If you own a website, anybody can find your contact information if they want to. They’ll only need to search the public WHOIS database.
Table of Contents
What is the public WHOIS database?
WHOIS looks like an acronym, but it isn’t. It’s actually self-descriptive of the database’s main purpose: It lists the person “who is” the owner of a domain name or an IP address.
In order to register a domain name for your website, you need to give your domain registrar some contact information. This usually includes your name, address, email and phone number.
It wouldn’t be so terrifying if the WHOIS database listed only your name. If you have a unique name, people might find you, but those of us with comfortingly generic names wouldn’t even need to worry. But the WHOIS database doesn’t just list your name. It publicly displays all the information you give to your domain registrar.
Why is the WHOIS database important?
The database doesn’t exist just to help people to be nosy. There are actually three very important reasons that the WHOIS database exists:
- It helps Internet Service Providers identify and shut down spammers and other people with ill intentions.
- Law enforcement agencies use the information to find criminals.
- It helps businesses keep track of people who’ve stolen their intellectual property.
The public WHOIS database can be used for good, but that doesn’t mean you shouldn’t protect your privacy.
Why do I need domain privacy protection?
There are five important reasons that domain privacy is just as important as backing up your website:
1. When your information is public, you can’t control who sees it:
This might seem obvious, but it’s often overlooked. Sometimes, we make our WHOIS data public because we want it to be accessed by a particular person or a particular group of people. But publicly displaying your information on the WHOIS database isn’t the way to go about this. Because once your information is on the database, anyone can look at it. Including people you really don’t want to.
2. It could open you up to a fraudulent domain transfer:
If someone else gets into your domain control panel, they can transfer your domain name to their own account, without your consent. If you haven’t really done much with your domain since you bought it, this might not seem like a big deal. But if you’ve been working on your website for a while and have built up a nice following, or if your website is tied to your brand, or if your domain name later ends up being sold for millions, you’ll find yourself entangled in a lot of unnecessary legal battles trying to reclaim what’s yours.
3. You might fall prey to scammers:
It’s easy to think that only very naïve people ever get scammed, but that’s just not true. Scammers prey on our willingness to trust people who seem to have authority. The more information a scammer has about you, the more legitimate they sound when they’re trying to convince you to release your personal information. Of course this call is really coming from your bank. How else would they know your name and address?
Protect yourself by keeping your information private.
4. Annoying, spammy sales calls and email:
It’s forbidden to use the WHOIS database for marketing purposes, but that doesn’t stop people from trying. Publicly displaying your contact information can lead to a lot of time wasted reporting spam accounts who try to contact you.
5. Your personal data can be sold:
Some companies engage in the highly unethical practice of selling personal information to advertisers and anybody else who’s willing to pay for it. The best way to prevent this is to hide your personal details on the public WHOIS database.
How to keep information hidden on the public WHOIS database:
First, just in case it’s crossed your mind, let’s talk about what you definitely can’t do:
You’re not allowed to give fake contact details to your domain registrar.
For one thing, that’s against the law. If ICANN finds out that you did this, it can cancel your domain name or give it to someone else. (ICANN stands for The Internet Corporation of Assigned Name and Numbers, and it’s the organisation responsible for overseeing the assignment of domain names.)
For another thing, it’s unwise to give fake details to your domain registrar. Your domain registrar will need to contact you to let you know when it’s time to renew your domain registration, so you can hold on to your domain name. If you fail to renew your registration, your domain name could be sold from right under your feet. You can technically provide secondary contact details to a domain registrar (for example, the home address of a second home you own, or an email address that you don’t really use), but this isn’t ideal, because, again, you might miss important communications from your registrar.
To keep your contact information hidden, you basically have only two reasonable options:
1. Buy a UK domain name
UK domain names don’t list your personal telephone number and email address in the WHOIS database. Instead, only the owner’s name, business name and address will show up on the database.
This is a function of the WHOIS Privacy feature of the WHOIS database. But, again, you can only turn this feature on if you choose a UK domain name, such as “.co.uk”, “.org.uk” or “.uk.”
But what if you’d prefer to choose a more common domain extension, like “.com”? Are you left in the open with your contact details exposed?
Not if you choose the second option:
2. Order Domain Privacy
Most reputable web hosting companies offer domain privacy. This is a product that’s specifically designed to keep your information hidden on the public WHOIS database.
How Domain Privacy protects your WHOIS data:
For an annual or monthly fee, a domain name privacy protection plan obscures parts of your WHOIS data. Once you have a domain privacy plan with your web host, if someone tries to access this information, the query is forwarded to a proxy server or to another secure portal. This keeps your information hidden from the public. People who try to view your data will also be notified that the information is protected by a third-party security provider.
That way, you get to keep your information private while still making it available to people you want to be able to contact you.
The public WHOIS database was conceptualised as a force for good, but unfortunately, it’s being used by spammers and scammers to engage in two of the very ills the database was intended to prevent. You’re legally required to register your contact information with your domain registrar, so there’s no getting around that. But if you order a domain privacy protection plan from your web host, you can still protect your sensitive contact information from malicious, prying eyes.