11

I own a couple of domains where I currently have "WHOIS privacy", so my contact info is not revealed in the WHOIS database. I've learned that this arrangement has a significant pitfall, that is, it's the privacy company that really owns the domain, and they license it to me. That seems bad.

I'm not a business, so the only address I can currently list is my home address, which I'm uncomfortable doing.

Therefore, I was thinking about renting a small P.O. box and using that as the address of record. Are there any significant drawbacks of this approach?

One possibility is that people might actually send me snail mail that I need to see, meaning that I might need to actually check the P.O. box instead of ignoring it. Does this happen? (I haven't had any forwarded to me in ~10 years of owning a domain, but that could mean I just haven't caught the attention of folks who would do it.)

Are there other risks or drawbacks?

Reid
  • 282
  • 3
  • 14
  • What do you mean the WHOIS privacy company licenses the domain to you? Where did you get this information from? – Belmin Fernandez Mar 10 '12 at 19:51
  • 2
    He is actually correct. Leagaly the company/person who is on the whois record is the "owner" of the domain. Of corse there has been no instances where this company has taken ownership of the domain, but it is possible. With all the US government seizures coming around you can never be too careful. – Reid Mar 10 '12 at 20:04
  • @Beaming, see e.g. http://serverfault.com/questions/82556/domains-and-private-registration-services/82584 – Reid Mar 10 '12 at 20:06
  • Um, what are the odds that you both have the same name? But I digress: I am skeptical of just how much of a legal standing does a `WHOIS record` actually have. Nevertheless, nice to know. Thanks gentlemen (or gentleman). – Belmin Fernandez Mar 10 '12 at 20:15
  • @BeamingMel-Bin I was thinking the exact same thing (in terms of the names) – Reid Mar 10 '12 at 21:26
  • Unfortunately, none of the answers really address your concern about using your home address. It's been 6 years since this question was posted. Did you end up using a PO box, and did it work well for you? I don't want to use my home address either. – pushkin Jun 28 '18 at 02:25
  • @pushkin: I gave up and put the address in WHOIS. Since then, I've run into other situations that put my home address on the public internet. :P As for WHOIS, though, it seems not to publish physical addresses any more, due to GDPR I believe. – Reid Jun 28 '18 at 18:47

3 Answers3

4

Here's some advice:

Stop worrying about it.

I'm not sure why, but many people have an unjustified paranoia about things internet related. Your personal information is available to almost anyone via dozens of ways.

Your bank, the gas station, the restaurant you had lunch at, the post office, etc. all have information about you, available to a wide swath of people that you have no idea even have access to the information, that puts you at far greater risk then anything in your WHOIS information.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • 10
    I realize all those things are true, but currently my *physical home address* is not available with a trivial google. Adding it to the WHOIS record will change that. I think it's perfectly fair to want to keep my *physical home address* out of the hands of everyone who can google. – Reid Mar 11 '12 at 16:38
  • Additionally, the failure to give sufficient contact information provides additional remedies and processes for a "take-down" notice, including the ability to take down the domain _without_ providing the "owner" with actual prior notice of the action. – Colt Feb 22 '18 at 14:28
3

I own a couple of domains where I currently have "WHOIS privacy", so my contact info is not revealed in the WHOIS database. I've learned that this arrangement has a significant pitfall, that is, it's the privacy company that really owns the domain, and they license it to me. That seems bad.

This is generally not the case.

ICANN recognizes two types of WHOIS privacy services: "privacy services" and "proxy services". Their explanation of the difference is that:

  • A privacy service lists alternative, reliable contact information, like an address or phone number, in WHOIS while keeping the domain name registered to its beneficial user as the registrant.
  • A proxy service registers the domain name itself and licenses use of the domain name to its customer. The contact information of the service provider is displayed rather than the customer’s contact information. The proxy service provider maintains all rights as a registrant (such as to manage, renew, transfer and delete the domain name), and assumes all responsibility for the domain name and its manner of use.

The vast majority of WHOIS privacy services provided by registrars are, indeed, privacy services. They do not register the domain on your behalf, and do not take on any of the responsibilities of a domain registrant. The domain still belongs to you, regardless of whose name happens to appear in the WHOIS information.

True WHOIS proxy services are rare. As they take legal responsibility for your domain name, registering a domain through a proxy service is typically much more expensive than registering it normally. Since they are considered the legal owners of the domain, "enabling" or "disabling" a proxy service will require a domain transfer, unlike a privacy service, which can be enabled or disabled simply by changing the domain's contact information.

(Confusingly, "Domains By Proxy" -- a brand used by GoDaddy -- is actually a WHOIS privacy service.)

  • IT should also be noted that it is illegal to take possession of someone's domain name without their consent. There ARE some scam artists out there who do this. I've seen it. They are few. The chances of getting caught are pretty great. Secondly, the privacy company is required to put your name and ownership information in escrow unless you specifically ask them NOT to. Just deal with a reputable company and you will have no problems. – RationalRabbit Jan 11 '18 at 23:24
1

I have all of the mail from my domains come to my work address. If people need to get ahold of you they generally wont use the whois record to find you. That being said I get about 5 pieces of junk mail a month from the "domain registry of america". I can not see any drawbacks of putting your P.O. as the address on your whois record just so long as you put your real name on the record.

Reid
  • 401
  • 6
  • 17