Can registrars see past privacy protection?

[CallMeJ]

I was told this by someone...

A registrar can indeed see past privacy protection. In fact, they don't even see the domain name is protected, they simply have direct access to the database of registrants.

Is that true? I thought the point of a private registration was that the registrar registered the domain on your behalf and they would show as the owner in the database of registrants.

 

[grcorp]

That's what I am under the impression of as well... since what appears in the whois database is the standard information as populated by the registrar, generally their address, phone number, and an obscured email address specific to your domain.

Your information is kept privately in their records, AIUI, and could only be released by a search warrant, or as otherwise allowed in their privacy policy.

 

[DNB]

I think that only the registrar where you have your domain can see your details.

 

[dominator]

your registrar, not all registrars

 

[Theo]

Your registrar's qualified personnel can look past the WHOIS shield.

 

[Johnn]

Your registrar only and law enforcement agencies.
In the case of Godaddy, all Godaddy girls can look at you as they have not much to hide.

 

[katherine]

If the whois privacy service is provided by the registrar, of course the registrar can access the underlying data.
Solution is to use a privacy service that is not related to the registrar. But you can also set up your own privacy scheme easily.
P.O. box + virtual number for example. Cost-effective for more than a few domain names.
Besides, whois privacy services will not be going the extra mile to protect your identity.
Nobody wants legal trouble for $15/year.

 

[grcorp]

If the whois privacy service is provided by the registrar, of course the registrar can access the underlying data.
Solution is to use a privacy service that is not related to the registrar. But you can also set up your own privacy scheme easily.
P.O. box + virtual number for example. Cost-effective for more than a few domain names.
Besides, whois privacy services will not be going the extra mile to protect your identity.
Nobody wants legal trouble for $15/year.

Agreed. I pay about $400 per year for a mail-receiving service, which keeps my home address from being revealed to parties who I don't wish to have it on file (domain registrars, banks, etc.). If one were to get it for just domaining, it would pay itself off very quickly considering what privacy normally costs.

As for a phone number, it is entirely plausible to say "I have no phone", and just put 800-999-9999 as your phone number, as most do with fax numbers, since fax is, well, hardly used any longer.

But a google voice, or skype number can come very inexpensively, and could be your best bet in providing a "semi-valid" phone number, just for the sake of being able to receive phone calls.

 

[dominator]

you should have a real phone number/voice mail there

 

[CallMeJ]

If the whois privacy service is provided by the registrar, of course the registrar can access the underlying data

In case it isn't clear to anyone else, I am NOT talking about whether your own registrar has access to the data you give them. Of course they do. You just gave it to them. I am talking about whether other registrars have access to that data.

Also, it is a question of whether there is a private registrant database available to registrars, that is different from a public (and different) whois database.

 

[Theo]

Short answer, no. The data is 'encrypted' at the Registrar, not the Registry.

In case it isn't clear to anyone else, I am NOT talking about whether your own registrar has access to the data you give them. Of course they do. You just gave it to them. I am talking about whether other registrars have access to that data.

Also, it is a question of whether there is a private registrant database available to registrars, that is different from a public (and different) whois database.

 

[dominator]

I am talking about whether other registrars have access to that data.

absolutely not

you just misunderstood the sentence

"a registrar" (where you have your domain name), not other registrars

you posted the answer without the original question

 

[CallMeJ]

absolutely not

you just misunderstood the sentence

"a registrar" (where you have your domain name), not other registrars

you posted the answer without the original question

I wrote the original question, which is why I am clarifying.

I just had someone give me a convincing reason otherwise, which is why I'm making sure my question is clearly defined. I appreciate the discussion on the topic, and I'm not surprised that a bunch of **** would answer as I already believed. I've asked if they'd like to join the discussion or if I could paste their thoughts and awaiting reply.

 

[dominator]

A registrar can indeed see past privacy protection.

was the response to a question
(i call it the original question)

 

[scooby47]

Yes we think they can and if they can or is advantageous they do (brokerage service offering?) .. for sure .. we know over the years it can and do they ? ( does it ? ) happen .. we are pretty sure from our records and can evidence internally on our domains that we have had leakage from domains that were held in privacy that became "known" as our identity as the registrant/ holder during negotiations / transfer sales still progressed and concluded hey ho .. no surprise really

 

[katherine]

.com & .net are thin registries, which means the whois record is kept at registrar level.

In other extensions (ie .org) the whois is usually maintained at registry level.
Obviously you can make up a whois record with fake data.

But if you are hit with a UDRP one day the registrar will release the customer details they have on record. Then the whois privacy is useless.
Or you need to lie from the start and open an account at the registrar using a fake name, use VPNs, proxies, and prepaid cards. Live like a fugitive.
Which is not recommended of course. if you have a problem like trying to recover a stolen domain it will be difficult to prove that you are who you say you are.

 

[CallMeJ]

.com & .net are thin registries, which means the whois record is kept at registrar level.

In other extensions (ie .org) the whois is usually maintained at registry level.
Obviously you can make up a whois record with fake data.

But if you are hit with a UDRP one day the registrar will release the customer details they have on record. Then the whois privacy is useless.
Or you need to lie from the start and open an account at the registrar using a fake name, use VPNs, proxies, and prepaid cards. Live like a fugitive.
Which is not recommended of course. if you have a problem like trying to recover a stolen domain it will be difficult to prove that you are who you say you are.

Nothing to do with UDRP, and now you are introducing a bunch of issues into the discussion that aren't needed, and fogging the original question further.

So to be clear, your position is that there is ONE registrant .com and .net database, not one registrant database, and another different whois database?

So everyone here is in agreement that the public whois database is the same database .com and .net registrars have access to?

 

[Theo]

I don't see anything irrelevant in Katherine's response, in fact, she expanded it fully. Now, read it carefully and determine what's right and what's wrong for your own use. Unless you have a legal aspect to tackle, in which case, you'd have to cough up $300 and consult with an IP attorney.

 

[dominator]

short answer was no, as acro wrote
long answer was what katherine wrote
and absolutely correct

if you don't believe us, ask a registrar
you are a member of this forum since 2003, so i assume you would know one (personally)