Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Maybe I'm too tired, but wtf is this article even talking about.

You can lose your domain if your data is not accurate/real.

Registrars have also been offering proxy contact services for a long time now. Authorities, of course, can get the real info.



I'm a little tired too, but as far as I can tell, the Register is referring to an old draft,[0] while Breyer is referring to a much newer proposal to the same article.[1]

Pay particularly attention to the wording of 23.4., where it correctly in the text proposed by the commission would exclude personal data, but this amendment to the proposal would remove that exclusion.

However, I am not awake enough to deduce who makes these amendments, and how likely they are to pass in their current form. I am also not entirely sure with the LIBE Committee is.

But it feels like the Register is referring to an old draft, and have failed to notice a newer proposal to modify that draft.

[0] https://www.europarl.europa.eu/RegData/docs_autres_instituti... [1] https://www.europarl.europa.eu/doceo/document/ITRE-PR-692602...


> The EU is currently drafting legislation to increase cyber security (revised NIS Directive, in short “NIS 2”). According to this directive, the registration of internet domain names will in future require the correct identification of the owner in the Whois database, including name, address and telephone number. So far, registries such as denic do not register telephone numbers of the holders. The leading Industry Committee wants to additionally mandate „verification“ of the registration data. The plans could mean the end of “whois privacy” services for proxy registration of domains, threatening the safety of activists and whistleblowers.[1]

[1] https://www.patrick-breyer.de/en/cybersecurity-eu-to-ban-ano...


Proxy registration referred to in that quote isn't what Whois privacy generally refers to though, no?

When I've seen it used by typical registrars it has meant that the owner's details aren't disclosed on public Whois lookups but are still required to be correct.


That would be an odd regression; I thought current GDPR mandated whois privacy?


Yes, the current status is that the GDPR basically outlaws whois as "Domain holders must publish public contact information". ICANN's plan B, after failing to fight that requirement, is that registrars must hold contact information and provide it to parties with legitimate interests. The EU privacy regulators have been clear in their interpretation that IP lawyers do not have sufficient "legitimate interests" to be party to such a system, though they are ok with law enforcement having access. Part of that argument is IP lawyers are such a broad group as to make the information de facto public.

Anyway, this proposal seems to be basically a GDPR exception to make "whois" in some form allowable, which is backsliding on the current state.


GDPR contains contradictions.

Does your website's Data Protection Officer have a right to keep their identity secret?




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: