Domain Privacy May Soon Become a Thing of the Past?


If you’ve registered any Web domains for your small business, there’s a potential privacy policy change of which you should be aware.

The Internet Corporation for Assigned Names and Numbers (ICANN) is considering changing a policy involving WHOIS, a database of personal information for those who register domain names.

Currently, domain owners can choose to use a privacy service to protect their personal information. So, instead of your name, address, and other contact information appearing on the domain registration, the proxy’s information will appear instead.



ICANN estimates that about 20 percent of domains currently on the Internet use privacy or proxy services to protect their information. They can be especially relevant for home-based entrepreneurs who don’t want their home addresses or other contact information made available to the public.

Jennifer Gore Standiford, policy director for Web.com, said in a phone interview with Small Business Trends, “What these privacy services do is provide a proxy, so your personal information doesn’t have to be made publicly available. It’s kind of like when people had unlisted phone numbers back when you had the White Pages delivered to your home.”

But now, ICANN is considering doing away with these privacy services altogether. The reason behind these proposed changes is to make it easier for those dealing with legal or infringement issues to contact the offending party.

However, registrars like Web.com have processes in place for those who want to retrieve contact information for the owners of domains protected by privacy services. The process involves getting a court order.

For example, if a website is infringing on another brand, they could file a court order so that they could access the information and contact the site owner.

By doing away with this process and the privacy services that help to protect people’s personal information, Gore Standiford says that individuals and businesses of all sizes could see adverse effects.

For example, a business that wants to launch a new product line and registers the domain(s) for said line might not be able to keep the news quiet up until launch. If competitors notice the new domains and are able to determine that the site was registered by the business, they could leak that information or use it to develop a similar product before yours is even released.

Or, if you run a home-based business like a parenting blog, you would likely have to register the domain with your home address and contact information. And that information would be available to anyone who can access WHOIS.

If you fall into one of those categories or another where you might value domain privacy, you can take action to stop the proposed changes. Save Domain Privacy is collecting signatures for a petition to stop the elimination of privacy services.

There’s also a public comment period currently taking place, where anyone can submit comments about the proposal to ICANN. Comments close on July 7.

Privacy Photo via Shutterstock

More in: , 34 Comments ▼

Annie Pilon - Staff Writer


Annie Pilon Annie Pilon is a Senior Staff Writer for Small Business Trends, covering entrepreneur profiles, interviews, feature stories, community news and in-depth, expert-based guides. When she’s not writing she can be found on her personal blog Wattlebird, and exploring all that her home state of Michigan has to offer.

34 Reactions

  1. The legitimate need for privacy is very simple…

    Domestic Violence

    …if privacy is removed, then anyone who is at risk of being targeted by violent family members are placed at risk and may be forced to use false registration details or be restricted from use of domain names in an effort to facilitate an online business.

    Beyond this, privacy helps deal with spam/phishing attempts.

    • Annie Pilon

      That’s a good point too. There is a safety aspect that might prevent people from buying domains if they have concerns like this. And if that’s their business or career, it could have a huge impact on their livelihood.

  2. This is a terrible idea. I get enough unsolicited mail (physical and email) as well as phone calls that I don’t need any more. Ugh.

  3. It’s no big deal. My whois info is all public. It’s a protection to the domain registrant, which limits confusion over domain ownership. The ICANN/VeriSign/Major Registrar syndicate, which wants access to your domains, prefers privacy, which confuses domain ownership. Your info is all public, anyway, if you run a business.

    Furthermore, big companies hire management companies, who keep the ownership info of new product domains private.

    • Annie Pilon

      That’s a good point about management companies. I would just worry about smaller businesses, especially home based ones. It seems like most would not be able to afford the same types of services.

    • So, if you are a victim of domestic violence, you still have no problem with this legislation?

  4. I thought new rules would come in regarding this but I though they would be the opposite to what they’re proposing.
    It’s a pathetic rule. I get spam from bastards who know my full name and address thanks to this.

    • Annie Pilon

      We’ll see if it actually goes through, as the public consensus seems to be largely negative. But I agree with you about not wanting any more spam.

  5. I’m not too worried. Run the site through Cloudflare and your problem is solved. Privacy settings or not. They can’t stop you from using a free CDN/proxy/DNS manager.

    • Annie Pilon

      Thanks for the tip!

    • Good call! Now all ICANN have to do is attempt to outlaw CloudFlare 🙁

    • Cloudflare has nothing to do with domain privacy. Cloudflare is a DNS provider, they not a registrar. Even if you have your domain on cloudflare, that doesn’t change the whois info, which is grabbed from the root level suffix controllers (eg: The people in charge of the .li domain suffix determine what WHOIS information can be hidden, as well as hold the database for all that information.)

      And even if cloudflare does, sadly they can’t go against the ICANN dictatorship.

  6. On June 1st we bought a domain without privacy just to see what the climate was like. So far we have saved 287 emails generated by the registration.

    At the very least a unique email address can be used to manage all the “generous” offers of assistance with the development and marketing of our new site.

    I believe in domain holders being accountable for their activity, but being vulnerable physically, emotionally and commercially can take its toll on smaller site owners.

    The recent conversations about privacy should be extended to these type of purchases as well.

    • Annie Pilon

      Wow. Yes, I agree with you – it seems like this change could certainly have an impact on smaller site owners.

  7. Bad idea. There are people running websites for living. they have similar needs to those big companies, yet not afford to hire management companies. Also, exposing these personal info online is dangerous, especially to those who don’t have strong technical backgrounds. You have no idea what scammers/hackers can do with those info.

    • Annie Pilon

      I completely agree. It could have a bigger impact on smaller site owners, especially home based businesses. And so many people run sites for a living and don’t want to have to choose between safety/security and their ability to make a living.

  8. I wonder if they intend to continue to allow agents to register domain’s on client’s behalf. We do this for many of our clients that are not interested in managing their own domains. Any idea if the are considering interfering in these arrangements?

    • Annie Pilon

      I’m not sure about that! As far as I know, it only impacts the privacy services. But I don’t know if agents are considered privacy services in some instances. But I don’t believe there would be any impact on agents’ ability to actually manage their clients’ domains.

  9. It goes FURTHER, who else had been contacted by spammers and scammers before they got privacy??

  10. Aira Bongco

    Okay. So that means our information can just be out there and anyone can access it. Great. Just great.

  11. Personally I hate ICANN, I know a centralized registration is needed so that authority over who owns a domain is established, but ICANN digs into things they shouldn’t. Users privacy being one. They should handle domain authority, manage suffix-level registrations. If I register a domain, I should be allowed to specify exactly which information I want to share with the public.

    Further, they don’t even deal with the legal issues (or they shouldn’t), the registrars or bodies who setup the domain privacy should deal with that (and do, if I remember right).

  12. How about stalkers? I run a personal website and had an unwanted phone call at work several years ago from someone who I’m pretty sure got my contact information from WHOIS. I have since secured privacy registration on my domain. Had I done that beforehand, that phone call might never have happened. Good thing this guy never came to my house. He certainly could have, which scares me just thinking about it.

  13. I have a domain used ONLY for personal email, so I can setup separate email aliases for each subscription or service I sign up with. If somebody sells my email info, I can just kill that alias and cut off contact with that company and stop the spam. But this is totally reliant on having domain privacy to be effective. If my personal info becomes publicly available, then the giant onslaught of spam will not be worth even running the domain anymore. If this ruling passes, I will be forced to cancel my domain and lose all the email addresses I have been using for years.

    The present situation seems perfectly fine to me: you have domain privacy until you are involved in a lawsuit. If they prove damage to a court, they can get your registration info by court order. But you have privacy until a court decides otherwise. Isn’t that how the legal system is SUPPOSED to work?

    This seems to be all about making it TOO easy for any lazy person to see who owns any domain, without doing ANY discovery or putting anything to a court for consideration. This can ONLY benefit spammers and scammers who seek to defeat the privacy protections already in place, solely to increase their pool of potential suckers to exploit.

  14. Seems like they are trying to squeeze out the micro businesses by drowning them with spam and harassment.

  15. For every legitimate complaint and reason to keep the information false (you say private I say false) there are reasons it should NOT be hidden.

    Scammers and criminals hide their information, they use often false information at the privacy companies that is not verified, law enforcement agencies after sometimes many months of research and warrants etc finally get the information provided to the privacy companies only to later find out that information is likely false, all the while dozens of not hundreds of people have been scammed pout of many dollars.

    Then there is the the spammers. People worry abut spammers getting their email addresses from their whois info, and yet if all whois info was NOT private, the domains used for spamming would also have a public lead to have the spam operator shut down very quickly, thus cleaning up a large portion of the spam issue. (this is not 100% fool proof, but would lead to most spam operators closing up shop)

    If people are so worried about keeping so much information private why then are people so free with what they are doing and where they are 24/7 on facebook? Why are people sop free to make connections on LinkedIn when they freely give out email addresses to all connections?

    The domestic violence issue is one of the ONLY issues that has any merit, and I do not know how I feel about that one completely, but the current system of allowing the scammers and thieves hide is NOT working, and I support removing domain privacy.

  16. Why should we have to pay for this to begin with? It should be our choice with the registrar to have the info public or not. Paying these services to maintain privacy is bullshit. These proxy companies are subsidiaries of the registrars for them to gouge more money from the public. I get 20 spam emails from a bunch of idiots in India every time I purchase a new domain and I buy one or two a week. I nor anyone else should not be subjected to such spam. ICANN is a bunch of idiots.

    • Glenn, the point you make is the very reason for it being public, Perfect Privacy LLC being a prime example of why to do so. They allow spammers, the very people you complain about, to hide behide them and the spammers & scammers know that individuals don’t have the resources to get court orders to put a stop to their activities.
      If it is made public then we as individuals can redirect all the spam mail back to the source.
      PP LLC don’t help as they have unreachable email addresses for complaints, they know that is exactly what they are facilitating. I am fed up with continually marking spam to Outlook and nothing happens, my blocking lists are full so I have to resort to “reporting” it.
      I really wish the email providers would provide an option to block by sender IP, in full or part, even with DDNS it will start to have an impact if unconnected users have to complain about their address being blocked because an ISP hasn’t taken action against a spam user.

  17. All bulls**t.

    The only one using privacy registrations are spammers and it becomes a huge problem these days.
    We didn’t have privacy regs for ages and we dont need such crime/spam pushing bullshit.

    Here in Europe we fight this nonsense very easy:
    As of today, many mailservers do not allow mails from domains being registered with a privacy service. PERIOD.

    You want to use a privacy hider?
    Well, don’t plan to mail from that domain ever since you will communicate very lonely with yourself…

Leave a Reply

Your email address will not be published. Required fields are marked *

*