New legal requirements for DENIC domain queries (whois)
Policy

New legal requirements for DENIC domain queries (whois)

DENIC-Redaktion 2 min read

Since 6 December 2025, new legal requirements for the provision of domain registration data have been in force in Germany. The background to this is the national implementation of the European NIS2 Directive. The regulations have a direct impact on DENIC domain queries (whois) for .de domains.

What exactly is changing?

In future, the domain query will provide additional information to ensure greater transparency and better accessibility on the Internet.

The following applies in principle:
Regardless of whether a domain is registered to a natural or legal person, the DENIC member administering each .de domain will be published. The DENIC member is the provider through which the domain is registered and administratively managed.

Display of data in detail

For domains belonging to legal entities (e.g. companies, associations or organisations), the following will be publicly displayed in future:

  • Name and address of the domain holder
  • E-mail address and telephone number
  • Date of domain registration
  • Name and contact details of the DENIC member administering the domain

For domains belonging to natural persons, personal holder data will continue to be protected for data protection reasons. The following information will be publicly visible:

  • Date of domain registration
  • Name and contact details of the managing DENIC member

This ensures that there is a clearly named and contactable entity for every .de domain, even if the holder data itself may not be published.

Access to non-public data

Domain holders can still view their own data stored at DENIC, for example by providing appropriate identification when querying the domain.

In addition, third parties – such as rights holders or authorities – can gain access to non-public data if they have a legitimate interest and after a case-by-case review.

Aim of the new regulation

The adjustments serve in particular to:

  • improve accessibility in the event of security incidents or misuse,
  • strengthening the enforcement of rights,
  • and implementing European requirements for cybersecurity and transparency.

Phase II

In Phase II, which will start on 14 April 2026, contact and domain orders will be subject to a risk assessment; high-risk entries will trigger a verification request to the responsible DENIC member, possibly followed by quarantine and deletion of the domain, while the holders will also be informed by e-mail within the first three weeks.

DENIC-Redaktion

DENIC-Redaktion

You might also like

DENIC Event Calendar

Subscribe to calendar

Industry News

European Vulnerability Database EUVD Kicked Off

Today, enhancing your digital security is more important than ever: In mid-May, open source-based cybersecurity vulnerability database EUVD was made available to the general public by Enisa (European Union Agency for Cybersecurity). Next to vulnerability information from trustworthy sources, it also provides recommendations on dedicated remedial action., 13.05.2025

D21-Digital-Index 2024/25

The German population still has a lot of catching up to do when it comes to digital technology. The annual report by Initiative D21 on the digital society provides a detailed overview., 10.03.2025
More Industry News

Newsletter

Register now and stay up to date about everything that moves the domain industry!

I would like to receive the newsletter and agree to the data processing according to the Data Privacy Statement.

Tags

Tech Security Policy Facts & Figures Engagement Events Press Releases

Featured posts

Latest posts

Follow us