My Place in the Crowd

Many months ago I wrote a long rant about my experiences trying to transfer a domain that I had registered with Yahoo!’s Private Domain Registration service to another registrar. The short story is that I was unable to transfer the domain without making my WHOIS contact details public. The long story is long.

There’s another “feature” of Yahoo!’s Private Domain Registration service though that I just learned about: it doesn’t clean up after itself.

So I created a site with the Yahoo! Small Business hosting service, part of which is a somewhat opaque domain registration service for which there is no separate charge. (This is actually quite a good user experience, as I imagine most user’s don’t want to have to understand about registrars, they just want to pay to have a working web site.) I did check the box to use the private domain registration feature to keep my contact information private.

The web site was for an event, and when the event was over, I no longer had any use for the site or the domain, so I logged back in to Yahoo! Small Business and canceled the service. This was a relatively simply process that took me through a number of the-sky-is-falling-bold-red-letter steps, warning me repeatedly that my site would be deleted, and was I really sure I wanted to do this? Yes, I was sure. Cancelled, done, gone. It seemed gone anyway - the site was unavailable.

About one year later, I get an email from the friendly registrar that Yahoo! uses, a cast member in my last rant, Melbourne IT.

From: whoisreminders@whoisupdate.com
To: <xxxxxxx@xxxxx.com>
Sent: Tuesday, December 11, 2007 3:13 PM
Subject: WHOIS Data Reminder

Dear Valued Customer,

In accordance with ICANN (Internet Corporation of Assigned Names and
Numbers) Whois Data Reminder Policy (WDRP) resolution 03.41, this message is a reminder to help you keep the public WHOIS contact data associated with your domain name registration up-to-date. Our records include the following information as of 14-Nov-07:

Domain Name: My domain name
Registration Date: 6-Jun-06
Expiration Date: 6-Jun-08

Registrant Contact Details
Name: My name here
Email: My email address here
Address: My address here
Address: (null)
City: My city here
State/Province: My state here
Post code: My zip
Country: My country

Administration Contact Details
Name: My name here
Email: My email address here
Address: My address here
Address: (null)
City: My city here
State/Province: My state here
Post code: My zip
Country: My country
Phone: and finally My phone number
Fax: (null)

Technical Contact Details
Name: YahooDomains TechContact
Email: domain.tech@YAHOO-INC.COM
Address: 701 First Ave.
Address: (null)
City: Sunnyvale
State/Province: CA
Post code: 94089
Country: UNITED STATES
Phone: 1.61988131
Fax: (null)

Registrar Name: Melbourne IT
Name server Details
yns1.yahoo.com
yns2.yahoo.com

If any of the information above is inaccurate, you must correct it by contacting your domain name supplier, hosting company or web services provider by either calling them or visiting their web site. If your review indicates that all of the information above is accurate, you do not need to take any action. Please remember that under the terms of your registration agreement, the provision of false WHOIS information can be grounds for cancellation of your domain name registration.

***************************************************************
**** Please do not reply directly to this WHOIS reminder email as your
****
**** request will not be attended to.
****
***************************************************************

Thank you for your attention.
Best regards,
Your hosting services provider
—————————————————————————
This email was sent by your current Registrar, at request by ICANN to
xxxxxx@xxxxxx.com

—————————————————————————

Yes, believe it or not, all of the billing information I had given to Yahoo! for billing my website had been dumped into the WHOIS database.

I don’t have the energy to follow-up with Yahoo! customer service given my past experience, and its possible that the experience has improved in the last year, but with my anecdotal evidence, here’s what I think happened to me:

1. User pays to host a website with a “private” domain name with Yahoo!
2. Yahoo! registers the domain with MelbourneIT for two years using the anonymized contact information (For those who didn’t read the first rant, contact@myprivateregistration.com, Emeryville P.O. Box and 510-595-2002)
3. User cancels hosting service and website with Yahoo!
4. Yahoo! updates domain registration contact information with the billing information provided to them for the hosting service, exposing it to the world.

This is broken. In my mind there are two more appropriate alternatives to the above given that all of the registration process was hidden from my user experience.

1. Ideally, I would think Yahoo! should cancel the domain registration with MelbourneIT, never exposing the contact information. There are certainly enough warnings in the site deletion process such that as the end user I didn’t have any expectation that any part of the web site would remain.
2. If there’s some sort of legal catch-22 that prevents true demolition of the domain, those users who paid extra to have the “private” domain registration service should be provided the option to update registration contact information to details of their own choosing.

Given the amount of traffic that my last post on this issue got, this whole mess is a big concern that lots of people are running into. I keep expecting someone from Yahoo! Domain Registration to find these blog posts and respond, but so far, nary an email or a comment. YahooDomains? Anyone listening out there?

Tags: Privacy, Private Domain Registration, Rants, Yahoo!

This entry was posted on Tuesday, February 26th, 2008 at 9:28 am and is filed under For Nerds and Geeks, Protecting Privacy in Meaningful Ways. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.