Germany: New transparency rules for .de domains – Action required

New legal requirements for .de-domain registration data have come into force in Germany. These changes implement the European NIS-2 Directive and directly affect DENIC’s whois service for all .de domains.

Why these changes?

The NIS-2 Directive establishes a unified EU framework for cybersecurity, aiming to better protect network and information systems whilst making responsibilities clearer. As a result, DENIC has amended its process for verifying domain holder data to ensure that it is always clear who is responsible for a domain and how they can be contacted.

What’s changing?

From 28 January 2026, DENIC’s whois portal will publicly display certain data for legal entities.

For domains registered to legal entities:

• Company name
• Business address
• Email address and telephone number
• Domain registration date
• Name and contact details of the managing DENIC member (registrar)

DENIC’s verification process in 2026

During 2026, DENIC will conduct a comprehensive review of domain holder data for all .de domains – both existing domains and new registrations.

The verification will check:

• Whether the name, address, and legal form are consistent and plausible
• Whether the provided email address exists

If you are the holder of a .de domain, you will receive a verification email that must be confirmed.

If inconsistencies are detected, a second verification stage follows. DENIC may request additional evidence, such as an extract from the commercial register.

Action required 

For companies, it is essential that registered data is correct and unambiguous. Review your domain portfolio and update outdated information. In particular, check if the legal company name is correct and if the email address is still in use and monitored. It might be useful to create a new email address such as domain@... instead of using a personal email address, since they are not publicly available.

 In case you have any questions, please contact Clarissa Otto.