We are taking important steps to ensure the security and reliability of our services by aligning with the European Union’s NIS2 Directive. This updated directive aims to improve cybersecurity across EU member states, establishing a higher level of security for network and information systems.
The NIS2 Directive updates the original NIS Directive to address the evolving nature of cyber threats. It introduces stricter requirements and expands its scope to include more sectors and services, particularly those in the domain name industry.
For those in the domain name sector, Article 28 is particularly significant. This article sets out the following key requirements:
It is essential that top-level domain (TLD) name registries and domain name registration service providers collect and maintain accurate and complete registration data, stored in a dedicated database. This data must be managed with care and in compliance with EU data protection laws, especially regarding personal data. The goal is to ensure that the data is reliable, which will help mitigate cybersecurity risks and enhance the overall security and stability of the domain name system (DNS).
These measures will affect various stakeholders, including domain name registration service providers, TLD registries, resellers, proxy and privacy service providers, and DNS service providers.
In response to these requirements, CentralNic is making adjustments to its reseller systems to ensure compliance. We are implementing several technical improvements to meet NIS2’s criteria and enhance the data quality across our platform for future compliance needs. Details of these changes will be shared soon, but they will affect the following features:
Updates will be made to how we validate and verify contact data. New requirements, such as the mandatory inclusion of valid email addresses and phone numbers, will be introduced. Additionally, contact extensions will allow the submission and storage of verification information specific to a contact. These extensions will also make it possible to distinguish whether a contact represents an individual or an organisation.
New events related to contacts and domain names will be implemented in line with NIS2 requirements. These events will allow for the request of specific contact verification details to prevent domain names from resolving if NIS2 violations are found.
The WDRP email process, currently applied only to contact objects linked to gTLDs, will be expanded to include all contact objects associated with a product. Furthermore, TLD-specific solutions will be aligned with our standardised approach to contact management, creating a more streamlined system across all products.
These updates will be applied to all our APIs, and further information will be provided soon.
Team Internet plc (LON:TIG) – formerly CentralNic – is a global internet solutions group headquartered in London. Leveraging world-class technologies and industry leading teams, they have been transforming the way organisations, brands, publishers and consumers connect and thrive online.
