Domain privacy


Domain privacy is a service offered by a number of domain name registrars. A user buys privacy from the company, who in turn replaces the user's information in the WHOIS with the information of a forwarding service.

Level of anonymity

Note that some top-level domains have privacy caveats:
The Internet Corporation for Assigned Names and Numbers broadly requires the mailing address, phone number, and e-mail address of those owning or administrating a domain name to be made publicly available through the "WHOIS" directories. However, that policy may enable spammers, direct marketers, identity thieves, or other attackers to use the directory to acquire personal information about those people. Although ICANN has been working to change WHOIS to enable greater privacy, there is a lack of consensus among major stakeholders as to what type of change should be made. However, with the offer of private registration from many registrars, some of the risk has been mitigated, enabling those spammers, direct marketers, identity thieves, and other cyber-criminals to hide behind anonymous domain registrations to make it difficult or impossible for victims to identify those responsible.

Litigation

With "private registration", the service can be the legal owner of the domain. This has occasionally resulted in legal problems. Ownership of a domain name is given by the organization name of the owner contact in the domain's WHOIS record. There are typically four contact positions in a domain's WHOIS record: owner, administrator, billing, and technical. Some registrars will not shield the owner organization name in order to protect the ownership of the domain name.
Ownership of domains held by a privacy service was also an issue in the RegisterFly case, in which a registrar effectively ceased operations and then went bankrupt. Customers encountered serious difficulties in regaining control of the domains involved. ICANN has since remedied that situation by requiring all accredited registrars to maintain their customers' contact data in escrow. In the event a registrar loses its accreditation, gTLD domains along with the escrowed contact data will be transferred to another accredited registrar.
There have been several lawsuits against Namecheap, Inc. for its role as owner/registrant. and also in Silverstein v. Alivemax, et al. Los Angeles Superior Court Case Number BC480994 although this case was dismissed in May of 2014. Silverstein is well known for his anti-spam and email privacy campaigning, most notably in the case of William Silverstein v Keynetics, Inc., No. 17-15176 - decided in March 2018.