WHOIS Privacy: Why You Should Always Turn It On
When you register a domain, your personal information - name, address, phone number, email - gets entered into a public database called WHOIS. Anyone on the internet can look it up. Your registrar should let you hide this information behind what's called WHOIS privacy. You should enable it immediately. Here's why.
What Is WHOIS?
WHOIS is a database that stores the owner's contact information for every domain on the internet. The system was designed for accountability - if a website does something wrong, anyone should theoretically be able to look up who owns it.
In practice, WHOIS is used for:
- Spam - your email gets added to spam lists
- Targeted marketing - you get cold calls and junk mail
- Fraud - people phishing for personal information
- Harassment - if your views are controversial, someone hostile can find your address
Why You Need WHOIS Privacy
Every hour, automated bots scan WHOIS and harvest email addresses. Those addresses get sold to spam lists. Your phone number gets added to telemarketing databases. Your address gets added to direct mail lists.
This isn't paranoia - it's what actually happens. Anyone with a public WHOIS record gets email spam. It's immediate and constant.
WHOIS privacy hides your personal information behind the registrar's details instead. When someone looks up your domain, they see the registrar's contact info, not yours. The spam stops.
Does It Cost Extra?
Most registrars include WHOIS privacy for free or charge a small fee - usually £2 - £5 per year. It's one of the cheapest protections you can buy. There's no reason not to do it.
Some registrars include it automatically. Some require you to enable it in your settings. Some try to upsell it as a premium add-on. Check your registrar and make sure it's enabled.
What About Legal Requirements?
If you're running a business where you're legally required to publish your details - a licensed business, a professional practice, or certain corporate registrations - you can't use WHOIS privacy for your main domain. You have to publish your real information.
Even then, you might have options. Some registrars let you use a business address instead of your home address. Some registrations have specific rules about what information must be public. Check with your registrar and your local business regulations.
For the vast majority of people and small businesses, there's no legal requirement to publish your WHOIS details.
The Privacy Argument
Beyond the spam issue, there's a privacy argument. You own a domain for your business. The person who owns it might be you, your spouse, your business partner, or your employee. They might not want their home address published online.
WHOIS privacy protects that. It keeps your personal security intact while you own and operate the domain.
How to Enable It
Log into your registrar's account. Go to your domain settings. Look for an option called "WHOIS Privacy," "ID Protect," "Private Registration," or similar - different registrars name it differently.
Enable it. If there's a cost, pay it - it's worth it.
You might see a notice asking if you want to use the registrar's privacy service. Yes, you do. Enable it.
That's it. Your information is now hidden and your email spam should drop dramatically within a few days.
But I Need People to Contact Me
You don't need random people to find your home address or personal phone number. If someone wants to contact your business, they should:
- Use a contact form on your website
- Email a business email address you control
- Call a business number you've publicly listed
None of those require your WHOIS details to be public. All of those let you filter spam and control who gets your attention.
One More Layer - Email
WHOIS privacy hides your contact details from the WHOIS database, but your email address might still be visible in other ways. If you use the same email for everything, enable WHOIS privacy and set up a separate business email on your domain for public use.
This gives you two layers:
- WHOIS privacy hides your personal details
- A separate business email address keeps your personal inbox separate from business inquiries
Check Your Current Domains
If you've been running a domain without WHOIS privacy enabled, your details are already out there. Enabling it now won't remove them from the databases that have already scraped it, but it prevents new spam from being added.
Enable it today. The cost is minimal. The spam reduction is real. It's one of the first things you should do after registering a domain.
