Today ICANN is publishing a notice of implementation of the ICANN Procedure for Handling WHOIS Conflicts with Privacy Law. The procedure will be posted for 30 days, and implemented on 17 January 2008. The draft procedure was first posted for comment on 3 December 2006, see http://gnso.icann.org/issues/whois-privacy/whois_national_laws_procedure.htm. ICANN sought input on the draft procedure from the Governmental Advisory Committee (GAC).
The procedure has been revised to incorporate advice from the GAC, and is available at http://www.icann.org/processes/revised-draft-whois-procedure-18dec07.htm [PDF, 29K]. New language has been inserted into Sections 1.4, 2.1, 3.1 and 5.1 of the procedure, based on input received from the GAC and from members of the ICANN Board in the Los Angeles meeting. The attached pdf (http://www.icann.org/processes/revised-draft-whois-procedure-highlighted-18dec07.pdf [PDF, 33K]) shows the areas of modification in yellow. The ICANN Board discussed the draft procedure during the public meeting of the Board on 2 November 2007 in Los Angeles, and noted that “the next step now would be for the staff to update their procedure in taking into account that advice [from the GAC].”
The procedure describes how ICANN will respond to a situation where a registrar or registry indicates (and seeks to demonstrate) that it is legally prevented by local/national privacy laws or regulations from complying with the provisions of its ICANN contract regarding the collection, display and distribution of personal data via WHOIS. The procedure is for use by ICANN staff. While it includes possible actions for the affected gTLD registry or registrar, this procedure does not impose any new obligations on registries, registrars or third parties. It aims to inform gTLD registries, registrars and other parties of the steps to be taken when a possible conflict between other legal obligations and the ICANN contractual requirements regarding WHOIS is reported to ICANN.
Since publication of the first draft procedure, ICANN staff has been applying the draft procedure in handling potential conflicts between WHOIS provisions and national laws to test its effectiveness.
In December 2003, the Whois Task Force 2 of the GNSO recommended the development of a procedure to allow gTLD registry and registrars to demonstrate when they are prevented by local laws from fully complying with the provisions of ICANN contracts regarding personal data in Whois.
In November 2005, the GNSO concluded a policy development process on establishing such a procedure. The policy includes ‘well-developed advice on a procedure’ created through: extensive solicitation of community comment, recommendation by the WHOIS Task Force, and approval by the GNSO Council. In May 2006, the ICANN Board adopted the policy and directed ICANN staff to develop and publicly document a conflicts procedure.
The draft ICANN Procedure for Handling WHOIS Conflicts with Privacy Law (http://gnso.icann.org/issues/whois-privacy/whois_national_laws_procedure.htm) was published on 3 December 2006. ICANN sought input on the draft procedure from the Governmental Advisory Committee (GAC). On 28 March 2007, the GAC published its Principles Regarding gTLD WHOIS Services (http://gac.icann.org/web/communiques/gac27com.pdf [PDF, 209K]). GAC Principle 3.2 states that “gTLD WHOIS services must comply with applicable national laws and regulations.”
The GAC Communique from 28 June 2007 (http://gac.icann.org/web/communiques/gac28com.pdf [PDF, 177K]) included specific reference to the draft procedure:
"The GAC welcomes the opportunity to respond to the ‘draft ICANN Procedure for Handling WHOIS Conflicts with Privacy Law.’ Since this draft procedure was produced in December 2006, the GAC has prepared its ‘Principles regarding gTLD WHOIS Services.’ These principles provide the framework for dealing with potential conflicts.
"We recognise the importance of effective conflict resolution mechanisms for the WHOIS regime, and we expect to see this as an integral part of the GNSO proposals for a future ICANN WHOIS regime.
"We will provide formal advice on the conflict procedures based on the GAC WHOIS principles at the meeting in Los Angeles. The GAC recommends that the Board reviews the draft procedure in light of this substantive contribution.
"In the interim, specific cases should be referred to the relevant national government for advice on the authority of the request for derogation from the ICANN gTLD WHOIS policy."
The GAC Communique issued on 31 October 2007 in Los Angeles (http://gac.icann.org/web/communiques/gac29com.pdf [PDF, 73K]) noted that:
“the GAC welcomes the opportunity to respond to the ‘draft ICANN Procedure for Handling WHOIS Conflicts with National Privacy Laws.’ Due to the complexity of this issue related to the diversity of national policies and procedures among GAC members the GAC does not believe a uniform process is workable and accordingly the interim solution from the GAC’s San Juan communiqué should be the basis for resolving any potential conflict:
… specific cases should be referred to the relevant national government for advice on the authority of the request for derogation from the ICANN gTLD WHOIS policy."
On 2 November 2007, the ICANN Board noted that staff would update the procedure to incorporate GAC advice (http://losangeles2007.icann.org/files/losangeles/LA-BoardofDirectors(Part1)-2NOV07.txt). The revision described in this notice reflects the input received since the publication of the draft procedure on 3 December 2006.