GoDaddy cares about your privacy.
That is, until you register a domain with the company.
Wherever it is youre situated, GoDaddy asks for users to pay for privacy protection.
Paying for WHOIS protection
Depending on your location, GoDaddy may encourage the sale of WHOIS protection.
This, essentially translates toyoupaying for the protection ofyourprivacy.
It seems as though, for European customers, privacy rights are better enforced.
This is included in the Basic Privacy Protection plan that GoDaddy offer.
If you select No Thanks, you will have your personal data made publicly available on the WHOIS database.
Surely, a pre-selected No thanks would be sufficient enough?
What is WHOIS and why is it important?
If you do not wish to have this information readily available, registrars can hide this for a fee.
This works by replacing your personal information with information about their company.
Should we hide WHOIS information?
It makes sense to protect this information so you can avoid personal data abuse and identity theft.
The mere act of publishing the personal information is considered to be data processing.
Domain registrars, such as GoDaddy and others, are data processors.
ICANN, the organization governing the WHOIS database, is the data controller.
When collecting personal data, both the data processor and data controller have a shared responsibility.
However, the requirements are much tougher on the data controller being ICANN in this case.
Privacy has been a basic right long before GDPR and other global privacy laws.
The fact that GoDaddy aims to make a profit by charging people for basic privacy protection seems unethical.
This has caused massive change inprivacy laws all around the world.
They dont have to wait for the introduction of new rigorous laws to raise the bar of privacy protection.
However, they have chosen to charge fees instead.
Those worried about their privacy may opt to register a domain name with other registrars.
This seems like a no-brainer when compared with GoDaddys unreasonable fees.
It communicates the wrong signal to pre-select a more expensive privacy package.
A domain registrar such as GoDaddy should target EU customers with pre-ticked No Thanks box.
Instead, when an EU customer is registering a domain, the paid Privacy Protection is pre-ticked by default.
A Lack of Global Privacy Regulations.
Many domain registrars operating cross-border have to deal with complex privacy and data protection laws.
Well, we have the easy-understandable GDPR dont we?
Just take a look at thisinfographic, portraying just how complex the international privacy laws look.
Its not easy, often not with a straight yes or no answer.
Every country, every state, and every province has their own privacy law.
Moreover, the definition and the scope of personal data protection varies among them.
Unlike with other fundamental rights, there is a lack of global regulations and best practices about privacy protection.
However, it can be said that the world is ripe for global privacy regulations.
They want to be compliant with privacy laws, but first, they must be sure how.
What Comes Next?
GDPR has shaken up domain registrars and ICANN by raising the bar for full personal information protection.
There is no way back from this.
From a legal perspective, GoDaddy played well around the GDPR.
But, from a business and ethics perspective, they should do better.
Privacy is a fundamental right to all human beings and should treated as such.
Story byDan Storbaek
Founder and CEO of Secure Privacy.
Published author and former management consultant.
(show all)Founder and CEO ofSecure Privacy.
Published author and former management consultant.
