On 17 May 2018 the ICANN Board adopted a Temporary Specification for gTLD Registration Data. This page is under review and will be updated to address the Temporary Specification.
Most of the search engine results, particularly those at the top of the search result hierarchy, link to webpage of registrars attempting to sell domain names and related services. It is not at all intuitive how to access WHOIS in order to find the domain name registrant information. In order to become proficient with WHOIS, it's important to start in the right place. ICANN organization's WHOIS look-up tool makes it easier to conduct WHOIS searches.
WHOIS services are provided by registrars and registries for the domain names that they sponsor. Access to this distributed network of independent databases is provided in two ways – through a free web page and through a free Port 43 service. The web page allows real-time access to WHOIS data in individual searches; the Port 43 access allows automated queries by machine. Searches for the full WHOIS contact data for the domain name registrant and the designated administrator and technician, as well as the registration creation and expiration dates can be performed at the registrar's systems (either through its web page and Port 43 service). A "thin" registry provides minimal information when queried: namely, the registrar, name servers and domain name registration dates. However, a growing number of registries are now transitioning to provide "thick" or full contact data.
ICANN organization's WHOIS look-up tool provides an additional resource for accessing WHOIS in addition to the access provided by registrars and registries.
WHOIS is used for many purposes. Under ICANN organization's agreements, WHOIS may be used for any lawful purposes except to enable marketing or spam, or to enable high volume, automated processes to query a registrar or registry's systems, except to manage domain names. In addition to identifying domain name registrants, WHOIS data also allows network administrators and others to find and fix system problems and to maintain Internet stability. With it, they can determine the availability of domain names, combat spam or fraud, identify trademark infringement and enhance accountability of domain name registrants. WHOIS data is sometimes used to track down and identify domain name registrants who may be posting illegal content or engaging in phishing scams. These are just a few examples of how WHOIS helps maintain a healthy Internet ecosystem.
ICANN requires WHOIS information to be accurate throughout the registration period of a domain name. Until recently, registrars were not required to proactively verify or validate the information provided by domain name registrants. ICANN requires registrars who have signed its 2013 Registrar Accreditation Agreement (RAA) to validate and verify certain WHOIS entries.
Domain name registrants need to carefully follow the instructions of their registrar or risk losing their domain names at the time of registration. A registrar may require a response to an e-mail sent to the email listed in WHOIS or a response from the phone number listed in WHOIS.
Because information can change over time, ICANN requires registrars to provide each domain name registrant with an annual opportunity to review and correct their domain name WHOIS data. They also get a reminder that providing false data can be grounds for cancellation of their domain name registrations. Anyone who submits false data or fails to respond to registrar inquiries related to the accuracy of their data risks having their domain name be cancelled or suspended. Domain name registrants need to respond quickly to inquiries from their registrar related to the accuracy of their contact data to avoid cancellation or suspension.
Conversely, Internet users who find that WHOIS data is incomplete or incorrect can file a complaint with ICANN organizaton, which will forward it to the sponsoring registrar. The registrar will investigate and correct inaccurate data in response to the complaint. Under the 2013 RAA, registrars are also required to reverify and revalidate certain WHOIS fields in response to a WHOIS inaccuracy claim.
Sometimes results may not show any contact information for the actual operator of a domain name and instead display information from a privacy and proxy service. Some registries and registrars offer privacy or proxy services that show only the contact information of the service, to shield users who don't want their personal information to appear in the database. Their anonymity is not guaranteed since registrars may abide by any legal requirements to share the identity of the customer. Likewise, registries or registrars in countries where privacy laws prohibit the collection and publishing of personal data are not required to break those laws to satisfy WHOIS. Instead, they are eligible to follow ICANN's procedure for handling conflicts with local law, and to apply for a WHOIS Data Retention Specification Waiver. Privacy issues are still being explored by on-going policy development efforts; see What's On The Horizon.