Page History

...

The session highlighted the significance of WHOIS data in various legitimate activities, including assisting law enforcement, combating fraud, protecting intellectual property, and maintaining user confidence in the Internet. The speakers at the session included Christopher Lewis-Evans from the United Kingdom's National Crime Agency, Kenneth Merrill from the U.S. Department of Commerce NTIA, Laureen Kapin from the U.S. Federal Trade Commission, and Melina Stroungi from European Commission. These speakers stressed the importance of WHOIS data for government agencies, businesses, and organizations involved in protecting public safety and combating illicit activities. One crucial aspect emphasized during the session was the need to strike a balance between protecting the public and safeguarding privacy. Data protection laws, particularly those in the European Union and other jurisdictions, were recognized as essential for achieving this balance. Such laws enable access to relevant information while respecting individuals' privacy rights. The discussion referred back to the GAC Principles Regarding gTLD WHOIS Services from 2007, demonstrating that the issues discussed then are still relevant in 2023. The session emphasized the continued importance of WHOIS data and the need to ensure its accessibility for those lawfully entitled to access it. The GAC raised concerns about the proposed implementation of Phase 1 recommendations for WHOIS services. These concerns included defining urgent requests and establishing timelines, collecting and publishing reseller data, handling registration information related to legal entities, and determining qualifiers for redacted data. The GAC called for greater clarity and standardized practices in these areas. ICANN responded to public comments, providing clarification on several aspects of the proposed policy. They addressed concerns about the timeline for responding to urgent requests, the collection and publication of reseller data, the impact on Thick WHOIS, and the policy gap between Phase 1 and Phase 2A. They emphasized that the recommendations made during the EPDP Phase 1 were thoroughly considered, and making additional changes beyond the policy's scope was not necessary. The report concluded by noting that the Implementation Review Team (IRT) is currently reviewing ICANN's response, including during ICANN77. The ongoing discussions and considerations surrounding WHOIS data and its role in protecting public interests and privacy will continue to shape ICANN's policies and approaches.

Key WHOIS and Data Protection Policy Summary points focused on the importance of WHOIS and data protection and included concerns around:

1. Background on WHOIS and Data Protection: The GAC emphasized the importance of WHOIS data in assisting law enforcement, combating fraud, protecting intellectual property, and building user confidence in the internet. Compliance with data protection laws was also highlighted.

2. Proposed gTLD Registration Data Policy: The draft Registration Data Consensus Policy was presented, addressing concerns such as response times for urgent requests, collection of reseller data, and registration information for legal entities.

3. Registration Data Request Service (RDRS) itself and its features including a central portal for request intake, no cost to requestors, and routing requests to registrars.

4. Privacy/Proxy Services: Privacy and proxy services were defined as mechanisms to shield the identity and contact information of domain name holders. The impact of these services on registration data access was highlighted.

5. Registration Data Accuracy: The accuracy of registration data was recognized as an essential aspect of WHOIS services. A Data Accuracy Scoping Team was assigned to address this issue.

Considerations for Washington D.C. Communiqué focused on GAC concerns regarding the implementation of Phase 1 recommendations of the Registration Data Consensus Policy, including response times for urgent requests and the collection of reseller data. The GAC also emphasized the need for clarity, standards, and the evaluation of registrar compliance. ICANN response to the public comments on the proposed policy, clarified certain points such as the timeline for response to urgent requests and the collection of reseller data. The response also addressed the impact on Thick WHOIS and the policy gap between Phase 1 and Phase 2A. The development of the Registration Data Request Service (RDRS) was approved by the ICANN Board. The RDRS features a central intake portal, no cost to requestors, and communication between requestors and registrars outside the system. The GAC considered the RDRS a useful first step but highlighted risks and concerns regarding adoption, awareness, and the generation of actionable data. In drafting its Communique the GAC is to consider the GNSO Small Team proposed success criteria for the RDRS, including its availability to all requestors and registrars, tracking of relevant data points, and user satisfaction measurement. Privacy and proxy services are to be discussed in relation to registration data access, highlighting their significance in protecting domain name holder information. Next steps include encouraging comprehensive usage of the RDRS, considering policy development to require registrar participation, establishing success criteria for the system, and analyzing usage statistics.

GAC Liaison's Report on Joint Session: ALAC, GAC, and GNSO Facilitated Dialogue on Closed Generics held on June 12th, at ICANN 77 [by Joanna Kulesza]

...