ICANN Studies Secretive Domain Owners

alphadogg quotes from a Network World piece reporting on ICANN's study of the prevalence of proxy services that shield registrants' personal information from WHOIS queries. "Approximately 15% to 25% of domain names have been registered in a manner that limits the amount of personal information available to the public... according to the preliminary results of a report from ICANN... Domain owners who want to limit the amount of personal information available to the public generally use a privacy [proxy] service. ... [Proxy services] register domain names on behalf of registrants. The main objective of ICANN's study — which was based on a random sample of 2,400 domain names registered under .com, .net, .org, .biz, and .info — is to establish baseline information to inform the ICANN community on how common privacy and proxy services are." Spammers and other miscreants abuse the ability to register domains by proxy, in order to avoid being found; but ordinary users have a legitimate interest in keeping their personal information out of the hands of those same bad actors. What's the right balance?

Right balance? What .uk has

[IBBoard]

The right balance is what .uk domains have - free information hiding for non-trading individuals, but information displayed for companies. They still have your information, but you don't have to show it to the world and you don't have to pay someone to hide it. As long as "squatting on a domain and pumping it full of ads" is considered "trading" then it's the perfect balance.

Re:Right balance? What .uk has

[jonbryce]

If you are trading on the internet, the EU's E-Commerce directive requires you to publish your contact details on your website.

Re:100% anonymous!

[sumdumass]

It also doesn't solve the problem that providing fake information to domain registrars is a felony in the US [copyright.gov] and probably a couple more countries. In fact, if you commit a felony that is somehow connected to a domain with fake registration information, your sentence is automatically increased by 7 years or doubled whichever is less.

I'm not sure I would recommend doing that. And if your in a country where it isn't illegal, then make sure the registrar isn't or it could suck you into the law there. I'm not sure they would extradite you or anything, but a warrant could sneak up on you down the road when attempting to get a better job or visiting certain countries or if the cops in your own country get a boner for you and want to use it as an excuse to take you down town once a year and hold you for several days seeing if anyone wants to extradite you. I was once held for 3 days on 4 or 5 unpaid parking tickets from 10 years prior that happens 5 months after I sold the car.

Re:Right balance? What .uk has

[xaxa]

That's almost exactly what UK domains have:

$ whois [whatever].__.uk

        Domain name:
                [whatever].__.uk

        Registrant:
                Joe Bloggs

        Registrant type:
                UK Individual

        Registrant's address:
                The registrant is a non-trading individual who has opted to have their
                address omitted from the WHOIS service.

There's a box to tick when you register a .uk asking if you'd like your address hidden. You can't hide your name, but you could put "J Bloggs" and become a little more anonymous.

Whether it breaks your privacy depends what you're doing with the site. I have a friend who has a fetish modelling site, she doesn't want to be traceable from it.

Re:Maybe its un-intetnional.

[herojig]

Most ISPs in India/Nepal operate like this as well. It's not true you can't change domains or that you don't own the domain, it just means that you have to go through your provider to make any changes. Not a big deal, just an email.

Re:Right balance? What .uk has

[Borov]

Yup: "Article 5 General information to be provided 1. In addition to other information requirements established by Community law, Member States shall ensure that the service provider shall render easily, directly and permanently accessible to the recipients of the service and competent authorities, at least the following information: [...]" Check out the EU Directive [europa.eu]

There are other options.

[www.sorehands.com]

I use my attorney's office for my information. You can always use a P.O. Box, or a mail service center.

Re:I just want my e-mail protected

[vlm]

So scraping is not possible, unless they want to snail mail spam me, which apparently is far too much work as I have never had postal spam resulting from it.

Lucky you... Until I renewed for like 10 years, and was annually renewing, for a few months around renewal time I got postal junk mail try superficially to "renew" but it was actually a transfer request.

Specifically I got endless junk from DROA

http://en.wikipedia.org/wiki/Domain_Registry_of_America [wikipedia.org]

"In 2003, the Federal Trade Commission reached a settlement with the company for practices such as transferring domain registrations to their service under the guise of domain renewal, a practice known as domain slamming, and having hidden fees. Despite this action, the company still sends mass direct mail to consumers resembling invoices with "domain name expiration notice" in bold print."

Re:Right balance? What .uk has

[Nuskrad]

Well every registered company in the UK needs to have a publicly available trading address anyway, which can be found on the Companies House database... though I believe this can be a PO Box to give some anonymity.

Re:100% anonymous!

[sumdumass]

It seems your right. Further examination of the law indicates that the false information is illegal on it's own only when tied to trademark and copyright violations.

However, the sentencing enhancements (see section g) [cornell.edu] seem to apply to any felony committed that can be tied to false domain information. I'm assuming this could be tied to failures to report taxable income that becomes a felony (under reporting sales from the site), to committing felony fraud or anything else that the domain could be linked to.

The domain proxy services wouldn't necessarily cause a violation of this law. That's because you are contracting the proxy service to purchase-register the domain on your behalf in which they promise to allow you the control and ownership rights to. The information wouldn't be false, it would just be complicated or obscured but still accurate and readily availible.

Reasons not to use WHOIS "privacy" services

[Animats]

Reality check:

• In the European Union [sitetruth.com] and in California [sitetruth.com], anonymous businesses are illegal.
• The listed registrant owns the domain. If you're using a "privacy service", you don't own the domain; you're just leasing it from the privacy service. Customers of RegisterFly, the domain registrar that collapsed, found this out the hard way. [registerflies.com] Many customers lost domains in that collapse.
• Google considers "private registration" [blogspot.com] as a factor in determining whether a site meets their "quality guidelines". Google can't be as tough on this as they should be, though, because Google's revenue model, AdWords, requires a large number of ad-heavy sites. Bing could be tougher; it's too soon to tell.

We take an even harder line on anonymous businesses at SiteTruth [sitetruth.com], considering them "bottom feeders".

Realistically, putting your real name and address in WHOIS info doesn't hurt you unless you're a crook. My real name and address are on all my domains, and I get maybe one phone call every two years, perhaps a letter or two a year, that seem to come from WHOIS data. I had one threat, back in the 1990s; he's out of business and I'm still here. Any e-mail spam is being filtered out by the usual filters. If you're paranoid, get a P.O. box; that's legal.