.. _privacy2017: Whois Registrant Privacy Option - 2017 ========================================== There is a `revised policy `_ around WHOIS that came into effect on 28th of November 2017. On this date, InternetNZ implemented changes in the SRS and registrars will be able to offer individual registrants the privacy option, but it will not be mandatory until 28 March 2018 when all registrars will be required to comply with this policy change. You can see the policy changes below; both which came into effect on 28 November 2017. * `Principles and Responsibilities v1.1 `_ * `Operations and Procedures v2.4 `_ SRS Release 7.11 (8th of October 2017) included modifications to allow both SRS and EPP registrars to set and remove privacy flags on individual contacts; Privacy Eligibility ----------------------- Under .nz policy registrants who are individuals are able to elect a privacy option (See `Operations and Procedures section 8.1 `_) To be eligible for the privacy option, Registrants must be: * Natural persons ("individuals"); and * Not using the domain name to any significant extend in "Trade" as that term is defined and used in the `Fair Trading Act 1986 `_ (See `Operations and Procedures section 8.3 `_) Notes --------------- Testing SRS changes ~~~~~~~~~~~~~~~~~~~ SRS Release 7.11 (8th of October 2017) includes initial modifications to allow both SRS and EPP registrars to set and remove privacy flags on individual registrant contacts; If you wish to test end-to-end privacy, including the visibility via Whois please use the SRS Testing environment: SRS Protocol ************ :: SRS URL: https://srstest.srs.net.nz/srs/registrar EPP Protocol ************ :: EPP host: srstestepp.srs.net.nz EPP port: 700 Whois Server ************ :: WHOISd host: srstest.srs.net.nz WHOISd port: 43 If you encounter any issues during your testing or need help with your connection to the SRS Testing instance please contact registry@internetnz.net.nz Transfers ~~~~~~~~~ When a domain name transfers to a new registrar, the privacy flag of any contact details that are not explicitly specified in the DomainUpdate transaction will be honoured. SRS Changes ----------- DTD Changes ~~~~~~~~~~~ SRS Release 7.11 includes modifications to the SRS XML protocol schema to add support for privacy. The main change is the creation of a Privacy attribute under RegistrantContact, AdminContact, and TechnicalContact elements, and this attribute is also available for searches using RegistrantContactFilter, AdminContactFilter or TechnicalContactFilter elements. ========================================================== ========================================================================== Attribute Name Note ========================================================== ========================================================================== Privacy * Boolean value * if "0" the privacy flag is not set. * if "1" the privacy flag is set. ========================================================== ========================================================================== The updated protocol schema is available here: * RELAX NG format :download:`protocol.rnc ` * DTD format :download:`protocol.dtd ` Transactions ~~~~~~~~~~~~ The following transactions are impacted: * :ref:`Whois` - Will not return address and phone/fax details if privacy is set, however Country will still be returned. * :ref:`DomainCreate` - Domain contacts can be created with privacy (for SRS embedded contacts). * :ref:`DomainUpdate` - Domain contacts can have privacy enabled or disabled (for SRS embedded contacts). * :ref:`DomainDetailsQry` - Domains with privacy-enabled contacts will return a privacy flag. Registrars can search for their privacy-enabled domains using RegistrantContactFilter, AdminContactFilter or TechnicalContactFilter elements. * :ref:`HandleCreate` - Handles can be created with privacy. * :ref:`HandleUpdate` - Handles can have privacy enabled or disabled (for Handle-based contacts). * :ref:`HandleDetailsQry` - Contact handles with privacy will return a Privacy flag. EPP Changes ----------- The EPP standard RFC5733 supplies an optional element to allow clients to identify elements that require special handling by the server to make sure this data is not disclosed to third parties (e.g. Whois). Under .nz policy registrants who are individuals are able to elect a privacy option. Therefore to set the individual registrant privacy option, registrars need to set the flag attribute in the element to ‘0’ (zero). To turn off the individual registrant privacy option, set it to ‘1’ (one). When specifying the element, if , or is a sub-element, the error code 2308 ("Data management policy violation") will be returned as we do not offer privacy on these fields. .. note:: If a contact requires both a handle with and without privacy (e.g. one domain is a business and another is a personal site), then two separate handles will be required. Commands ~~~~~~~~~~~~ * :ref:`eppcontactupdate` - Contact handles can be updated to add/remove privacy. * :ref:`eppcontactcreate` - Contact handles can be created with privacy enabled. * :ref:`eppcontactinfo` - Contacts with privacy will return a element if privacy is set. Whoisd Changes -------------- The following fields will be omitted from Whoisd responses for contacts with privacy enabled: * contact_address1 * contract_address2 * contract_postalcode * contact_city * contact_province * contact_phone * contact_fax