General Data Protection Regulation (GDPR): WHOIS Changes

WHOIS Changes After GDPR

With the emergence of the General Data Protection Regulation (GDPR), here is a well-detailed piece to discuss the changes that have surfaced. Worthy of note is that this is entirely geared towards the customers of AccuWebHosting who are using our domain registration services.

First, what is GDPR? For Internet users within the European Economic Area and the regions of European Union Member States, the GDPR regulates how their personal data is collected, processed, and protected.

As the GDPR was adopted, a number of changes—both significant and otherwise—in the processes and policies of WHOIS were introduced as well. For our GDPR implementation project particularly, we established a lot of revisions and alterations that are to be discussed in this today’s piece.

For one, we now handle the personal information we collect during domain registrations with respect to the regulation. This means WHOIS information has been subjected to some changes. (WHOIS information is the personal information provided by customers in the process of registering a domain name.)

Prior to the implementation, personal information of the domain registrant are within easy reach as WHOIS information lookup displayed all these details. However, the GDPR has changed this; let’s have a quick understanding of these changes.

What Changes Were Introduced to WHOIS?

As said earlier, the publication of the personal information of domain registrants—which includes name, organization, email address, postal address, and phone number(s)—has changed. Instead of publishing the information in the public WHOIS, they will be displayed publicly in a masked format.

However, the public WHOIS also displays non-personal information (or registrar information) of the domain. These information include the name of the registrar, registration date, domain status, dates of last update and expiration, and name servers. And they will still be available publicly like they were before the GDPR.

New WHOIS Changes Overview

For all the customers of AccuWebHosting who purchased or transferred their domain from, let’s see what these WHOIS changes mean with visual illustrations. And of course, you can manage your domain through your AccuWebHosting client area.

Below are images to show you how the display of the previous WHOIS information compares with the current WHOIS information.

Previous WHOIS Output for Privacy Protection Disabled Domain

Previous WHOIS Output for privacy protection disabled
Previous WHOIS Output for Privacy Protection Enabled Domain

Previous WHOIS Output for Privacy Protection enabled Domain
New WHOIS Output of Domain Without Privacy Protection as of May 25, 2018

New WHOIS Output of domain without privacy protection
New WHOIS Output of Domain With Privacy Protection as of May 25, 2018New WHOIS Output of Domain With Privacy Protection

Furthermore, the WHOIS information of your domain might still remain publicly available in the event that you registered your domain through Resellerclub, the official domain registrar channel partner of AccuWebHosting. There are two conditions that make

  1.  You have not purchased WHOIS protection service.
  2. The physical address information you provided is outside of the European Economic Area or the regions of European Union Member States.

You can access and manage our Resellerclub domains by visiting

Is The WHOIS Privacy Protection Still Useful?

Yes, it is! And regardless if a change occurs to the WHOIS system or not, privacy protection is still one of the most valuable services for registrants. Even though the public WHOIS is no longer open to disclose personal information, there will always be a need for the gated WHOIS. The gated WHOIS is a portal in which all the WHOIS information of registrants are accessible to authorized third-parties with keen interest.

Hence, even though the personal information are not publicly disclosed, WHOIS privacy protection comes in handy here so as to protect the information from third-parties that are unauthorized to access the gated WHOIS.

Further, privacy protection also makes it easy for third-parties to contact the owner of the domain. This is done by displaying the privacy service email address (e.g. [email protected]) in the WHOIS Output. However, this perk would not have been available if all was left in the hands of the GDPR regulations. Moreover, the personal data associated with a domain that is protected by WHOIS privacy protection will not be shared with registries.

New Improvised Domain Transfer Process

Similarly, the process of transferring your domain name has a new leaf, which requires no additional action from the domain registrant’s side. Below is the new process in details.

  1. First, you must obtain Extensible Provisioning Protocol (EPP) key from the initial registrar before proceeding to transfer the domain name. If you do not have the right information on how to obtain the EPP key, you should contact your registrar. And you can find more information about the EPP key here. 
  2. After obtaining the EPP key, you can now initiate the domain transfer process on AccuWebHosting. To do this, you should check out our step-by-step guide on how to place a domain transfer order at AccuWebHosting.
  3. After placing the domain transfer order, we instantly process it through domain registry. Then, we will send an optional verification email to your admin email address. Likewise, the initial registrar will send an optional verification email to your admin email address. This way, the administrator can either approve the process or decline it. Meanwhile, do not to worry if the admin fails to respond to the verification email as the domain transfer will automatically proceed after a period of five days.
  4. Once the admin approves the domain transfer request or it was approved automatically, the said domain will be transferred within 5 to 6 business days.

We understand that this process can be technical, so kindly refer to this Process flow 


  • We highly recommend that you keep the domain registrar lock enabled and only disable it when you wish to transfer the domain.
  • Never should you share your EPP key with anyone; it must be kept a secret or confidential data.

– The domain name should not be registered within last 60 days as well as WHOIS data should not be updated within last 60 days. In both conditions, domain transfer will be failed.


When all is said and done, the new and improved WHOIS ensures the public system works with respect to the new GDPR regulations. Hence, it is the better version of the original system and we hope this piece has broken down every bit of the development. Should you find any aspect unclear, feel free to write in the comment section below.

(Visited 453 times, 1 visits today)

Leave a Reply

AlphaOmega Captcha Classica  –  Enter Security Code

This site uses Akismet to reduce spam. Learn how your comment data is processed.