To first identify the registrar-of-record for a particular domain name, one place to start (among others) is the InterNIC webpage (screenshot below).
On this page, and merely by way of example, a search using the domain name (which redirects to) produces a report that lists the registrar-of-record; in this scenario, “GoDaddy” (screenshot below).
A further search on the registrar’s WhoIs database shows the publicly-available information for the domain name registrant; in this scenario, “Registrant Name: Domain Administrator” and “Registrant Organization: ICANN” (screenshot below).
After May 25, 2018, for domain names registered by “natural persons” (i.e., individuals), as opposed to “legal persons” (i.e., businesses), publicly-available WhoIs data may no longer include full identity and contact details for the domain name registrant, nor for the administrative, technical, and billing contacts. Instead, the publicly-available WhoIs record may provide very limited information such as the registrant’s legal (or “organization”) name, its state, and its country.
Moreover, a range of interpretations as to the scope of the GDPR presently exists such that some registrars may take a more global approach, whereas others may narrow its application. For example, registrars may tailor application of the above-noted GDPR-triggered limitations to natural persons with an EU nexus, and still others may apply such principles based on the registrar’s EU nexus regardless of where a particular registrant is based.
Notably, the registrant’s actual email address may not be provided.
However, in order to facilitate contact with the domain name registrant, the registrar is required to provide an “anonymized” email address or a web-based contact form.
In any event, it should be possible to contact the registrar directly to request this information. (See below regarding requests for disclosure of non-public WhoIs information.)
This possibility is in line with ICANN’s Temporary Specification for gTLD Registration Data, Annex A, Section 4.1 which states that “registrar and registry operators must provide reasonable access to personal data in registration data to third parties on the basis of a legitimate interest [ ] pursued by the third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the registered name Holder or data subject pursuant to Article 6(1)(f) GDPR”.
At present, neither ICANN nor registrars have adopted a standardized approach for requests for non-public WhoIs (registrant) contact information. (See below concerning WIPO’s involvement in stakeholder discussions on a WhoIs access model.) A range of guidance/information is however emerging, cf., the Nominet (.UK) Data Release Request form, or the EURid (.EU) Personal Data Disclosure Form Personal Data Disclosure Form.
Especially noting that the disclosure process may vary for each registrar, and that the below information is merely provided as a guideline, such requests to a registrar would typically include:
- the concerned domain name;
- the name and contact details for the requestor (e.g., the trademark owner);
- if applicable, the name and contact details for the trademark owner’s representative;
- the information being sought (e.g., the registrant’s name and specific contact details (which may include all or some of the registrant’s postal address, email address, telephone number));
- a statement outlining a specific legitimate reason why the information is being sought (e.g., to pursue a claim for trademark infringement, to identify the registrant for purposes of a possible UDRP complaint filing, for acquisition due diligence, etc.);
- information on the concerned trademark (e.g., its registration number and jurisdiction, and/or if possible to attach: a relevant registration certificate);
- a certification that the non-public registrant data will be retained/used for a legitimate purpose within the permissible scope of the GDPR (e.g., for specific enforcement purposes, such as to prepare a UDRP complaint).
In addition to the above, contact information may also sometimes be found on the website of the relevant domain name.
If the information provided by the registrar in response to a request is believed to be inaccurate, a complaint can be submitted using the ICANN WhoIs inaccuracy form.