Cheap, fresh whois data is leading to increased spam and telemarketing.
I usually keep my iPhone on “do not disturb” mode at night. But not on August 16. My wife was traveling, so I kept it on in case she needed to reach me.
At 4:19 in the morning, my phone pinged and woke me up.
It wasn’t my wife. It was this text message:
The text message I received was from Devan Crow, who owns a Florida business called SkyNet Group LLC.
For $500 a quarter (or less for longer term subscriptions), Crow will give you fresh whois data every day:
The subscription provides full data going back more than a year. Updates are provided daily and include all new registration across the primary legacy extensions (com, net, info, us, org) and all of the 300+ new zones (xyz directory etc) along with all of the parsed Whois data for each domain. Includes registrar data and country of registrant for each domain as well and includes direct contact details for all registrants.
In an email to Domain Name Wire, Crow insisted his data isn’t behind new domain registration spam:
“I know my clients well and I understand their specific use cases. I have & will cut off users who I know are using the data simply for unblatent/un-targeted marketing. This simply falls upon personal responsibility: I can not control my clients – nor any other human being for that matter – but I will cut their data off if necessary.) I do not provide refunds however in this case as stated in the contract that clients agree to/sign.”
I can’t imagine acquiring so much data and using it for one-on-one marketing.
The amount of spam you receive after registering a domain name is growing. People use daily zone file and whois comparisons to send solicitations like this.
Crow also says that his collection and sale of this bulk data doesn’t violate any terms of service with registries or registrars. In doing so, he also admits that it’s being used for telemarketing:
ICANN allow the collection of whois data if you enrich the data and inhance it with other data. The data as provided to clients is enriched. This allowance is true with many data handling licenses. An example of how the data is enriched for one of my clients requires that telephone records of US registrants be identified as wither a landline or cell phone. The accuracy of this data needs to include numbers that have been ported as well (ported from landline block to cellular OR from cellular blocks to landline.) Porting is a growing trend but currently effects around 3%. This same client also requires the number to be checked against state and federal do not call lists. This is important because MOST companies fail to access and check their data against state lists. You are familiar with Web.com doing the very same thing recently. They called a client who was not listed on the federal do not call list but was on a state do not call list. What most companies do not understand/realize is that laws requires a business to know if a number is on s do not call list simply for it being in their database. A very good reason why the scrubbing API that I built is so popular among my clients.
So is harvested whois data also why I’m receiving so many robocalls?
He also points to this page.
That page actually notes “WHOIS may be used for any lawful purposes except to enable marketing or spam, or to enable high volume, automated processes to query a registrar or registry’s systems, except to manage domain names”.
To be fair, Crow is not the only person selling this data. But at such a low price, it makes it incredibly easy for marketers to abuse.
As for my complaint of the ill-timed unsolicited text message, Crow was unapologetic:
The only way to reasonably expect a person’s local time is their area code. Unless you are travelling and out of your normal area you would not have received a text at 4am. The only exception is where a wireless network delays the delivery of the message (similar to how email messages can temporarily soft bounce). (Ive had it where a person has sent me a text and I dont receive it until 12+ hours later.) While this can happen and still does from time to time it is pretty rare.
couponpages says
I’m not sure why, but I’ve been getting a ton of calls lately from people trying to sell site building and SEO services. More often than not, they are calling about fresh domains that I registered within a week or so before the call.
Considering the volume of new domains registered each day, I can’t imagine how they can even contact a small percentage of the fresh registrations.
Joseph Peterson says
Yes, I received that text message awhile back.
Currently I don’t use the service. But I can imagine several legitimate uses for such data apart from spam. Personally, I would use it for internal research.
For me, the quantity of email spam hasn’t increased over the years. But the amount of phone spam certainly has. Several months ago, I changed my voice mail message so that it states that I won’t be checking messages. Easily 90% of them are pre-recorded telemarketer messages … often 7 identical messages in a row.
James says
The source for all this data is here: https://www.whoisxmlapi.com/
Devon Crow is selling their data without authorization.
Paul Nicks says
Further reasoning why domain privacy is so important. Here’s an article Blake published encouraging people to petition ICANN against removing privacy:
https://garage.godaddy.com/godaddy/news/your-digital-privacy-is-under-attack/
Russ says
Ha! This has been going on since at least the mid 90’s Google “ProCD Internet Directory” I was there at the time.
Mike says
I am contemplating a legal action in regards to the collection of my whois data, in breach of the terms & conditions ,violation of my privacy and data protection rights IN EUROPE. Even if the defendant is in the USA it will not protect them as the cause of actionwill have arisen IN EUROPE. Wait and see wont be long now !.Anyone want to join a Class Action ?
Dimester says
If you add your wife’s number to the favorite list on iphone you can set the list to reach you when all other calls are on do not disturb. I do this so my family can reach me in an emergency.
Andrew Allemann says
That’s a good idea, thanks
Robert MacGuffie says
Use a Google Phone #. You don’t even have to listen to the call as it is also sent as a transcribed email. I suppose spam is spam, but at least you won’t be disturbed if that’s a major concern.
David says
“I can’t imagine acquiring so much data and using it for one-on-one marketing.”
Exactly. What would be an example of a non-spam use for a daily list of hundreds of thousands of contacts?
Joseph Peterson says
I can think of dozens of ways to analyze that data without sending a single email.
Currently I don’t do business with this person or company; but if I did, it wouldn’t be for spam.
Most people probably don’t use it the way I would, though. Emailing folks seems like the most likely scenario.
Bul says
Spam email like “I saw you registered domain name so and so. Would you like to buy my so and so as it is available for $39.99” right?
Joseph Peterson says
I get dozens of those.
ElephantMemory says
is that his real identity ? this same person tried to buy a domain from me; his offer consisted of a partnership agreement; of which he (or she ) kept pushing and soliciting for days until she ( or he or it … ) … his last words were “Adm Canned the project” … i couldnt get a straight answer nor could see if that is a real person;
Andrew Allemann says
That’s the name on the LLC filing with the state of Florida.
DomainerGuy says
Typical…. deny deny deny… he takes no responsibility for anything, says daddy will punish any bad boys… and keeps on making his dough. Spammers are all cut from the same cloth and they all speak this same slimy language.
Mark says
go to http://www.devancrow.com for more information about Devan’s activities