When I register a domain name, I'm concerned about privacy. I don't want to enter my home contact info such as address, phone #, etc. How do I go about protecting this data? I believe I've heard you can enter in 3rd party contact info, such as info for the web hosting service that's hosting your webiste. Is this true? Or is it the person that's hosting the dns entry (usually the same as the person hosting the website)? What is the standard procedure I should go through to protect my info from being shared on the whois database, while not breaking any laws?

I fully understand the merits of the WHOIS database and want others to be able to contact me in situations that warrant it, but I definitely don't want my personal info sitting out there for spammers and other people with malicious intent.

Thanks,
Dustin

Internic rules require that the owner of a said domain be made public so you have to put your actual information in the WHOIS database. Using your hosts' information or anyone else information has its consequences, especially when/if you want to transfer your domain to another registrar. If you live in the US, the easiest method is to go to mailboxes etc and rent a mailbox there (last time i checked it was about $160/year for one) to hide your home address, and go to ureach.com and get a personal toll-free number ($7/month) right now. This will add another layer, but if someone really wanted to, they could still find your actual info.

If you are concerned about your whois information, you might be interested in registering your domain name with Go Daddy Software at http://www.godaddy.com. Their whois server can not be publicly queried. The only way to query their whois server is by using their web site. Their web site requires a passphrase to be entered for each whois lookup, preventing mass data mining. However, the information is still available for individual lookup.

DomainMart offers an agent service at http://www.domainmart.com/DomainNames/information/FAQ-SpamBuster.htm.

If you're a corporation with a third party registered agent, you could just list them. Or perhaps you could list your attorney. :)

All registrars require valid contact information, though, as far as I know.

I can query domains at GoDaddy just fine through the script at http://whois.myostrich.net, which is just a simple Perl script, so I suspect their "anti-SPAM" system isn't really what you think it is.

-t

A PO Box is a good idea if you don't want to put your home or place of work address on the WHOIS. There has been a fair bit of talk about PO Boxes here on WHT, so with a simple search I am sure you could dig something up :)

ICANN rules require that the contact information put into a domain record be valid for the registrant. This does not mean that it necessarily has to be your information, if you look at in the strictest sense, for a personal-use domain. Business use is different, and there would be no way anyone could possibly recommend putting in anything other than the registrant's own contact information for a domain used for business purposes. However, for personal use, it is acceptable (and legal, per ICANN rules) to put in information for a third party contact whose details are valid as the registrant's authorized contact. Your host, for instance, can provide screening for the physical address/phone number, and even the email portion if you like. I would not recommend the latter at all. If you're going to screen your WHOIS info, use an email address that you alone control, even if that's at Yahoo or some other free mail service. Any problems will occur as a result of complaints in regard to the UDRP, at which point the owner of the contact information (i.e., the host) would also have to be involved to verify that you were the registrant of the domain and that contact could be made with you via the details submitted as part of the domain registration (i.e., if they were mailed something or phoned, they had reasonable methods of ensuring that you received said information). Some people just use their host's information without the host's permission, which is a bad, bad idea, since it's just rude. It's rare, however, that domains get yanked for any reasons related to the information in a WHOIS, whether the information is real (the host's) or faked (N/A) unless the registrant is stepping on the toes of a corporation with deep pockets.

One thing's for sure...you'll get tons of spam to whatever address you put down, especially e-mail. Use an e-mail account separate from your primary one that has very good anti-spam filters.

Unless your domain is of particular importance or for business purposes, your e-mail address is really the only piece of information that needs to be accurate. [hint hint] Of course, since I have a separate address and phone #, it's easy for me to say "You should use your real info, blah blah blah". But if you don't have a separate address and phone # you can use, and a PO Box isn't worth the ~$50/year for an $8/year domain, then it's a different story. Fact is, the only time having your address and phone# would be legitimately useful is like 0.1%. Rest of the time, it's just for telemarketers and snail mail mass marketers to invade your privacy, and for curious people to find out where you live.

If anyone legitimately needed to contact you, your e-mail is available and is probably the first form of contact anyways. If they're able to get onto the Internet and check your WHOIS records, they should be able to send an e-mail. If you were to get a second phone # of some sort (probably voice mail service unless you're willing to plunk $20+/month down for a second line to your home just cuz of an $8 domain) just to have a valid # to put into your WHOIS information, it's doubtful that # will be checked often unless you have some other use for it. I dont' really see the point of going through the trouble to have an extra "valid" number when it might only be checked once a month.

I have friends that have never had accurate mailing address/phone # in their domain WHOIS records for years. Unless measures are taken to protect domain registrants' privacy to a better degree, it's doubtful they're going to start using their home addresses and private phone #s anytime soon.

Originally posted by thewitt
I can query domains at GoDaddy just fine through the script at http://whois.myostrich.net, which is just a simple Perl script, so I suspect their "anti-SPAM" system isn't really what you think it is.

-t

That's interesting. I wonder what they do special. Heres' the results when I do a whois from my server:

[whois.godaddy.com]

All you have to do from the command prompt is:

whois -h whois.godaddy.com DOMAIN.COM and it'll show the GoDaddy registration info without any passphrase to enter.

unix rules :D

GoDaddy is not more private than any other registrar, thats for sure.
In fact I got letters from two registrars telling me when some domain names I registered through GoDaddy were about to expire.
Anyway, registering something in your name is what makes it yours. Can you register your car with out using your real name? I don't think so.
As far as spam and telephone soliciting, just do what you always do. Inform them that they are invading your privacy, and that you do not purchase things offered by email or phone. Not registering a domain name isn't going to stop those emails and calls.

From GoDaddys site:
Does my information on my domain name have to be public?

Question
A customer who registered a domain name with my Private Label Interface can have their information listed on a WHOIS search. Is there anyway to hide that information from public view?

Answer
The information listed on your domain name has to be made publicly available per our agreement with ICANN, the governing body of domain names. We cannot hide that information from public view at this time. As well false information cannot be entered as that will violate the registration agreement and your domain name registration will be terminated. That is also by agreement with ICANN.

You may use alternate information that is correct such as a business address or phone number. However please do not enter false information as you may lose your domain name.

Originally posted by JG
All you have to do from the command prompt is:

whois -h whois.godaddy.com DOMAIN.COM and it'll show the GoDaddy registration info without any passphrase to enter.

I'm telling you. Doesn't work for me from any of our servers. For some reason, it doesn't answer queries for me.

I just tried it from home, and it worked. Hmm...

Anyway, registering something in your name is what makes it yours. Can you register your car with out using your real name? I don't think so.

Yes, no doubt, you want to use your real name. :D That's a given.
As far as I know, there isn't a way for anyone to publically access a database of millions of car owners with exactly what car they bought and their address, phone #, and e-mail...all without consent of the owner. That's pretty much how it is with WHOIS. While financial institutions and other businesses are required to let you "opt out" of marketing, there's no such "opt out" of spam marketing through your WHOIS information. It's a free-for-all.

As far as spam and telephone soliciting, just do what you always do. Inform them that they are invading your privacy, and that you do not purchase things offered by email or phone.
If anyone replies to a spam e-mail to request unsubscription, etc., they're only screwing themselves over by alerting the spammer that this is a live, spammable address. If not that, then there's no one at the other end to read your complaint anyways. They could care less how you think about it, as it doesn't cost them much more to send 600,000 e-mails rather than 500,000 e-mails.
Same goes for many of the automated fax dialers that call millions of phone #s polling for faxes. Even if you successfully get off one junk fax company's list (highly doubtful), your #s already been sold to a bunch of other junk faxers.

Not registering a domain name isn't going to stop those emails and calls.
I don't get spam at my primary e-mail address because I never use it for anything that could cause it to get into spam databases. The e-mail I use for domain registration, however, gets 20+ spam e-mails a day.

It only takes a little bit of caution to be spam e-mail and telemarketing free. If your e-mail or phone/fax is already getting junk, then tough luck. Not getting junk through snail mail probably can't be avoided, but it isn't as bad. It costs a lot more for marketers to send out snail mail than to fax broadcast or e-mail.

kreativ, you are right, I left out the part about not replying to spam at all. That sentance was a "catch all" to include all types of solitation. I did say "do what you alway do."
For faxes, I intercept them by answering the phone if I haven't been told a fax is comming. If I am not in the office, a machine picks it up.
For registering stuff online you should:
Create a junk email account to use for registering things online, and limit what you register. I mean, is it neccessary to register your kids copy of SpongeBobs Greatest Adventures? Probably not.

oops.

I mean, is it neccessary to register your kids copy of SpongeBobs Greatest Adventures? Probably not.

Hahaha. :D I don't register anything I buy, except for items in which there could possibly be a chance for a safety recall (water heaters, treadmills, etc.). But companies are getting smarter now, attaching a mail-in rebate to their products. It makes it the consumer's loss if they don't send in for it. That's how they get your info and market the heck out of it.

For faxes, I intercept them by answering the phone if I haven't been told a fax is comming. If I am not in the office, a machine picks it up.

My friend, who has a fax on the same line as his voice line, gets about 3 fax calls a day. Nothing like picking up the phone, saying "hello? Hello?", and getting a BEEEEP BEEEEEEEP BEEEEEP in reply. Or listening to your messages on the answering machine and getting that same BEEEEPPP fax tone. And now he can't keep his fax on in auto mode, or otherwise, the junk faxes will get through. He hardly gets faxes, so that's only a minor inconvenience. But just imagine someone who has a separate fax line and depends on it being on all the time. There's no stopping those junk faxes. And once they can successfully send a fax, the # gets placed in the priority list. My friend still gets multiple fax calls a day even though he's unplugged his fax and the faxes never get through.

Originally posted by bitserve
...Go Daddy Software ...Their whois server can not be publicly queried. The only way to query their whois server is by using their web site. ...

Pity to say - mentioned registrar whois database can be queried with succes from 3rd party www/software what was done by me just few hours ago.

Pity - couse I use my contact email only with my registrar and of course - I have a lot of spam addresed exactly on that e-mail.

Originally posted by thewitt
I can query domains at GoDaddy just fine through the script at http://whois.myostrich.net, which is just a simple Perl script, so I suspect their "anti-SPAM" system isn't really what you think it is.

-t

LOL - I see now what I haven't spotted before.

when will be my nap day? ;)