Have you hugged your WHOIS privacy provider today?

[Rob Monster]

Many registrars provide WHOIS privacy services. I won't name ours because that would be promotional, strictly forbidden by Namepros moderators and severely punished! However, I do simply want to acknowledge that running a compliant WHOIS privacy proxy services in 2019 is a bunch of work, especially if a UDRP action is involved. This case reveals a changing tone on privacy.

I am attaching a procedural document from a WIPO panelist who is giving me a hard time in a case where the respondent asked me to dump their domain. It now happens routinely that a complainant's counsel won't simply accept the domain name, but rather will turn the matter into a drawn-out case with multiple interrogatories, wasting everyone's time for a domain that the complainant would prefer to hand over.

In this particular case, the registrant had previously advised us that he was not interested in defending a UDRP on his domains, which in this case was one domain in a large portfolio of .CO domains. So, in the interest of pragmatism, we sought to settle the matter. In the process, we would save the complainant some fees. Win-win and less work in the end. So, did that work out? Nope!

WHOIS privacy compliance is getting harder and harder. The active discussions at ICANN, including this week in Montreal, further reinforce the direction that Law Enforcement and Regulatory authorities want, which is to be able to pierce the privacy veil whenever they darned well please. I have an issue with that and have stated my position without equivocation in the ICANN Registrar Stakeholder Group.

Nevertheless, the policy changes with RDAP march forward, and it is rapidly approaching a foregone conclusion that a pillar of online privacy is being toppled right now in the closing months of 2019.

Our WHOIS privacy service which shall not be named is in fact an ICANN compliant WHOIS privacy proxy. It is a separate legal entity set up for the express purpose of serving as an ownership proxy for the registrant. From a legal perspective, the WHOIS privacy proxy is the registrant's agent.

All this said, I have been unequivocal that at Epik we do not protect people who are engaged in criminality. If there is a court order, we comply. Beyond that, we have openly stated that known criminality is not operating in a protected class at Epik. The job of discernment is not an easy one but it is comes with the territory. So, make sure to hug your WHOIS privacy provider. They have your back more than you know!

 

[capybara]

What you do looks really, really risky and dangerous for Epik. Why go to such lengths just for one particular customer whose hands are not quite clean?

 

[Rob Monster]

What you do looks really, really risky and dangerous for Epik. Why go to such lengths just for one particular customer whose hands are not quite clean?

First of all, thanks for not voting "This thread is stupid". I appreciate that.

As for this being risky, I don't see it that way. Who should own this domain?

There is an energy company.

There is a musician: https://open.spotify.com/artist/4DNiGWScVzTFZVRj0rdja1

There are people named Vito Gaz: https://www.facebook.com/public/Vito-Gaz

There are also Mercedes Vito cars powered by Gaz which comes extensively when searching "Vito Gaz".

This is not to present a defense of the domain. The point is that if the registrant's instructions are to not to defend UDRP names, it is faster and cheaper for everyone to just solve it.

The inescapable fast is that lawyers are abusing WIPO. I have gone on record about it elsewhere in the context of another waste of time case full of attorney over-reach.

UDRP exists to be a fast-track process with minimal friction. If we are going to have a drawn out legal proceedings, then forget WIPO. Let civil courts handle the cases since WIPO is adding zero value.

 

[DanSanchez]

Funny, the whole process is to achieve exactly what you have granted. To claim this is harming the "Operational integrity of the Policy"is contradicting the very policy itself. The ironic thing is, they own almost all other extensions. Why does the responsibility fall on the respondent when the complainant failed to secure their own name in an unrelated extension? Vitogaz.me is available and so are many others. Typical french litigious company seeking to collect revenue without earning it.

Laissez-faire!

 

[capybara]

As for this being risky, I don't see it that way.

I am not familiar with the procedure enough to comment any of it. But I can see that it has statements like "...registrar failed with the obligations...". If these are true, it can be used further to give Epik more trouble, including PR trouble and legal trouble.

 

[capybara]

The point is that if the registrant's instructions are to not to defend UDRP names, it is faster and cheaper for everyone to just solve it.

I don't think "getting the name" is a solution the complainants seek in such cases. They rather want to get the person. And the lawyers are the ones who would never be interested in "just solving it", they have some hours of their work that is going to be paid, why would they give up on that? So the registrar getting in the way of lawyers trying to get the person is not solving the issue. They may start attacking you instead.

 

[Rob Monster]

I am not familiar with the procedure enough to comment any of it. But I can see that it has statements like "...registrar failed with the obligations...". If these are true, it can be used further to give Epik more trouble, including PR trouble and legal trouble.

We are actually one of the more compliant registrars when it comes to handling UDRP actions. At ICANN meetings I routinely hear how hard it is to get registrars to answer these. Keep in mind that there are a lot of tiny registrars with little or no people working there or bare bones customer service. UDRP compliance is a no-revenue and thankless task that is getting harder as evidence by the exhibit I provided to illustrate the direction UDRP is going when it comes to domains owned by privacy proxy. The complainants are unapologetic in revealing their true intentions, namely to peek behind the privacy veil. There is a certain tone of "presumptive close" being used by the complainant and their intermediaries, acting as if they are entitled to peek behind the privacy veil when the domain registrant is a sovereign legal entity.

 

[Internet.Domains]

I personally don't use privacy as most of my larger sales have come through that information. However, I feel it should be a choice, or a right, that is available to all registrants, without repercussions.

Whois privacy is like the free speech saying, "I may not like what you say, but I will defend your right to say it."

Unfortunately, rights or choices, are continually being taken by large organizations and governing bodies in the times of today. ICANN is no different. I expect it, but don't agree with it.

 

[equity78]

Many registrars provide WHOIS privacy services. Epik provides such a service. I won't name ours because that would be promotional, strictly forbidden by Namepros moderators and severely punished! However, I do simply want to acknowledge that running a compliant WHOIS privacy proxy services in 2019 is a bunch of work, especially if a UDRP action is involved. This case reveals a changing tone on privacy.

I am attaching a procedural document from a WIPO panelist who is giving me a hard time in a case where the respondent asked me to dump their domain. It now happens routinely that a complainant's counsel won't simply accept the domain name, but rather will turn the matter into a drawn-out case with multiple interrogatories, wasting everyone's time for a domain that the complainant would prefer to hand over.

In this particular case, the registrant had previously advised us that he was not interested in defending a UDRP on his domains, which in this case was one domain in a large portfolio of .CO domains. So, in the interest of pragmatism, we sought to settle the matter. In the process, we would save the complainant some fees. Win-win and less work in the end. So, did that work out? Nope!

WHOIS privacy compliance is getting harder and harder. The active discussions at ICANN, including this week in Montreal, further reinforce the direction that Law Enforcement and Regulatory authorities want, which is to be able to pierce the privacy veil whenever they darned well please. I have an issue with that and have stated my position without equivocation in the ICANN Registrar Stakeholder Group.

Nevertheless, the policy changes with RDAP march forward, and it is rapidly approaching a foregone conclusion that a pillar of online privacy is being toppled right now in the closing months of 2019.

Our WHOIS privacy service which shall not be named is in fact an ICANN compliant WHOIS privacy proxy. It is a separate legal entity set up for the express purpose of serving as an ownership proxy for the registrant. From a legal perspective, the WHOIS privacy proxy is the registrant's agent.

All this said, I have been unequivocal that at Epik we do not protect people who are engaged in criminality. If there is a court order, we comply. Beyond that, we have openly stated that known criminality is not operating in a protected class at Epik. The job of discernment is not an easy one but it is comes with the territory. So, make sure to hug your WHOIS privacy provider. They have your back more than you know!

Interesting story Rob. It does seem some want to pull the privacy whenever it suits them. But on the other hand I once had someone say, anyone can pull up what I paid for my house and the taxes I pay, why shouldn't I be able to find out who owns any domain name?

 

[Rob Monster]

Interesting story Rob. It does seem some want to pull the privacy whenever it suits them. But on the other hand I once had someone say, anyone can pull up what I paid for my house and the taxes I pay, why shouldn't I be able to find out who owns any domain name?

That is certainly a reasonable thing to debate.

The challenge you run into is with certain cases like:

- Censorship
- Whistleblowers
- Persecuted persons
- Celebrities

Etc.

ICYMI the WHOIS RDAP system is in the process of being designed to allow any "authorized person" to pierce through the privacy veil at will. The criteria for this access is not something the public understands so they will assume it is business as usual when in fact the rules are changing.

I do have concerns about people having the expectation of privacy only for them to find out that they no longer have privacy. The issue of who decides and what is logged is certainly quite important since a centralized system is only as good as the weakest link in the chain.

 

[frank-germany]

Many registrars provide WHOIS privacy services. Epik provides such a service. I won't name ours because that would be promotional, strictly forbidden by Namepros moderators and severely punished! ...Our WHOIS privacy service which shall not be named is in fact an ICANN compliant WHOIS privacy proxy.

good you didn't mention epiks whois service multiple times
which by the way was enoying to me
as I had to switch it manually off for every domain

 

[Internet.Domains]

good you didn't mention epiks whois service multiple times
which by the way was enoying to me
as I had to switch it manually off for every domain

Be thankful you have the choice to "switch it." By the tone of the OP that right, or choice, may not be around forever.

 

[frank-germany]

Be thankful you have the choice to "switch it." By the tone of the OP that right, or choice, may not be around forever.

I want my customers to find me
how about you?

 

[Internet.Domains]

I want my customers to find me
how about you?

I agree. That's why I don't use privacy. Although, I am thankful the choice is available in the event I decide to use it. I believe it should be the registrants right to decide, therefore I virtually hug those that support the right to privacy.

 

[Rob Monster]

I want my customers to find me
how about you?

I generally use SSL landers so the people who want the domain can usually find me just fine.

As for public WHOIS, the problem is this:

When you pick up a pre-existing .com domain, you also pick up that domain's baggage. You never really know who owned the domain before you, nor who they wronged, or disappointed.

You can always decloak, but I find I get a lot less spam from new spammers by keeping WHOIS privacy in place on most names.

 

[Samer]

Give ur business to registrars who offer free privacy...

epik values client privacy like no other,

i get the best of both worlds

Samer

 

[dirk]

To be honest,I didn't. I did give my wife an extra hug though for supporting me throughout the years. She's amazing.

 

[Rob Monster]

To be honest,I didn't. I did give my wife an extra hug though for supporting me throughout the years. She's amazing.

Obviously I am being a bit cheeky. Wives need hugs.

However, I just wanted to share in the wake of seeing the meeting notes from the ICANN meetings in Montreal, that a lot of WHOIS privacy services are about to be presented with choices.

On the one hand, GDPR is making harder for citizens to find each other.

On the other hand, RDAP is making it easier for certain people to find whoever they want.

Something is amiss there.

 

[dirk]

Obviously I am being a bit cheeky. Wives need hugs.

However, I just wanted to share in the wake of seeing the meeting notes from the ICANN meetings in Montreal, that a lot of WHOIS privacy services are about to be presented with choices.

On the one hand, GDPR is making harder for citizens to find each other.

On the other hand, RDAP is making it easier for certain people to find whoever they want.

Something is amiss there.

Couldn't agree more I get your point but must honestly admit I haven't read up enough about recent whois/RDAP protocols to give an educated opinion.

As for whois privacy in general. There are reasons to use it, and reasons not to. I believe they who are not to be mentioned are right to provide it by default

 

[Kai W.]

I found a way to sell contact information and reduce fraudulent emails. My names are protected by privacy, and I put them all on DAN, and add a background image of the mailbox on each page, so I believe to buy The family will find me instead of a fraudulent email.
On the other hand, when I look for the seller's contact information, as I have gained in other posts, I first look through the registrar/WOHIS. If I don't know, I will have to fill out the contact form.