GDPR AND WHOIS
GDPR and WHOIS[edit | edit source]
The GDPR directly impacts the domain name system, most notability the WHOIS service and data that is collected, escrowed, transferred and displayed via public WHOIS by ICANN's contracted parties (Registries and Registrars). In light of the uncertainty around the implications of GDPR on WHOIS, ICANN announced in February 2018 that it would defer action against registries and registrars for noncompliance related to registration data, as long as it shares its model with ICANN Contractual Compliance and the Global Domains Division.[1]
Processes[edit | edit source]
GDPR enforcement beings 25 May 2018 and there are several processes underway that are either impacted by or in response to the EU Regulation.
Next-Generation gTLD Registration Directory Service (RDS) to replace WHOIS (Next-Gen RDS) PDP[edit | edit source]
The Next Generation gTLD RDS to Replace WHOIS PDP Working Group was formed in November 2015 to define the purpose of collecting, maintaining and providing access to gTLD registration data, and to consider safeguards for protecting data, using the recommendations in the EWG's Final Report as an input to, and, if appropriate, as the foundation for a new gTLD policy.
Despite years of work on the WHOIS reform, the opportunity for
The "Cookbook"[edit | edit source]
On 8 March 2018, the ICANN Organization released its "Interim Model for Compliance with ICANN Agreements and Policies in Relation to the European Union's General Data Protection Regulation,"[2] (or The Cookbook) including a description of the interim model, as well as explanation and rationale for its plan. The Cookbook also provides open question about several elements, seeking guidance from the community and DPAs.[3]
Calzone Model[edit | edit source]
Accreditation Model[edit | edit source]
References[edit | edit source]
- ↑ ICANN Contractual Compliance Statement Accessed 2 February 2018
- ↑ Data Protection/Privacy Issues: ICANN61 Wrap-up and Next Steps
- ↑ [1]