Is it legal to mask the identity of the domain name owner in the WHOIS information?

Domain name ownership privacy has been a hot topic recently. Many domain name owners use third party “Privacy Protection” or “Proxy Registration” services to mask their true identity. Domain name privacy is like having an unlisted phone number, which is not available in any phone book or online database. This means that when you do a WHOIS lookup, your domain name’s registrant information appears with masked information or pseudo information that belongs to an email or mail forwarding service. This article is about the legality of masking the ownership identity of your domain name.

Does the privacy service become the owner?

The owner of a domain name can be identified by the domain’s WHOIS records. The registrant information must clearly indicate the domain name owner’s name, address, email address, and contact number. But when a privacy service is turned on, you can’t see them. Therefore, an important question that arises is whether the person named as Registrant is the de facto owner.

In a famous cybersquatting case of SolidHost v. NameCheap, the latter was a privacy protection provider, whose contact details were mentioned as the owner of the domain name. Solid Host insisted that they reveal the true identity of the domain owner, which they refused. Solid Host sued NameCheap in California. In an interim motion, the court held that NameCheap, by being listed as the owner of a disputed domain name, was contributing to cybersquatting, although the actual owner might be a different person, for whom NameCheap only held the domain name in trust. . This trial was met with a bit of criticism and a lot of twopence from most people.

In another case, where the Domain Name Registrar went bankrupt and was still listed as the Registrant of the domain, the court ordered the company’s litigating partners to disclose the ownership information of the domain and turn over the details to ICANN, which then it would facilitate the transfer. and transfer the domains to a new registrar.

What are the legitimate uses of domain name privacy protection?

Domain name privacy is important in many cases, especially for legitimate business purposes where companies want to buy domain names on the sly to secure them for future product launches or internal business purposes. Non-government agencies, such as news broadcasters, investigative journalists, whistleblowers, and even researchers, may want to remain anonymous while reserving domain names and may want to mask their identity for their own security.

So is it legit?

ICANN’s website states that: “Privacy and proxy services are outside the scope of the 2001 RAA and 2009 RAA. To determine who is involved in a domain name behind a proxy or privacy service, see the service provider’s terms of service. If you have a complaint relating to a law or regulation, you may wish to refer the matter to the appropriate law enforcement agency within your jurisdiction or seek legal advice.”

It goes on to state that: “The 2013 RAA requires privacy and proxy service providers to: Disclose terms of service (including pricing), on their website and/or on the registrar’s website and comply with those terms; Post an abuse/infringement point of contact; Disclose business contact information on their website and/or the registrar’s website; and Post and comply with the terms of service and description of procedures on their website and/or or registrar’s website, such as handling reports of trademark infringement or abuse, handling communications, service termination conditions, Whois data release conditions, and access to support services.”

The clincher is when ICANN mentions that “Please note that displaying proxy or privacy protected Whois data is not in itself inaccurate. Submit a complaint only if you are unable to contact the domain name holder due to Whois data.” of the inaccurate proxy or privacy service”. This means that only if you cannot trace the true identity of the owner after due diligence verification, only then can you file a complaint with ICANN and they will try to trace the true owner.