With all the discussion of the recent Who is privacy breach it got me to thinking. Why do we need privacy on our domains? If I own a domain that I can’t put my personal or company name on, do I really want to own it? The common comparison usually made is between domains and real estate. Last time I checked I can find out who owns any piece of property in the United States. A system that seems to work fine with little to no problems. So why is there such an easy way to hide your identity and why does one need it?
In real estate, if you don’t want people to know who you are or the owners , you simply set up a shell company. Thus hiding the actual owners of the piece of property. You could easily do the same thing with your domains. It doesn’t take much work or much cost. Another argument might be that you don’t want your email to be public information. In today’s world, emails are as easy to come by as buying a candy bar. Setting up an email that is specific for that domain or if you own thousands, all of them. You might say that it would be difficult to manage all the email if you do that but it’s a weak argument because Frank Schilling and Michael Berkens seem to manage just fine and I’m pretty sure they have more domains than you do. I think I can answer my own question pretty easily. It is used to hide something negative
Whois privacy is available for two reasons. One, for the registrars to make great money. They make more money on privacy than the domains themselves. They want you to use privacy, not to give you privacy but to take your money. Ever tried to get your privacy taken off at Godaddy? It’s easier to change your name at marriage at the DMV than it is to get privacy taken off. They hate to lose that cash cow. The second point is going to be controversial but I think most people that have privacy are doing something that they personally perceive as negative.
According to Steve Linford, CEO of Spamhaus, an International spam stopping group,
A cloaked WHOIS for example screams ‘Spammer!’ to us, just one look at a WHOIS containing words like ‘Domains by Proxy, Inc.’ or ‘Moniker Privacy Services’ is enough for us to SBL instantly in situations where we suspect the domain is involved in spam. Additionally, spam involving a domain whose WHOIS says it was only registered last week is almost a no-brainer SBL listing. Use of certain ‘blackhat’ or ‘greyhat’ Registrars, use of PO Boxes and addresses of rent-a-mailbox places are other give-aways that talk loudly to us about the intention of the domain owner, as are freemail addresses used as domain contacts. For Spamhaus investigators, WHOIS or sometimes the lack of WHOIS (such as using TLDs that do not have WHOIS servers) can often be a picture that speaks a thousand words.
Obviously this doesn’t mean that all privacy domains are spam or negative in nature but more often than not, it is. It might be a pornographic name or a typo of a name. The ChefPatrickSucks.com is a perfect example. The kind of name that could reflect a negative light on the owner. It’s a shield that makes finding out the owner a bit more difficult. Notice how I say more difficult, not impossible. Privacy does nothing to protect you in the case of a lawsuit. In fact, when a privacy service masks your identity they are essentially taking control of the domain and with that control comes legal responsibility. Responsibility that will be dropped in a heartbeat if there is a lawsuit. If they get sued they will turn your name over within seconds. If they don’t, they will be sued as well. Registrars hate lawsuits, especially lawsuits when YOU did something wrong.
In my saying that we don’t NEED privacy to protect our identity I am not saying that we don’t have the right to it. If you sign up for privacy that’s what you should get, but the only person that is giving you that right is the privacy company. It’s an agreement between you and that company. Do you really want to rely on that company? You’ve seen how easy it is to breach. Fusible has been cloaked for years and nobody figured out who they were without a massive FBI style manhunt. All they did is simply use a company name and address that gives no information about who they are. You can still contact them without learning their identity. It only took them 5 minutes to set it all up. They achieved the same results that all whois privacy buyers get but they control the domain, the privacy, and did it all for free. There was no need for Whois Privacy.
PS: I did my own privacy protection on my picture above