AT-LARGE GATEWAY

At-Large Website

ALAC

RALOs

At-Large Regional Policy Engagement Program (ARPEP)

At-Large Governance

At-Large Reports

Policy Comments & Advice

Working Groups

ICANN Meetings

At-Large Summit (ATLAS III)

At-Large Review Implementation Plan Development

ALAC and RALO Elections, Selections, and Appointments

At-Large Priority Activities - 2021

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

Comment Close
Date		Statement
Name 

Status

Assignee(s)

Call for
Comments Open		Call for
Comments
Close 		Vote OpenVote CloseDate of SubmissionStaff Contact and EmailStatement Number
 

Planned Implementation of the New Registration Data Access Protocol (RDAP)

COMMENT

Main penholders:

Holly Raiche

Carlton Samuels

     

n/a

TBC

For reference materials that provide background to this Statement, please click here 

Note: This Statement is intended to be sent to the ICANN CEO & President Fadi Chehade, copying Board Chairman Steve Crocker, once the ALAC ratifies it.

Reference materials that provide background to this Statement:

 

FINAL VERSION TO BE SUBMITTED IF RATIFIED

The final version to be submitted, if the draft is ratified, will be placed here by upon completion of the vote. 


FINAL DRAFT VERSION TO BE VOTED UPON BY THE ALAC

The final draft version to be voted upon by the ALAC will be placed here before the vote is to begin.

 

FIRST DRAFT SUBMITTED

The ALAC is concerned that the planned implementation of the new Registration Data Access Protocol (RDAP) may not support enhanced privacy protections proposed by the Expert Working Group (EWG).

At a session in ICANN 54 on the implementation of the RDAP (by Technical services, on 21 October from 12.30-13.45 IST), Director, Technical Services Francisco Arias suggested that, when implementing the new RDAP, it would be ‘voluntary’ for contracted parties to include additional features in the protocol that would allow differentiated access to registration data. 

The existing Whois protocol allows every user the same anonymous public access to gTLD registration data – access that is no longer in line with increasingly accepted global data protection law.  As part of the implementation of EWG recommendations, the IETF developed the RDAP which has features that will allow differentiated access to registration data, depending on the authentication and accreditation of requestors.

While the basic features of RDAP allow compliance with existing Whois policy requirements, unless the additional features are adopted as part of the RDAP protocol, the protocol would not allow differentiated access to registration data, as recommended by the EWG.

Considerable policy work needs to be done to replace the existing WHOIS policy with a new policy for registration directory services (RDA).  Indeed, the final Issues Report on next generation RDS to replace WHOIS was approved only in October 2015. However, the policy directions of the EWG are clear: access to registrant information must provide a better balance between the privacy rights of registrants and the legitimate needs to access that information.

The ALAC is concerned that adoption of the RDAP features that allow differentiated access to registration data will only be ‘voluntary’.  While those features are not now required under existing WHOIS policies, they will be required under new EWG policies.  We therefore insist that the RDAP implementation profile must include differentiated access . This will ensure that when the EWC policies on differentiated access to data are finalized, the protocols will be in place to ensure that the they can be implemented.

 

  • No labels