You have carefully planned out your new website and you’re ready to start building it. You have purchased a hosting plan and you are about to buy a new domain name. But during the checkout process, you notice that there is an option to include WHOIS Privacy Protection for your domain name in your order. What exactly is WHOIS Privacy Protection and do you really need it? To answer this question, we need to take a step back and examine what WHOIS is in the first place.
What Is WHOIS?
WHOIS is essentially a collection of data about your domain name that third parties may have access to. The WHOIS record associated with your domain includes general information about the domain name itself as well as contact information about you, the domain owner.
What Kind of Information Does a WHOIS Record Store?
A typical WHOIS record will include, among other things, the domain status, the registration and expiration dates, the name of the domain registrar, and the nameservers currently associated with the domain name. In addition, information about the registrant (domain owner) is also kept, such as the name, email, street address, and phone number.
Why Should I Consider Hiding My WHOIS Contact Details?
Having your personal contact details publicly available is not recommended for two major reasons. The first is that people who engage in identity fraud may decide to abuse the contact information you are providing to the public. The second reason to consider protecting your details is that telemarketers and email spammers regularly scan the WHOIS database for unprotected contact details and use those for cold calling and the sending of unsolicited (SPAM) messages.
What Is WHOIS Privacy Protection?
WHOIS Privacy Protection is an optional purchase that provides you with a legitimate way of hiding all personally identifiable information, such as your name, email, street address, and phone number from the public WHOIS record. Once purchased, the privacy protection is applied automatically to your domain’s WHOIS record.
Can Anyone Access the WHOIS Record for My Domain and See My Personal Information?
In the past, it was possible to get a domain owner’s contact details simply by requesting the WHOIS record for their domain name from the public WHOIS database. In 2018, the European Parliament passed the General Data Protection Regulation (GDPR) in an attempt to preserve consumer privacy. Thus, the GDPR forced domain registrars to limit the amount of information that is shown in the public WHOIS database. As such, nowadays there’s a good chance that your personal information is already redacted.
In Which Cases Does the GDPR Protect My Information from Being Displayed on a WHOIS Record?
Whether your domain is protected by the GDPR or not depends on the extension that your domain name uses. If your domain name ends in one of the extensions listed below, then your personal contact information will be protected, even if you do not purchase WHOIS Privacy Protection:
.com, .net, .org, .info, .uk, .org.uk, .co.uk, .biz, .tv, .me, .cc, and .cm
Conversely, if your domain name uses one of the extensions listed below, then your domain name’s WHOIS record will not be protected by the GDPR:
.us, .eu, .de, .be, .ca, .asia, .jp, and .in
What Type of WHOIS Record Data Is Protected by the GDPR?
The GDPR protects all personally identifiable information, such as your name, email address, phone number and street address. Other information which does not identify you is still present in the WHOIS record and is accessible by everyone. Examples of freely accessible information include the domain registrar name, the nameservers in use, the domain’s expiration and registration dates and the domain status.
Both the GDPR and the WHOIS Privacy Protection add-on accomplish the same objective with only two notable differences – the scope of the protection that is offered and the way each method handles your email address.
Which Offers Me Better Privacy – the GDPR or the WHOIS Privacy Protection?
In response to the GDPR, domain registrars have adopted what is known as a gated WHOIS system. In this new system, your personal information is not available to the public, however, individuals with legitimate reasons for obtaining your contact details can still be granted access to your full WHOIS record. For example, a law enforcement official can request your data from the domain registrar if it pertains to an ongoing investigation or a trademark/copyright holder may request your personal information for the purpose of contacting you if your site happens to violate their trademark or copyright.
In contrast to the protections afforded by the GDPR, if you have purchased WHOIS Privacy Protection for your domain name, people would not be able to obtain your personal information, even if they have a legitimate reason for contacting you.
If I Am Violating a Trademark or a Copyright and I Am Using WHOIS Privacy Protection, How Would the Trademark/Copyright Holder Notify Me?
This is the second notable difference between the two types of protection: