Data Protection/Privacy Update: Status of Model Selection and Webinar
My last blog of 12 January focused on three proposed interim models for collecting registration data and implementing registration directory services in preparation for the 25 May 2018 enforcement date for the European Union's General Data Protection Regulation (GDPR). I requested input on the models which, along with input from community discussions on this topic, will contribute to the assessment of each potential option. From those inputs, either variations or modifications to one of these models, each of which includes a tiered/layered access approach to WHOIS data, will be identified.
We are pleased to report that we have received written inputs from many parties, which we began reviewing shortly after receipt and have posted to this webpage, along with community feedback and questions on both the proposed models and the legal analysis.
The request for feedback also triggered vibrant and engaging dialogues within the community, as well as requests from several stakeholder groups for discussions with the ICANN organization on both the models and data protection/privacy challenges in general.
Given the input we have received, both written and in community discussions (some of which the ICANN organization has been asked to join), while we'd intended to identify a model and path forward by the end of January, it has become clear that more time is needed to accommodate community requests for additional time and dialogues.
To ensure all community members have the same opportunity to engage and share their views, we will be holding a webinar on 2 February from 1530 to 1630 UTC. The feedback we receive from this webinar will – just as from other community discussions and input – factor into the assessment of what may be a viable interim model moving forward. We plan to provide this assessment by mid-February.
We understand and agree with the community on the need for urgency – much work has been done but there is much work to do before reaching the enforcement deadline for the GDPR. That said, I believe taking an additional few days to update the community as a whole, listen to your feedback, and continue our due diligence is the right course of action.
There is still time to provide feedback on the proposed models. Please send your feedback to firstname.lastname@example.org by 29 January and mark your calendars for the 2 February webinar.
This is clearly an important topic for both the ICANN organization and the community, and we are all striving towards the same May 2018 timeline. I want to take this opportunity to thank everyone who has participated in this important process, whether it was submitting questions or models for consideration, or in discussions within the multistakeholder community.