# Privacy Off .CA Domains



## KarimMontreal (Jan 30, 2021)

Hello All

How do we turn Privacy Off on .CA domains? Same question on .CO.UK domains?

The Goal here is to enable whomever running a WHOIS query to find contact of the domain's owner.

Thanks in advance

Karim


----------



## Esdiel (Jan 30, 2021)

Welcome to DN.ca Karim.

I believe it generally depends on the registrar. Some make it easy to turn privacy off with a single click, whereas others don't give you the option (like GoDaddy, for example). It's possible you could accomplish it by contacting support but I never tried before.

Keep in mind that when registering a .CA you have to choose whether you (ie the registrant) are buying the domain as an individual or a corporation. Individuals are automatically given whois privacy whereas corporations have their whois info public.

Below is further info you may find helpful, from CIRA's website. It seems to confirm you can contact your registrar to change the settings:



> *WHOIS Information*
> 
> As part of the administration of the .CA Registry, CIRA operates an electronic look-up service called "WHOIS". WHOIS is designed to provide limited information concerning Domain Names.
> 
> WHOIS has built-in privacy protection options, which can be used to limit the personal information available through the WHOIS system. For Registrants who are individuals (e.g. as opposed to organizations), the privacy protection options are turned on by default, and only limited personal information is available to third parties when they search the WHOIS system for a Domain Name that you have registered. If you turn your privacy protection option off, more of your personal information will be available through the WHOIS system. *Your privacy protections can be changed by contacting your Registrar.*



....



> If you are a non-individual Registrant, the information that will be made available through the WHOIS system will be the same as an individual Registrant with their privacy protection turned OFF. Non-individual Registrants may request to CIRA, in writing, that the information described above not be disclosed to the public via the WHOIS. In such a written request, the non-individual Registrant must certify that it has a legitimate need to protect the privacy of its information, which need is greater than that of other CIRA Registrants who are not individuals, because the nature of that Registrant’s operations or activities is such that disclosure of its information via the WHOIS would be likely to cause harm to individuals or to that Registrant.
> 
> CIRA retains the discretion to determine in any case whether a non-individual Registrant meets the criteria and will be permitted to opt out of standard disclosure of information in the WHOIS. If CIRA accedes to the request, the non-individual Registrant’s WHOIS information will only be disclosed thereafter in accordance with the terms for disclosure applicable to individual Registrants.



https://www.cira.ca/policy/corporate/cira-privacy-policy


----------



## Esdiel (Jan 30, 2021)

[notify]KarimMontreal[/notify]

You're probably already aware but there's also CIRA's " Message Delivery Form" people can use to contact you. I never cared too much about making my whois info public because people can always reach me this way if they really wanted to. Plus having your whois info public will most likely result in you getting piles of spam/junk mail.

https://www.cira.ca/ca-domains/contact-a-domain-holder


----------



## KarimMontreal (Jan 30, 2021)

Esdiel said:
			
		

> @KarimMontreal
> 
> You're probably already aware but there's also CIRA's " Message Delivery Form" people can use to contact you. I never cared too much about making my whois info public because people can always reach me this way if they really wanted to. Plus having your whois info public will most likely result in you getting piles of spam/junk mail.
> 
> https://www.cira.ca/ca-domains/contact-a-domain-holder




Thanks a lot for writing me back 

Their must be a way to turn off the privacy on .CA domain


----------



## MapleDots__ (Jan 30, 2021)

First welcome

Second, what is your registrar?


----------



## Nafti (Jan 30, 2021)

I personally like privacy on with my domains. I believe that I do have a few with no privacy. 

In the last 5 years, I have had only 1 inquiry for one of my domains via Whois lookup. In my opinion, as long as you have a contact page up, a potential buyer will find a way to reach you. I like my privacy private.   But to each their own.


----------



## KarimMontreal (Jan 30, 2021)

MapleDots said:
			
		

> First welcome
> 
> Second, what is your registrar?




Thank You MapleDots

GoDaddy


----------



## rlm__ (Jan 30, 2021)

Actually, sometimes I'm surprised that people will contact me through whois rather than my contact page on the domain itself.  Somtimes they'll do both.

Almost _never_ will I get contacted through the CIRA contact form.  Only an experienced domainer would even know that exists, good luck having an end-user ever find that form!

If you're in the business of selling, then I agree, you want to give any potential buyer any and every way possible to contact you.  Furthermore, if some lawyer thinks they have a claim on my domain name, I want them to know I'm not hiding and that they can contact me easily, before they start off with a CDRP.  Even if they have no chance of winning, I'm forced to either pay a lawyer or put significant amount of my own time defending that kind of stuff, so I prefer not to go there unless I have to.  That being said, if you always have a contact link/form, then needing whois being public is less of an issue.  If you're _relying_ on whois to be your contact info, then you're making it impossible to contact you for a vast majority of the uninformed public.   A contact form is definitely the first priority of you're a seller.

The main downside I see to having your whois public is your competition - other domainers.  I've found that there are a few people who will stalk your every move and not having privacy makes it easy for them to track what domains you're buying/selling/etc. Some of those people are probably reading this right now, so you know who you are 

I'm not saying I blame them, nor would I say I don't keep track of stuff like that myself.  Information and knowledge is power, and it can be used against you too.  So consider that.   That's more of a function of how paranoid you are though, and how big of a target you are.  Most domainers probably shouldn't care too much about that.  People with large portfolios who are very active buying & selling, they're the ones being watched closely.


----------



## rlm__ (Jan 30, 2021)

Personally I wish there wasn't whois privacy at all.  Then its a fair playing field.  And the whole concept of spam concerns are bogus. I have thousands of domains and don't have a spam problem.  In fact, I have the opposite problem, overly aggressive spam filters blocking business emails that are absolutely positively not spam...  The vast majority of spam comes more from the user's careless use of their email address by subscribing to unscrupulous businesses who sell/share their data, not whois harvesting.


----------



## KarimMontreal (Jan 30, 2021)

rlm said:
			
		

> Actually, sometimes I'm surprised that people will contact me through whois rather than my contact page on the domain itself.  Somtimes they'll do both.
> 
> Almost _never_ will I get contacted through the CIRA contact form.  Only an experienced domainer would even know that exists, good luck having an end-user ever find that form!
> 
> ...



Thank you RLM

Could you please share how were you able to disable Privacy on your .CA Domains?


----------



## MapleDots__ (Jan 30, 2021)

With godaddy you have to call support for them to do it. Once turned off I think it carries to your next registrations. 

I am with them and some domains are private and some not depending on where they came from.

So ask support to turn off privacy and remove it from all current domains.


----------



## KarimMontreal (Jan 30, 2021)

MapleDots said:
			
		

> With godaddy you have to call support for them to do it. Once turned off I think it carries to your next registrations.
> 
> I am with them and some domains are private and some not depending on where they came from.
> 
> So ask support to turn off privacy and remove it from all current domains.



Thank you MapleDots

I've asked thru their Chat Support, more than once , and their answer it was that they can't turn off privacy for my CA  & CO.UK domains. The tool allow to turn Off privacy on top TLD domains (COM, NET, ORG, INFO...etc)


----------



## Esdiel (Jan 30, 2021)

KarimMontreal said:
			
		

> Thank you MapleDots
> 
> I've asked thru their Chat Support, more than once , and their answer it was that they can't turn off privacy for my CA  & CO.UK domains. The tool allow to turn Off privacy on top TLD domains (COM, NET, ORG, INFO...etc)



You will most certainly have to call-in and speak with someone. Godaddy's chat support is pretty much useless most of the time and calling in is way better. Please let us know what you learn and if you're able to get it done!


----------



## MapleDots__ (Jan 30, 2021)

Well I have some at godaddy with privacy and some without so there has to be a setting.

Maybe it is in the Cira account setting [notify]FM[/notify] might be able to help with that.


----------



## FM__ (Jan 30, 2021)

MapleDots said:
			
		

> Well I have some at godaddy with privacy and some without so there has to be a setting.
> 
> Maybe it is in the Cira account setting [notify]FM[/notify] might be able to help with that.



I'm not sure where it would reside, sorry. By default .CA domains registered to individuals are private, but it is a setting that you should be able to change.

Maybe they lumped it into their general privacy settings:
https://ca.godaddy.com/help/toggle-my-domain-privacy-settings-32283


----------



## MapleDots__ (Jan 30, 2021)

FM said:
			
		

> I'm not sure where it would reside, sorry. By default .CA domains registered to individuals are private, but it is a setting that you should be able to change.
> 
> Maybe they lumped it into their general privacy settings:
> https://ca.godaddy.com/help/toggle-my-domain-privacy-settings-32283



I think everyone has a Cira account right?

Could there be a setting in there?


----------



## Esdiel (Jan 30, 2021)

rlm said:
			
		

> Almost _never_ will I get contacted through the CIRA contact form.  Only an experienced domainer would even know that exists, good luck having an end-user ever find that form!



I get what you mean but if someone was "really" determined to contact you, they (or their broker) would eventually find their way to CIRA's contact form. And if your own whois info is already public then using the CIRA's contact form just isn't necessary.



			
				rlm said:
			
		

> Furthermore, if some lawyer thinks they have a claim on my domain name, I want them to know I'm not hiding and that they can contact me easily, before they start off with a CDRP.  Even if they have no chance of winning, I'm forced to either pay a lawyer or put significant amount of my own time defending that kind of stuff, so I prefer not to go there unless I have to.



Now this is very interesting. I've never been hauled into a CDRP before but I always thought a complainant had to first prove to CIRA they tried contacting/communicating with you before CIRA ever handed them your contact information (for them to initiate CDRP proceedings). And if that's the case, CIRA's whois contact form might be the only way for them to do so, if your info isn't already public. Is that not generally true? I trust you know more than me about the procedures but I was also able to find the requirement I'm thinking of, and it turns out it's required they use CIRA's contact form, according to this:



> *2. Who May Request Disclosure of Information.* Requestors must be a person who complies with all of the obligations of Section 3 below.
> 
> *3. Requirements. * To be able to request Information, a Requestor must meet all of the following requirements:
> 
> ...





			
				rlm said:
			
		

> And the whole concept of spam concerns are bogus. I have thousands of domains and don't have a spam problem.  In fact, I have the opposite problem, overly aggressive spam filters blocking business emails that are absolutely positively not spam...  The vast majority of spam comes more from the user's careless use of their email address by subscribing to unscrupulous businesses who sell/share their data, not whois harvesting.



I'm surprised to hear this. I don't use any special spam filters but I still get emails about renewing domains I dropped almost 10 years ago (and forgot I ever owned). It's usually scam emails about renewing old .COM domains I had at GD before GD started offering free whois privacy, or from web developers trying to sell their services for my domains. I always attributed those to my whois info being public, given there's a clear link. I don't get too many, or not as many as before, but I would have assumed someone like you must get a ton.


----------



## jaydub__ (Jan 30, 2021)

I find it really cut down on the spam   *THUMBSUP* 



			
				Nafti said:
			
		

> I personally like privacy on with my domains. I believe that I do have a few with no privacy.
> 
> In the last 5 years, I have had only 1 inquiry for one of my domains via Whois lookup. In my opinion, as long as you have a contact page up, a potential buyer will find a way to reach you. I like my privacy private.   But to each their own.


----------



## rlm__ (Jan 31, 2021)

KarimMontreal said:
			
		

> Could you please share how were you able to disable Privacy on your .CA Domains?


I'm set up as a corporation, therefore it is always public.


----------



## rlm__ (Jan 31, 2021)

Esdiel said:
			
		

> *2. Who May Request Disclosure of Information.* Requestors must be a person who complies with all of the obligations of Section 3 below.
> 
> *3. Requirements. * To be able to request Information, a Requestor must meet all of the following requirements:
> 
> ...



That is interesting, since I generally don't use privacy, they don't have to request my info and therefore it really doesn't apply to me.  But that is interesting to know and would obviously make sense for those domains with Privacy.


----------



## rlm__ (Jan 31, 2021)

Esdiel said:
			
		

> I'm surprised to hear this. I don't use any special spam filters but I still get emails about renewing domains I dropped almost 10 years ago (and forgot I ever owned). It's usually scam emails about renewing old .COM domains I had at GD before GD started offering free whois privacy, or from web developers trying to sell their services for my domains. I always attributed those to my whois info being public, given there's a clear link. I don't get too many, or not as many as before, but I would have assumed someone like you must get a ton.



Also interesting, I mean yes, I do get the odd spam, but i'd say I get almost an equal amount of snail mail spam.   I get it, but its pretty minimal and I can't typically attribute it to whois.  Lately the ones I see in my junk folder are bitcoin related, various phishing attempts, nigerian type scams, etc...  I do get the occasional one from the same schmuck over and over about "the domain something.net is for sale" and its because I own the .ca.  Maybe one every week or two.  But its not like having thousands of domains means you get thousands of spam messages a day.


----------



## MapleDots__ (Feb 2, 2021)

I have logged into my cira account, it is pretty basic, I can edit my address and that is about it.

It lists all of my .ca domains but there is no setting to change privacy on an account level.

In fact there is no setting to change privacy on a domain level either which indicates it all has to be done at the registrar level.


----------



## Spex (Feb 2, 2021)

rlm said:
			
		

> And the whole concept of spam concerns are bogus. I have thousands of domains and don't have a spam problem.



I agree here. Maybe it's because I keep my CA's at Canadian registrars, mostly Namepros, but I've never gotten spam on them. Now .COMs, where I mostly have them at GoDaddy and Namecheap...it's spam city!

I understand privacy for other reasons though (personal info, others seeing your patterns) but I may be naïve but I don't think .CA's are targeted that much for spam like other extensions


----------



## MapleDots__ (Feb 2, 2021)

This link explains it completely

https://www.cira.ca/blog/ca-domains/domain-registration-tips-cira-whois-privacy


So the default is privacy for all personal registrations


Business Registrants have privacy turned off and that can be changed here in godaddy:









Once you click the edit button you see this:











I changed a domain to Corporation but it is still private on the cira whois site. I assume it does not update immediately so I will post back here if I notice it change.


----------



## Esdiel (Feb 2, 2021)

MapleDots said:
			
		

> I changed a domain to Corporation but it is still private on the cira whois site. I assume it does not update immediately so I will post back here if I notice it change.



Good thinking, and please do let us know if it works.

Did it ask you for proof of your corporation, or the name of it at least, when you made the change? I guess we have to first wait and see if it worked but I'm wondering whether any of us could do this even without a corporation.


----------



## MapleDots__ (Feb 2, 2021)

Esdiel said:
			
		

> Did it ask you for proof of your corporation



Nope, I was able to make the change with the drop down so now it might take a day or so until they update.


----------



## rlm__ (Feb 2, 2021)

Just be advised that I personally know of at least one case where a guy used a long-expired corporation name.  Some ******* who wanted to steal the domain from him then registered the company name federally, and tried to claim the domain was his.  The a-hole then contacted CIRA and told them the existing domain owner wasn't legit and then CIRA did a Registrant Identity Verification, asking the guy to prove he was "abc corp" or whatever.  He figured, no problem, I'll just go register/revive that corporation now, only to find out that a-hole registered it already and thus blocked him from registering it.  Since he couldn't prove ownership, CIRA then confiscated the domain, dropped it and he was never able to get it back.  The a-hole didn't get it either, but this poor guy lost a very valuable domain name.

I'm guessing you don't have a 6-figure domain name, but none-the-less, be aware of what can happen when it comes to not having verifiable ownership information.


----------



## MapleDots__ (Feb 3, 2021)

Update: After making the change to a corporation my domain is still private, it seems to have made no difference so I think it depends on how you registered the domain.

I have a few where the domain is not private but those were purchased from corporations so I think the settings may have carried forward.

It looks like only a call to godaddy support will answer the OP's question because at this point I have done everything possible within the cira settings and the godaddy settings.


----------



## Esdiel (Feb 3, 2021)

rlm said:
			
		

> He figured, no problem, I'll just go register/revive that corporation now, only to find out that a-hole registered it already and thus blocked him from registering it.  Since he couldn't prove ownership, CIRA then confiscated the domain, dropped it and he was never able to get it back.



Interesting, thanks for sharing. Do you remember how long ago that was? 

I'm a little surprised CIRA would confiscate the domain if this guy was also a Canadian citizen, since there would still be a Canadian presence despite choosing/using the wrong status. 

It would definitely make sense a ~couple decades ago when CIRA had much more strict requirements about who was eligible to register a domain, with even further rules about what domains those eligible people/companies were allowed to register.


----------



## MapleDots__ (Feb 3, 2021)

I just checked my domains and some are even set to aboriginal, they are all over the place. It appears this setting stays to whatever it was set as when you transfer the domain in.

So if the previous owner was set as aboriginal people for the previous owner then it stays as that when transferred to your godaddy account.

Crap, now I have a two day project to check them all.


----------



## rlm__ (Feb 3, 2021)

Esdiel said:
			
		

> Interesting, thanks for sharing. Do you remember how long ago that was?
> 
> I'm a little surprised CIRA would confiscate the domain if this guy was also a Canadian citizen, since there would still be a Canadian presence despite choosing/using the wrong status.
> 
> It would definitely make sense a ~couple decades ago when CIRA had much more strict requirements about who was eligible to register a domain, with even further rules about what domains those eligible people/companies were allowed to register.



This was 2007.  CIRA knew the a-hole guy was malicious and kinda wanted to help out the registrant, so they gave him time to try and revive his corporate name, which he couldn't do.  So CIRA thought they'd be smart, drop the domain at an odd time, then call the registrant and have him simply re-register it with an accurate registrant name, thus solving the problem.  However, CIRA didn't expect anyone else to notice it was available to register momentarily - and so a third party reg'd it and beat them all to the punch.  CIRA said "sorry, we tried, its out of our hands now".  So in this case, CIRA was trying to do the right thing.  They just blew it.


----------



## MapleDots__ (Feb 3, 2021)

rlm said:
			
		

> so a third party reg'd it and beat them all to the punch.



And pray tell.... who was the third party?

Does he like to ski by any chance?  *ROFL*


----------



## rlm__ (Feb 3, 2021)

MapleDots said:
			
		

> And pray tell.... who was the third party?
> 
> Does he like to ski by any chance?  *ROFL*



No, it wasn't me.


----------

