
WhoisGuard Privacy Protection is now free - djug
https://www.namecheap.com/security/whoisguard.aspx
======
ve55
It's pretty absurd to require users to continually pay you money with threat
of revealing all of their personal information publicly if they ever choose to
stop paying you.

I can't imagine many industries getting away with that except for registrars
due to how the whois system has worked historically, but it's basically just
extortion, keep paying us or you're doxxed. Whois privacy should be the
default everywhere for no additional charge, so I guess this is a change in
the right direction.

~~~
lloyddobbler
When you put it that way, I nod in agreement.

But at the same time, I reflect upon the days of the phone book, which most
people on this board likely never knew. Your phone number and address would be
listed by the phone company as part of your phone number subscription - an
unlisted number would cost you more.

While times of change, and the searchability of the digital world does raise
some other concerns, I still wonder how big a deal it is for ICANN to require
this. Is it really revealing "all of your personal information" if you reveal
the PO box, spam-trap "domains@" email address, and phone number of the domain
owner?

If the registrar were revealing other info, I'd say "it's pretty absurd." But
by default allowing people the info to contact you, as the owner of a domain
name? That doesn't seem like extortion. Heck, if you own any real estate in
the U.S., your contact info is listed in the tax assessor's database for all
to find, same as in the WHOIS database.

Regardless, definitely an interesting topic to chew on.

~~~
freehunter
Not everyone has a PO Box, they cost actual real money. Not everyone has a
public/business phone number, those cost actual real money. Requiring another
phone number and a PO Box means domains go from costing $10/year to $250/year.

You can allow people to contact an owner without giving out their information.
Craigslist does it.

~~~
kinsomo
> Not everyone has a public/business phone number, those cost actual real
> money

No. Google Voice numbers are free, I use one as the throwaway phone number for
my personal domains.

[https://www.google.com/voice](https://www.google.com/voice)

~~~
corobo
I do similar - cheap burner phone number attached to a voicemail. I'll check
the voicemail occasionally so it's a legit whois record but it's only ever
people trying to sell web design services

------
chris_overseas
Can someone explain in more detail why they aren't able why they aren't able
to cover certain TLDs (including several falling under GDPR in the EU)? Their
FAQ says: "Due to registry restrictions, WhoisGuard cannot be used with .asia,
.ca, .cn, .uk, .co.uk, .de, .eu, .in, .id, .me, .uk, .nu, .li, .ch, .fr, .sg,
.com.sg, .org.uk, .us, .es, .com.es, .nom.es, .org.es, .com.au, .net.au,
.paris, .vote, .voto, .xn--3ds443g, .nyc, or .org.au domains."

~~~
weinzierl
DENIC (.de) has had it’s own policy including their own form of protection for
a long time.

Currently you can query for generic data and an abuse email address but the
contact details are only revealed if you are the domain holder or have a solid
reason[1].

> In all other cases, DENIC will generally not provide information. Instead,
> if you think that the contents of a website that can be accessed via a
> domain may be illegal, you should send an e-mail reporting the matter to the
> e-mail address for abuse reports (Abuse). You find the e-mail address on the
> domain query page. Moreover, the imprint, if any, of the website concerned
> will inform you who is the operator of the website.

To add some additional context, a proper, up-to-date imprint, including a
postal address (no P.O.) and in most cases a phone number, is legally required
for practically every website in Germany

[1] [https://www.denic.de/en/service/whois-service/third-party-
re...](https://www.denic.de/en/service/whois-service/third-party-requests-for-
holder-data/)

~~~
hartator
It's also worth noting .de don't allow foreigners to own their domains, in
opposition of most other nation tdls. I won't considered them as an example.

~~~
weinzierl
That‘s interesting, I didn‘t know that. Fully agree that they are not a good
example. My last paragraph was to explain how pointless this privacy theater
is anyway, considering that every website owner is required to give out much
more info in the imprint.

~~~
hartator
Yes, you need to submit German driver license, German utility bills, and
things in the like. We were working on localizing one French website to a
German version, and just ended using .eu as the German site.

~~~
weinzierl
This makes me sad. I don‘t think I had ever had to do this but I always used a
German postal address and German bank account. Also my last .de domain
registration is a few years ago, so maybe they handle this stricter now.

Anyway, if you have any questions regarding domain registration in Germany or
which registrars worked well for me, feel free to contact me, my details are
in my profile.

~~~
hartator
Sure, thanks for your proposal, appreciate it, we won't probably do business
in Germany anytime soon though.

------
tradesmanhelix
I just renewed a domain with Namecheap and, based on the price they're now
charging, pretty sure the cost of this “free” whois privacy protection is now
just built into the cost of their products. Not impressed.

Edit: spelling

~~~
tcd
Jan 23rd 2018: $10.87 for .com and $0.99 for whoisguard ($11.86 total)

29th May 2018: $10.98 (+0.11) for .com and 0.18 ICANN'T fee ($11.16 total).

So it's $0.71 cheaper without whoisguard. So that margin (increase in .com)
probably covers the actual whoisguard cost, the $1 fee was pretty much pure
profit.

~~~
tradesmanhelix
Yeah, mine was a renewal not a new registration and cost about $12.58.
Previous renewals without whoisguard were closer to the prices you mention,
which makes it seem to me like all they've done is bake the cost in.

------
tcd
> Because at Namecheap, we care about your privacy protection.

Only when we can stop profiting from selling privacy services because of a new
law that came into effect a few days ago.

I'd have believed them if they did this 2 years ago once GDPR was announced.
Already moved my domains from namecheap since they are not the cheapest and
didn't offer free whois until now.

~~~
stratosgear
Mind to share what you choose to use?

~~~
mdasen
NameSilo is a couple dollars cheaper than Namecheap and include free privacy
as well
([https://www.namesilo.com/pricing.php](https://www.namesilo.com/pricing.php)).

~~~
maltalex
What's the catch though? Domain registration is a pretty competitive business.
How come NameSilo can to be so much cheaper?

~~~
jazoom
Pretty simple I think. They just make less profit per domain.

------
StavrosK
Ugh, leave it to Namecheap to fuck up extremely simple UX. Instead of just
giving me a toggle in the domain settings, I have to add WhoisGuard to my
cart, once per domain (for the tens of domains I own), then go and select "10
years" in the purchasing screen (and wait for the entire page to reload) once
for each domain, and then go through the entire checkout process to pay $0.

Why not just let me click a single button, Namecheap?

I wish a new registrar would come in with good service and UX and eat every
other registrar's lunch. There aren't any registrars that easily let me manage
my domains without trying to sell me tons of stuff every time I need to make a
simple change. I've switched to Cloudflare for DNS because their UI is no-
nonsense, I half wish they just sold me the domain as well.

~~~
NamecheapCEO
This is coming on our next iteration and WhoisGuard will simply be feature in
the future.

~~~
getpost
And while you're at it, I hope you'll automatically post account credits to
pending charges. Previously, I've had to go through an obscure laborious
process to apply credits Namecheap gave me. If you don't want people to use
their account credits, don't offer them.

------
davidkellis
I had _just_ switched all my domains over to porkbun for this very reason -
whois guard wasn't free at namecheap. I think I'll just leave the domains I
moved there, and then continue with namecheap going forward. Now I view them
as essentially equivalent plus or minus a few pennies per year.

~~~
xref
Moved my domains to Porkbun as well, price is over 30% cheaper than Namecheap
for .com renewals ($13 vs $9), privacy is also free, and they've got a real
2FA solution which Namecheap still does not have after all these years, so
I'll be sticking with the Pork.

It was basically a tossup between Porkbun and Namesilo, so I went with the
service with the more modern interface even though I don't interact with it
much.

------
ausjke
Dreamhost has this since forever for free, along with many others, why is this
even a HN post, seems more like a late-arrived commercial ads to me.

~~~
joering2
Their table to see how they stand up against competitors is hilarious! So many
free privacy providers since ever like Dreamhost, Namesilo, BrandShelter,
Marcaria (some TLDs), but yet you look at that table and you think "wow they
are the only one".

I take it as a deceiving advertising.

~~~
ted0
GoDaddy still charges more than 2X what we used to charge for WhoisGuard. We
have always given away WhoisGuard for the first year of registration and have
always been transparent about the renewal charge. However, now it is 100%
free. No deception here.

Teddy from Namecheap

~~~
jamiek88
People on here could find a dollar and complain that it wasn’t a twenty.

I for one am glad of this upgrade and I have dozens of domains, makes a
difference.

~~~
ted0
Glad you are glad :)

------
ploggingdev
Tangent : what happens to the whois guard if I want to transfer a domain
between providers (eg- namecheap to google)? I've heard that during the
transfer the whois guard has to be disabled. This means that services such as
Domain Tools will log the whois data. Is this true? If so, is there any way to
transfer a domain between providers while keeping contact details out of the
public whois database?

~~~
m_sahaf
I had to transfer domains once (from WordPress to Namecheap) and the
instructions explicitly required disabling the privacy guard. It was only
needed for the transfer period, which was about 3 days. I would love to know
why the process requires it.

Now that this is mentioned, I revisited WordPress' instructions page and it
says: _" Most domain names registered at WordPress.com have GDPR protection,
which means registrant contact information is not visible publicly, regardless
of whether or not the domain has Privacy Protection in place. For these
domains, disabling privacy will not result in contact info being publicly
published."[0]_ Does this mean the process doesn't really need it but they
registrars require it for some odd reason? If they can work it out without
disabling privacy feature to comply with GDPR, why can't they do the same for
everyone?

[0] [https://en.support.wordpress.com/move-domain/transfer-
domain...](https://en.support.wordpress.com/move-domain/transfer-domain-
registration/)

------
keltex
It's always been free at google domains.

[https://domains.google/#/](https://domains.google/#/)

~~~
akerro
Yes, but now it's free in non-Google service, that's a pron for some.

~~~
imron
It's always been free at NameSilo (at least as long as I've been a customer,
which is several years now).

------
timwis
I've had my whoisguard at namecheap unexpectedly not renew several times,
despite my having enabled auto renew, and the domain auto renewing. As a
result my info was exposed until I caught it. I've migrated most of my domains
to iwantmyname.com. much nicer experience so far. .io domains are really cheap
at namecheap though so I haven't migrated them yet :/

~~~
joering2
Namecheap web design is very poor. They always plaster new feature on the top
without deeper implementation. Many times I click a button only to see empty
red box missing any obvious error message.

Besides I still have fun blocking my ex-employer namecheap account time to
time. All you need is provide their username with wrong password 4 times and
account is locked. You have to go thru extensive re-verification process. Its
hilarious and totally unnecessary in the times of 2FA.

Besides namecheap has a long tradition of not standing up for your domain
name. If they are pressed by someone offended by your content, they will take
down your domain and take over it. That was few posts on Web Warrior I found
years ago from terrorized people that made me change all my domains to
namesilo.

------
weinzierl
I see a lot of comments about how clumsy this solution is and that it doesn’t
work for some TLDs.

The solution I’m using is MyPrivacy.ca. It’s not a 1:1 replacement for WHOIS
privacy but solves the Spam problem very well, it’s easy to set up and it
works for all TLDs.

It is basically an opt-in email forwarder with a customizable whitelist of
common registrars and NICs. So you will never miss an important mail from your
registrar while most Spam will never make it through the challenge/response
process.

It’s completely free and run by the guy behind easydns.ca (Mark Jeftovic).

------
zimbatm
Notice how they don't compare against Gandi which provided the same service
for free for a long time already.

[https://wiki.gandi.net/en/domains/private-
registration](https://wiki.gandi.net/en/domains/private-registration)

~~~
ted0
Good folks over at Gandi but our prices at Namecheap have always been much
more competitive.

------
pasbesoin
For years, they've had a standing active "coupon" value that reduces it from
$2.99 to $0.99 / year / domain. Unfortunately, you can't apply it to automatic
renewals.

This finally solves that problem.

\--

P.S. TO NAMECHEAP (who sometimes surfs HN, IIRC): PLEASE make sure that
WhoisGuard is reliably renewed with this change in place.

Given the occasional glitches I've seen in your systems in the past, I want to
emphasize this. It would be most unfortunate if a glitch exposed contact
information: Once out, you can't take it back.

It took a long time for me to decide to try/trust autorenew. I'm worried I may
now need to go back to manually signing in at each renewal, to make sure
nothing has gone sideways.

------
_xgw
Is this because of the new GDPR regulations?

~~~
stratosgear
You bet it is!

I was also emailed:

At Namecheap, we care about your privacy and are now giving ALL our Namecheap
customers FREE WhoisGuard for life, when they register a domain* with us. This
important change supports our strong belief in privacy, security, freedom and
the equal treatment for all internet users.

Suddenly, they care about my privacy, whereas all the previous years they were
soliciting subscriptions to their WhoisGuard service with each new
registration or renewal order.

What a coincidence! And what an unfortunate choice of wording to their
existing customers. (Apparently, I was very upset when I got this emailed)

~~~
lexalizer
Expect the domain renewal price to include this cost in the future.

~~~
eli
It doesn't really cost much to provide. I think it was just an easy upsell.

------
wdn
Namesilo.

Cheap and transparent pricing with free WHOIS privacy.

~~~
maltalex
Never heard of them. How come they're 30-50% cheaper than anyone else? What's
the catch?

~~~
jayess
Nothing. I've been using namesilo for years and no problems at all.

~~~
maltalex
I'm asking because domain registration is a very competitive business, so
profit margins should be thin. In such a market a company that sells the exact
same product for half the price is pretty unexpected.

So is the market not as competitive as it looks, or is there something else
going on?

------
JoeDaDude
I gather free whois privacy is not uncommon from reading comments here. Here
is one more free service:

[https://www.hover.com/whoisprivacy](https://www.hover.com/whoisprivacy)

------
voidmain0001
I really like the proxy domain registration offered by Njalla.
[https://njal.la/](https://njal.la/) With it, there's no need for hiding from
WHOIS.

~~~
ryanlol
[http://www.wipo.int/amc/en/domains/decisions/text/2017/d2017...](http://www.wipo.int/amc/en/domains/decisions/text/2017/d2017-2156.html)

Read this UDRP decision, they found that using Njallas proxy service
constitutes bad faith.

While this was a terribly misguided decision, UDRP cases rely heavily on
precedent, so it'd be tricky to get this reversed.

Don't get me wrong though, _most of the time_ njal.la is pretty nice and I
have tens of domains with them. I just wouldn't use them for anything very
important.

------
hartator
WhoisGuard has been free forever at internet.bs with probably the cheapest
registration fees on the Internet.

------
swlkr
This is great to hear, I've been using namecheap for years, now I can save a
few bucks on every domain!

------
joelrunyon
Uniregistry.com has had their own version of this. About $2/domain cheaper too
I think.

------
gbenzzz
Considering WHOIS as we know it is going away for awhile, does this even
matter?

~~~
mschout
Exactly!

Most registrars are already redacting whois output to comply with GDPR.

Registrars that aren't doing this for non-EU costomers (e.g.: godaddy) are the
exception. The only reason for this is to push sales of their privacy/proxy
registration service.

------
gymshoes
This seems to be a result of GDPR being enforced.

------
metalliqaz
Ugh, I just paid for it a month ago.

