Registration Directory Service (RDS-WHOIS2) Review Team Final Report
8 October 2019 23:59 UTC
23 December 2019 23:59 UTC
Staff Report Due
16 January 2020 23:59 UTC
In its Final Report, the Registration Directory Service Review Team assessed the extent to which prior Directory Service Review recommendations have been implemented and implementation has resulted in the intended effect. The review team also assessed the effectiveness of the then current gTLD registry directory service and whether its implementation meets the legitimate needs of law enforcement, promotes consumer trust and safeguards registrant data. Informed by ICANN organization briefings and available documentation, the review team has formulated draft recommendations based on a factual analysis.
This Public Comment proceeding aims at gathering community input on the RDS-WHOIS2 Review Team's proposed findings and final recommendations.
By 3 March 2020, within six months of receipt of the Final Report, the ICANN Board shall take action on the Final Recommendations. Part of the Board's consideration around taking action will entail looking at the feasibility analysis and impact assessment of implementation of recommendations, taking into account initial cost and resource estimates and dependencies with other ongoing efforts within the community, and the report of the Public Comment submissions received. The Board will then direct implementation of the recommendations that were accepted and provide written rationale for the decision if any recommendations are not accepted.
Section I: Description and Explanation
The Registration Directory Service Review is one of the four Specific Reviews anchored in Article 4.6 of the ICANN Bylaws. These specific reviews are conducted by community-led review teams which assess ICANN's performance in reaching its commitments. Reviews are critical to helping ICANN achieve its mission as detailed in Article 1 of the Bylaws.
According to the Bylaws (Section 4.6(e)), ICANN shall use commercially reasonable efforts to enforce its policies relating to registration directory services and shall work with Supporting Organizations and Advisory Committees to explore structural changes to improve accuracy and access to generic top-level domain registration data, as well as consider safeguards for protecting such data.
Convened in June 2017, the RDS-WHOIS2 Review Team is now seeking input on its Final Report, which assesses:
the extent to which prior Directory Service Review recommendations have been implemented and the extent to which implementation of such recommendations has resulted in the intended effect.
the effectiveness of the then current gTLD registry directory service and whether its implementation meets the legitimate needs of law enforcement, promotes consumer trust and safeguards registrant data.
Community input is being sought on 22 final recommendations.
All comments will be reviewed and summarized in the report of Public Comment submissions. The ICANN Board shall consider the report and Public Comment submissions to determine whether to approve the recommendations. The Board will then direct implementation of the recommendations that were approved and provide written rationale for the decision if any recommendations are not approved.
Commenters are requested to clearly indicate the relevant sections of the Final Report, or numbered recommendations, with their comments.
Section II: Background
Convened in June 2017, the RDS-WHOIS2 Review was conducted under Section 4.6 of the ICANN Bylaws. This review effort was anchored in the portfolio of Specific Reviews, which address the following range of topics in addition to Registration Directory Services (RDS): Accountability and Transparency (ATRT), Competition, Consumer Trust and Consumer Choice (CCT), and Security, Stability and Resiliency of the DNS (SSR).
The RDS-WHOIS2 Review began with a call for qualified volunteers to serve on the review team. Choosing from a pool of candidates seeking nominations, ICANN's Supporting Organizations and Advisory Committees (SO/ACs) nominated a list of candidates to inform SO/AC Chairs' discussions and decision as they assembled composition of the review team. Eleven review team members were appointed to conduct this review, including a Board member who served on the review team. The Country Code Names Supporting Organization (ccNSO) opted to not participate in the review after consideration of the scope.
Prior to this review, community proposals were made to both limit the scope of this RDS-WHOIS2 Review to the assessment of the first WHOIS1 Review Team's recommendations, and also to include a range of other issues over and above those mandated in the Bylaws.
Formally, the scope of a review is the responsibility of the review team. After much discussion the RDS-WHOIS2 Review Team decided that it would review all of the Bylaws-mandated areas, except the OECD Guidelines, as they were under consideration by the Next-Generation gTLD RDS PDP and were judged to be less relevant, particularly in relation to the GDPR. In addition, the RDS-WHOIS2 Review Team included in its scope a review of new policy adopted by ICANN since the WHOIS1 Review Team published its report, and decided to perform a substantive review of Contractual Compliance with the intent of (a) assessing the effectiveness and transparency of ICANN enforcement of existing policy relating to RDS (WHOIS) through ICANN Contractual Compliance actions, structure and processes, including consistency of enforcement actions and availability of related data, (b) identifying high-priority procedural or data gaps (if any), and (c) recommending specific measurable steps (if any) the team believes are important to fill gaps.
The RDS-WHOIS2 Review Team explicitly did not focus on ICANN's actions in response to the relatively new European Union GDPR. Those actions were ongoing, and the outcomes were not sufficiently firm as to allow them to be reviewed. However, the Review Team recognized the GDPR issue was of significant importance and that it would probably impact several policies related to registrant data. To the extent GDPR and its effects on the RDS (WHOIS) could be factored in, the RDS-WHOIS2 Review Team did so.
To conduct this review, subgroups consisting of a rapporteur and 2-4 team members were formed to research facts associated with each objective, summarized below:
- Objective 1 – WHOIS1 Rec #1: Strategic Priority
- Objective 1 – WHOIS1 Rec #2: Single WHOIS Policy
- Objective 1 – WHOIS1 Rec #3: Outreach
- Objective 1 – WHOIS1 Rec #4: Compliance
- Objective 1 – WHOIS1 Rec #5-9: Data Accuracy
- Objective 1 – WHOIS1 Rec #10: Privacy/Proxy Services
- Objective 1 – WHOIS1 Rec #11: Common Interface
- Objective 1 – WHOIS1 Rec #12-14: Internationalized Registration Data
- Objective 1 – WHOIS1 Rec #15-16: Plan & Annual Reports
- Objective 2 – Anything New
- Objective 3 – Law Enforcement Needs
- Objective 4 – Consumer Trust
- Objective 5 – Safeguarding Registrant Data
- Objective 6 – Contractual Compliance Actions, Structure, & Processes
- Objective 7 – ICANN Bylaws
Informed by ICANN organization briefings and available documentation, these subgroups analyzed facts to identify possible issues and then formulated recommendations (if any) to address those issues.
The Review Team reviewed the Public Comment submissions received on its Draft Report and discussed incorporation in the Final Report at their fourth/last face-to-face meeting.
To ensure full transparency, the Review Team operated in an open fashion where all review team calls and meetings were public, open to observers, with publicly-accessible recordings and transcripts.
Section III: Relevant Resources
Registration Directory Service (RDS-WHOIS2) Review Team Final Report
Section IV: Additional Information
Registration Directory Service (RDS-WHOIS2) Review Team Wiki Space
Registration Directory Service (RDS) Review Information Page
Registration Directory Service (RDS-WHOIS2) Review Team Draft Report Public Comment Proceeding
Report of Public Comments