Next Generation gTLD RDS to Replace WHOIS PDP Working Group
|Next Generation gTLD RDS to Replace WHOIS PDP Working Group|
|Issue Areas:||Domain Name Registrant Data|
|Date Established:||November 2015|
|Charter:||[ WG Charter]|
|Workspace:||[ Community Wiki]|
The Next Generation gTLD RDS to Replace WHOIS PDP Working Group was formed in November 2015 to define the purpose of collecting, maintaining and providing access to gTLD registration data, and to consider safeguards for protecting data, using the recommendations in the EWG's Final Report as an input to, and, if appropriate, as the foundation for a new gTLD policy.
WHOIS launched in 1982 as a directory service for users transmitting data across the ARPANET. It is currently used for registration data on all gTLDs, serving the needs of domain name registrants, law enforcement agencies, intellectual property interests, businesses, individual users, as well some who misuse it for malicious purposes. Despite this evolution, the WHOIS protocol has remained largely unchanged.
Comprehensive reform has been a long-running source of debate with nearly 15 years of history, dating back to the formation of the WHOIS Privacy Steering Group in 2003. This effort by the Steering Group and later the Preliminary Task Force on the Purpose of Whois and of the Whois Contacts were ultimately unsuccessful in bringing forth new policy ro reform WHOIS.
In 2009, when ICANN and the US Department of Commerce signed the Affirmation of Commitments, ICANN committed to conduct a number of high level reviews, including WHOIS. The WHOIS Policy Review Team began to form in June 2010 and released its final report in 2012. The report that outlined a set of recommendations to ensure that WHOIS policy is effective, meets the legitimate needs of law enforcement and promotes consumer trust. Shortly after this final report, the SSAC issued a response that stressed the importance of “understanding the purpose of domain name registration data” before any meaningful, comprehensive solution can be reached.
On 8 November 2012, the ICANN Board passed a resolution for a board-initiated PDP and the Expert Working Group on gTLD Registration Directory Services (EWG) was launched to consider the purpose of registration data and how to safeguard it, and propose a new model that addresses the issues of accuracy, privacy, and access. The EWG released its final report in 2014, leading to the development of a Process Framework for the PDP, which was adopted in May 2015 by the ICANN Board, reaffirming its request for a Board-initiated PDP. In November 2015, the GNSO Council approved the charter for the Next-Generation gTLD Registration Directory Services to Replace Whois Policy Development Process Working Group (RDS PDP WG).
The RDS PDP is a 3-phase process:
- Phase 1: Policy - Requirements
- Phase 2: Policy - Functional Design
- Phase 3: Implementation and and Coexistence Guide
The PDP is currently in Phase 1, in which the WG should at a minimum reach consensus on a foundation for providing recommendations to two questions:
1)What are the fundamental requirements for gTLD registration data and directory services?
5 Fundamental Charter Questions:
- Users and Purposes: Who should have access to gTLD registration data and why?
- Gated Access: What steps should be taken to control data access for each user/purpose?
- Registration Data Accuracy: What steps should be taken to improve data accuracy?
- Privacy: What steps are needed to protect privacy and data?
- Registration Data Elements: What data should be collected, stored, disclosed?
The WG is continuing its work on developing initial rough consensus on key concepts related to these questions. As of February 2018, they had reached rough consensus 49 key concepts. Seven drafting teams were formed to better understand and de ne each purpose of gTLD Registration Data, starting with those outlined in the EWG Final Report. Thus far, 12 potentially legitimate purposes have been drafted for deliberation of the WG as a whole.
Deliberations will continue around which purposes and data elements need to be supported by the RDS and the requirements for collection of those data elements. Once there is consensus on this, the WG will turn to the other fundamental charter questions. These deliberations will take input from independent legal counsel and senior EU privacy experts.
The drafting of the rst of two initial reports is planned to begin in the first half of 2018 and aims to include responses to the rest ve Phase 1 questions.
2) Is a new policy framework and next-generation RDS needed to address these requirements?
The agreements on the fundamental requirements will be used to determine if a new RDS is needed or if WHOIS meets the requirements. If a next-gen RDS is needed, the WG will recommend “cross-cutting requirements” that it must address. If not, the WG will determine what changes, if any, need to be made to the current WHOIS policy framework. Depending on the outcome of these deliberations, the PDP will transition into Phase 2 to design policies to satisfy the requirements from Phase 1.
All deliberations and initial agreements have been guided by the “Draft Registration Data and Directory Service Statement of Purpose”, which lists the Following specific purposes: 1. A purpose of gTLD registration data is to provide info about the lifecycle of a domain name and its resolution on the Internet. 2. A purpose of RDS is to facilitate dissemination of gTLD registration data of record, such as domain names and their domain contacts and nameservers in accordance with applicable policy. 3. A purpose of RDS is to identify domain contacts and facilitate communication with domain contacts associated with generic top-level domain names, (based on approved policy). 4. A purpose of gTLD registration data is to provide a record of domain name registrations.