When you register a new domain name, you may not want your contact information to be publicly visible. Or, you may want to register a domain name, which has certain special requirements and based on your location or citizenship, you may not be eligible to register that domain name if you share your real personal information with the registrar company. Is there anything you can do in either case? Let’s have a look at your options.
- What is WHOIS?
- Three ways to hide your real information
- Use another person’s details
- Use privacy protection
- Use a proxy registration service
- Advantages of hiding your data
- Data you cannot hide in WHOIS
- Can anybody see your real contact details?
- Wrap-up
What is WHOIS?
WHOIS is a query-and-response protocol that provides information about domain names and IP addresses. It is used to retrieve information such as the domain owner, the registration date, the domain status, and the name servers.
WHOIS started as a database used by network administrators to obtain information about IP addresses and domains. Today, it is used for owner verification and legal purposes as well.
The WHOIS system is not a centralized database. Records are maintained by registry operators and registrars. A WHOIS lookup can be performed by using a command-line interface, an online tool, or a third-party application.
Each side involved in the registration process of a domain name has certain responsibilities. Registrants (owners) must provide valid and accurate information. Registrars maintain that information, submit it to the registry operator for the extension, and provide means to the public to check it. Since 2016, ICANN requires that registrars check regularly if the WHOIS information is accurate and send reminders to domain owners about that at least once a year.
Three ways to hide your real information
There are different ways to hide your contact details from the WHOIS information of your domain name. As you will notice, they are used for different purposes, so which option you will choose depends on the specific case.
Use another person’s details
This is the easiest way to hide your own personal details. You can register the domain on the name of a friend/colleague (with their explicit consent, or course), or on the name of a company/organization if you have one. This way, your own details won’t be present in the WHOIS information from the very beginning.
This option is not uncommon. Web designers often buy domains for their clients and use the clients’ names during the registration process. Some users register domains in the names of less tech-savvy friends they are helping.
Although you will manage the domain and have full control over it, the person/organization whose names you will use will be considered the legal owner. Their names will appear in the global WHOIS database. This is why it may be a good idea to have a legal agreement between you and the person/organization listed as the domain owner to avoid any possible issues in the future.
Do not be tempted to use fake details or the contact information of a person/company without their consent. When you register a domain name, you agree that the information will be current and accurate at all times. Registrar companies send a reminder about that at least once a year. If you use fake information and somebody reports that to the registrar, you will have to update the contact details and provide proof that they are valid. Failure to do so may result in losing the domain name.
Use privacy protection
An alternative option is to use a privacy protection service. In essence, your contact details will be replaced by the contact details of the company providing the service. If anybody checks the WHOIS information of the domain, they will see the contact details of that provider instead of your contact details. The service can be provided by the registrar company, by a reseller, or by a third party. Since there should always be a way for people to contact the domain owner, either the email address listed in the WHOIS information of a protected domain directly forwards messages to the registrant, or there is a link to a contact form that will do the same.
All generic TLDs such as .COM support privacy protection. In comparison, most country-code extensions do not support the service. If you own a domain name with a ccTLD, some of your contact information will most likely be visible.
Some providers offer privacy protection for free, while others charge a certain fee. Unlike domains that have a certain wholesale price set by the registry operators, privacy providers do not pay any fees to other companies or organizations up the ladder, so it is up to them whether they will provide the service for free or not.
We do not put price on your privacy or security, so we can add free privacy protection for all domains with extensions we offer that support it. You can add it while you are registering a new domain name or enable/disable it at any time later with a couple of clicks.
Our system will forward all emails sent to the automatically generated privacy email address to an email address of your choice. You can change the latter at any time with ease. What is more, you can generate a new private email address with a click in case the previous one has been scraped by spammers and you start receiving unwanted messages.
Use a proxy registration service
Although the Web is a global network, some domain extensions have certain requirements regarding the location or the citizenship of the registrant (owner). If you want to register a .COM.AU domain name, for example, you must have a valid Australian Business Number. If you want to register a .JP domain, you should have a valid Japanese address. There are many such extensions, so if you want to register a domain with a local extension and you do not meet the eligibility criteria, you must use a local proxy service. In other words, you will have to hide your real contact information from the registry operator. Some providers call this service a “trustee service” as well.
Unlike privacy protection, proxy registration is a paid service. The provider of this service uses their own local contact information, so they will be the legal owner of the domain. If any issue comes up, they will have to resolve it. This is why many providers ask that the client account is verified first by providing valid proof of identity.
A proxy service cannot be simply enabled or disabled. The only option to stop using this service is to provide valid contact details of another person/organization that meet the eligibility criteria for the particular extension. Sometimes changing the owner's information may cost extra.
A few examples of extensions that you can register using a proxy service are .FR, .CO.JP, .NO, .IT and .MY.
You have probably heard of the General Data Protection Regulation (GDPR), but how does it affect the WHOIS information of domain names? As a result of the regulation, which came into effect in 2018, ICANN, registry operators and registrars updated their policies to hide the personal information of EU-based entities by default. If you are a citizen of an EU member state, you should not worry that your contact information will be visible to the public.
Of course, you should still provide valid personal details to the domain registrar, and they will pass it on to the registry operator. You can still come across discussions whether the GDPR changes were good or bad for the domain name industry. They certainly created difficulties for many actors – domain traders, law enforcement, copyright holders, etc. While GDPR doesn’t make obtaining the WHOIS record by these parties impossible, it certainly makes it harder and time-consuming as any interested party should submit an official request for access and wait for it to be approved or declined.
Advantages of hiding your data
The options above allow you to hide your real contact information in one way or another. Is it worth doing that, though? If you own a business, you may want your contact details to be visible. If you are an individual, however, you may want to keep your details private. Here are a few advantages of hiding your personal information:
- Privacy. You will remain anonymous, and the public won’t know that you own a particular domain. If you don’t want unneeded attention, hiding your details is the best way to do that.
- Identity theft protection. Keeping your information private will prevent scammers from obtaining it and impersonating you afterwards. Identity theft has been a serious problem in the past decade. Many online services still lack good security and rely on a city name or a zip code as additional account protection. Such information can be easily obtained from the WHOIS details of a domain.
- Spam protection. Spammers often use automatic bots to scrape email addresses from the WHOIS details. Even though some providers replace text with images, Optical Character Recognition (OCR) software and AI tools make it easy to read text from images. Using some sort of protection means that your real email address won’t end up on a spam list.
- Compliance. Using privacy protection means that you can use your real contact information without omitting anything on purpose. To comply with ICANN regulations, your contact information must always be valid and current.
- Eligibility. Using a proxy service instead of your real contact details allows you to register a domain with a number of country-code TLDs, which are reserved for local citizens/businesses. Such a domain will give you access to the local market, so you can expand your business or reach local communities.
- Professional look. If you do not have company details to use, you must provide your personal contact information. If you run a professional website, personal contact details will not look good in the WHOIS details. Hiding your information will allow you to be compliant and to look professional at the same time.
Data you cannot hide in WHOIS
The options we have listed in this article are valid for the personal contact information associated with the domain name – registrant (owner), admin contact, tech contact. This is all the information that you can hide from the publicly visible WHOIS details that anybody can see. There are things that are always visible for most (if not all) generic TLDs, though, such as the registrar company and sometimes the reseller a domain has been registered through, the registration date, the status, and the name servers. In other words, you can always see where a domain has been registered and where its DNS records are being managed.
Country-code TLDs, however, often follow their own rules, so there are some exceptions. For some extensions, you can see only the registrar company, or only the name servers, for example. Denic, the registry operator for the .DE extension, for instance, displays only the name servers and nothing else. They also have a general email address where you can provide additional information about why you need access to the domain WHOIS details. They will provide such access only under certain conditions.
Can anybody see your real contact details?
You can hide your real contact information from the public in one way or another, or you may use a domain with an extension that doesn’t display almost any information when a WHOIS lookup is performed. Nonetheless, there are still actors who can see your real contact details. The registrar and the registry operator for the domain still have access to your data and to historical records. If you use a proxy service, the provider has access to your details as you are the person who has ordered the service. And, of course, if any issue comes up with the domain, local and international law enforcement agencies can obtain a subpoena and find out who owns or pays for a domain name.
Wrap-up
If you want to register a new domain name, you should submit your personal information. The domain will allow you to reach millions of people, so registrars and registry operators must know who they are working with. This is why you should provide valid contact details.
Such information can be used by third parties for malicious activities, though, or it can prevent a person from registering a country-code domain with special requirements. To avoid such situations, many companies offer privacy protection or proxy/trustee registrations. Using such a service will allow you to register a domain name without worrying about privacy, identity theft or compliance/eligibility issues.