This whole “can Google see past/around private domain registrations” thing that came out of the Interactive SERP Site Review session at PubCon Vegas has been bothering me a little, not because I’m worried (because I’m not, okay? I’m not). But in the interest of furthering the academic discourse, I decided to do a little research.
I im’d a friend of mine who used to work for Moniker and asked if he had access to, or if anyone from the registrar side had access to, the WHOIS info on private domain registrations. His reply was that “only registrars have access to the private domain registration information, but only for those domains they hold/manage”.
So, Google, although a registrar, does not have access to anyone’s private WHOIS info because Google doesn’t manage or handle registrations for the general public.
To confirm this, I also read ICANN’s “Preliminary Task Force Report on Whois Services” issued on 22 November 2006. If you look under Summary of task force discussion (including proposals for access to data) you’ll see the following:
There are two different classes of requests for registration information.
1) Requests for information about registrations that are managed through a private registration or registration proxy service (a “type 1” request)
2) Requests for information for regular, non-proxy/non-private registrations. (a “type 2” request)
These requests are typically dealt with differently by registrars.
Requests are typically taken in by a single point of contact at a registrar which liaises with or escalates to the registrars legal department or staff.
There’s other information in the report, but that’s the part that I think is the most clear. It confirms what my contact said, which is that registrars have access to the registration data for private registrations, but only for the domains they manage.
So, Google cannot see past private registration protection. That being said, it doesn’t mean webmasters are not being profiled. It just means they aren’t using special, non-public information to build the profiles. (See comments to my previous post)
Just an update… I know I’ll sleep better tonight. 😉
15 thoughts on “Google cannot see past private registrations”
I’m really glad you dug deeper into this to find out what the heck was really up with private whois. Thanks for sharing! Off to update my blog now ;).
Yeah, I read somewhere that they cached data from new registrations before whois protection is applied? is this possible?
Derek, some registrars will allow you to apply Whois protection immediately, so that would be tough to do.
RE: Derek and Tamar
I think most registrars allow you to apply private registration protection at the time of registration; however, if you’ve won the domain at auction or picked it up from a drop-catching service, I don’t think you have that luxury. (At least, I know I don’t with the services I use)
Also, I haven’t found any documentation yet (ICANN or otherwise) that prohibits or prevents individual registrars from selling (or flat out giving) the real WHOIS data straight to Google, because how that is handled is pretty much up to the discretion of the registrar.
For the record though, I really don’t think that is happening currently. There are enough other ways Google can connect the dots without having to actively ask for non-public information from the registrars.
Any thoughts on the related topic of whether Google can determine if a domain has been registered for 1 year vs. 10 years and the implied trust that a longer registration is supposed to bring with it?
Private registration or not, anyone can see the creation date of domain record. (see the record for gshel.org for an example)
It seems logical that people who have a large number of domains that the register for one year at a time and have a pattern of allowing to expire at the end of the year might be more likely to be spammers (burning through domains as they become blacklisted and useless).
I don’t think that registration length weighs as heavily as registration age. Ultimately, whether you renew annually or once every few years, the longevity of your site will speak more to your legitimacy than the long-term registration.
Hi Cshel, thanks for doing the research here (not that I was paranoid either… I wasn’t. really).
I took from that 2nd clause that a registrar could also form some sort of relationship with a 2nd registrar to get additional info. Wouldn’t it be possible, theoretically, for Google to contract with… say GoDaddy and get the registration info that way? Would they be able to hook up with all of the biggest registrars to get info in that regard? Of course that’s a HUGE violation of my privacy (I’d switch registrars in an instant), but I wonder if you can ever see that happening??
According to the existing and proposed rules, registrars could set up those types of agreements with Google, but I don’t see the registrars wanting to risk alienating their clientele like that nor do I think there is enough value (aside from money) in that business arrangement to make it worth any risks. I don’t think Google would be terribly interested in shelling out the big bucks for that data either. Ultimately, I don’t think the number of domains in your portfolio (related, parked, or otherwise) factors THAT heavily in the algorithm right now. Of course, that could change 🙂
You are all silly, but just a quick note: I work for a big registrar with a well known marketing budget, and I will tell you that even from our view, customer contact information is kept private even to us. Now, we can see they own the domain or have it in their account, but the actual registrant information is private, masked even to us.
You are all extremely paranoid either way.
Registrars, assuming they do have the ability to see past private domain registration, probably aren’t going to grant access to see those kinds of details to their call-center serfs — or perhaps not even their middle manglement minions.
I wouldn’t assume that private registration data is truly private just because you don’t have access to it. I assure you *someone* does have access…. it’s just not you.