Dynadot

Is Whois privacy really private?

Spaceship Spaceship
Watch
I was doing some things with my portfolio at one of my regstrars and it made me think of this question. I have a few names that are under privacy but was wondering if they are truly private. If someone checked the whois online it would show as private but what if someone knew a person within the registrar where the name is held. My names that are under privacy are not hidden in my account so anyone working within that registrar could easily find out who owns a certain name under privacy just by looking it up through their own internal system. Yes??? The person in charge of my portfolio has access to all my information and can see it without my knowledge including names that I have under privacy so I would assume anyone else can see it also.

Even though it is under privacy it may not be as private as we think.
 
2
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
Hi

privacy as with security, are both illusions, in a state of being

which cease to exist, once penetrated or revealed

:)

imo....
 
3
•••
I was doing some things with my portfolio at one of my regstrars and it made me think of this question. I have a few names that are under privacy but was wondering if they are truly private. If someone checked the whois online it would show as private but what if someone knew a person within the registrar where the name is held. My names that are under privacy are not hidden in my account so anyone working within that registrar could easily find out who owns a certain name under privacy just by looking it up through their own internal system. Yes??? The person in charge of my portfolio has access to all my information and can see it without my knowledge including names that I have under privacy so I would assume anyone else can see it also.
I think you'd need to ask each registrar that question - can staff in the company see that, and if so what level of staff, and under what circumstances?

If the privacy was to be really secure no one in the company could see the owner info without a given security clearance and a valid reason for access.

Bear in mind the company is also sending you automated emails referring to the domain by name.
 
1
•••
Locks are designed not to be impenetrable, but instead to keep honest people honest. Security is merely for peace of mind, and it's a chain that involves the companies security measures as well as its users. If any user has an easy password, that weak link makes the entire chain weak. People involved in the company, are still human, and could decide it's worth selling a user database to the black market...

This is exactly why you should use a separate pw on every site you use. No matter how strong your password may be, if you use it on an insecure site that gets hacked, they will definitely share/sell the same credential list for others to crack on other sites as well. Keep each set of credentials contained to each site.

It's crazy how much trust ppl put into online establishments simply because they have an official looking seal that says it's secure...
 
Last edited:
4
•••
I have a few names that are under privacy but was wondering if they are truly private.

Actually the question is, what are you trying to protect? and from whom?

Whois privacy protects against spammers and people gathering info for ID theft. It protects against Google identifying registrants to downgrade SEO results for related sites (unless you park the name with a service who are required to give Google registrant info, such as Sedo).

It does not protect agains UDRP or having your name published in a UDRP process.

It may protect against buyers or competitors looking for leverage, and it may protect against reputational damage from holding controversial domains.

Someone that pays or cons a registrar staff member to get your info is already breaking rules - why do they do that and what do they want to gain?
 
1
•••
Actually the question is, what are you trying to protect? and from whom?

Whois privacy protects against spammers and people gathering info for ID theft. It protects against Google identifying registrants to downgrade SEO results for related sites (unless you park the name with a service who are required to give Google registrant info, such as Sedo).

It does not protect agains UDRP or having your name published in a UDRP process.

It may protect against buyers or competitors looking for leverage, and it may protect against reputational damage from holding controversial domains.

Someone that pays or cons a registrar staff member to get your info is already breaking rules - why do they do that and what do they want to gain?
There are many reasons to use it and you answered a few of them here.
 
0
•••
Are you asking (hypothetical example) if you have ThisBrandableSiteSucks.com under privacy at say Go Daddy, can @Joe Styler see you as the registrant ?

I believe he can but he could answer that and would be good for him to weigh in if customer service knows Joe Smith owns ThisBrandableSiteSucks.com and if they are under any NDA.
 
0
•••
Are you asking (hypothetical example) if you have ThisBrandableSiteSucks.com under privacy at say Go Daddy, can @Joe Styler see you as the registrant ?

I believe he can but he could answer that and would be good for him to weigh in if customer service knows Joe Smith owns ThisBrandableSiteSucks.com and if they are under any NDA.
I was asking in general. If someone working at a registrar has access to my account already then they have access to any name I have whether it is under privacy or not. Who else may also have access to it within that registrar?

The reason I brought up the question is because I was reading a story about a UDRP and how they were going to get a court order blah blah blah to figure out who owns the domain. The first thing that popped up in my head was how easy it would be to gain access to that information by having an "in" at whatever registrar it may be registered at.

I don't think anyone at any registrar would open a can of worms and answer this question correctly.
 
0
•••
I was asking in general. If someone working at a registrar has access to my account already then they have access to any name I have whether it is under privacy or not. Who else may also have access to it within that registrar?

The reason I brought up the question is because I was reading a story about a UDRP and how they were going to get a court order blah blah blah to figure out who owns the domain. The first thing that popped up in my head was how easy it would be to gain access to that information by having an "in" at whatever registrar it may be registered at.

I don't think anyone at any registrar would open a can of worms and answer this question correctly.

The most famous case I know of

The Registrar Privacy/Trust Issue…Who Has Access to That Info & What They Can Do With It??

Morning Folks!!

This is no way to end a year nor way to start a new one. But not my choice. It has been lingering for 2 weeks now and this is very difficult as I know everyone involved.

As I stated in the earlier post, this does not directly involve me but if Privacy and Trust is something important to you, than you might want to pay attention. These are the facts as I know them.

This is an unfortunate event that cannot be swept under the rug and ignored even though it should have been told 2 weeks ago when it happened by the company involved and not me. I agreed to hold this until December 31 which was against my better judgement and I am truly disappointed this is now in my lap.

Full story and comments: (Get comfortable)

http://www.ricksblog.com/2010/12/th...access-to-that-info-what-they-can-do-with-it/
 
0
•••
The most famous case I know of

The Registrar Privacy/Trust Issue…Who Has Access to That Info & What They Can Do With It??

Morning Folks!!

This is no way to end a year nor way to start a new one. But not my choice. It has been lingering for 2 weeks now and this is very difficult as I know everyone involved.

As I stated in the earlier post, this does not directly involve me but if Privacy and Trust is something important to you, than you might want to pay attention. These are the facts as I know them.

This is an unfortunate event that cannot be swept under the rug and ignored even though it should have been told 2 weeks ago when it happened by the company involved and not me. I agreed to hold this until December 31 which was against my better judgement and I am truly disappointed this is now in my lap.

Full story and comments: (Get comfortable)

http://www.ricksblog.com/2010/12/th...access-to-that-info-what-they-can-do-with-it/
Thanks for finding that Ray. This is exactly what I am talking about. Anyone can gain access to private names no matter where they are or who owns them. All it takes is an "in".
 
0
•••
0
•••
0
•••
Houston Putnam Lowry

"This Panel member is persuaded there is bad faith registration and use because of several factors. The first factor is using a privacy service in a commercial context raises a rebuttable presumption of bad faith. Respondent has done nothing to rebut that presumption. Respondent does not need to conceal its identity from the marketplace to be a domain name reseller. Respondent offers no explanation as to why Respondent concealed its identity (and conceals it to this very day). Only people with an intent to deceive conceal their identity, which is the very definition of bad faith. Since Respondent did this at the time of registration and through the present day, there was bad faith registration and use of the domain name."

http://domainnamewire.com/2016/09/15/udrp-panelist-whois-privacy-intent-deceive-evidence-bad-faith/

:-o:-/:(-_-:?:
 
0
•••
I was asking in general. If someone working at a registrar has access to my account already then they have access to any name I have whether it is under privacy or not. Who else may also have access to it within that registrar?

The reason I brought up the question is because I was reading a story about a UDRP and how they were going to get a court order blah blah blah to figure out who owns the domain. The first thing that popped up in my head was how easy it would be to gain access to that information by having an "in" at whatever registrar it may be registered at.

I don't think anyone at any registrar would open a can of worms and answer this question correctly.

I'm sure an insider can gain information. If an insider doesn't exist it really doesn't take much legal action to get them to fold and release it depending on registrar as some have been weak and others stronger over the years. Same as domain registrations registrar A can suspend a site easily where registrar B ignores requests. Look at pharmacy sites etc... and you'll see a trend of them using certain registrars that don't cave as easily or based in countries where the court system is backlogged years. I'd look at whois privacy as I wanna eliminate spam and not as I can write whatever I wan't anonymously, scam, do bad stuff, etc... as it's far from being bulletproof.
 
Last edited:
0
•••
Back