On 7 March, 2017, the GNSO Next Generation gTLD Registration Directory Services PDP WG approved and published a list of questions about about key data protection frameworks and the application of data protection and privacy laws to gTLD registration data and directory services policies, seeking input from European senior privacy experts[1] who were invited by the Council of Europe to attend the ICANN58 meeting.

Initial responses to the following list of WG questions were given and discussed at the ICANN58 RDS PDP WG F2F meeting:

On 7 April, written responses to these WG questions were relayed to the RDS PDP WG by WG member Peter Kimpian. As noted in the written response, answers given to the questions were shared, discussed and consented by: the United Nations’ Special Rapporteur on the right to privacy, the European Data Protection Supervisor, the Vice-Chairman of the Article 29 Working Party, the Chair of the Committee of Convention 108, the Data Protection Officer of Interpol and the Director of Information Society and Action against Crime of the Council of Europe.

These responses were initially discussed by the WG during the 11 April and 19 April RDS PDP WG meetings. They will continue to be reviewed throughout Phase 1 deliberation as applicable to charter questions under discussion. An updated written response with an expanded introduction was received on 5 May:

In May 2017, in response to member suggestions, the WG’s leadership team decided to pursue independent analysis of these same WG questions by outside legal counsel, to further inform the WG’s deliberations. Results of that independent legal analysis are posted below:

Subsequently, a set of principles were derived from the WSGR memorandum as well as the responses from the senior European data experts which can be found here:

Future responses received will be added to this page, and are meant to serve as input for WG consideration during discussions pertaining to applicable privacy and data protection laws, including but not limited to the EU General Data Protection Regulation (GDPR). In addition, an update on ICANN's GDPR compliance efforts, including links to legal analysis performed by European law firm Hamilton, can be found here:

  • No labels