ICANN org received a total of fourteen (14) submissions. The comments were categorized into the following categories: (1) comments suggesting that the draft policy language requires additional clarifications, (2) comments suggesting that the draft policy language does not accurately reflect the EPDP phase 1 policy recommendations, (3) comments identifying additional concerns or issues in the draft policy language, (4) general comments, and (5) comments suggesting the proposed redlines made to redlined policies and procedures are inaccurate. This Public Comment summary report includes an ICANN org staff summary of the comments and observations on the topic. ICANN org will consider the input received and will collaborate with the Implementation Review Team (IRT) to update relevant information to the Draft Registration Data Consensus Policy and existing policies and procedures impacted by the Registration Data Consensus Policy.
What We Received Input On
ICANN org is seeking input on two matters:
1. The draft Registration Data Consensus Policy for gTLDs, which sets out Consensus Policy requirements concerning the collection, transfer, and publication of gTLD registration data.
a. Areas that may be of interest include:
i. Requirements relating to the transfer of specific registration data from registrar to registry and its impact on the Thick WHOIS Transition Policy for .COM, .NET and .JOBS. See section 7 of Registration Data Consensus Policy.
ii. Log file requirements relating to communications sent to RDDS/WHOIS Contacts, in particular, a prohibition on the inclusion of personal data in these required log files. See section 11 of Registration Data Consensus Policy.
iii. Changes to processing requirements for administrative and technical contact data elements. See section 6 of Registration Data Consensus Policy.
iv. Standardization of practices concerning the Registrant Organization data element, for example, required notifications to the registrant and how and when the value must be published. See Section 6, Section 9 and Addendum II of Registration Data Consensus Policy.
v. Changes to the duration of retention requirements for values of data elements. See section 12 of Registration Data Consensus Policy.
2. Updates to the policies and procedures that were impacted by the Registration Data Consensus Policy due to EPDP-TempSpec Phase 1 Recommendation 27
a. Recommendation 27 within the EPDP-TempSpec Phase 1 Final Report notes that as part of implementing the EPDP-TempSpec Phase 1 recommendations and to ensure consistency, updates will need to be made to existing policies and procedures that touch on Registration Data. Consistent with Recommendation 27, the ICANN Board directed ICANN org to work with the IRT to examine and report on the extent to which the EPDP-TempSpec policy recommendations require modification of existing Consensus Policies.
b. ICANN org performed a detailed review and analysis of 24 existing policies and procedures. Eighteen of the reviewed policies and procedures were determined to have been impacted by the Registration Data Consensus Policy. Impacts included outdated provision language (e.g., references to administrative contact requirements), high-level issues such as the relevance or inconsistency of an existing policy or procedure with the new Registration Data Consensus Policy, or implications for existing contractual provisions. Three of the reviewed policies and procedures were determined to not be impacted by the Registration Data Consensus Policy. One advisory was reissued rather than redlined as part of the Recommendation 27 review. For a complete list of the reviewed policies and procedures, please refer to EPDP-TempSpec Phase 1 Recommendation 27 list of existing policies and procedures in the Supporting Information section below.
|Proposals For Your Input|
The Temporary Specification (TempSpec) for Generic Top-Level Domain (gTLD) Registration Data, which modifies existing requirements in the Registrar Accreditation Agreement and Registry Agreement to comply with the European Union’s General Data Protection Regulation (GDPR), was adopted by the ICANN Board on 17 May 2018.
Following ICANN Board adoption, the Generic Names Supporting Organization initiated an expedited policy development process (EPDP) to determine if the TempSpec should become an ICANN Consensus Policy as is or with modifications.
Recommendations to be implemented with the help of the community-based Implementation Review Team (IRT) were put forth for the ICANN organization (org). The resulting ICANN Consensus Policy is intended to comply with the GDPR and consider other relevant privacy and data protection laws.
ICANN org worked with the IRT to produce the proposed Registration Data Consensus Policy for gTLDs. This Public Comment proceeding is intended to gather input on the implementation plan for the EPDP-TempSpec:
Phase 1 GNSO Council Supplemental Recommendation 12 adopted by the ICANN Board on 24 February 2022
For more information regarding Registration Data Policy implementation, please consult the collaborative workspace website.