The General Data Protection Regulation (GDPR) came into effect on 25 May 2018. As a result, ICANN allowed registries and registrars to cloak the personal information of domain name registrants in WHOIS, with a caveat that those who had legitimate and proportionate purpose should be allowed access to this cloaked,...
The collision between ICANN’s Whois regime and the European General Data Protection Regulation (GDPR) took a decisive turn May 25, 2018, when ICANN filed injunction proceedings against EPAG, a German registrar affiliated with Tucows. EPAG had notified ICANN that as of May 25 it would no longer collect administrative and technical...
“Martha: Truth or illusion, George; you don't know the difference. George: No, but we must carry on as though we did. Martha: Amen.” Edward Albee, Who’s Afraid of Virginia Woolf? Since February, the prominent security reporter Brian Krebs has been writing on his widely-read blog, Krebs on Security, that...
I remember one of my first conversations about ICANN and WHOIS General Data Protection Regulation compliance with the ICANN CEO. The CEO told me (as he repeatedly told others) that ICANN should consult with the Data Protection Authorities about how to comply with GDPR. I agreed. The boundaries of WHOIS...
The conflict between ICANN’s contracts and data protection law is dominating discourse and policy making at the ICANN 61 meeting in San Juan Puerto Rico. ICANN requires registries and registrars to provide a public directory service, known as Whois, that gives anyone in the world immediate access to personal data...
ICANN Corp seems to have finally taken the tension between Whois and privacy rights seriously, thanks to the impending General Data Protection Regulation (GDPR) in Europe. In preparing for the advent of GDPR, ICANN has solicited legal advice from Hamilton Advokatbyrå, a Swedish law firm, regarding possible conflicts between its...
For the big legacy top level domains like .COM, the registry holds a minimal amount of mainly technical information. But for some time ICANN has been trying to amend its policy to require registries to hold the contact information about the registrant as well. This compromises registrant privacy and is...
In this month's VoM, we highlight Dave Clark's recent presentation, concerning the role of the IETF in Internet protocols and human rights, made to the plenary at IETF 98 in Chicago. Clark reflects on the recent efforts proposing guidelines for human rights considerations in IETF standards work. He recalls earlier...
As this blog post shows, ICANN's management is now thinking about how to comply with the European General Data Protection Regulation (GDPR). They'd better be. Everyone knows ICANN’s Whois policies, which require registries and registrars to provide indiscriminate public access to personal data about domain name registrants, violate European privacy laws. In...
The recent appeals court decision in the Microsoft – Ireland case was a milestone in Internet governance. If it is not challenged, or if it is appealed and holds up in the U.S. Supreme Court, it will mark an important turning point in the attempt to subject the Internet to...
“In characteristically rigorous fashion, Mueller’s outstanding book punctures the alarmist myth of Internet fragmentation and helps us to understand what is really at stake as nations and other groups vie for power over the Internet.”
