ICANN Policy Group Inches Forward on Whois GDPR Compliance
An ICANN policy panel made "important progress" toward revising the Whois system to comply with the EU general data protection regulation, Georgia Institute of Technology School of Public Policy professor Milton Mueller blogged. Meeting in Los Angeles Sept. 24-26, the…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
expedited policy development group (ePDP) pushed past the "same old conflicts of interest" to strike a tentative approach, he said Friday. Stakeholder groups need to approve the proposals, and the ePDP must submit an initial report for review at the Oct. 20-26 ICANN meeting in Barcelona. The ePDP "finally recognized a clear distinction" between the purposes for data collection and third-party legitimate interests in gaining access to that information, said Mueller, an ICANN participant. The panel identified the purposes of the database, the data required for them, and which GDPR rules apply to the data processed, he said: "Progress almost broke down" over "Purpose B" on enabling third-party access to nonpublic registrant data. The group compromised for lawful access for legitimate third-party interests to registration data already collected and identified, and to classify Purpose B as a registry/registrar, rather than ICANN, purpose. Other proposals include establishing rights of a registered name holder in a registered name and coordinating development and implementation of policies for resolving disputes over registration of domain names.