Jump to content

GDPR AND WHOIS: Difference between revisions

From ICANNWiki
Dustin Loup (talk | contribs)
Created page with "==GDPR and WHOIS== The GDPR directly impacts the domain name space, most notability the WHOIS service. Prior to the GDPR enforcement date, ICANN's contracted parties (..."
 
Dustin Loup (talk | contribs)
No edit summary
 
(19 intermediate revisions by the same user not shown)
Line 1: Line 1:
==GDPR and WHOIS==
==GDPR and WHOIS==
The GDPR directly impacts the domain name space, most notability the [[WHOIS]] service. Prior to the GDPR enforcement date, [[ICANN]]'s contracted parties ([[Registry|Registries]] and [[Registrar]]s) expressed concern about their about to comply with their contractual requirement and be GDPR compliant. In light of this concern and the uncertainty around the implications of GDPR on WHOIS, ICANN announced that it would defer action against registries and registrars for noncompliance related to registration data.<ref>[https://www.icann.org/resources/pages/contractual-compliance-statement-2017-11-02-en ICANN Contractual Compliance Statement] Accessed 2 February 2018</ref>
The GDPR directly impacts the domain name system, most notability the [[WHOIS]] service and data that is collected, escrowed, transferred and displayed via public WHOIS by ICANN's contracted parties ([[Registry|Registries]] and [[Registrar]]s). In light of the uncertainty around the implications of GDPR on WHOIS, ICANN announced in February 2018 that it would defer action against registries and registrars for noncompliance related to registration data, as long as it shares its model with ICANN Contractual Compliance and the Global Domains Division.<ref>[https://www.icann.org/resources/pages/contractual-compliance-statement-2017-11-02-en ICANN Contractual Compliance Statement] Accessed 2 February 2018</ref>
 
==Processes==
GDPR enforcement beings 25 May 2018 and there are several processes underway that are either impacted by or in response to the EU Regulation.
 
===Next-Generation gTLD Registration Directory Service (RDS) to replace WHOIS (Next-Gen RDS) PDP===
The [[Next Generation gTLD RDS to Replace WHOIS PDP Working Group]] was formed in November 2015 to define the purpose of collecting, maintaining and providing access to gTLD registration data, and to consider safeguards for protecting data, using the recommendations in the EWG's Final Report as an input to, and, if appropriate, as the foundation for a new gTLD policy.
 
Despite years of work on the WHOIS reform, the opportunity for


===The "Cookbook"===
===The "Cookbook"===
On 8 March 2018, the ICANN Organization released its "Interim Model for Compliance with ICANN Agreements and Policies in Relation to the European Union's General Data Protection Regulation,"<ref>[https://www.icann.org/news/blog/data-protection-privacy-issues-icann61-wrap-up-and-next-steps Data Protection/Privacy Issues: ICANN61 Wrap-up and Next Steps]</ref> (or The Cookbook) including a description of the interim model, as well as explanation and rationale for its plan. The Cookbook also provides open question about several elements, seeking guidance from the community and DPAs.<ref>[https://www.icann.org/en/system/files/files/gdpr-compliance-interim-model-08mar18-en.pdf]</ref>
On 8 March 2018, the ICANN Organization released its "Interim Model for Compliance with ICANN Agreements and Policies in Relation to the European Union's General Data Protection Regulation,"<ref>[https://www.icann.org/news/blog/data-protection-privacy-issues-icann61-wrap-up-and-next-steps Data Protection/Privacy Issues: ICANN61 Wrap-up and Next Steps]</ref> (or The Cookbook) including a description of the interim model, as well as explanation and rationale for its plan. The Cookbook also provides open question about several elements, seeking guidance from the community and DPAs.<ref>[https://www.icann.org/en/system/files/files/gdpr-compliance-interim-model-08mar18-en.pdf]</ref>
====Calzone Model====


===Accreditation Model===
===Accreditation Model===
==References==

Latest revision as of 19:12, 9 April 2018

GDPR and WHOIS[edit | edit source]

The GDPR directly impacts the domain name system, most notability the WHOIS service and data that is collected, escrowed, transferred and displayed via public WHOIS by ICANN's contracted parties (Registries and Registrars). In light of the uncertainty around the implications of GDPR on WHOIS, ICANN announced in February 2018 that it would defer action against registries and registrars for noncompliance related to registration data, as long as it shares its model with ICANN Contractual Compliance and the Global Domains Division.[1]

Processes[edit | edit source]

GDPR enforcement beings 25 May 2018 and there are several processes underway that are either impacted by or in response to the EU Regulation.

Next-Generation gTLD Registration Directory Service (RDS) to replace WHOIS (Next-Gen RDS) PDP[edit | edit source]

The Next Generation gTLD RDS to Replace WHOIS PDP Working Group was formed in November 2015 to define the purpose of collecting, maintaining and providing access to gTLD registration data, and to consider safeguards for protecting data, using the recommendations in the EWG's Final Report as an input to, and, if appropriate, as the foundation for a new gTLD policy.

Despite years of work on the WHOIS reform, the opportunity for

The "Cookbook"[edit | edit source]

On 8 March 2018, the ICANN Organization released its "Interim Model for Compliance with ICANN Agreements and Policies in Relation to the European Union's General Data Protection Regulation,"[2] (or The Cookbook) including a description of the interim model, as well as explanation and rationale for its plan. The Cookbook also provides open question about several elements, seeking guidance from the community and DPAs.[3]

Calzone Model[edit | edit source]

Accreditation Model[edit | edit source]

References[edit | edit source]