How to keep your Domain details private

Jul 22, 2019 · by Domains Direct · 2 min read How to keep your Domain details private

When you register an NZ Domain you must provide contact information that includes: your name, address, phone number, and email address. This information forms part of your Domain name's record, which can be publicly accessed through the WHOIS service. While your details can't be searched for (e.g. by email address), anyone querying your Domain can view those corresponding records.

This was obviously a concern for many private nameholders who wanted to comply with the requirements but also wanted to protect their sensitive details - especially in the age of rampant identity theft. Many private nameholders were registering bogus details in an attempt to hide contact information, however this was in breach of policies.

On November 28, 2017 the Office of the Domain Name Commissioner (DNC) introduced an opt-in privacy option, IRPO (Individual Registrant Privacy Option), for personal registrations. This allows private nameholders to withhold some details from being visible in the public WHOIS. As of March 28, 2018 all NZ registrars were required to offer the service.

The service was introduced to allow nameholders to protect their personal address and phone number from being accessed publicly, however their name, email, and country is still visible so as to allow legitimate contact.

IRPO example WHOIS record

Nameholders are still required to enter true and correct details when registering their Domain, and in some instances information may be requested and disclosed under the Privacy Act 1993.

To enable the privacy option it's very important to establish what the Domain is used for. If it's for commercial or organisation use, it cannot be enabled, nor can be for individuals where any significant trade is undertaken.

If you're ineligible for the IRPO option you're still fairly well-protected by the DNC's restrictions on WHOIS. If querying a Domain from outside the DNC the information provided is limited and does not include any contact details. To access the full record requires using the DNC's own WHOIS service, which is protected with an anti-spam captcha, as seen below.

DNC restricted WHOIS record
Deadline set to claim top level .nz Domains
Deadline set to claim top level .nz Domains
If you own a conflicted .nz Domain you have until 18 October, 2017 to set your preference on its .nz equivalent - do you want it, or are you happy for another party to have it?
Free email services are damaging trust in small business
Free email services are damaging trust in small business
One thing that really makes me cringe is when I spot a small business, who have their own website Domain, but use Gmail, Yahoo, or Hotmail addresses for their email.
Self-conflicted Domains to be released to public
Self-conflicted Domains to be released to public
Soon the office of the Domain Name Commissioner will be following up to resolve all self-conflicted Domains.
General Data Protection Rules (GDPR) compliance required by May 25
General Data Protection Rules (GDPR) compliance required by May 25
If you conduct any business with, or monitor, private individuals in the EU, you'll need to comply with the GDPR rules by May 25th, or risk potentially huge fines.