Whois Registrant Privacy Option - 2017¶
There is a revised policy around WHOIS that came into effect on 28th of November 2017. On this date, InternetNZ implemented changes in the SRS and registrars will be able to offer individual registrants the privacy option, but it will not be mandatory until 28 March 2018 when all registrars will be required to comply with this policy change.
You can see the policy changes below; both which came into effect on 28 November 2017.
SRS Release 7.11 (8th of October 2017) included modifications to allow both SRS and EPP registrars to set and remove privacy flags on individual contacts;
Under .nz policy registrants who are individuals are able to elect a privacy option (See Operations and Procedures section 8.1)
To be eligible for the privacy option, Registrants must be:
- Natural persons (“individuals”); and
- Not using the domain name to any significant extend in “Trade” as that term is defined and used in the Fair Trading Act 1986
Testing SRS changes¶
SRS Release 7.11 (8th of October 2017) includes initial modifications to allow both SRS and EPP registrars to set and remove privacy flags on individual registrant contacts;
If you wish to test end-to-end privacy, including the visibility via Whois please use the SRS Testing environment:
SRS URL: https://srstest.srs.net.nz/srs/registrar
EPP host: srstestepp.srs.net.nz EPP port: 700
When a domain name transfers to a new registrar, the privacy flag of any contact details that are not explicitly specified in the DomainUpdate transaction will be honoured.
SRS Release 7.11 includes modifications to the SRS XML protocol schema to add support for privacy. The main change is the creation of a Privacy attribute under RegistrantContact, AdminContact, and TechnicalContact elements, and this attribute is also available for searches using RegistrantContactFilter, AdminContactFilter or TechnicalContactFilter elements.
The updated protocol schema is available here:
The following transactions are impacted:
- Whois - Will not return address and phone/fax details if privacy is set, however Country will still be returned.
- DomainCreate - Domain contacts can be created with privacy (for SRS embedded contacts).
- DomainUpdate - Domain contacts can have privacy enabled or disabled (for SRS embedded contacts).
- DomainDetailsQry - Domains with privacy-enabled contacts will return a privacy flag. Registrars can search for their privacy-enabled domains using RegistrantContactFilter, AdminContactFilter or TechnicalContactFilter elements.
- HandleCreate - Handles can be created with privacy.
- HandleUpdate - Handles can have privacy enabled or disabled (for Handle-based contacts).
- HandleDetailsQry - Contact handles with privacy will return a Privacy flag.
The EPP standard RFC5733 supplies an optional <contact:disclose> element to allow clients to identify elements that require special handling by the server to make sure this data is not disclosed to third parties (e.g. Whois).
Under .nz policy registrants who are individuals are able to elect a privacy option. Therefore to set the individual registrant privacy option, registrars need to set the flag attribute in the <contact:disclose> element to ‘0’ (zero).
To turn off the individual registrant privacy option, set it to ‘1’ (one).
When specifying the <contact:disclosure flag=”0”> element, if <contact:email>, <contact:org> or <contact:name> is a sub-element, the error code 2308 (“Data management policy violation”) will be returned as we do not offer privacy on these fields.
If a contact requires both a handle with and without privacy (e.g. one domain is a business and another is a personal site), then two separate handles will be required.
The following fields will be omitted from Whoisd responses for contacts with privacy enabled: