IT.COM

Have you hugged your WHOIS privacy provider today?

NameSilo
Watch

Do you use WHOIS privacy and count on it to protect your privacy?

  • This poll is still running and the standings may change.
  • This poll is still running and the standings may change.

Rob Monster

Founder of EpikTop Member
Epik Founder
Impact
18,389
Many registrars provide WHOIS privacy services. I won't name ours because that would be promotional, strictly forbidden by Namepros moderators and severely punished! However, I do simply want to acknowledge that running a compliant WHOIS privacy proxy services in 2019 is a bunch of work, especially if a UDRP action is involved. This case reveals a changing tone on privacy.

I am attaching a procedural document from a WIPO panelist who is giving me a hard time in a case where the respondent asked me to dump their domain. It now happens routinely that a complainant's counsel won't simply accept the domain name, but rather will turn the matter into a drawn-out case with multiple interrogatories, wasting everyone's time for a domain that the complainant would prefer to hand over.

In this particular case, the registrant had previously advised us that he was not interested in defending a UDRP on his domains, which in this case was one domain in a large portfolio of .CO domains. So, in the interest of pragmatism, we sought to settle the matter. In the process, we would save the complainant some fees. Win-win and less work in the end. So, did that work out? Nope!

WHOIS privacy compliance is getting harder and harder. The active discussions at ICANN, including this week in Montreal, further reinforce the direction that Law Enforcement and Regulatory authorities want, which is to be able to pierce the privacy veil whenever they darned well please. I have an issue with that and have stated my position without equivocation in the ICANN Registrar Stakeholder Group.

Nevertheless, the policy changes with RDAP march forward, and it is rapidly approaching a foregone conclusion that a pillar of online privacy is being toppled right now in the closing months of 2019.

Our WHOIS privacy service which shall not be named is in fact an ICANN compliant WHOIS privacy proxy. It is a separate legal entity set up for the express purpose of serving as an ownership proxy for the registrant. From a legal perspective, the WHOIS privacy proxy is the registrant's agent.

All this said, I have been unequivocal that at Epik we do not protect people who are engaged in criminality. If there is a court order, we comply. Beyond that, we have openly stated that known criminality is not operating in a protected class at Epik. The job of discernment is not an easy one but it is comes with the territory. So, make sure to hug your WHOIS privacy provider. They have your back more than you know!
 

Attachments

  • Procedural Order No. 1.pdf
    64.5 KB · Views: 200
Last edited:
14
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
What you do looks really, really risky and dangerous for Epik. Why go to such lengths just for one particular customer whose hands are not quite clean?
 
1
•••
What you do looks really, really risky and dangerous for Epik. Why go to such lengths just for one particular customer whose hands are not quite clean?

First of all, thanks for not voting "This thread is stupid". I appreciate that.

As for this being risky, I don't see it that way. Who should own this domain?

There is an energy company.

There is a musician: https://open.spotify.com/artist/4DNiGWScVzTFZVRj0rdja1

There are people named Vito Gaz: https://www.facebook.com/public/Vito-Gaz

There are also Mercedes Vito cars powered by Gaz which comes extensively when searching "Vito Gaz".

This is not to present a defense of the domain. The point is that if the registrant's instructions are to not to defend UDRP names, it is faster and cheaper for everyone to just solve it.

The inescapable fast is that lawyers are abusing WIPO. I have gone on record about it elsewhere in the context of another waste of time case full of attorney over-reach.

UDRP exists to be a fast-track process with minimal friction. If we are going to have a drawn out legal proceedings, then forget WIPO. Let civil courts handle the cases since WIPO is adding zero value.
 
6
•••
Funny, the whole process is to achieve exactly what you have granted. To claim this is harming the "Operational integrity of the Policy"is contradicting the very policy itself. The ironic thing is, they own almost all other extensions. Why does the responsibility fall on the respondent when the complainant failed to secure their own name in an unrelated extension? Vitogaz.me is available and so are many others. Typical french litigious company seeking to collect revenue without earning it.

Laissez-faire!
 
4
•••
As for this being risky, I don't see it that way.
I am not familiar with the procedure enough to comment any of it. But I can see that it has statements like "...registrar failed with the obligations...". If these are true, it can be used further to give Epik more trouble, including PR trouble and legal trouble.
 
0
•••
The point is that if the registrant's instructions are to not to defend UDRP names, it is faster and cheaper for everyone to just solve it.
I don't think "getting the name" is a solution the complainants seek in such cases. They rather want to get the person. And the lawyers are the ones who would never be interested in "just solving it", they have some hours of their work that is going to be paid, why would they give up on that? So the registrar getting in the way of lawyers trying to get the person is not solving the issue. They may start attacking you instead.
 
0
•••
I am not familiar with the procedure enough to comment any of it. But I can see that it has statements like "...registrar failed with the obligations...". If these are true, it can be used further to give Epik more trouble, including PR trouble and legal trouble.

We are actually one of the more compliant registrars when it comes to handling UDRP actions. At ICANN meetings I routinely hear how hard it is to get registrars to answer these. Keep in mind that there are a lot of tiny registrars with little or no people working there or bare bones customer service. UDRP compliance is a no-revenue and thankless task that is getting harder as evidence by the exhibit I provided to illustrate the direction UDRP is going when it comes to domains owned by privacy proxy. The complainants are unapologetic in revealing their true intentions, namely to peek behind the privacy veil. There is a certain tone of "presumptive close" being used by the complainant and their intermediaries, acting as if they are entitled to peek behind the privacy veil when the domain registrant is a sovereign legal entity.
 
6
•••
I personally don't use privacy as most of my larger sales have come through that information. However, I feel it should be a choice, or a right, that is available to all registrants, without repercussions.

Whois privacy is like the free speech saying, "I may not like what you say, but I will defend your right to say it."

Unfortunately, rights or choices, are continually being taken by large organizations and governing bodies in the times of today. ICANN is no different. I expect it, but don't agree with it.
 
1
•••
Many registrars provide WHOIS privacy services. Epik provides such a service. I won't name ours because that would be promotional, strictly forbidden by Namepros moderators and severely punished! However, I do simply want to acknowledge that running a compliant WHOIS privacy proxy services in 2019 is a bunch of work, especially if a UDRP action is involved. This case reveals a changing tone on privacy.

I am attaching a procedural document from a WIPO panelist who is giving me a hard time in a case where the respondent asked me to dump their domain. It now happens routinely that a complainant's counsel won't simply accept the domain name, but rather will turn the matter into a drawn-out case with multiple interrogatories, wasting everyone's time for a domain that the complainant would prefer to hand over.

In this particular case, the registrant had previously advised us that he was not interested in defending a UDRP on his domains, which in this case was one domain in a large portfolio of .CO domains. So, in the interest of pragmatism, we sought to settle the matter. In the process, we would save the complainant some fees. Win-win and less work in the end. So, did that work out? Nope!

WHOIS privacy compliance is getting harder and harder. The active discussions at ICANN, including this week in Montreal, further reinforce the direction that Law Enforcement and Regulatory authorities want, which is to be able to pierce the privacy veil whenever they darned well please. I have an issue with that and have stated my position without equivocation in the ICANN Registrar Stakeholder Group.

Nevertheless, the policy changes with RDAP march forward, and it is rapidly approaching a foregone conclusion that a pillar of online privacy is being toppled right now in the closing months of 2019.

Our WHOIS privacy service which shall not be named is in fact an ICANN compliant WHOIS privacy proxy. It is a separate legal entity set up for the express purpose of serving as an ownership proxy for the registrant. From a legal perspective, the WHOIS privacy proxy is the registrant's agent.

All this said, I have been unequivocal that at Epik we do not protect people who are engaged in criminality. If there is a court order, we comply. Beyond that, we have openly stated that known criminality is not operating in a protected class at Epik. The job of discernment is not an easy one but it is comes with the territory. So, make sure to hug your WHOIS privacy provider. They have your back more than you know!

Interesting story Rob. It does seem some want to pull the privacy whenever it suits them. But on the other hand I once had someone say, anyone can pull up what I paid for my house and the taxes I pay, why shouldn't I be able to find out who owns any domain name?
 
2
•••
Interesting story Rob. It does seem some want to pull the privacy whenever it suits them. But on the other hand I once had someone say, anyone can pull up what I paid for my house and the taxes I pay, why shouldn't I be able to find out who owns any domain name?

That is certainly a reasonable thing to debate.

The challenge you run into is with certain cases like:

- Censorship
- Whistleblowers
- Persecuted persons
- Celebrities

Etc.

ICYMI the WHOIS RDAP system is in the process of being designed to allow any "authorized person" to pierce through the privacy veil at will. The criteria for this access is not something the public understands so they will assume it is business as usual when in fact the rules are changing.

I do have concerns about people having the expectation of privacy only for them to find out that they no longer have privacy. The issue of who decides and what is logged is certainly quite important since a centralized system is only as good as the weakest link in the chain.
 
4
•••
Many registrars provide WHOIS privacy services. Epik provides such a service. I won't name ours because that would be promotional, strictly forbidden by Namepros moderators and severely punished! ...Our WHOIS privacy service which shall not be named is in fact an ICANN compliant WHOIS privacy proxy.

good you didn't mention epiks whois service multiple times
which by the way was enoying to me
as I had to switch it manually off for every domain
 
0
•••
good you didn't mention epiks whois service multiple times
which by the way was enoying to me
as I had to switch it manually off for every domain
Be thankful you have the choice to "switch it." By the tone of the OP that right, or choice, may not be around forever.
 
1
•••
Be thankful you have the choice to "switch it." By the tone of the OP that right, or choice, may not be around forever.

I want my customers to find me
how about you?
 
0
•••
I want my customers to find me
how about you?
I agree. That's why I don't use privacy. Although, I am thankful the choice is available in the event I decide to use it. I believe it should be the registrants right to decide, therefore I virtually hug those that support the right to privacy.
 
2
•••
I want my customers to find me
how about you?

I generally use SSL landers so the people who want the domain can usually find me just fine.

As for public WHOIS, the problem is this:

When you pick up a pre-existing .com domain, you also pick up that domain's baggage. You never really know who owned the domain before you, nor who they wronged, or disappointed.

You can always decloak, but I find I get a lot less spam from new spammers by keeping WHOIS privacy in place on most names.
 
5
•••
Give ur business to registrars who offer free privacy...

epik values client privacy like no other,

i get the best of both worlds

Samer
 
Last edited:
6
•••
To be honest,I didn't. I did give my wife an extra hug though for supporting me throughout the years. She's amazing.
 
5
•••
To be honest,I didn't. I did give my wife an extra hug though for supporting me throughout the years. She's amazing.

Obviously I am being a bit cheeky. Wives need hugs. :)

However, I just wanted to share in the wake of seeing the meeting notes from the ICANN meetings in Montreal, that a lot of WHOIS privacy services are about to be presented with choices.

On the one hand, GDPR is making harder for citizens to find each other.

On the other hand, RDAP is making it easier for certain people to find whoever they want.

Something is amiss there.
 
4
•••
Obviously I am being a bit cheeky. Wives need hugs. :)

However, I just wanted to share in the wake of seeing the meeting notes from the ICANN meetings in Montreal, that a lot of WHOIS privacy services are about to be presented with choices.

On the one hand, GDPR is making harder for citizens to find each other.

On the other hand, RDAP is making it easier for certain people to find whoever they want.

Something is amiss there.

Couldn't agree more :) I get your point but must honestly admit I haven't read up enough about recent whois/RDAP protocols to give an educated opinion.

As for whois privacy in general. There are reasons to use it, and reasons not to. I believe they who are not to be mentioned are right to provide it by default :)
 
4
•••
I found a way to sell contact information and reduce fraudulent emails. My names are protected by privacy, and I put them all on DAN, and add a background image of the mailbox on each page, so I believe to buy The family will find me instead of a fraudulent email.
On the other hand, when I look for the seller's contact information, as I have gained in other posts, I first look through the registrar/WOHIS. If I don't know, I will have to fill out the contact form.
 
4
•••
I think your heart is absolutely in the right place on this one @Rob Monster, you are trying to stand up for one of your clients which is admirable. I also agree with the point that you, and others, have expressed that it seems that UDRP panels are being used at times inappropriately. I have a lot of concern that the precedents seem to be making the doors more and more open, and that some lawyers have an interest in sending as many cases to UDRP as possible, rather than resolving simply with a request letter.

That being said, if I correctly understand the situation, my personal opinion is that you should comply with the panelist request. I say this for two reasons. While it is great for you to try to promote worthy ideas, at the same time it is also essential that you do what is in the best interests of all of your customers and for Epik and its employees (and yourself incidentally!).

Secondly, I see some danger in, once a UDRP process has commenced, to have the process stopped (except in cases where a clear error has been made). The reason I say that is if this became commonplace there might well be inappropriate pressure brought on those ho had started proceedings to instead solve it outside the panel.

The reason the contact information is requested is to meet the requirement that notice of the UDRP has been sent by both email and postal mail.

On the general question of privacy, I do invoke privacy on my names to try to mitigate the tide of offers to get on the first page of Google, and I am not convinced that a significant number of purchasers use Whois and any domain name I want to currently sell has a lander so I don't see the need to make my whois public.

That being said, I have always thought somewhat along these lines.
But on the other hand I once had someone say, anyone can pull up what I paid for my house and the taxes I pay, why shouldn't I be able to find out who owns any domain name?
I would be fine with all domain transactions having a record of owners as long as those gave an email and name and not a phone number and street address. I realize, and accept, that most think differently.

I hope this sorts out without too much pain for you, Epik or the client. As I said your heart is in right place, mind too, but do what is best for Epik.

Bob
 
Last edited:
1
•••
I hope this sorts out without too much pain for you, Epik or the client. As I said your heart is in right place, mind too, but do what is best for Epik.
Bob


I don't doubt that he will do so, Bob
 
0
•••
Many registrars provide WHOIS privacy services. Epik provides such a service. I won't name ours because that would be promotional, strictly forbidden by Namepros moderators and severely punished!

maybe you could add
"Is this just another promotional thread"
to the choices in these polls

or maybe it's time NP gave you your own section on the forum.
I would favor that, over these guises.

Adam Dicker gave DNJournal, Domain Gang, and the Sherpa, their own sections as well, when he owned the other forum

btw: fabulous has free privacy by default, so you can bulk edit or pick and choose.


imo...
 
7
•••
maybe you could add
"Is this just another promotional thread"
to the choices in these polls

or maybe it's time NP gave you your own section on the forum.
I would favor that, over these guises.

Adam Dicker gave DNJournal, Domain Gang, and the Sherpa, their own sections as well, when he owned the other forum

btw: fabulous has free privacy by default, so you can bulk edit or pick and choose.


imo...


Namesilo, Dynadot, Hexonet

everybody and his ant has free privacy


Adam Dicker
Shane Belone
Al Zhandy


I vote for a separate section too.
 
0
•••
I think your heart is absolutely in the right place on this one @Rob Monster, you are trying to stand up for one of your clients which is admirable. I also agree with the point that you, and others, have expressed that it seems that UDRP panels are being used at times inappropriately. I have a lot of concern that the precedents seem to be making the doors more and more open, and that some lawyers have an interest in sending as many cases to UDRP as possible, rather than resolving simply with a request letter.

That being said, if I correctly understand the situation, my personal opinion is that you should comply with the panelist request. I say this for two reasons. While it is great for you to try to promote worthy ideas, at the same time it is also essential that you do what is in the best interests of all of your customers and for Epik and its employees (and yourself incidentally!).

Secondly, I see some danger in, once a UDRP process has commenced, to have the process stopped (except in cases where a clear error has been made). The reason I say that is if this became commonplace there might well be inappropriate pressure brought on those ho had started proceedings to instead solve it outside the panel.

The reason the contact information is requested is to meet the requirement that notice of the UDRP has been sent by both email and postal mail.

On the general question of privacy, I do invoke privacy on my names to try to mitigate the tide of offers to get on the first page of Google, and I am not convinced that a significant number of purchasers use Whois and any domain name I want to currently sell has a lander so I don't see the need to make my whois public.

That being said, I have always thought somewhat along these lines.
I would be fine with all domain transactions having a record of owners as long as those gave an email and name and not a phone number and street address. I realize, and accept, that most think differently.

I hope this sorts out without too much pain for you, Epik or the client. As I said your heart is in right place, mind too, but do what is best for Epik.

Bob

Thanks Bob. Of course we comply. :) In fact, last week, on the heels of returning from ICANN Compliance, I named @Sufyan Alani to the secondary role of Director of Compliance. This was a role previously occupied by Joseph Peterson, and indeed quite masterfully, I might add! My personal tolerance for nonsense is not as high as either of those guys. That does not mean I lack patience. I simply have low appreciation for people who get paid to waste other people's time.

I share this example only for folks to have some vague understanding of the role of WHOIS privacy proxies, and the shifting landscape, both for WIPO panelists but also for attorneys who don't want to just take the domain from the offending registrant but want to extract their identity, even in cases where it might be ambiguous as to whether the UDRP action was valid in the first place! Some people just don't want to be bothered.
 
3
•••
Back