Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

NIS2 could seriously undermine European registrars' global competitiveness

EU seems to have forgotten that the domain name market is global

EU flags in front of the European Commission building

In an earlier blog, I concluded that the EU's NIS2 Directive would have a significant impact on the domain name industry. The main cause for concern is Article 23, which relates to registrant data and imposes various obligations on registries and registrars that process such data. In the absence of definitions and unambiguous demarcation, it is very unclear what the obligations entail. Nor is it entirely clear what security and/or other issues the Commission is seeking to address with the directive.

Identification

European Commission proposal on accuracy of registration data raises numerous questions

At the moment, various matters are still being discussed at the European level, and it isn't yet possible to say exactly what the provisions of NIS2 will be. What is clear is that Article 23 will be included in some form or other. And that European registries and registrars will be expected to do more in terms of ensuring the accuracy of the registrant data they hold. That could potentially mean verifying the identity of a would-be registrant and the accuracy of the contact details they provide before accepting a registration.

Higher fees

Additional obligations will inevitably place an additional administrative burden on European registries and registrars. Implying increased costs, which will ultimately be passed on to registrants. And that in turn could have a highly undesirable effect on the competitiveness of the region's registries and registrars on the global domain name market, where they will be competing with non-European players that have no comparable obligations.

eIDs are needed

The biggest threat to competitiveness is a scenario where the cost of registering a domain name has to rise considerably. That would certainly be the case if European registries or registrars had to verify every registrant's identity and check their contact details before completing the registration process. Without the large-scale rollout of eIDs and digital wallets such as IRMA, identity verification is not straightforward and cannot be automated. And consequently expensive. It would also make the registration process significantly more complex for would-be registrants.

All registrants

How everything will play out for European registries is hard to predict. Often, a would-be registrant has a strong preference for a particular ccTLD (e.g. .nl for the Netherlands and .de for Germany). In such cases, the registrant is likely to put up with the extra cost and trouble. But European registrars are in a very different position. The reason being that they will have to satisfy the NIS2 requirements not only when registering domains under their local ccTLDs, but also when registering .com domains and the like. That will be the case whether the registrant is European or not.

Big differences

As a result, it could become significantly more expensive and time-consuming to register a .com domain through a European registrar than through a non-European registrar. That will inevitably mean that European registrars have great difficulty selling .coms and other gTLD domain names. After all, it'll only take a couple of clicks to find a cheap, non-European registrar through whom a domain can be registered quickly and easily.

EU representative

In its draft Directive, the European Commission has sought to mitigate the adverse impact of the proposed new requirements. For example, Article 24(3) requires all non-European registries and registrars that offer services within the EU to nominate a representative within the EU. That party will have to comply with NIS2. The full definition of 'representative' and the full text of Article 24 and the associated Article 25 are reproduced below.

Practically and legally unfeasible

How realistic it is to think that non-European registrars (and registries) will comply with NIS2 or that compliance can be enforced is highly questionable. Furthermore, it is unclear what will constitute offering services within the EU. Nevertheless, it seems reasonable to suppose that NIS2 will certainly apply to me, if, as a Dutch citizen, I register a .com domain name on Namecheap's English-language website. The situation becomes even more complex when one takes resellers into account as well. I wish the European Commission luck monitoring and enforcing compliance with NIS2 requirements by all the resellers in the world through whom Europeans can register domain names. Given that the task is likely to prove practically and legally unfeasible, I cannot see how the proposed requirement for every non-European service provider to have a European representative will actually help the region's registrars remain competitive on the global market for domain names under gTLDs and non-European ccTLDs.

Conclusion

It seems that, when framing Article 23 of the draft directive, the European Commission has failed to take proper account of the fact that the domain name market is global – especially where gTLDs such as .com are concerned. Consequently, the directive threatens to make it impossible for European registrars to compete on that global market. What's more, it seems very likely that European registrants (including malicious registrants) will bypass the NIS2 requirements en masse by registering their domain names quickly and cheaply outside the EU. It is therefore highly desirable that Europe's legislators reconsider Article 23.

Definitions

(9) ‘representative’ means any natural or legal person established in the Union explicitly designated to act on behalf of i) a DNS service provider, a top-level domain (TLD) name registry, a cloud computing service provider, a data centre service provider, a content delivery network provider as referred to in point 8 of Annex I or ii) entities referred to in point 6 of Annex II that are not established in the Union, which may be addressed by a national competent authority or a CSIRT instead of the entity with regard to the obligations of that entity under this Directive;

Section II Jurisdiction and Registration

Article 24 Jurisdiction and territoriality

  1. DNS service providers, TLD name registries, cloud computing service providers, data centre service providers and content delivery network providers referred to in point 8 of Annex I, as well as digital providers referred to in point 6 of Annex II shall be deemed to be under the jurisdiction of the Member State in which they have their main establishment in the Union.

  2. For the purposes of this Directive, entities referred to in paragraph 1 shall be deemed to have their main establishment in the Union in the Member State where the decisions related to the cybersecurity risk management measures are taken. If such decisions are not taken in any establishment in the Union, the main establishment shall be deemed to be in the Member State where the entities have the establishment with the highest number of employees in the Union.

  3. If an entity referred to in paragraph 1 is not established in the Union, but offers services within the Union, it shall designate a representative in the Union. The representative shall be established in one of those Member States where the services are offered. Such entity shall be deemed to be under the jurisdiction of the Member State where the representative is established. In the absence of a designated representative within the Union under this Article, any Member State in which the entity provides services may take legal actions against the entity for non-compliance with the obligations under this Directive.

  4. The designation of a representative by an entity referred to in paragraph 1 shall be without prejudice to legal actions, which could be initiated against the entity itself.

Article 25 Registry for essential and important entities

  1. ENISA shall create and maintain a registry for essential and important entities referred to in Article 24(1). The entities shall submit the following information to ENISA by [12 months after entering into force of the Directive at the latest]: (a) the name of the entity; (b) the address of its main establishment and its other legal establishments in the Union or, if not established in the Union, of its representative designated pursuant to Article 24(3); (c) up-to-date contact details, including email addresses and telephone numbers of the entities.

  2. The entities referred to in paragraph 1 shall notify ENISA about any changes to the details they submitted under paragraph 1 without delay, and in any event, within three months from the date on which the change took effect.

  3. Upon receipt of the information under paragraph 1, ENISA shall forward it to the single points of contact depending on the indicated location of each entity’s main establishment or, if it is not established in the Union, of its designated representative. Where an entity referred to in paragraph 1 has besides its main establishment in the Union further establishments in other Member States, ENISA shall also inform the single points of contact of those Member States.

  4. Where an entity fails to register its activity or to provide the relevant information within the deadline set out in paragraph 1, any Member State where the entity provides services shall be competent to ensure that entity’s compliance with the obligations laid down in this Directive.

Article by:

Maarten Simon

Maarten Simon

Legal & Policy Advisor