If you’ve ever registered a website, you’ve probably felt a pang of anxiety about exposing your address, phone number, and email in the domain’s public WHOIS record. Many registrars offer domain privacy services for a fee, but are they worth it, and do they really work?
In this article, we’ll get into the reasons WHOIS exists as well as the best practices for protecting your privacy when you register a website.
What is the WHOIS database?
The WHOIS database publicly displays contact information about a website owner, such as the registrant’s name, address, telephone and fax numbers, and email address.
The origins of the WHOIS database go back to the early days of the Internet, but since 1999, the system has been regulated by the Internet Corporation for Assigned Names and Numbers (ICANN). A nonprofit organization based in Los Angeles, ICANN is responsible for assigning all of the domain names and IP addresses on the Internet (among other tasks). In order to lay claim to a domain name, ICANN requires WHOIS information to be provided by the owner.
The original intent of gathering this information was to assist network administrators. WHOIS data was used to identify and repair problems, preserving the stability and integrity of the Internet. However, as the Internet has matured, this information has increasingly been used in an unsavory fashion by spammers and other bad actors. At the same time, its necessity for maintenance and repair has diminished.
Various proposals to update or get rid of WHOIS have been floated over the past decade, but none has yet been adopted. On the flip side, there have also been proposals to expand WHOIS records and get rid of domain privacy services. Proposals on both sides of the argument receive vigorous criticism since so many people have built businesses that rely on the status quo. As such, the current system is likely to stay in place with minimal or no changes for the foreseeable future.
Can you just input fake information?
No, avoid inputting fake information. You may get away with it for a while, but missing or inaccurate WHOIS information can lead to your domain registration being revoked. The last thing you want to do is build up a successful online presence and then lose it all because someone filed a complaint with ICANN.
Can you use a throwaway email address?
Some articles on WHOIS privacy recommend registering with a “throwaway” email address used solely for this purpose. While this will protect you from spammers, it is a dangerous proposition. If the email address gets canceled because of lack of use, you may not longer be able to access your domain registration, essentially locking you out of your own website. Also, if the email address comes back undeliverable, you may again face the threat of having your domain registration canceled by ICANN.
What is a WHOIS privacy service?
The best alternative for hiding your private WHOIS information is to use your registrar’s domain privacy product. For a few dollars a year, most registrars will hide your contact information and instead display generic contact information for the registrar.
Even if you do this, however, you still need to provide accurate contact information to the registrar to stay in compliance with ICANN regulations. Should a court order or other legal motion require that the registrar disclose your information, it will need to be correct in order to avoid voiding your domain registration with ICANN.
Barring that rare scenario, however, domain privacy services do work. Your personal information will not be accessible through the WHOIS database if you sign up for domain privacy.
Are WHOIS privacy services worth it?
Depending on your situation, it may or may not be worth paying for domain privacy. The upside of these services is that they prevent your contact information from being distributed online. The downside is that people who look you up on WHOIS may wonder what it is you’re trying to hide.
If you’re registering a domain for a business, it’s almost never a good idea to use domain privacy. The address of your business will likely be listed on your website anyway, so the only thing domain privacy will do is raise the suspicions of your customers. They’ll wonder if they can trust a company that doesn’t want people to know where it is located.
The exception to this rule, however, is if you run a home-based business. In that case, it’s probably worth using domain privacy to protect your home address.
Similarly, if your website is for personal use, or if it’s a non-commercial site that isn’t selling anything, then domain privacy is a reasonable investment to protect your personal information.