This article is a follow up on my previous article about domain names. Most people do not realize that your domain registration details are often made freely available online. Personally identifiable information that you (as a domain owner) would probably like to keep confidential is exposed to virtually anyone with internet access – yes, just a simple ‘WHOIS’ search and your name, residential address and email address, telephone numbers, etc… will be exposed to the public.
In fact this is why the practice of using a fake address and registrant name for the WHOISdata is still pretty common nowadays for self protection. However, the ICANN (Internet Corporation for Assigned Names and Numbers), global regulatory body for the domain name industry) has a policy stating that each and every registrar is required to keep a WHOIS database that contains publicly accessible contact information for all names that have been registered. What make things worse, if you do not submit correct or complete information; your domain name is subject to being deleted from the registry.
I know, it’s depressing to realize how limited is our defense against data miners, spammers, and identity thefts. I bet if people knew that they could be put in such a bind, they would probably think twice about registering a domain name.
But wait, for every problem on the internet there is a solution. This is where domain privacy (also, WHOIS Privacy) comes in. Domain privacy is a type of addon service mainly offered by domain registrars.
How domain privacy works?
A user buys privacy from the company, who in turn replaces the user’s info in the WHOIS with the info of a forwarding service (for email and sometimes postal mail, done by a Proxy server) such as “Domains by Proxy, Inc.” or eNom’s “Whois Privacy Protection Service”.
Is my private info 100% safe after utilizing domain privacy feature?
The domain privacy feature is often seen as the ‘ultimate protection’ on WHOIS info. Just a simple search online would leads you to dozens of articles stating the benefits of domain privacy. Spam protection and info shielding are two of the most trumpeted benefits of a domain privacy feature.
But wait, nothing is completely safe online.
A domain privacy feature is like a firewall in computer network – it simply shields your info from the public but your data is still kept in registrar’s database and there is still risk of info leaking. To many registrars, it takes little persuasion to release the so-called ‘private’ information to the world, requiring only a phone request or cease and desist letter.
This explains why some webmasters will take the hassle of ordering using money order (to avoid exposing credit card info) and registering their domain name offshore (to reduce the chance of local syndicate attacks).
Back to our question: Is private information 100% protected under domain privacy feature? Not really. In many cases, it’s just a feature people buy to help them to sleep better at night.
More readings about domain privacy
I hope this short article will raise your awareness about WHOIS info and the privacy protection you can have against unethical acts. There is an in-depth article (Private Domains Not So Private) by Daniel Terdiman on CNet back in year 2005, I suggest you to read it if you wish to learn more on the topic.