Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

Good registrar (privacy matters)

Good registrar (privacy matters)

datanoisedatanoise Member
edited June 19 in Domains

Hi

I'm looking for a registrar that won't hang over customer data for nothing. I used internet.bs in the past, they were great but I did read that they could give away your data with a simple lawyer letter, dunno if that's true but I guess I could try another registrar.

I had good experience with OVH (sending me (bogus) lawyer letter by email and not answering to them) but I'd rather use a registrar not based in France.

The site in itself is not illegal, just had some trouble in the past with another domain (caused by the owners of a similar website, trying to clean the internets for their own presence) and I'd rather stay on the safe side.

Is subreg still a solid choice? What about pananames? I use them and have had no problem so far but I'm pretty sure nobody contacted them about my domains :) Any other recs? I don't need anything "offshore" or that would be fine for illegal activities: just a solid registrar that won't hang over my personal data without a valid court order...

Thanks!

Comments

  • mkshmksh Member
    edited June 19

    No personal experience but eurodns (based in luxembourg) seems to be one of the few registrars that would actually go to court for their costumers.

    Not so sure about subreg. Thy have a bit of a reputation but i remember reading a few cases where they caved in with little pressure at all.

    Thanked by 1datanoise
  • I use google, no issues so far.

    Automate server mgmt w/ Runcloud - aff link will give +15 days if you go pro

    Thanked by 1datanoise
  • As long as you have activated ID protection and not doing anything illegal or copyright infringement, no trusted registrar should leak your info. Go for offshore domain.

    The end is far away... :)

    Thanked by 1datanoise
  • angstromangstrom Member

    In the absence of positive evidence/data for or against, I really don't see how one can distinguish registrars on this basis. One can go by hearsay or anecdotes from random participants on a forum, but I don't see any reason to put much faith in hearsay or anecdotes.

    "[T]he number of UNIX installations has grown to 16, with more expected." (K. Thompson & D. M. Ritchie, UNIX Programmer's Manual, 3ed, 1973)

    Thanked by 1datanoise
  • angstromangstrom Member

    @angstrom said: In the absence of positive evidence/data for or against, I really don't see how one can distinguish registrars on this basis. One can go by hearsay or anecdotes from random participants on a forum, but I don't see any reason to put much faith in hearsay or anecdotes.

    Or go with a Swiss registrar in the (blind?) hope that they would do the right thing in a critical situation. You'll pay a premium price, but if it buys you peace of mind, then why not.

    "[T]he number of UNIX installations has grown to 16, with more expected." (K. Thompson & D. M. Ritchie, UNIX Programmer's Manual, 3ed, 1973)

    Thanked by 1datanoise
  • I have to admit that I have been surprised by OVH reaction but it makes sense: if you are a big company you probably can't disclose personal data without a court order.

    Which made me consider the assertion that "offshore is better" it might be in theory, but in practice, it seems to me that the US or big EU countries have some legal stability (and in some cases have to respect user privacy) which might make them more private than some fancy registrar in Panama or the Seychelles... Switzerland is probably a good location. Any registrar you'd recommend there @angstrom?

  • angstromangstrom Member

    @datanoise said: I have to admit that I have been surprised by OVH reaction but it makes sense: if you are a big company you probably can't disclose personal data without a court order.

    Which made me consider the assertion that "offshore is better" it might be in theory, but in practice, it seems to me that the US or big EU countries have some legal stability (and in some cases have to respect user privacy) which might make them more private than some fancy registrar in Panama or the Seychelles... Switzerland is probably a good location. Any registrar you'd recommend there @angstrom?

    No, I'm afraid that I don't have any experience with Swiss registrars, I just keep to the big well-known registrars, including OVH, but I also don't have the concerns/worries that you appear to have.

    Why not stay with OVH if you have some positive evidence in its favor? That's already a lot more evidence than you have for or against another registrar in this respect. Personally, I don't see why OVH's being in France should be a problem, but then again, I don't know the whole context of your concerns/worries.

    "[T]he number of UNIX installations has grown to 16, with more expected." (K. Thompson & D. M. Ritchie, UNIX Programmer's Manual, 3ed, 1973)

    Thanked by 2datanoise Ole_Juul
  • angstrom said: Why not stay with OVH if you have some positive evidence in its favor? That's already a lot more evidence than you have for or against another registrar in this respect.

    Could be the best choice if there is not a solid alternative, you're right...

    Thanked by 1angstrom
  • mkshmksh Member
    edited June 19

    @angstrom said: In the absence of positive evidence/data for or against, I really don't see how one can distinguish registrars on this basis. One can go by hearsay or anecdotes from random participants on a forum, but I don't see any reason to put much faith in hearsay or anecdotes.

    Well eurodns actually kept a rather controversial domain online until being ordered by a luxembourg court to disable it. I think there is also a canadian registrar with a proven history of not giving in before receiving court orders. Sadly i don't remember the name and my searches came up empty.

    While i agree that registrars in stable jurisdications are probably the safest when it comes to releasing personal data that doesn't mean that a lot of them (especially the big names) wouldn't just drop you for a couple frivolous complaints without paying much attention to the validity.

    As for the people recommending offshore registrars. Which one do they even refer to? Since InternetBS was bought by CentralNIC there isn't any obvious choice anymore. IPMirror looked like an option a couple years ago but i've never really followed this. Besides singapore isn't a juridication i'd put all that much trust in.

    Thanked by 1datanoise
  • datanoisedatanoise Member
    edited June 19

    The canadian one you are mentioning is probably EasyDNS. Probably a solid registrar. EuroDNS seems solid as well (both quite pricey).

    There are many offshore registrars, but I don't know if they are trustworthy or not: https://panames.com in panama https://toglodo.com in costa rica https://nicenic.net in HK https://www.ourdomains.com HK too

    InternetBS used to be trusted, but I heard some people having trouble with them for no valid reasons, their claim "avoid bogus dmca, come to bahamas" was probably a good marketing strategy during their first years; and they got rid of that when it wasn't needed, to avoid being too appealing to potential abusers (even before being acquired by centralnic). I don't know what is their current policy.

  • angstromangstrom Member

    @mksh said: While i agree that registrars in stable jurisdications are probably the safest when it comes to releasing personal data that doesn't mean that a lot of them (especially the big names) wouldn't just drop you for a couple frivolous complaints without paying much attention to the validity.

    I guess that there are two distinct issues: (i) releasing someone's personal data vs (ii) deciding to drop someone's domain.

    I understood @datanoise to be concerned about (i), and here I would like to think that no major registrar in a stable region would release someone's personal data without a court order. My comment above was simply that it's hard to choose between registrars on this basis unless one has positive evidence for or against.

    As for (ii), yes, there are well-known cases of registrars deciding to drop domains, and one such case was discussed here on LET some months ago. If a registrar decides to drop a domain, I would definitely say that it's not a good or encouraging practice, but I wouldn't say that the registrar has violated someone's privacy as a result.

    "[T]he number of UNIX installations has grown to 16, with more expected." (K. Thompson & D. M. Ritchie, UNIX Programmer's Manual, 3ed, 1973)

    Thanked by 2mksh datanoise
  • jsgjsg Member

    My take with offshore registries is to always ask the question: How would -I- be positioned if I had to go to court in the given jurisdiction? Panama, Togo, and whatnot are almost certainly places where you and me do not know the local rules and circumstances and where I frankly would not trust their courts at all.

    So my advice would be to filter for "not in 5 and preferably not in 14 eyes" with a good record on citizens rights and hopefully no record of dancing to the tune of certain countries every whim. Plus I would like to feel comfortable with their court system not being a farce but reliable. Not having any military bases of foreign countries in their country would be a major plus.

    Thanked by 2mksh datanoise
  • Sofia_KSofia_K Member

    try Gandi.net, reputed old registrar with tight privacy.

    Thanked by 1datanoise
  • quickquick Member
    edited June 19

    @mksh said: No personal experience but eurodns (based in luxembourg) seems to be one of the few registrars that would actually go to court for their costumers.

    Not so sure about subreg. Thy have a bit of a reputation but i remember reading a few cases where they caved in with little pressure at all.

    Subreg threatened me with seizing my domain based on an abuse of a normal dude without any lawyer/court order. Porkbun works fine for me regarding freedom of (hate) speech

    Also good experience I made with is cnobin

    Thanked by 2mksh datanoise
  • mkshmksh Member
    edited June 19

    @angstrom said:

    @mksh said: While i agree that registrars in stable jurisdications are probably the safest when it comes to releasing personal data that doesn't mean that a lot of them (especially the big names) wouldn't just drop you for a couple frivolous complaints without paying much attention to the validity.

    I guess that there are two distinct issues: (i) releasing someone's personal data vs (ii) deciding to drop someone's domain.

    I understood @datanoise to be concerned about (i), and here I would like to think that no major registrar in a stable region would release someone's personal data without a court order. My comment above was simply that it's hard to choose between registrars on this basis unless one has positive evidence for or against.

    As for (ii), yes, there are well-known cases of registrars deciding to drop domains, and one such case was discussed here on LET some months ago. If a registrar decides to drop a domain, I would definitely say that it's not a good or encouraging practice, but I wouldn't say that the registrar has violated someone's privacy as a result.

    Yeah, i guess i was interpreting a bit more into OPs request. I mean privacy is nice but i think he also desires to keep his site online ;)

    @datanoise said: The canadian one you are mentioning is probably EasyDNS. Probably a solid registrar. EuroDNS seems solid as well (both quite pricey).

    Guess that's part of the reason they care a bit more about their costumers.

    InternetBS used to be trusted, but I heard some people having trouble with them for no valid reasons, their claim "avoid bogus dmca, come to bahamas" was probably a good marketing strategy during their first years; and they got rid of that when it wasn't needed, to avoid being too appealing to potential abusers (even before being acquired by centralnic). I don't know what is their current policy.

    InternetBS sold to CentralNIC shortly after it became evident they were vulnerable to outside pressure. Remember when paypal dropped them because they weren't cooperating with lobby groups in certain countries?

    @quick said: Also good experience I made with is cnobin

    Yeah, that's probably the registrar to least likely give a shit about what anyone says or does. I'd just be a bit scared that in case of problems they certainly wouldn't give a shit either.

    Thanked by 1datanoise
  • jsgjsg Member

    @Sofia_K said: try Gandi.net, reputed old registrar with tight privacy.

    For what it's worth: I fell for that marketing too and my experience with Gandi has been extremely bad up to and including them occasionally acting on questionable internal private relations and squarely shitting on the customer. I took away all my domains.

    Thanked by 1datanoise
  • emgemg Member
    edited June 19

    I have a few comments and experiences about the domain registration issues that we have been discussing. There are multiple issues:

    How does the registrar prevent unauthorized persons from altering domain ownership, control, or configuration?

    Besides managing the interface between you and ICANN for registering your domain, this is the critical function that a registrar provides. They are the gatekeeper from those who would take control of your domain without authorization.

    It is the "authorization" component that is critical. What constitutes "authorization"? Besides the domain owner, who else has authorization to transfer control of a domain? Law enforcement? - probably. A judge's order? - probably, but how do they authenticate it? A letter from an attorney? - let's hope not.

    I would look for (and read) whatever written policies are available from the domain registrar concerning the legal basis for transferring domain ownership and control. Do the registrar's policies provide for a notification and appeal mechanism before the domain is transferred out of their control? How much time do they give you? What is the process for filing an appeal?

    Even then, you do not know how well the registrar follows their policy. I feel that professionalism in documentation aligns well with professionalism in practice, but you can never be sure.

    The real concern is that you have little recourse once the domain passes out of the control of your registrar.

    Note the jurisdictional issues:

    Laws vary depending on where the registrar does business. Some registrars operate in multiple countries, and follow different laws depending on which of their business operations holds your domain registration. When one registrar created a new US-based business entity, I was given the choice to leave my domain registrations with the foreign parent company subject to the laws of that country, or move my domain registrations to the new, wholly-owned US-based company that was subject to US law. As a US resident, I chose the US option, because I felt that I could more easily defend my domains with a US company.

    How well does the registrar protect the personal information contained in "private" registrations?

    Obviously the registrar must secure its customer database against hackers. The real problem is that it is difficult to determine the quality of the security that protects your private registration data. Small companies are breached. Big companies are breached. Sure, if you are big company with lots of registrations, you may have the power to perform a pre-contract audit or other analysis before signing a large contract with the registrar. Unfortunately, us small people don't have much basis for a decision. We must make judgements based on publicly available information and anecdotes from others.

    You are really on your own here. Does the company have sloppy practices in other areas? If so, what makes you think that their security is the best? Does their website look amateurish? Do other aspects of their business give you pause?

    What are the registrar's policies regarding private registration disclosures?

    Who has the authority to disclose private registrations, and to whom? It is similar to domain control, above. Is a lawyer's letter enough? Do they have a written policy about it?

    How does the registrar handle queries about the domain?

    Registrations have email addresses for registrant, admin, and technical contacts. That's true, even for private registrations.

    What happens if you send an email message to that "private" email address? Maybe it is the perfect domain for your new startup, and someone is willing to pay millions to buy the domain from you, the owner. You want to receive the offer, right? Well, sometimes those email messages are auto-forwarded. More often, they go into a bit bucket in the sky, and you never hear about it. One domain registrar claimed that their employees handle them individually, as they are relatively rare, but when I tested them, they never responded or indicated that the email had been received.

    If you have a private domain registration, try it out. Send an email message to that private email address. You may be surprised at what happens. Most likely, nothing at all. It will join your missing socks, never to be seen again.

    What other policies do the companies have that may affect your domain registration and privacy?

    One domain registrar insisted on displaying the full name of the registrant in the whois report for private registrations, even though the remaining contact information was not displayed. I was appalled when I discovered it, because the information has obviously been cached all over the internet, associating my real name with those privately registered domains forever. According to the registrar, their lawyers insisted that displaying the true legal name was required by ICANN. I pointed out that people do not want their names disclosed for hosting websites on controversial or sensitive topics, especially people from countries with oppressive regimes. (I doubt that many people from those countries would bother using this registrar anyway.) The registrar was well aware of the common use of private registrations, but insisted that they were following ICANN policy and the other registrars were in error. I escalated the issue up to their corporate attorneys. After cordial discussions on the topic, we agreed to disagree and I moved on. The damage had been done.

    Furthermore, that same registrar insisted that I was in violation of their policy that required registrations with full legal names. I had entered a first initial and my last name (surname). I did not enter my full first name. The registrar did not do anything about it, but they insisted that I was violating the policy, which they claim is a requirement in ICANN's policies. They claimed that it could be an issue if one of my domains fell into dispute. It was obvious to me that I had entered sufficient information to uniquely identify me as the owner of the domains. Whatever. I have not bothered to change to my full first name on their website.

    During those discussions, the lawyers disclosed that they were actively reviewing the policy to see if they could accommodate changes. I suspect that they were losing a lot of business and goodwill, and I bet that their executives looked at the damage and told the lawyers to stop being pedantic and align themselves with industry practices.

    I just checked, and sure enough, names are now hidden in private registrations from that registrar. The change must have happened in the last year or so, but I don't know exactly when it happened.

    I wonder whether the same lawyers are still working for the company? :-)

    Thanked by 2datanoise aglodek
  • Sofia_KSofia_K Member

    @jsg said:

    @Sofia_K said: try Gandi.net, reputed old registrar with tight privacy.

    For what it's worth: I fell for that marketing too and my experience with Gandi has been extremely bad up to and including them occasionally acting on questionable internal private relations and squarely shitting on the customer. I took away all my domains.

    thanks for the feedback on Gandi. I too have 2-3 domains with them reading their marketing material. Seems time to transfer-out from Gandi.

    Thanked by 1datanoise
  • Sofia_KSofia_K Member

    How's Namesilo? Though they've a page where they tell site visitors that they are not hosting company so they'll not act on anything related to spam complaints, DMCAs, etc. etc. but on their Support page they do have a online-form https://www.namesilo.com/report_abuse.php which has an option for the complainant to choose "Deactivate the Domain". weird, ain't it?

    Thanked by 1datanoise
  • hanoihanoi Member

    Stay away internet.bs.

    Thanked by 1datanoise
  • TionTion Member

    @angstrom said: I understood @datanoise to be concerned about (i), and here I would like to think that no major registrar in a stable region would release someone's personal data without a court order.

    In regards to the current GDPR panic I doubt any european company will release client information without a court order.

    Some people get wet, others feel the rain.

    Thanked by 2datanoise aglodek
  • @Sofia_K said: How's Namesilo? Though they've a page where they tell site visitors that they are not hosting company so they'll not act on anything related to spam complaints, DMCAs, etc. etc. but on their Support page they do have a online-form https://www.namesilo.com/report_abuse.php which has an option for the complainant to choose "Deactivate the Domain". weird, ain't it?

    I never had any issues with NameSilo. I once ran into a situation where someone tried to seize a domain, also nothing illegal. Support was helpful, they said they wouldn't release any info without a court order.

  • @jsg : exactly, but if the case was that serious (and the juridiction "solid") I wouldn't mind giving up on the domain. (ie can't afford to try to win in court)

    @emg : great points. The problem is that their "legal pages" are one point, but their practice could be different... As you say, security breach could be the worse for privacy, but at least a third party wouldn't be able to get the domain handled to them (unless the registrar is really crappy, I assume data leak is more likely to happen that ownership problems)

    @Tion : yeah, maybe that makes the EU a good place.

    @Saragoldfarb : thanks, exactly the kind of stuff I wanted to know as my problem is similar.

  • joepie91joepie91 Member, Provider

    datanoise said: I used internet.bs in the past, they were great but I did read that they could give away your data with a simple lawyer letter,

    Do you have a link for this? I'd be interested in learning more about what went on there.

    datanoise said: I have to admit that I have been surprised by OVH reaction but it makes sense: if you are a big company you probably can't disclose personal data without a court order.

    Do keep in mind that OVH can be extremely irritating if your services do get targeted by an actual police investigation. They'll basically keep you completely in the dark - the lack of information works both ways.

  • pikepike Member

    @hanoi said: Stay away internet.bs.

    why?

  • datanoisedatanoise Member
    edited June 20

    joepie91 said: Do you have a link for this? I'd be interested in learning more about what went on there.

    Don't find it, easy to find that they shut down a website with no need for a court order but I can't find the information related to them sharing information about a registrant, don't remember where I read that, I could be wrong.

  • i will tell you of a small trick of how to find registrars that value privacy and arenot afraid to go to court for you.look (do a whois) at all the websites that do questionable things.not because you want to do questionable things but because the registras behind this website domain names have proven to be solid and arenot cowed.just do a whois on sites like avxhome ,nitroflare ,rapidgator hackforum etc etc. and the domain registra that pop up include uniregister.com ,eurodns.com,Gransy s.r.o.,internetbs.net(my favourite) and many more.those are the domain registrar i would go with

    Thanked by 2datanoise aglodek
  • mkshmksh Member
    edited June 20

    @datanoise said:

    joepie91 said: Do you have a link for this? I'd be interested in learning more about what went on there.

    Don't find it, easy to find that they shut down a website with no need for a court order but I can't find the information related to them sharing information about a registrant, don't remember where I read that, I could be wrong.

    That date pretty much matches the sale to CentralNIC. Who is really surprised? But InternetBS has been suspending sites before that too and to this day has couple weird terms. Search a bit for Legitscript in combination with Internetbs. That was pretty much the beginning the end for InternetBS. Once paypal had kicked them out and other payment processors were probably also under pressure to cut ties with them they realized they couldn't avoid cooperating. All that cost them a ton of credibility and at that point people were already fleeing the sinking ship in masses. Not being able to take paypal probably also cost them a ton of money so they called it a day and sold to CentralNIC.

    Thanked by 1datanoise
  • @pike said:

    @hanoi said: Stay away internet.bs.

    why?

    internet.bs are rapidgator.net registrar.they are BIG TIME!

    Thanked by 1datanoise
  • michaelsmichaels Member

    I've used https://njal.la/ in the past :)

    Thanked by 1datanoise
  • RadWebHostingRadWebHosting Member, Provider

    For some reason, Hexonet comes across as one of the more trustworthy organizations. They seem to have documentation on every possible scenario and their platform offers the greatest level of control and customization that I've seen.

    KVM VPS Servers | Proudly accepting: PayPal, BTC, ETH, LTC, BCH, DASH, DGB, ETC, XRP, & XMR

    Thanked by 1datanoise
  • hanoihanoi Member

    @pike said:

    @hanoi said: Stay away internet.bs.

    why?

    Because they suspended domains immediately without notifications and no more responding. Back to 5 years ago i have same situation like someone at webhostingtalk. https://lmgtfy.com/?q=internet+bs+suspend+webhostingtalk

    Thanked by 1datanoise
  • michaels said: I've used https://njal.la/ in the past :)

    Seems nice but pretty expensive and if I'm sure they'll protect your privacy, they have no power to keep your domain online if the registrar they use decides to shut it down.

  • @hanoi said:

    @pike said:

    @hanoi said: Stay away internet.bs.

    why?

    Because they suspended domains immediately without notifications and no more responding. Back to 5 years ago i have same situation like someone at webhostingtalk. https://lmgtfy.com/?q=internet+bs+suspend+webhostingtalk

    and all are 2014 articles.....wow you are living in past now ? thatsnot nice.

    Thanked by 1Adam1
  • hanoihanoi Member
    edited June 23

    Eric you must be worked for internetbs or you trolled. Last word for you and don't quote me again: "Fool me once, shame on you. Fool me twice, shame on me".

  • Adam1Adam1 Member

    All I've read about internetbs is that sometimes they have to follow icanns rules and someone doesnt like it, same for any registrar.

    How can you realistically expect a registrar that has to operate under icann to ignore icann?

    Personally I only use internetbs, i take advantage of new reg offers at other registrars but immediately move them when possible to internetbs. I really like their API and have written a lot of code around it.

    I was disappointed when they sold to Central nic and I do not have a good opinion of CenralNIC myself. For privacy, I've yet to read anything that suggests they are compromised under CentralNIC vs before.

  • torrboxtorrbox Member

    tonic.to or isnic.is if you don't care much for the ending.

  • aglodekaglodek Member

    @datanoise said: I'm looking for a registrar that won't hang over customer data for nothing. I used internet.bs in the past, they were great but I did read that they could give away your data with a simple lawyer letter, dunno if that's true but I guess I could try another registrar.

    I had good experience with OVH (sending me (bogus) lawyer letter by email and not answering to them) but I'd rather use a registrar not based in France.

    I'd stick with an EU based registrar, not neccessarily French one. Here's why:

    @Tion said: In regards to the current GDPR panic I doubt any european company will release client information without a court order.

    Andrew Glodek | Special Projects Director | 香港國際商務中心 HONG KONG INTERNATIONAL BUSINESS CENTRE
  • mkshmksh Member
    edited June 23

    @ericnyamu said:

    @hanoi said:

    @pike said:

    @hanoi said: Stay away internet.bs.

    why?

    Because they suspended domains immediately without notifications and no more responding. Back to 5 years ago i have same situation like someone at webhostingtalk. https://lmgtfy.com/?q=internet+bs+suspend+webhostingtalk

    and all are 2014 articles.....wow you are living in past now ? thatsnot nice.

    Actually that's good for him since the present is worse. It's just that pretty everyone left internetbs in 2014 so you don't hear much about it anymore.

  • LTnigerLTniger Member

    For privacy https://njal.la/

    If you stare into the deadpool, the deadpool stares back at you.

  • michaelsmichaels Member

    @datanoise said:

    michaels said: I've used https://njal.la/ in the past :)

    Seems nice but pretty expensive and if I'm sure they'll protect your privacy, they have no power to keep your domain online if the registrar they use decides to shut it down.

    Why would they, they register the domain on your behalf. There is a trust issue there, but the registry shutting them down seems very unlikely.

    Thanked by 1joepie91
  • welp i cannot edit my comment but i meant the best registra is uniregistry.com

  • Ole_JuulOle_Juul Member

    ericnyamu said: i meant the best registra is uniregistry.com

    Any reason why?

  • @Ole_Juul said:

    ericnyamu said: i meant the best registra is uniregistry.com

    Any reason why?

    Free whois privacy, reasonable prices, one of the best UI and control panel. No upsell when you try to register a domain.

    Thanked by 1Ole_Juul
Sign In or Register to comment.