1. What does privacy protect do?
2. Why should you offer privacy protect to your customers?
3. What are the benefits of privacy protecting?
4. How can I set all domains of a registrant contact to privacy protect?
5. Do I need to have consent of the registrant for privacy protect?
6. Do ALL TLDs allow privacy protecting?
7. How can someone get in touch with the registrant of a privacy protected domain?
8. Why should I set my customers domains on client transfer prohibited TRUE?
9. How about exposing registrant information through the other contacts?
1. What does privacy protect do?
Realtime Register privacy protect removes the exposed registrant information and replaces it by a default data set and email address related to the domain name.
Example whois output non-privacy protected domain
Registrant Name: John Johnson Registrant Organization: Registrant Street: 404 street name Registrant City: Amsterdam Registrant State/Province: Registrant Postal Code: 1000 AA Registrant Country: NL Registrant Phone: +31.106660666 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: john@whatever.whatever
Example whois output privacy protected domain
Registrant Name: Privacy Protect Registrant Organization: My Domain Provider Registrant Street: Ceintuurbaan 32A Registrant City: Zwolle Registrant State/Province: Registrant Postal Code: 8024 AA Registrant Country: NL Registrant Phone: +31.382305013 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: domainname.extension@mydomainprovider.com
Where “domainname.extension” is replaced by the domain name of the whois output. If the phone number is called a recorded message is played to contact the registrant through email.
To Top Of Page
2. Why should you offer privacy protect to your customers?
By exposing the registrant information, you might be in breach with the GDPR. Especially if you don’t have explicit consent to have the registrant information published in a public whois. And in addition, it’s a human right. As article 12 of the United Nations Universal Declaration of Human Rights states:
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Every-one has the right to the protection of the law against such interference or attacks.
To Top Of Page
3. What are the benefits of privacy protecting?
- It protects your customer’s privacy even more effectively
- It prevents spam by email, phone calls or text messages to your customers
- It is compliant with over 100 data protection laws worldwide.
4. How can I set all domains of a registrant contact to privacy protect?
For starters, make sure you have your customers consent for setting domains to privacy protect. You can do this by either explicit consent or through your terms of service. If you use the Realtime Register Domain Manager, we have a Privacy Protect step-by-step plan available for you. If you use the Realtime Register API, you can use the API commands set to privacy protect. However, even then you want to have a look at the Privacy Protect step-by-step plan.
To Top Of Page
5. Do I need to have consent of the registrant for privacy protect?
Yes, you need to have some form of consent, please have a look at item 4 of this FAQ. The privacy protect feature also sets the domain to transfer prohibited. This also requirers the consent of the registrant.
To Top Of Page
6. Do ALL TLDs allow privacy protecting?
Nope, I am sorry, however, privacy protect is allowed for practically all generic TLDs. Most ccTLDs don’t allow it. However, the ccTLDs that don’t allow privacy protect in general show very few information, so effectively it’s privacy protected.
For example; the Dutch .nl extension does not display the registrant name if there is no organization name added to the registrant information. As do other ccTLD registries like DNS BE, Eurid and Afnic.
7. How can someone get in touch with the registrant of a privacy protected domain?
Basically, in two ways by using a captcha-protected form at my domainprovider.com and sending an email to the domainname.extension@mydomainprovider.com email address.
- If the form at mydomainprovider.com is used, the email with optional attachment is directly send to the registrant’s email address in the registrant contact handle. Of course, the sender does not get to see the real address.
- If the mail is send directly to the email address in the whois, the behaviour depends on the status of the client transfer prohibited setting.
- If client transfer prohibited is TRUE, the sender gets an email to go to the mydomainprovider.com form. Effectively blocking spam bots from reaching the registrant.
- If the setting client transfer prohibited is FALSE, the registrant gets a standard email with a link to view the message. Attachments from the sender are discarded. This route ensures limited protection from spam though allows for transfer out FOA’s to reach the registrant.
8. Why should I set my customers domains on client transfer prohibited TRUE?
- It helps to prevent domain theft and unwanted transfers.
- Even if someone of your staff has been socially engineered to provide an authorization code to an unauthorized person, it adds an additional threshold for transferring the domain away.
- It reduces spam reaching the registrant even better.
- If the domain is privacy protected automated spam is unable to get in your customers mailbox.
9. How about exposing registrant information through the other contacts?
That is a tricky one, if you use different contacts with the registrant’s information you will end up exposing unwillingly contact information of the registrant. In general, there are two approaches:
- Change all admin, billing and tech contacts to a contact that has your brand information. As a nice side effect, your brand gets more exposure in the whois information.
- Change all contacts to the contact handle of the registrant. This way, these whois contacts will also display the privacy protect information.
It’s up to you, make your pick!