No Board Action on GDPR Compliance at Upcoming ICANN Meeting
ICANN efforts to align domain name registration rules with EU privacy law continue but no board action is expected at the Oct. 19-22 virtual meeting in Hamburg, Germany, said gTLD Process and Integration Manager Steve Chan Thursday. The expedited policy…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
development process team working on a temporary spec for generic top-level domain name registration data compliant with the EU general data protection regulation published its final report Aug. 10. It recommends a standardized system for granting access to and disclosure of nonpublic gTLD registration data. Chan couldn't predict when directors might consider the recommendations, which first need approval by the Generic Names Supporting Organization Council followed by another public consultation. It's unresolved whether the rules should apply to legal and natural persons and questions about data accuracy, he said at a policy update webinar. GDPR compliance remains a high priority for the Governmental Advisory Committee, said ICANN Senior Policy Director Rob Hoggarth. In August, GAC published a minority statement on completion of the second phase of the Whois policy development process. It said the proposed regime for access to nonpublic registration data is fragmented; doesn't include enforceable standards to review disclosure decisions; and doesn't adequately address consumer protection and trust concerns. A minority of the Stability and Security Advisory Committee also opposed (SAC112) the recommendations, saying the process didn't provide results that "are reasonably suitable for security and stability." An Oct. 21 session at the ICANN meeting will address the impact of Whois changes under GDPR on end users and public safety.