to report. This information needs to stay accurate, lest your domain be suspended for suspected abuse.

WHOIS has been the subject of much attention in light of data protection efforts like GDPR and CCPA, to name a couple. Because any person can look up this information, some have argued that access to this information should be restricted except by those with a legitimate reason for needing the data, such as law enforcement. I’d argue that finding out where your news is coming from is increasingly important as misinformation is being spread more and more nowadays.

How can I abide?

Easy – just fork over the needed information, confirm it when asked, and change it should that information change! You’ve likely already shared this information when purchasing a domain, but if you get an email from your registrar (careful of Phishing efforts!) to confirm the data be sure to do this to avoid your domain being suspended. When you register a domain, you enter into a contract with the registrar. It’s up to you to keep this data accurate.

If you’re ever curious as to what rights you have as a domain registrant and what you’re obligations are, you can read your registrar’s Registrar Accreditation Agreement to see exactly what they’re bound to under their specific ICANN agreement. This may vary by registrar depending on when they entered into the agreement.