The following details how WHOIS is implemented today.
Current WHOIS policy is reflected in a series of commitments under ICANN's agreements with its registries and registrars and "consensus policies" adopted by ICANN in response to recommendations from the Generic Names Supporting Organization (GNSO). As a result, there is no one document that describes the entire WHOIS policy, although the excerpts of the relevant policy and contractual terms are available here.
ICANN's agreements with accredited registrars and with gTLD registry operators require compliance with various specifically stated procedures and also with "consensus policies" that are adopted from time to time. Since ICANN's creation, the Generic Names Supporting Organization (GNSO) has recommended three WHOIS consensus policies aimed at improving the accuracy of WHOIS data and combating its abuse.
Current consensus policies regarding WHOIS include:
In addition to these consensus policies, ICANN has also developed a Procedure For Handling WHOIS conflicts with Privacy Law (effective January 2008) which details how ICANN will respond to a situation where a registrar or registry indicates it is legally prevented by local/national privacy laws or regulations from complying with the provisions of its ICANN contract regarding the collection, display and distribution of personal data via WHOIS.
The WHOIS obligations for ICANN’s current Registries are set out in their contracts with ICANN. Generally, the “WHOIS Specification” can be found in the appendices of the Registry Agreements, all posted individually on the ICANN website.
ICANN’s registrars have signed onto one of the three contracts below: the 2001 Registrar Accreditation Agreement (RAA), the 2009 RAA or the 2013 RAA. Each of these contracts contain numerous provisions regarding WHOIS service and data, and set out requirements for the access and accuracy of WHOIS data.
Follow these links for the:
For a listing of Registrars and the contract versions they are on, see the Internic Accredited Registrar Listing.
The WHOIS provisions of the 2001 RAA and 2009 RAA are very close in their language, intent and goals. The 2013 RAA, which is now required for registrars wishing to renew their RAA or sell domain names in new gTLDs, represents a expansion of obligations related to WHOIS, in an effort to improve the accuracy and overall effectiveness of ICANN’s WHOIS system. The 2013 RAA introduces obligations related to the validation and verification of certain WHOIS data elements, as well as obligations applicable to privacy and proxy services offered by the registrars and their affiliates. Some of these new WHOIS obligations will be in effect beginning January 2014.
From time to time, ICANN publishes advisories to clarify existing contractual terms or consensus policies, some of which address the WHOIS policy. Follow this link to see the current list of Registrar advisories related to WHOIS.