The number of .uk domains being registered to privacy services has grown from about 300 per month at the beginning of last year to 6,500 per month now.
So while ICANN is looking to improve domain name whois, Nominet has some interesting ideas that ICANN should consider.
Nominet, the .uk registry, is consulting on a proposed policy to clarify what data about domain-holders is published in the .UK WHOIS and, regardless of what’s published, ensure they have the accurate data essential for running .UK.
The objective is to balance playing Nominet’s part in running a safe and trusted internet with an increasing desire for privacy online.
As the single official, authoritative database of .UK domains, Nominet has to balance running a responsible registry with an increasing desire for privacy online. In recent months we’ve seen the emergence of two trends impacting on this.
First, as internet use has become more sophisticated and more complex, the distinction between private and commercial web domains has blurred. For example, is a personal blog with pay-per-click advertising private or commercial? What about a site that includes a link to a product purchase on a different site?
When you register a .uk domain, Nominet is given the name and address of the person you’ve entered as the registrant (e.g. you or your business). These are then published in the .UK WHOIS, a free public tool we provide to enable internet users to look up who’s behind a domain. Our current policy allows domain holders who are individuals and not using the domain in the course of trade to opt out of having an address published. Businesses, and individuals using the domain in the course of trade, are not able to opt out. Given the blurring of definitions and changing expectations, we think our policy on who is eligible for the .UK WHOIS opt-out needs clarifying.
Second, there’s increasing public concern about online access to personal information, evidenced by a rapid increase in privacy services offered by registrars (the specialists who register domains with Nominet on behalf of consumers). The number of domains being registered to privacy services has grown from about 300 per month at the beginning of last year to 6,500 per month now. The issue with this is that currently, if you’re using a privacy service for your domain, the privacy service provider becomes the official domain-holder in our registry. They hold all the rights to that domain – which could be bad for you, and all the responsibilities and liabilities – which could be bad for them.
We’re consulting on two proposals to address these issues.
1. Our .UK WHOIS opt-out service
We’re proposing to refine the requirement for a domain holder to be an individual and not using the domain for trade. To be eligible, the holder must still be an individual, but the second part would be replaced with more specific tests, in that the domain name must not be used to:
- transact with customers (merchant websites)
- to collect personal data from subjects (i.e. data controllers as defined in the Data Protection Act)
- to primarily advertise or promote goods, services, or facilities.
We expect the effect of this would be a slight expansion in the number of individuals eligible for the free opt-out, as well as providing greater clarity around who is and isn’t eligible. For example, bloggers making pennies out of pay-per-click, but not taking orders, would be able to opt out.
2. Registrars’ privacy services
We’re proposing a framework that would ensure registrars offering privacy services still provide Nominet with accurate contact data for the intended domain holder.
This would mean that, if you’re a domain holder, you’d be able to use a third-party/registrar privacy service without giving up your rights as the official registrant of that domain. Both Nominet and your registrar would hold your contact data, but it would not be published in the .UK WHOIS.
For registrars, this would mean that there’s a clear contractual framework for offering privacy services for .UK domains, and the ability to do so without becoming the legal registrant for the domain.
Together, we think these proposed changes will help ensure we’re striking the right balance between giving domain holders choice and control about what contact data they publish online, and making sure we have the data essential for the fair, efficient and secure operation of the .UK namespace. As ever, we look forward to hearing people’s suggestions and thoughts on these proposals.
The consultation is open and will run until 3 June 2015.
I’ve tried to register yesterday Database.uk via Namecheap with privacy, but I couldn’t do it, got an error. Database.co.uk was deleted yesterday, but i can’t bought Database.uk. What a crap!
@RU – The domain was registered milliseconds after it became available by a drop catcher. No way a hand registration was going to get a domain of that quality.
Hoping someone will start to sue them if he has, for instance, patents, trademarks, designs he wants to keep secret as much as possible of course. But those registrars in bad faith force you to expose your ip rights to all.
When you are working to develop a patent, for instance, they can destroy you in 2 seconds: you know, you most probably have registered at least one beautiful good domain related to your patent, maybe something descriptive because you want in future be able also to demenstrate you were the first, and with your name exposed to everyone it’s extremely simple to find out to what that patent refers, on what kind of products – or even services…- you are working.
And with all those privacy violations which expose you to real damages – althought they are difficult to prove of course – they have even the courage to say you that you can’t use false data….
Registrars, yu have to start respecting registrants’ rights. Period.