WHOIS has been replaced by RDAP: How do the two systems compare? 

By Marc-Emmanuel Mellet,
WHOIS vs RDAP, image of database

Discover how to protect, manage and maximise the value of your domain portfolio by signing up for our webinar on domain name portfolio management and dispute resolution.

The Registration Data Access Protocol (RDAP) became the official source for accessing registration data for generic Top-level Domain (gTLD) names on 28 January 2025, replacing the now obsolete WHOIS service. Marc-Emmanuel Mellet explains what this means in practice. 

Overseen by the Internet Corporation for Assigned Names and Numbers (ICANN), the WHOIS protocol has been used since the early days of the internet to retrieve relevant information from the domain name database about the people or entities that registered a domain. On 28 January 2025, it was officially abandoned in favour of the Registration Data Access Protocol (RDAP), which offers a more modern and structured alternative. 

The transition was motivated by the limitations of the ICANN WHOIS protocol; namely, lack of data standardisation, lack of security and access control, and incompatibility with recent data protection regulations, such as the EU General Data Protection Regulation (GDPR). 

WHOIS vs RDAP: What has changed? 

The new RDAP seeks to address several concerns raised against WHOIS, not least by ensuring authorised and controlled access to data: 

  • It uses the JSON file and data interchange format for better readability and integration.  
  • It also allows user authentication and granular control of the information displayed, namely that users, depending on their profile, will have access to different levels of information, depending on their authority and status. 

In particular, the ICANN RDAP protocol provides for the ability to: 

  • Adapt the display of data depending on the type of person requesting the records; i.e., an individual, a legal authority or an accredited body may see different information. 
  • Comply with privacy regulations (e.g., hide certain data from the general public while making it accessible to the relevant authorities); and 
  • Implement secure access levels (e.g., certain users must authenticate to view certain information). 

Additionally, RDAP relies on the HTTPS protocol, ensuring secure communication. 

Complementary ICANN initiatives 

In parallel, ICANN has implemented the Registration Data Request Service (RDRS), a pilot service facilitating requests for access to registration data masked for privacy reasons. It serves as an intermediary between those requesting information (authorities, researchers, etc.) and registrars, centralising and standardising these requests. 

Both initiatives, the transition to RDAP and the introduction of RDRS, mark an evolution towards more secure, structured and regulatory-compliant access to data. 

To find out more about the new ICANN RDAP protocol or for support identifying and investigating potentially infringing domain names, speak to your Novagraaf attorney or contact us below. 

Marc-Emmanuel Mellet is a Trademark Attorney specialising in assisting brand owners with domain names and online infringement activities. 

Latest news

詳細はお問い合わせください

お問い合わせ