Is using whois privacy or proxy services a red flag?
I was reading a story this morning about problems at Bitcoin payment processor EgoPay. The author noted that the EgoPay.com website is devoid of contact information and that the domain name is protected by whois privacy.
The author concludes that “Legitimate companies don’t hide their contact details.”
I agree to an extent. A combination of not disclosing contact details on a site and using whois privacy is a red flag. But there are legitimate reasons a company might want to use whois privacy to mask its domain name record. For example, a company might not want people to know the email address it uses to control its domain names.
That said, I think it’s fair to give extra scrutiny to a company, particularly one that handles financial transactions, if it uses whois privacy. At a minimum, you’ll want to make sure the company has accurate contact information on its website. I’d look for all of the information you can usually get from whois: a mailing address, phone number and email.
Otherwise, it is indeed a red flag.
gpmgroup says
For example, a company might not want people to know the email address it uses to control its domain namesIt’s not very difficult to have separate email addresses that only exist in the Whois.
Domainer Extraordinaire says
I’ve received death threats from people that think they should own a domain name that I own. I’m sticking with whois privacy.
David Walker says
Frankly, I don’t think that if you’re a legitimate, formed and well known business that whois quite matters in terms of customer perspective. Who really conducts a whois?
Take a whois on Yahoo! for example. The name is simply “Domain Administrator”. I decided to give the number of the domain administrator a call and see what I came up with. It routed me to the main switchboard for Yahoo!.
So, is Yahoo! hiding behind privacy or are they protecting the domain administrator, whoever that may be, by not providing the extension?
With them being such a huge company and well known, they can hide behind what I would say is phony whois. I would almost guarantee all Fortune 500 companies are behind some shield of privacy. However, privacy itself is not on. What makes this so different?
As for domain investors, there is an argument that privacy should not be enabled on domains to get offers. I’ve found this to be quite untrue as people will still email the privacy email a legitimate offer. Whether they are end users or resellers, you can get back to them on that.
With death threats of owning property as mentioned above, that’s probably where it crosses the line and privacy is needed. However, I’d even go further and provide open privacy, address of a UPS/USPS pickup location and a burner phone number. That is basically what Y! is doing in the case provided, except all mail is sorted at their headquarters and all calls are routed. This does increase the cost of business, but is practiced by some if you check their whois already.
My privacy? My front door for developed sites. Come for a coffee or beer. 🙂
ff says
See whois snapchat.com. BS argument.
John Berryhill says
Obviously whomever believes that “legitimate companies don’t hide their contact details” in unfamiliar with the reasons why incorporation in Nevada has become popular. Nevada corporations don’t have to disclose who is behind them.
Ian says
whois privacy is a cop-out in so many scenarios. For a legitimate, trading business to hide their details I would expect the domain to be relevant to a to-be-launched product or service.
I understand why whois privacy exists but there needs to be a bit more accountability overall.
Robbie says
Got people adding me on whatsapp spamming me, random emails, calls, yes I want to hide my whois, just like unlisted telephone #
bladel says
This issue has been discussed at length in the Privacy/Proxy Accreditation group, along with the WHOIS review. Both groups have found that there are several good reasons why legitimate businesses would want to use privacy services, such as for pending M&A or future product launches.
We’ve also discussed the use of these services on sites conducting “commercial transactions.” But it’s not always clear what that means, for example whether political contributions or religious donations would be “commercial.”
Also, if the primary concern is dispute over a payment, wouldn’t the payment network (credit card, PayPal) already have a process to support this? (Sorry, BitCoin).
gpmgroup says
Pending m&a and future product launches are special events and should be treated as such, neither would be for websites currently providing services or products for consumers (and other businesses).
Robbie says
You guys need to look .ca .uk, and other country registry laws that allow the blocking of whois info for free.
Matthew Marion Fondel says
During the episode when “a certain Registrar was imploding”, the fact that some domain names had domain privacy made it difficult to get the “codes” needed to transfer the domain names to other registrars. I think when ICANN did finally step in the problem with the domain names with privacy was cleared up. But, as a result of that event, I do not use domain privacy. Granted not a lot of Registrars go belly up but that event illustrated that “in a certain scenario” it could be hard to prove that you are the owner of a domain name if it has privcy and the Registrar is “having problems”.
For this reason, it seems ill advised for a legitimate company to use domain privacy particularly when the company very likely has trademarks and copyrights that publicly associate the company with the website and domain name.
How’s this for a red flag? Not only does this website have whois privacy on its domain name but the alleged “owner” appears in disguise in the videos on the site.
bladel says
Matthew – This incident prompted the Registrar Data Escrow (RDE) program. Registrars are required to include the underlying customer data with their escrow deposits, so this scenario should not happen again.
Tony says
Whois Privacy is needed because it provides protection from unforeseen, abusive Bullies who like to harass and create unreasonable inquiries without proper justification.
Amabious says
I need more information about Egopay system migration. Please, anybody with genuine information share with us.