Internet Accountability
Until GDPR was implemented in 2018, WHOIS data – the telephone directory of the Internet – made it possible for law enforcement, consumer protection agencies, child advocacy groups, anti-human trafficking organizations, cybersecurity investigators, intellectual property rights holders, journalists, academics and others to identify who registered any given domain.
Alarmingly, access to WHOIS data has been drastically curtailed as a result of overly broad interpretations of GDPR data privacy laws and the failure of registrars and registry operators to self-police. This has severely limited cyber investigations and restricted our ability to act quickly to protect American consumers.