* Filip Hruska: > On 04/14/2018 07:29 PM, Florian Weimer wrote: >> * Filip Hruska: >> >>> EURID (.eu) WHOIS already works on a basis that no information about the >>> registrant is available via standard WHOIS. >>> In order to get any useful information you have to go to >>> https://whois.eurid.eu and make a request there. >>> >>> Seems like a reasonable solution. >> Why? How does the protocol matter? >> >> Either you may publish individual personal information for use by the >> general public, or you may not. Adding a 4 to the port number doesn't >> change that. >> > > The EURID webwhois cannot be scraped, there are anti-bot measures in > place (captcha, throttling, all information displayed in images). > Scraping WHOIS systems for thousands domains at once using the WHOIS > protocol is easy though. There are "WHOIS History" sites which scrape > all domains and then publish the data along with the date of retrieval. > > GDPR contains this in relation to the right to erasure: > > 1. Where the controller has made the personal data public and is > obliged pursuant to paragraph 1 to erase the personal data, *the > controller, taking account of available technology and the cost of > implementation, shall take reasonable steps, including technical > measures, to inform controllers which are processing the personal > data that the data subject has requested the erasure* by such > controllers of any links to, or*copy or replication of, those > personal data*.
Wouldn't that require a channel to the recipient of WHOIS data, so that the controller can notify those who have accessed it once erasure is requested? A simple webform doesn't achieve that because it's not much different from the way traditional WHOIS works.
