Skip to main content

Data Protection/Privacy Update: Status of Model Selection and Webinar

Gdpr data protection privacy update 750x422 25jan18 en

My last blog of 12 January focused on three proposed interim models for collecting registration data and implementing registration directory services in preparation for the 25 May 2018 enforcement date for the European Union's General Data Protection Regulation (GDPR). I requested input on the models which, along with input from community discussions on this topic, will contribute to the assessment of each potential option. From those inputs, either variations or modifications to one of these models, each of which includes a tiered/layered access approach to WHOIS data, will be identified.

We are pleased to report that we have received written inputs from many parties, which we began reviewing shortly after receipt and have posted to this webpage, along with community feedback and questions on both the proposed models and the legal analysis.

The request for feedback also triggered vibrant and engaging dialogues within the community, as well as requests from several stakeholder groups for discussions with the ICANN organization on both the models and data protection/privacy challenges in general.

Given the input we have received, both written and in community discussions (some of which the ICANN organization has been asked to join), while we'd intended to identify a model and path forward by the end of January, it has become clear that more time is needed to accommodate community requests for additional time and dialogues.

To ensure all community members have the same opportunity to engage and share their views, we will be holding a webinar on 2 February from 1530 to 1630 UTC. The feedback we receive from this webinar will – just as from other community discussions and input – factor into the assessment of what may be a viable interim model moving forward. We plan to provide this assessment by mid-February.

We understand and agree with the community on the need for urgency – much work has been done but there is much work to do before reaching the enforcement deadline for the GDPR. That said, I believe taking an additional few days to update the community as a whole, listen to your feedback, and continue our due diligence is the right course of action.

There is still time to provide feedback on the proposed models. Please send your feedback to gdpr@icann.org by 29 January and mark your calendars for the 2 February webinar.

This is clearly an important topic for both the ICANN organization and the community, and we are all striving towards the same May 2018 timeline. I want to take this opportunity to thank everyone who has participated in this important process, whether it was submitting questions or models for consideration, or in discussions within the multistakeholder community.

Comments

    aliashad  05:23 UTC on 30 January 2018

    A great new for data protection and good topic share.

    Tal witkon  05:37 UTC on 02 February 2018

    What is the url for the webinar?

Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."