University of Twente Student Theses



Oliemans, R. (2019) WHOIS versus GDPR.

[img] PDF
Abstract:WHOIS is a protocol for requesting information about registered domains and their registrants. The data about registrants is often personal data. Publicly showing this data is not in line with the EU GDPR, and registrars showing this data about EU citizens are incompliant with EU law. This paper measures the amount of personal data publicly available via the WHOIS protocol. Since the GDPR only applies to citizens of the European Union, this paper compares the amount of personal data between 13 EU countries and 7 Non-EU countries. Before measurements can be done about the amount of personal data, however, the parsing of WHOIS data first needs to be improved. Since different Top-Level Domains – TLDs – have different formats to return this data, the parsing of WHOIS data is challenging. In this paper, we create some improvements to the state of the art of open WHOIS parsing. As for measuring personal data, a large difference in the existence of personal data can be found between different TLDs. Where 12 TLDs have no personal data at all, 3 TLDs contain personal information in more than half of the domains. Additionally, a significant difference can be found in the presence of personal data between EU countries and Non-EU countries, with Non-EU countries containing more personal information in their domains than EU countries.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science BSc (56964)
Keywords:WHOIS, GDPR, Personal data, Parsing, Rate limit
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page