I was quite surprised by the statement of the EFF that .at allows hiding of personal info (unless a trustee is used). My impression, from personal experience, is that this is not the case. The NIC-AT WHOIS policy also seems to indicate that the WHOIS data will be public [1].
Well, there are ccTLD registries that do not allow protecting or hiding the owner's identity. The FAQ on Njalla doesn't clarify how this works legally and if certain authorities could shut down domains when they find that the owner in the WHOIS is just a proxy for the real one. The best option, IMO, would be to use TLDs that allow such protection to be used.
Njalla does clarify: they are the owners of the domain, therefore they only have to display their identity.
When you purchase a domain name through Njalla, we own it for you. However, the agreement between us grants you full usage rights to the domain. Whenever you want to, you can transfer the ownership to yourself or some other party.
Quite many registries forbid this and explicitly forbids the registrar to hold domains for their customers. Those that disregard this can lose their registrar status.
It is sadly also common to see ccTLD that require that the legal owner have local presence in the country of the TLD. The way to go around this is to have a legal entity, often a law firm, which then holds the domain. If Njalla uses this, then you the customer don't have ownership, and Njalla do not either, but rather its the law firm.
Quite many registries forbid this and explicitly forbids the registrar to hold domains for their customers. Those that disregard this can lose their registrar status.
Right, which is why they say "we're not actually a domain name registration service, we're a customer to these. We sit in between the domain name registration service and you".
Because it doesn’t work. The intention if the ccTLD registry is clear: they only want local businesses and persons to use the domain names in their ccTLD. But as it stands, as a foreign company it is only slightly more expensive to register a domain in such a ccTLD than some other TLD – it does not stop anyone except poorer foreign people from registering, and placing limits on poor people just for being poor never works out well.
why? the overwhelming majority of internet users don't use alternate dns roots, so unless you want your users to switch their dns settings on all their devices to use your site, no serious sites are going to use it. at least .onion has some use in that it's the only way of addressing hidden services.