Buying a domain: privacy and WHOIS
August 10, 2015 9:58 am
While buying a domain seems relatively straightforward, there are some finer details that can confuse small business owners. WHOIS and domain privacy are two interlinked topics that most people new to buying a domain name don’t fully understand.
Let’s explore these two components to better understand WHOIS, and how domain privacy might affect you, your website and your business.
WHOIS is one of the oldest tools pertaining to domains. It exists as a way for anyone to retrieve the public records of who owns domains, IP address blocks and more.
It can contain varying amounts of information, but the basic purpose of WHOIS is to enable individuals to access information about who owns the domain of a website in a way that humans can read.
WHOIS tools can work on a manual or automatic basis. Automatic tools are typically responsible for the various complications that can arise with domains and public WHOIS information.
The key point to note here, is that when you buy a domain, all the information about you is stored in a public database, that anyone can access. Let that sink in for a moment! This is the WHOIS database.
The information returned by a WHOIS query comes from domain registrars. Registrars register domains with customer information that is then kept on a publicly accessible portion of the registrar’s servers.
The information contained within WHOIS queries can vary widely depending upon the registrar and the amount of information provided during the time the domain was registered. This can make answering the question of “What is WHOIS?” somewhat complex.
Most WHOIS queries will contain the following information:
- The registrant’s name.
- A physical address for the domain registrant.
- A valid telephone and/or email address for the registrant.
- Name servers the domain points to.
- The expiration date of the domain.
- Contact details for the domain registrar, which includes but is not limited to: abuse, support and technical email or phone numbers; information about past abuse reports; or technical information about the domain registrar’s servers.
These are just the basic details that WHOIS queries are required to provide. You may gain additional contact details, more information about the domain itself or information regarding other domains that the registrant has registered with the domain registrar.
For the technically minded, WHOIS information is required to be accessible through a simple query on port 43 of any domain registrar’s machines. This creates an easy and uniform way for domain information to be retrieved almost instantly, so anyone with some programming skills can write a simple script to query the WHOIS database.
For most non-technical users, WHOIS information can be retrieved by looking for a registrar that publicly provides a WHOIS tool. A WHOIS tool generally consists of a simple text entry field on a web page, where you can enter the domain name you want to look up, and it will return the WHOIS information outlined above for that domain. Simple! And that’s the problem: it’s simple for programmers and the general public to find out your personal information such as name, address, phone number, and so on.
When buying a domain, most registrars will give you the chance to register a domain privately. This allows the registrar to supply their contact details while acting as an intermediary for you, as you are required to provide accurate details regarding your domain upon registration.
The feature of domain privacy costs more than just domain registration. Very few registrars will provide domain privacy without an additional fee.
Depending upon your needs and your concerns, private registration may enable both you and your business to stay safe from unwanted spam, marketers and people trying to find certain details pertaining to your business.
When you register for a domain using private registration, the WHOIS information will reflect your registrar or their domain privacy service rather than your details. The extra fee tends to factor in due to the heightened cost of domain privacy and the assurance that the domain registrar can contact you.
It is worth noting that at no point should the information you provide during domain registration be incorrect. You run the risk of forfeiting your domain, lose the ability to defend your domain if any problems arise, and may find your domain stolen by shady individuals.
This could create a number of problems for your website and your business.
When you forgo private registration, your details are left public for anyone to see. While ICANN (Internet Corporation for Assigned Names and Numbers: the body that oversees the administration of IP addresses and domain names) explicitly states that WHOIS information should not be used for solicitation purposes, some shady individuals will inevitably do just this.
These individuals may contact you. They may offer your services, closely monitor your domain for any changes, or try to pressure you to transfer your domain to them without proper legal action. It is common for postal mail to arrive at the registered postal address, an emails to the email address, with bogus offers, such as search engine submission and SEO fees, designed to extract money from you.
Malicious individuals may also try to make you the target of one of several domain-related scams. They may try to make you pay for information edits, request that you pay a fee to prevent your domain from being locked, or make you the target of domain renewal notices from a registrar you have never used.
Public domain registration, while cheaper than private domain registration, provides less security. It can leave you vulnerable to numerous malicious entities. However, if you are comfortable that your business data is already freely available, and feel confident that you won’t be sucked in by bogus and spammy offers, then public domain registration won’t be a problem for you.