NameSilo
 23:00:54:12 

Is Whois privacy really private?

Located in General Domain Discussion, started by hookbox, Sep 16, 2016

Replies:
13
Views:
1,235

  1. hookbox

    hookbox Top Contributor VIP

    Posts:
    2,438
    Likes Received:
    4,965
    I was doing some things with my portfolio at one of my regstrars and it made me think of this question. I have a few names that are under privacy but was wondering if they are truly private. If someone checked the whois online it would show as private but what if someone knew a person within the registrar where the name is held. My names that are under privacy are not hidden in my account so anyone working within that registrar could easily find out who owns a certain name under privacy just by looking it up through their own internal system. Yes??? The person in charge of my portfolio has access to all my information and can see it without my knowledge including names that I have under privacy so I would assume anyone else can see it also.

    Even though it is under privacy it may not be as private as we think.
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. biggie

    biggie GreenFriendly.com VIP ★★★★★★★★★★

    Posts:
    10,712
    Likes Received:
    11,910
    Hi

    privacy as with security, are both illusions, in a state of being

    which cease to exist, once penetrated or revealed

    :)

    imo....
     
  3. carob

    carob Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,738
    Likes Received:
    4,926
    I think you'd need to ask each registrar that question - can staff in the company see that, and if so what level of staff, and under what circumstances?

    If the privacy was to be really secure no one in the company could see the owner info without a given security clearance and a valid reason for access.

    Bear in mind the company is also sending you automated emails referring to the domain by name.
     
  4. wayne wooldridge

    wayne wooldridge Top Contributor VIP

    Posts:
    820
    Likes Received:
    1,018
    Locks are designed not to be impenetrable, but instead to keep honest people honest. Security is merely for peace of mind, and it's a chain that involves the companies security measures as well as its users. If any user has an easy password, that weak link makes the entire chain weak. People involved in the company, are still human, and could decide it's worth selling a user database to the black market...

    This is exactly why you should use a separate pw on every site you use. No matter how strong your password may be, if you use it on an insecure site that gets hacked, they will definitely share/sell the same credential list for others to crack on other sites as well. Keep each set of credentials contained to each site.

    It's crazy how much trust ppl put into online establishments simply because they have an official looking seal that says it's secure...
     
    Last edited: Sep 16, 2016
  5. carob

    carob Top Contributor VIP ★★★★★★★★★★

    Posts:
    3,738
    Likes Received:
    4,926
    Actually the question is, what are you trying to protect? and from whom?

    Whois privacy protects against spammers and people gathering info for ID theft. It protects against Google identifying registrants to downgrade SEO results for related sites (unless you park the name with a service who are required to give Google registrant info, such as Sedo).

    It does not protect agains UDRP or having your name published in a UDRP process.

    It may protect against buyers or competitors looking for leverage, and it may protect against reputational damage from holding controversial domains.

    Someone that pays or cons a registrar staff member to get your info is already breaking rules - why do they do that and what do they want to gain?
     
  6. hookbox

    hookbox Top Contributor VIP

    Posts:
    2,438
    Likes Received:
    4,965
    There are many reasons to use it and you answered a few of them here.
     
  7. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,014
    Likes Received:
    22,192
    Are you asking (hypothetical example) if you have ThisBrandableSiteSucks.com under privacy at say Go Daddy, can @Joe Styler see you as the registrant ?

    I believe he can but he could answer that and would be good for him to weigh in if customer service knows Joe Smith owns ThisBrandableSiteSucks.com and if they are under any NDA.
     
  8. hookbox

    hookbox Top Contributor VIP

    Posts:
    2,438
    Likes Received:
    4,965
    I was asking in general. If someone working at a registrar has access to my account already then they have access to any name I have whether it is under privacy or not. Who else may also have access to it within that registrar?

    The reason I brought up the question is because I was reading a story about a UDRP and how they were going to get a court order blah blah blah to figure out who owns the domain. The first thing that popped up in my head was how easy it would be to gain access to that information by having an "in" at whatever registrar it may be registered at.

    I don't think anyone at any registrar would open a can of worms and answer this question correctly.
     
  9. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,014
    Likes Received:
    22,192
    The most famous case I know of

    The Registrar Privacy/Trust Issue…Who Has Access to That Info & What They Can Do With It??

    Morning Folks!!

    This is no way to end a year nor way to start a new one. But not my choice. It has been lingering for 2 weeks now and this is very difficult as I know everyone involved.

    As I stated in the earlier post, this does not directly involve me but if Privacy and Trust is something important to you, than you might want to pay attention. These are the facts as I know them.

    This is an unfortunate event that cannot be swept under the rug and ignored even though it should have been told 2 weeks ago when it happened by the company involved and not me. I agreed to hold this until December 31 which was against my better judgement and I am truly disappointed this is now in my lap.

    Full story and comments: (Get comfortable)

    http://www.ricksblog.com/2010/12/th...access-to-that-info-what-they-can-do-with-it/
     
  10. hookbox

    hookbox Top Contributor VIP

    Posts:
    2,438
    Likes Received:
    4,965
    Thanks for finding that Ray. This is exactly what I am talking about. Anyone can gain access to private names no matter where they are or who owns them. All it takes is an "in".
     
  11. Kate

    Kate Domainosaurus Rex VIP ★★★★★★★★★★

    Posts:
    21,115
    Likes Received:
    22,501
    Privacy != anonymity :)
     
  12. equity78

    equity78 Top Member TheDomains Staff TLDInvestors.com PRO VIP ★★★★★★★★★★

    Posts:
    16,014
    Likes Received:
    22,192
  13. SpareDomains

    SpareDomains Jay VIP ★★★★★★★★★★

    Posts:
    3,467
    Likes Received:
    2,459
    Houston Putnam Lowry

    "This Panel member is persuaded there is bad faith registration and use because of several factors. The first factor is using a privacy service in a commercial context raises a rebuttable presumption of bad faith. Respondent has done nothing to rebut that presumption. Respondent does not need to conceal its identity from the marketplace to be a domain name reseller. Respondent offers no explanation as to why Respondent concealed its identity (and conceals it to this very day). Only people with an intent to deceive conceal their identity, which is the very definition of bad faith. Since Respondent did this at the time of registration and through the present day, there was bad faith registration and use of the domain name."

    http://domainnamewire.com/2016/09/15/udrp-panelist-whois-privacy-intent-deceive-evidence-bad-faith/

    :-o:-/:(-_-:?:
     
  14. SpareDomains

    SpareDomains Jay VIP ★★★★★★★★★★

    Posts:
    3,467
    Likes Received:
    2,459
    I'm sure an insider can gain information. If an insider doesn't exist it really doesn't take much legal action to get them to fold and release it depending on registrar as some have been weak and others stronger over the years. Same as domain registrations registrar A can suspend a site easily where registrar B ignores requests. Look at pharmacy sites etc... and you'll see a trend of them using certain registrars that don't cave as easily or based in countries where the court system is backlogged years. I'd look at whois privacy as I wanna eliminate spam and not as I can write whatever I wan't anonymously, scam, do bad stuff, etc... as it's far from being bulletproof.
     
    Last edited: Sep 17, 2016

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
biix
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...