This month I wanted to briefly touch on why we still offer a WHOIS opt-out option on our domain names. With recent changes in UK privacy law, many ask why this is still needed. First, a primer on the WHOIS database itself…
For the longest period, whenever a new domain name was registered, the details of the owner would be added to the publicly searchable WHOIS database. You can look up any domain name here, for example.
This naturally caused some concern from individuals who might not want their private and personal details such as home address and telephone number available in public search. Indeed, the availability of this data led to numerous spam and scam emails over the years.
As a stopgap measure, companies like ourselves offered a WHOIS opt-out service. For a small fee (we charge £2.50 a year per domain name) the WHOIS opt-out essentially places the registrar’s name and contact details in the public search. Look up a domain name under the 34SP.com opt-out service and you will find our details, not the actual registrant.
Everything changed at the start of 2020 when the much anticipated GDPR legislation came into effect in the UK. Without going into too much detail (don’t fall asleep now!) GDPR effectively nixed the public display of these details. Registries moved quickly in response to remove their clients’ data from the WHOIS lookup. If you check the WHOIS records for domains registered through a company in the UK, you should now see redacted information.
On the face of it, surely this would negate the need for the WHOIS opt-out service? As is so often the case, the reality is a little more complex. When you register a domain name we’re still obligated to provide your personal details to the registry. How that information is then handled is beyond our control.
If you read the tech press and see stories like this, you can start to understand why WHOIS opt-out might still be preferable for some. Again, once we hand your details to our suppliers and they in turn to the registries in question, the control of that data is out of our hands.
Once a domain name is under our WHOIS opt-out service, our details are passed to the registry. Should the registry provide our details to a third party, our client’s information is still protected.