A cautionary tale on why you need Whois Privacy

White House Press Secretary Sean Spicer recently made headlines after his first tumultuous press conference. Just days later, Medium posted an article announcing that Spicer’s contact information was freely available to the public via Whois data.

Yikes.

In case you’re not sure what that means exactly, let us explain: Under ICANN requirements, anyone who registers a domain name is automatically placed in a searchable public directory online, which gives interested parties information on the registrant’s name, address, phone number, and email. However, registrars and other online providers often offer Whois Privacy Protection, which replaces the registrant contact details with generic ones, preventing the domain owner’s personal information from being freely accessible to the public.

So if someone does not register Whois Privacy when they purchase a domain (especially a high profile figure like Spicer) there’s a chance that their information will be abused by spammers, fraudsters, and the general public.

What’s the big deal about Whois Privacy?

“I’m not a public figure,” you might say. “Why should I care about Whois Privacy?”

There are a number of reasons why it’s important to protect your personal information when you register a domain. Unless you list separate business contact details or want to be contacted by people who are interested in purchasing your domain, you should always purchase Whois Privacy in addition to your domain name for these reasons:

• You will probably get spammed without it—Unfortunately, there are many companies and individuals out there who will use public Whois data for mass marketing. From solicitor phone calls to emails, most people see an increase in annoying spam when they do not protect their domains with Whois Privacy.
• It could lead to fraud—Someone having your phone number and email address might not seem like a big deal at first—but give someone access to all the basic information and they’re one step closer to obtaining even more sensitive information like your bank account or credit card numbers. Your contact details can be used by fraudsters to answer security questions or in a social engineering scheme unless you hide them from public view.
• It could reveal more information than you’d expect—As you can see from the Medium post, once staff got ahold of Spicer’s Whois information, they were able to use those contact details to make a number of other discoveries, like what other domains he owns, his connection to a document on Wikileaks, and even donations he’s made to political campaigns.

The Whois database is a tricky part of becoming a domain owner, and it’s up to you to protect your personal contact details. Whois Privacy Protection is your best bet for keeping your confidential details safe from the public eye.