If there’s one element of your site that is the most public, it’s your domain name. Of course, this is the visible address of your website, so hiding it away isn’t a good idea. However, one facet you should obscure is the personal information you give to your registrar. Domain privacy helps to tackle this.

By law, every domain must be attributed to someone — i.e. you as the purchaser. However, this information is public, and that means anyone can access it. That’s not good for either your privacy or your inbox.

In this post, we’re going to look at domain privacy. We’ll show you how to buy a domain and apply privacy to your information. We’re also going to look at some services to help you purchase domain privacy.

First, though, we’re going to look at the whole concept of domain privacy.

What Is Domain Privacy?

For just about any purchase on the web, you’ll need to give over some vital information. In lots of cases, this will be your payment details and billing information.

However, some of this information (other than the payment details themselves) is optional. If you want to purchase a domain through a registrar, you’ll follow a set of similar steps to complete the transaction.

The difference here is that your personal information is a critical aspect to proceed. In almost all cases, you’ll have to give the following:

  • Your name
  • A relevant email address
  • Your business address
  • Telephone contact details

While it might not be ideal for all consumers, it’s understandable as much as it is with other online purchases.

There’s a wrinkle, though: the information you are obliged to give over isn’t private.

The WHOIS Database

The Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit organization that coordinates the maintenance of namespaces on the internet. In other words, ICANN keeps the internet stable and secure through its management of Internet Protocol (IP) addresses and the Domain Name Server (DNS) root.

That means ICANN controls how you have to register domain names. They require every site owner to register their full contact details for each domain they own. It will also make this data public on the WHOIS database:

The WHOIS database.
The WHOIS database.

It’s a publicly accessible lookup for every registered domain name. You type in a domain, and this will return the information on file for that domain:

Looking up a domain on the WHOIS database.
Looking up a domain on the WHOIS database.

You’ll find information relevant to the domain itself (and its associated nameservers), contact details for individuals, and even output of the raw WHOIS data from the initial transaction.

The database provides a few positive benefits, specific to the DNS maintenance we mentioned earlier:

  • You can ensure that each domain name is unique and that others can’t compromise a business.
  • You’re able to look up the owner of a domain before you register yours. It’ll help you understand domain ownership and lets you make the best decision concerning your own domain.
  • You can help a site resolve administrative and network issues, as you’ll have access to the correct contact email address.

Even so, you’ll often find that the WHOIS lookup information isn’t used with the best intentions a lot of the time — hence the need for domain privacy.

Why Domain Privacy Is Necessary for All Websites

Of course, privacy is an essential component for the web and its users in general. There has been a years-long debate into how so-called ‘big tech’ uses the information we pass over.

However, this also extends to domain privacy. You could argue that it’s more vital, seeing as there are around two billion live websites. That’s hundreds of millions of domain names, with potential public user information associated with them.

We alluded to there being negatives alongside the positives for being included in the WHOIS database. Here’s why domain privacy is necessary for all websites:

  • It can protect your contact and personal information from being public knowledge.
  • You’ll get less spam in your inbox and on your telephone line. Lots of malicious users will use the WHOIS database as a free cold calling list. What’s more, you can also avoid one of the many scams that often plague site owners.
  • There is less scope for malicious users to steal your domain.
  • You have some legal protection for your domain, given that you’ve offered accurate information.

Despite the positives, we’d suggest that having domain privacy is much more important than keeping your information public. After all, most of the drawbacks have an alternative resolution, and keeping malicious users at arm’s length is a solid policy you should insist on implementing.

Domain Privacy and General Data Protection Regulation (GDPR)

You may already know about GDPR regarding its impact on your and your user’s web privacy within the European Union (EU). There’s a little more to understand about how this ties into domain privacy and the WHOIS database in general.

Of course, the GDPR keeps your data safe and protected. So does domain privacy, although there’s one key distinction. With domain privacy, you have a forwarding address. That means if there’s a need to contact you, someone can legitimately use the WHOIS database to reach you while still enabling you to keep your information private:

MarkMonitor's forwarding email address.
MarkMonitor’s forwarding email address.

In contrast, while the GDPR also ensures that your details don’t display within the WHOIS database, there’s no forwarding email address. Thus, nobody will be able to contact you for legitimate reasons. While this isn’t a huge concern given what we said earlier, it’s still something to note.

Our advice is always to take the option of domain privacy if possible. At this point, it’s worth noting that some top-level domain (TLD) extensions don’t get the opportunity to have private WHOIS entries. This is often related to country-specific TLDs, such as .us, .uk, and .it, and many second-level domains such as .us.com, and .net.in.

Still, you’ll have the ability to hide your personal data under GDPR, but without the benefits of domain privacy implementation.

How To Check Whether Your Domains Have Privacy Protection

Before you decide whether you implement domain privacy on your website, it’s a good idea to check whether it’s already applied in the first place. It could be that you chose it at checkout and forgot, or it may have been an automatic application.

To find out, head to the WHOIS database and enter your chosen domain name in the search bar:

Screenshot of the ICANN Lookup WHOIS database webpage.
The ICANN Lookup webpage.

Once you click the Search button, you’ll come to the WHOIS entry for the domain. Under the Domain Information section, you’ll see details on the domain name itself, the registrar, and the registry dates:

Domain information for Kinsta.com through ICANN Lookup tool.
Domain information for Kinsta.com through the ICANN Lookup tool.

In many cases, this isn’t going to tell you much about whether you have domain privacy. For that level of detail, scroll down to look at any of the Registrant Contact, Administrative Contact, or Technical Contact sections:

Domain information for Kinsta.com through ICANN Lookup tool.
Contact information for Kinsta.com through the ICANN Lookup tool.

 

Depending on the registrar and domain privacy you employ, the details here may be different. Still, the key elements to look for are:

That’s a great indicator that you have domain privacy switched on. If you see any of your details on this screen (other than what’s in the Domain Information panel), you’ll want to learn how to apply domain privacy.

3 Top Domain Privacy Tools and Services

A domain registrar will often provide privacy services at the checkout stage. The following few sections will discuss four different domain registrars or services that offer domain privacy among its offerings.

Let’s begin with the most apparent service you should consider.

1. Your Own Domain Registrar

If you own a website, you’ll often have a domain name to go with it. Choosing a domain registrar is beyond the scope of this piece, although you will want to investigate what type of domain privacy you can access.

Still, the best place to start is with your current registrar because it will be the path of least resistance for implementing domain privacy. Most registrars have a similar dashboard:

A domain registrar dashboard.
A typical domain registrar dashboard.

Here, you’ll find many tools to help you manage your domain regardless of your task. However, you’ll notice that there’s no explicit “Domain Privacy” option for this particular registrar. Instead, you get Domain Ownership Protection (DOP).

That’s one example of where several services come as a bundle for which you’ll pay a premium price. Here, you get WHOIS domain privacy and further protections such as the ability to “lock” the domain. This feature helps users avoid common mistakes, such as transferring a domain, changing the domain’s personal information, or canceling domain renewal. It’s an added layer of protection that could be worth the cost.

As for activating something like DOP or the equivalent, it’s often done at the time of purchase. Though, you’ll also have a dedicated dashboard to handle the process after the fact too:

The DOP management screen.
The DOP management screen.

These generic steps will apply to most domain registrars. However, other registrars do things differently or more straightforwardly. Let’s look at a couple of the major players.

2. Namecheap

The name gives the game away, but Namecheap specializes in cost-effective domain names. There are lots of TLDs available, and the dashboard is friendly to use.

The Namecheap logo.
The Namecheap logo.

We can also confirm that the registrar is easy to use when managing your domains, such as adding a record and changing nameservers. It’s a common domain registrar based on price, usability, and TLD availability.

We also like the way you can see which of your domains has Domain Privacy activated. Each domain will have a “shield” logo in a dedicated column:

The Namecheap dashboard showing domain privacy activated.
The Namecheap dashboard showing domain privacy.

If you want to look further at a particular domain, you can hover over that shield and see whether domain privacy is active in explicit terms:

Namecheap's on-hover display.
Namecheap’s on-hover display.

To go even further, you can expand each domain using the arrow icon and see further details on how domain privacy is setup:

Namecheap's dedicated domain settings.
Namecheap’s dedicated domain settings.

That you have three different ways to view domain privacy with Namecheap makes it fantastic for usability. It also means you won’t ever forget to make your privacy active.

3. Cloudflare Registrar

Cloudflare Registrar is a service for registering domain names that offers the same services as other domain name registrars but with additional security features.

Screenshot of the official Cloudflare Registrar page.
The Cloudflare Registrar homepage.

Going by Cloudflare’s focus on security and privacy, you get free two-factor authentication and private WHOIS management by default. They’ll help you keep your domain and personal information secure. Moreover, you don’t need to buy any add-on services to secure your domain name.

The domain name you manage through Cloudflare also ties into its many products and services. For instance, it integrates with Cloudflare CDN, DNS, and SSL services.

 

How To Buy and Apply Domain Privacy for Your Website

Before we wrap up, let’s walk you through the quick process of buying and applying domain privacy. The whole domain purchasing process ties into this, so we’re also going to touch on that.

Note that we’re using Namecheap here because it’s a common registrar with free (and quality) domain privacy options. However, you can extrapolate from our approach and apply it to your chosen registrar. Of course, if your registrar charges for domain privacy as a separate service, you’ll need to factor this into the overall cost.

Your first task is to find and add your domain name to your cart:

Choosing a domain in Namecheap.
Choosing a domain in Namecheap.

You’ll then want to click through to the checkout screen, at which point you’ll see the option to add domain privacy to your order:

The Namecheap checkout screen.
The Namecheap checkout screen.

You’ll notice that domain privacy is toggled as enabled as standard, and is also set to auto-renew.

Once you’ve done this, you can continue your purchase and complete the transaction. You can also use the Bulk Settings dropdown to apply domain privacy to multiple domains in your cart:

The Namecheap Bulk Settings page.
The Namecheap Bulk Settings page.

That’s all there is to purchasing and applying domain privacy. Most registrars toggle it on as standard, and there’s little you’ll need to do other than go through the renewal process if you haven’t opted for auto-renewal.

Summary

While the internet is a web of connections between servers, there will often be a real person at the end of each computer. As such, privacy while using the web is a crucial facet of sensible browsing and website security.

Website owners also need to declare personal information to purchase a domain name. Without domain privacy, these details will be public, so keeping them hidden is a critical step.

The good news is that the process is simple. For most registrars, you’ll toggle a switch, and just like that, domain privacy is yours. However, while many registrars provide this service for free, others will charge you when you renew your domain.

Is domain privacy important to you, and if not, why? Please share your thoughts in the comments below!

Jeremy Holcombe Kinsta

Senior Editor at Kinsta, WordPress Web Developer, and Content Writer. Outside of all things WordPress, I enjoy the beach, golf, and movies. I also have tall people problems.