GoDaddy Automatically Adding Whois Privacy

7

In late December, I transferred a few dozen domain names to GoDaddy that had been won at auction. The transfers went off without a hitch, and I didn’t think twice about them. Last week, a DomainTools Registrant Monitor alert email for my company name uncovered a big change at GoDaddy that had not been shared with me nor have I seen any mention of it anywhere. GoDaddy is now adding Whois privacy to (eligible) inbound transfers and new registrations. All of my recent .com transfers and new registrations reflect this change.

For a number of years, GoDaddy has been redacting some contact information from Whois records. On my public Whois records, you could see the domain registrant is Top Notch Domains, LLC, but my address, email address, and phone number were redacted from Whois records. On the domain names I recently transferred to GoDaddy and the domain names I registered this week, the registrant name is now “Domains by Proxy, LLC,” the Whois privacy business operated by GoDaddy.

After noticing GoDaddy’s default Whois Privacy details in the registrant field where my company name should have been listed, I asked my Account Manager why Whois Privacy was added to the transfers. I have hardly ever paid the fee to add Whois privacy to my domain names, so this was a surprise. My Account Manager indicated that this was a sweeping change across GoDaddy.

I reached out to a couple of senior management contacts at GoDaddy, and a company representative shared the following statement with me to confirm this change:

This is official – we’re adding DBP to every eligible domain (e.g. domains that can have privacy added to them). We’re doing it to protect our customers.

Right now, it’s only impacting new transfers and registrations, but in the coming weeks, we will be adding privacy to any domain name customers currently have.

My Account Manager initiated the transfers to my GoDaddy account, so I did not see a notification about Whois privacy being automatically added. When I initiated another transfer to my GoDaddy account last week, I saw a message that stated, “All our domains include Privacy Protection to keep your personal information private. Add Full Domain Protection to keep your domain secure and safe.

I do not use Whois privacy for most of my domain names and would prefer to opt out across the board without having to remember to opt out on individual transactions. There is little incentive for me to shield my registrant name from registrations. For what its worth, the shielded @domainsbyproxy.com email will still be delivered to a registrant’s inbox, but it’s easier for people to find my contact information when the Whois record is public.

According to the GoDaddy representative, domain registrants can opt-out of this Whois privacy if they would prefer:

Any customer can opt-out by following these directions for a single domain: HTTPS://WWW.GODADDY.COM/HELP/CHANGE-MY-CONTACT-INFO-VISIBILITY-32283 or by using the bulk tool. In accounts with a large portfolio, the best way to find that is to select “Filter” and choose “Privacy Protection (WHOIS Redaction)” On. That will show every domain name.

Then, select the domain names on which you want privacy turned off. Click “Settings” and then “Turn off Privacy.”

From the perspective of a domain name buyer, this change is annoying at best and will make it more difficult to perform ownership due diligence. This is particularly the case when a domain registrant changes its email address behind Whois privacy. This has always been the case, but with GoDaddy’s massive presence and the plans for Whois privacy to be enabled across the board, it’s going to become more challenging to confirm ownership.

From a legal perspective, this change can also become problematic for domain registrants. The recent Luma.com UDRP decision covered by Andrew Allemann shows that a prospective UDRP complainant or cybersquatting litigant may see the adoption of Whois privacy as an ownership change and proceed with a UDRP filing: “The Complainant had a legitimate reason to think that the domain had traded hands in 2016 when the Whois record changed to a privacy service.”

For the past several years, public Whois information has been disappearing. GDPR in Europe and CCPA in California have forced many companies to protect the private information and data of their clients. Domain registrars have been redacting Whois information for at least several years due to GDPR. This news from GoDaddy isn’t a major shock, but I don’t think it is very good for domain investors. It would also have been nice for GoDaddy to communicate the change before making the change by default.

About The Author: Elliot Silver is an Internet entrepreneur and publisher of DomainInvesting.com. Elliot is also the founder and President of Top Notch Domains, LLC, a company that has closed eight figures in deals. Please read the DomainInvesting.com Terms of Use page for additional information about the publisher, website comment policy, disclosures, and conflicts of interest. Reach out to Elliot: Twitter | Facebook | LinkedIn | Email

7 COMMENTS

  1. A very likely reason for this is that it it should increase Godaddy-assisted sales (commissionable) as potential buyers are pushed back to the registrar after finding shielded info. Keep those landers current if you want to sell directly or at lower commission sites!

  2. When you select a specific domain in the Godaddy domain manager, located next to the whois privacy settings, if you click to remove privacy you must click a button that says “Expose Contact Info”

    The choice of the word “expose” has an underlying having a scare tactic connotation. Godaddy usually does things with deliberate purpose, so it’s use of that word is most likely intentional. But why? Are they trying to freak people out and drive usage of domain privacy pay plans? They could have just said something neutral like “make contact info public or make contact info visible” Just saying.

  3. The change of registrant will automatically trigger notices to potential trademark claimants who may have been watching old domains using notification services, for just that sort of thing. This is practically certain to result in UDRP and ACPA claims against registrants based on the change.

  4. So lucky dan.com exists. When your domains are at the domain registrar they should forward all leads to owner When or if dan comes out with domain registrations we are transferring all domains to them from GD and UNI. GD is fine but becoming a dinosaur in the business.

Leave a Reply