Updated ICANN Procedure for Handling WHOIS Conflicts with Privacy Laws Now Available
In addition to the U.N. six languages, this content is also available in
LOS ANGELES – 18 April 2017 – The Internet Corporation for Assigned Names and Numbers (ICANN) today published the updated Procedure for Handling WHOIS Conflicts with Privacy Laws (WHOIS Procedure), which is effective immediately.
The WHOIS Procedure has been revised to incorporate an alternative trigger to invoke the WHOIS Procedure. The current trigger in the WHOIS Procedure allows a registry operator or ICANN-accredited registrar to invoke the procedure if the contracted party is in receipt of a notification of an action that its compliance with WHOIS obligations is prevented by local laws. With the additional trigger, a registry operator or ICANN-accredited registrar may now also invoke the WHOIS Procedure by providing ICANN with a written statement from the applicable government agency responsible for enforcing its data privacy laws and indicating that a WHOIS obligation in an ICANN contract conflicts with such applicable national law.
The modification to the WHOIS Procedure is based on input from the community and the work of an Implementation Advisory Group (IAG), which was tasked with reviewing possible changes to the WHOIS Procedure and providing the Generic Names Supporting Organization (GNSO) with recommendations to facilitate resolution of issues where WHOIS requirements conflict with applicable laws.
In May 2016, the IAG submitted its final report [PDF, 155 KB] and recommendation to the GNSO Council. In February 2017, the GNSO Council passed a resolution adopting IAG's recommendation and confirmed that the modification to the WHOIS Procedure does not change the intent of the original GNSO policy recommendations.
In November 2005, the GNSO concluded a policy development process (PDP) establishing a Procedure to allow gTLD registry operators and registrars to demonstrate when they are prevented by local laws from fully complying with the provisions of their respective ICANN contracts regarding personal data in WHOIS. The ICANN Board of Directors adopted the recommendations in May 2006 and directed staff to develop such a procedure. A contracted party that credibly demonstrates that it is legally prevented from complying with its WHOIS obligations can invoke the procedure, which became effective in January 2008. To date, the procedure has never been invoked. ICANN launched a review of the procedure in May 2014 and has concluded this review with this update to the WHOIS Procedure.
Following a Call for Volunteers addressed to all interested parties, an IAG was formed to review the implementation of the policy recommendations and began its work in January 2015. The IAG devoted most of its time to discussing whether additional triggers to invoke the Procedure should be incorporated and, if so, how to ensure that they remain consistent with the existing policy.
ICANN's mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you have to type an address into your computer - a name or a number. That address has to be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation and a community with participants from all over the world. ICANN and its community help keep the Internet secure, stable and interoperable. It also promotes competition and develops policy for the top-level of the Internet's naming system and facilitates the use of other unique Internet identifiers. For more information please visit: www.icann.org.