Subgroup 5 – Safeguarding Registrant Data

Objective

Consistent with ICANN’s mission and Bylaws, Section 4.6(e)(ii), the review team will assess the extent to which the implementation of today’s WHOIS (the current gTLD RDS) safeguards registrant data by (a) identifying the lifecycle of registrant data, (b) determining if/how data is safeguarded in each phase of that lifecycle, (c) identifying high-priority gaps (if any) in safeguarding registrant data, and (d) recommending specific measureable steps (if any) the team believes are important to fill gaps.

Background Documents

SAC051, Report on Domain Name WHOIS Terminology (2011)
SAC054, Report on Domain Name Registration Data Model (June 2012)
RDS/WHOIS Contractual Requirements - Sections pertaining to Data Safeguards, including
- 2013 Registrar Accreditation Agreement (RAA), Section 3.6 - Data Retention Specification
- 2014 New gTLD Registry Agreement, Specification 2 - Data Escrow Requirements

Further background documents may be found on the Review Team's overall Background Materials page.

Leader/Rapporteur: Alan Greenberg

Members: Alan Greenberg, Dmitry Belyavsky, Stephanie Perrin, Volker Greimann

Mailing-list archives: http://mm.icann.org/pipermail/rds-whois2-safeguard/

Conference calls

Review Team Templates: see here

Subgroup Documents

Date

Document (Versions in Red are latest)

File

12 Apr 2018

09 Apr 2018

12 Apr 2018

05 Apr 2018

14 Feb 2018

04 Mar 2018

09 Feb 2018

04 Mar 2018

17 Jan 2018

29 Dec 2017

06 Dec 2017

Face-to-Face Mtg #2 Slides - Findings

v2

v1

Subgroup report

v2

v1

Work plan (as per Alan's email)

v1

Planning questions

v2

v1

First Pass Document

v4

v3

v2

v1

Open Actions/Requests

*To be provided once reasonable date is determined by appropriate subject-matter expert

Item #	Source of Request	Date of Request	Action Item Request	Action Owner
5	#26	18 Apr 2018	Subgroup 5 - Safeguard Registrant Data: Alan to confirm revisions made RT agreements.	Alan
4	#26	18 Apr 2018	Subgroup 5 - Safeguard Registrant Data: Stephanie to provide draft formulation to Alan	Stephanie
3	#26	18 Apr 2018	Subgroup 5 - Safeguard Registrant Data: Alan to refine question number 3.	Alan
2	#26	18 Apr 2018	Subgroup 5 - Safeguard Registrant Data: Questions for ICANN org : ○ What are contractual requirements to secure stored escrow data ○ What are contractual requirements to notify ICANN in the event of breach ○ How do you secure registrant data under your control?	ICANN org

Completed Actions/Requests

*To be provided once reasonable date is determined by appropriate subject-matter expert

Item #	Source of Request	Date of Request	Action Item Request	Action Owner	Anticipated Completion Date*	Progress Notes	Completed Response	Completion Date
1	#25	06 Apr 2018	Alan plans to share his first draft of subgroup draft report with the subgroup/RT for review in parallel by the end of the weekend.	Alan			Email	12 Apr 2018

Decisions Reached

Date	Decision

Content

Space Tools