The case for change
In March 2016, in response to increasing demand for privacy online, Nominet recognised privacy services for .UK domain names for the first time. Under the framework that was introduced, when a domain name was registered the registrant details in the .UK WHOIS were replaced by those of the privacy services provider. Nominet, however, requested and held the underlying registrant data and was able to disclose it in accordance with our data release policy
We are conscious, however, that since its introduction in 2016 some registrars opted to provide privacy services to end-users outside of the framework. For .UK domain names registered in this way, via non-recognised privacy services, the privacy service provider did so at its own risk and accordingly assumed any liabilities associated with being the registrant. As part of the changes implemented to take account of GDPR in May 2018 this Privacy Services framework was discontinued, however we are aware that a small number of registrars have continued to provide privacy services to their customers.
Feedback from some stakeholders has suggested that in light of the recent GDPR changes implemented to the .UK WHOIS the rationale for privacy services no longer remains valid. However, registrars have also informed us that there continues to be a demand for such services from their customers. As such we believe that it is appropriate to implement an operational model designed to meet the needs of our channel whilst ensuring that .UK remains a space that is safe and secure and we are now requesting feedback on a revised proposal.