What is domain privacy protection?
Anyone who registers their domain with a domain registrar is required to submit contact information. This contact information may then be publicly accessible. If you want more autonomy, security and privacy when it comes to your data, you’ll need to take some steps to ensure domain privacy protection. Domain privacy allows you or your domain registrar to delete publicly available data about you or your business from the WHOIS entry on your domain.
What is domain protection?¶
Domain privacy protection refers to the possibility for anonymity and privacy when registering a domain. Anyone who registers a domain is required to submit various kinds of information in order to officially purchase the domain. That information includes personal data, business data and contact information. More specifically, some examples are:
- Email address(es)
- Business address(es)
- Phone number
So what’s the problem with that? The personal information that’s connected to a domain isn’t private. It’s openly available via the WHOIS database, unless the domain registrar or registrant took specific steps to ensure WHOIS privacy. With domain privacy protection, the information connected to your domain is anonymized or replaced with information from your domain or hosting provider. That way you can protect your personal or company data.
What is WHOIS?¶
Domains, along with their IPs and the personal/company data connected with them, are managed by the ICANN (Internet Corporation for Assigned Names and Numbers) in namespaces. In order to coordinate IP addresses and domain name servers (DNS), the ICANN has determined how domains can be registered. It also manages the assignment of DNS, IP and associated data under the umbrella of IANA.
When registering a domain, customers hand over personal data to registrars and registries, which are then publicly accessible via the WHOIS database. WHOIS is an internet registry that contains all the available information about a domain. The main reason this data is collected is to verify the legitimacy of each domain registration. WHOIS entries are meant to ensure that it’s possible to contact domain owners in the event of legal or technical problems or other issues.
The following information is part of a WHOIS entry in the WHOIS database:
- Domain name
- Domain registrar
- DNS entries/DNS servers
- Date of registration
- Expiration date for domain registration
- Information about the registration’s renewal date
- Status of the domain
- Admin-C and Tech-C
- Contact information (email, phone number, address, name) for the domain owner
The scope and content of WHOIS information will vary depending on domain type/domain ending, as different registries might be responsible for different domain types. Due to the European GDPR, many WHOIS entries in the EU are automatically anonymized or are only revealed in response to legitimate inquiries.
What is a WHOIS lookup?¶
Anyone who visits a website or wants to get information about a domain can do a WHOIS lookup. A WHOIS lookup shows when a domain was registered and which person or company it was registered to. Depending on the scope of the WHOIS entry, there might also be contact information or personal data about the domain owner. Lookups are free and can be done using various domain administrators, including:
The advantages of WHOIS lookups include:
- Checking and proving the legitimacy and uniqueness of a domain
- Collecting information about a domain before registering a new one
- Making it possible to contact domain owners in the case of technical or legal problems
Looking for a free and easy way to find out who a domain belongs to? Use the IONOS WHOIS Domain Lookup and get all the publicly accessible information about a domain.
How does the GDPR affect domain privacy?¶
The GDPR was introduced in Europe in 2018 and strictly regulates the processing, publishing and storage of personal data. But while it is an EU-based regulation, the GDPR has far reaching consequences for users and companies around the world. In the case of domain privacy, many registrars have made their processes GDPR compliant for everyone.
So what does GDPR compliance look like in the context of domain privacy? For one, it means that registrars are required to delete or anonymize personal data in WHOIS entries for top level domains (gTLDs and EU ccTLDs. It also applies to privacy in the context of domain management.
According to the GDPR, domain providers are required to delete personal data from publicly accessible WHOIS entries, unless a domain owner indicates otherwise. These days, many domain registries offer their own services for domain privacy protection. Those services include:
- Anonymized forwarding addresses for WHOIS lookups
- WHOIS entries about domain owners are replaced with information from domain provider or a third-party provider
- Selected WHOIS privacy for selected domains
- Two-factor authentication and private WHOIS management
For more security and privacy in domain registration, use a private domain from IONOS. We provide domain privacy protection from the get-go by entering our company data instead of your personal data in the WHOIS entry.
What are the advantages of domain privacy protection?¶
When considering this question, it’s important to strike a balance between the benefits of WHOIS entries and better domain privacy. Having your information publicly accessible means that visitors to your site can approach you with questions or concerns. In general, it means that anyone is able to find out who owns a domain.
On the other hand, the advantages of domain privacy protection include:
- Anonymizing sensitive personal or company information
- Preventing the misuse of publicly available contact data, e.g. in the form of spam or phishing
- Preventing domain and identity theft
- Enabling contact to domain owners using an anonymized forwarding address
Can WHOIS privacy be used for any top-level domain?¶
Whether domain privacy protection is possible will mostly depend on the domain provider. The terms and conditions should state whether domain privacy is an option or not.
Note that for .us domains, domain privacy is not allowed. This means that you are required to enter your contact information when registering a .us domain and that that information cannot be anonymized or falsified.
For country-specific domains in the EU, the GDPR will apply to domain registration via registries like ICANN.
Benefit from comprehensive protection for your domain with Domain Security by IONOS. We offer reliable protection against unwanted access with two-factor authentication, DNSSEC encryption and official domain owner certification.
How to successfully implement domain privacy protection¶
If you want to take advantage of domain privacy protection when registering your domain, most domain providers offer this option without much of an increase in domain costs. Domain privacy protection with IONOS, for example, is simply a question of private domain registration. IONOS essentially acts as a middleman between you and the WHOIS database. So the personal data in the WHOIS entry will be filled with company data that don’t lead back to you as the domain owner. IONOS’s private domain registration is available for the following domain endings: