More specifically, it contains information on domain names, IP addresses, and more.
The information is retrieved and presented in a human-readable format.
Or phishing by tracking down the owners of domains responsible for the violations.
All registrations and logging at the time were managed by one organization.
And by the 20th century, the WHOIS system had changed a fair bit the searches were highly open.
Searching for the keyword car would return all domains that contained that keyword.
Naturally, this was almost immediately abused by scammers, spammers, and other unethical actors.
So-called wild-card searches were quickly banned to protect the privacy and security of registered members.
This removal of wild-card searches prompted criticism of the system few parties have real-time access to the entire database.
They are accessing the complete data stored, even when necessary, isnt easy.
Another issue is the accuracy of information.
When someone buys a domain, they must register certain bits of information in the WHOIS databases.
Because just retrieving it can take time and require multiple steps as domains can be resold.
Naturally, its no longer possible for everything to be done by one company.
Generally, the minimum information required is an email address, phone number, and physical address.
By default, that info is made public within the WHOIS system.
Of course, plenty of people are unwilling to reveal their information like that.
For this reason, domain privacy services are available for cheap and allow users to hide their data.
Since entry in the WHOIS database is mandatory.
The registrar substitutes their knowledge, usually as a forwarding service.
It also implements CAPTCHAs to make it more difficult to abuse the available information.
Unsurprisingly, the requirement to register in the WHOIS database violates what the GDPR mandates.
The implementation of the GDPR marked the first major legal issue with WHOIS registration.
And the first notable exception from the requirement to register information there.
In some cases, the interim solution is that registrars collect the information required.
But do not pass it along to the international WHOIS databases.
Instead, storing it securely on their own.
Interested parties would need to drop a line to the registrar directly to enter the information.
Not an ideal solution for users who are not trying to scam.
Or spam anyone but need the information there for legitimate purposes.
At a minimum, the general concept of WHOIS would need to be reworked to comply eventually.
But another possible solution would be to abolish it entirely and create an alternative solution.
So creating a more internationally-suitable system could be a good choice for everyone.
And more was added to it that required letters and characters not found in the US-ASCII, for example.
The intent is to be able to identify a contact point for legitimate purposes such as purchasing.
Or selling the domain or for law enforcement action.
However, the enormous treasure trove of personal information proved helpful to spammers.
So anonymity services popped up that would provide their company information to protect the real domain owners privacy.
Efforts are underway to modernize the WHOIS system to be more internationally friendly and to respect user privacy more.
