Historical WHOIS data: is it retrievable or not?

[domino66]

I've asked several registrars this Q, and gotten answers all over the map.

In a nutshell: I have several domains WITHOUT WhoIs privacy -- so if you run a Whois search my real name/address/email is shown.

I'm moving all of my domain names to a registrar that offers free Whois Privacy.

They claim that once Whois Privacy is enabled, it will essentially be impossible for anyone to track down my real info (short of a DMCA complaint or the like.)

But that doesn't make sense to me -- aren't there services out there that crawl and cache the Whois database...such that it would be possible to see my real info because it's publicly-viewable right now?

Some (in fact most) registrars have told me that that's NOT the case...that enabling Whois privacy will make tracking down my real info impossible. But that doesn't jive with my own common sense...if my real info is in the Whois DB right now, then won't it be discoverable in the future, even after I switch on Privacy?

 

[alien51]

Have you checked DomainTools?

Link: http://www.domaintools.com/

 

[Ms Domainer]

*

Yes, on DomainTools it's a paid option to do a historical search.

Option: After transferring and just before going into privacy, you could change your email address. That way, if someone finds your info, they would not have your Whois email.

*

 

[alien51]

But that doesn't make sense to me -- aren't there services out there that crawl and cache the Whois database...such that it would be possible to see my real info because it's publicly-viewable right now?

Some (in fact most) registrars have told me that that's NOT the case...that enabling Whois privacy will make tracking down my real info impossible. But that doesn't jive with my own common sense...if my real info is in the Whois DB right now, then won't it be discoverable in the future, even after I switch on Privacy?

To answer this specific issue, once DomainTools was able to capture your whois info in the past, then your cover is already blown, evenif you hide under Privacy Protect today.

The only way you can mislead researchers at this point in time, is to create some kind of scenario that would suggest the domain had changed ownership to someone else... which means, you would have to change your registrant info anyway.

 

[Ms Domainer]

To answer this specific issue, once DomainTools was able to capture your whois info in the past, then your cover is already blown, evenif you hide under Privacy Protect today.

The only way you can mislead researchers at this point in time, is to create some kind of scenario that would suggest the domain had changed ownership to someone else... which means, you would have to change your registrant info anyway.

*

Well, OP could do this, BUT one should be careful in suggesting that he use false info. He could lose the domain by providing inaccurate whois info.

An email change would take care of one area of Whois vulnerability, and changing registrars would take care of another (new user name, I hope).

*

 

[alien51]

Well, OP could do this, BUT one should be careful in suggesting that he use false info. He could lose the domain by providing inaccurate whois info.

Not false info, but more "creative" info. After all, what you are trying to thwart, is the "search string" on Google that turns up an exact match to your name.

 

[domino66]

Yeah, I knew about DomainTools' "historical search", and that was basically the impetus for me thinking that the registrars telling me that I'll be "untraceable" were basically FOS.

And I just figured that there must be plenty of other companies out there who cache / re-sell historical Whois data...