4 September 2018 23:59 UTC
18 November 2018 23:59 UTC
Staff Report Due
3 December 2018 23:59 UTC
In its Draft Report [PDF, 1.97 MB], the Registration Directory Service Review Team assesses the extent to which prior Directory Service Review recommendations have been implemented and implementation has resulted in the intended effect. The review team also assesses the effectiveness of the then current gTLD registry directory service and whether its implementation meets the legitimate needs of law enforcement, promotes consumer trust and safeguards registrant data. Informed by ICANN organization briefings and available documentation, the review team has formulated draft recommendations based on a factual analysis.
This public comment proceeding aims at gathering community input on the RDS-WHOIS2 Review Team's proposed draft findings and recommendations.
To provide consistency and to facilitate review team's analysis of comments, ICANN organization invites commenters to use the suggested template [PDF, 380 KB] to submit their public comment.
Following the review of public comments received on this report, ICANN organization will prepare a public comment summary report. The RDS-WHOIS2-RT will carefully consider comments received to shape its final report and recommendations to the ICANN Board for consideration.
Section I: Description and Explanation
The Registration Directory Service Review is one of the four Specific Reviews anchored in Article 4.6 of the ICANN Bylaws. These Specific Reviews are conducted by community-led review teams which assess ICANN's performance in reaching its commitments. Reviews are critical to helping ICANN achieve its mission as detailed in Article 1 of the Bylaws.
According to the Bylaws (Section 4.6(e)), ICANN shall use commercially reasonable efforts to enforce its policies relating to registration directory services and shall work with Supporting Organizations and Advisory Committees to explore structural changes to improve accuracy and access to generic top-level domain registration data, as well as consider safeguards for protecting such data.
Convened in June 2017, the RDS-WHOIS2-RT is now seeking input on its Draft Report [PDF, 1.97 MB], which assesses:
- the extent to which prior Directory Service Review recommendations have been implemented and the extent to which implementation of such recommendations has resulted in the intended effect.
- the effectiveness of the then current gTLD registry directory service and whether its implementation meets the legitimate needs of law enforcement, promotes consumer trust and safeguards registrant data.
Community input is being sought on 23 draft recommendations.
All comments will be reviewed and summarized in the report of public comments, which will be included as a supplement to the Final Report.
To provide consistency and to facilitate the discussion, ICANN organization invites commenters to use the suggested template [PDF, 380 KB] to submit their public comment. Commenters are requested to clearly indicate the relevant sections of the Draft Report, or numbered recommendations, with their comments.
The RDS-WHOIS2 Review Team will host a webinar on 17 September 2018 at 15:00 UTC and 21:00 UTC to present its Draft Report. Participants will have the opportunity to provide feedback and ask questions directly to the Review Team. Please use the following link to join either webinar: https://participate.icann.org/mssi-projects.
Section II: Background
Convened in June 2017, the RDS-WHOIS2 Review is being conducted under the section 4.6 of the ICANN Bylaws. This review effort is anchored in the portfolio of Specific Reviews, which address the following range of topics in addition to Registration Directory Services (RDS): Accountability and Transparency (ATRT), Competition, Consumer Trust and Consumer Choice (CCT), and Security, Stability and Resiliency of the DNS (SSR).
The RDS-WHOIS2 Review began with a call for qualified volunteers to serve on the review team. Choosing from a pool of candidates seeking nominations, ICANN's Supporting Organizations and Advisory Committees (SO/ACs) nominated a list of candidates to inform SO/AC Chairs' discussions and decision as they assembled composition of the review team. Eleven review team members were appointed to conduct this review, including a Board member who serves on the review team. The Country Code Names Supporting Organization (ccNSO) opted to not participate in the review after consideration of the scope.
Prior to this review, community proposals were made to both limit the scope of this RDS-WHOIS2 Review to the assessment of the first WHOIS1 review team's recommendations, and also to include a range of other issues over and above those mandated in the Bylaws.
Formally, the scope of a Review is the responsibility of the review team. After much discussion the RDS-WHOIS2 Review Team decided that it would review all of the Bylaw mandated areas, except the OECD Guidelines, as they were under consideration by the Next-Generation gTLD RDS PDP and were judged to be less relevant, particularly in relation to the GDPR. In addition, the RDS-WHOIS2 Review Team included in its scope a review of new policy adopted by ICANN since the WHOIS1 Review Team published its report, and decided to perform a substantive review of Contractual Compliance with the intent of (a) assessing the effectiveness and transparency of ICANN enforcement of existing policy relating to RDS (WHOIS) through ICANN Contractual Compliance actions, structure and processes, including consistency of enforcement actions and availability of related data, (b) identifying high-priority procedural or data gaps (if any), and (c) recommending specific measurable steps (if any) the team believes are important to fill gaps.
The RDS-WHOIS2 Review Team explicitly did not focus on ICANN's actions in response to the relatively new European Union GDPR. Those actions are ongoing, and the outcomes are not sufficiently firm as to allow them to be reviewed here. However, the Review Team recognized the GDPR issue is of significant importance and that it would probably impact several policies related to registrant data. To the extent GDPR and its effects on the RDS (WHOIS) could be factored in, the RDS-WHOIS2 Review Team did so.
To conduct this review, subgroups consisting of a rapporteur and 2-4 team members were formed to research facts associated with each objective, summarized below:
- Objective 1 - WHOIS1 Rec #1: Strategic Priority
- Objective 1 – WHOIS1 Rec #2: Single WHOIS Policy
- Objective 1 – WHOIS1 Rec #3: Outreach
- Objective 1 – WHOIS1 Rec #4: Compliance
- Objective 1 – WHOIS1 Rec #5-9: Data Accuracy
- Objective 1 – WHOIS1 Rec #10: Privacy/Proxy Services
- Objective 1 – WHOIS1 Rec #11: Common Interface
- Objective 1 – WHOIS1 Rec #12-14: Internationalized Registration Data
- Objective 1 – WHOIS1 Rec #15-16: Plan & Annual Reports
- Objective 2 – Anything New
- Objective 3 - Law Enforcement Needs
- Objective 4 - Consumer Trust
- Objective 5 – Safeguarding Registrant Data
- Objective 6 – Contractual Compliance Actions, Structure, & Processes
- Objective 7 – ICANN Bylaws
Informed by ICANN organization briefings and available documentation, these subgroups analyzed facts to identify possible issues and then formulated recommendations (if any) to address those issues.
To ensure full transparency, the review team operated in an open fashion where all review team calls and meetings were public, open to observers, with publicly-accessible recordings and transcripts.
Section III: Relevant Resources
Executive Summary [PDF, 285 KB]
Section IV: Additional Information
WHOIS Review Team (WHOIS1) Final Report [PDF, 1.44 MB]