Skip to main content

ICANN Seeks Public Comment on 2013 RAA Data Retention Specification Data Elements and Legitimate Purposes for Collection and Retention

ICANN has been in discussions with a number of Registrars regarding data retention waiver requests (“Waiver Requests”) submitted under the 2013 Registrar Accreditation Agreement (the "2013 RAA").  Some Registrars are seeking an exemption from certain collection and/or retention requirements under the Data Retention Specification (the "Specification") of the 2013 RAA.  Section 2 of the Data Retention Specification sets forth requirements regarding the written materials a Registrar must submit in support of its good faith determination that the collection and/or retention of any data element specified in the Specification violates applicable law, and provides that following notice to ICANN of the Waiver Request, ICANN and the applicable Registrar shall discuss the matter in good faith in an effort to reach a mutually acceptable resolution of the matter. An update on the 2013 RAA and the data retention waiver process can be found here:

ICANN understands that personal data should be treated in accordance with applicable data protection laws, which generally permit gathering and retention of personal data for legitimate purpose(s).  ICANN also understands that the law may vary from country to country as to (i) what is considered a legitimate purpose, (ii) whether the personal data is adequate, relevant and not excessive in relation to the legitimate purpose for which they are collected and (iii) for how long certain data elements may be retained.  In other words, what is considered a legitimate purpose for collection of certain data in one country may not be considered a legitimate purpose in another country.  

During ICANN’s discussions in an effort to reach a mutually acceptable resolution of the matter, some Registrars have requested that ICANN (a) clarify and better define certain data elements described in the Data Retention Specification that the Registrars maintain are not clearly defined; and (b) describe potentially legitimate purposes for collection and retention of each data element that would help provide guidance for Registrars both as to whether such elements may be lawfully collected, and, if so, for how long such elements might lawfully be retained..

In response to these requests from some Registrars, ICANN is posting for public comment a document seeking to clarify what is meant by certain data elements described in the Data Retention Specification and describing potentially legitimate purposes for collection and retention of those data elements.   That document can be found here [PDF, 116 KB]. The document will be posted for a period of thirty (30) days to seek feedback and input from the community on (i) whether the data elements are appropriately described, (ii) whether the cited purposes for collection and retention are appropriate and legitimate, and (iii) whether there are other potentially legitimate purposes for collection and retention of such data elements.  After the thirty (30) day period following this posting has expired, ICANN will consider all feedback and input received in connection with ICANN’s ongoing discussions to reach a mutually acceptable resolution of Waiver Requests.  In the interim, ICANN will continue its ongoing discussions to reach a mutually acceptable resolution of Waiver Requests with individual Registrars with the goal of granting additional Waiver Requests as and when appropriate.

A public comment period will remain open until 23:59 p.m. PDT/California, 21 April 2014. Public comments will be available for consideration by ICANN staff and the ICANN Board.

More Announcements
Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as"""" is not an IDN."