Skip to main content
Resources

Legal Analyses, Proposed Compliance Models, & Community Feedback

The ICANN organization has engaged European law firm, Hamilton Advokatbyrå, to provide us with information and analysis to assist in our discussions with the community and contracted parties regarding their contractual agreements with ICANN and the GDPR, as well as topics looking beyond WHOIS to include registration data more broadly, including data required to be escrowed and retained under ICANN's contracts.

ICANN-Proposed Compliance Models for Community Discussion

Proposed Interim Models for Compliance with ICANN Agreements and Policies in Relation to the European Union's General Data Protection Regulation [PDF, 624 KB]

These proposed models represent input from across the ICANN community, data protection authorities, legal analyses, and the proposed models we have received to date. This document represents a draft for community discussion and input. We are seeking your input on the proposals. From that input either variations or modifications to one of these models will be identified at the end of January for the path forward. To ensure we reach this goal, we need your feedback by 29 January 2018. Please send your feedback to gdpr@icann.org.

Community input, including proposed models for compliance, as well as the Hamilton firm's legal analyses, contributed to the development of these proposed models. Those documents are referenced below. Click here to return to ICANN's Data Protection/Privacy Issues webpage.

GDPR Legal Analysis Memoranda

16 October 2017 – gTLD Registration Directory Services and the GDPR – Part 1 [PDF, 252 KB]

15 December 2017 – gTLD Registration Directory Services and the GDPR – Part 2 [PDF, 577 KB]

21 December 2017 – gTLD Registration Directory Services and the GDPR – Part 3 [PDF, 440 KB]

Reference Documents

The community has provided the following inputs to assist in, or to be considered as part of the legal analysis.

Date Document
17 November 2017 Questions for GDPR Legal Analysis (Part 2) and Additional Background Resources [PDF, 1.12 MB]
14 November 2017 Questions from ICANN Business Constituency (BC) [PDF, 36 KB]
14 November 2017 Questions from ICANN Intellectual Property Constituency (IPC) [PDF, 444 KB]
14 November 2017 Questions from Internet Service Providers and Connectivity Providers (ISPCP) [PDF, 14 KB]
11 November 2017 Strawman Proposal for WHOIS Compliance with GDPR from Greg Aaron, iThreat Cyber Group [PDF, 90 KB]
1 November 2017 GAC Communiqué – Abu Dhabi, UAE (section on GDPR/WHOIS) [PDF, 595 KB]
29 October 2017 Independent analysis of the WHOIS system in connection with the GDPR commissioned by the IPC [PDF, 1.12 MB]

Community-Proposed Models for GDPR Compliance

These proposed models were submitted in response to the 2 November statement from Contractual Compliance. For more information about these proposed models, please visit the Guidelines for Proposed Models to Address the GDPR section of our Data Protection/Privacy Issues webpage.

Model # Date Submitted Submitter Submitter Organization Documents
CM5 11 January 2018 Faisal Shah Focus IP, Inc. dba Appdetex

Cover Page [PDF, 70 KB]

Executive Summary [PDF, 70 KB]

Details of Proposal [PDF, 70 KB]

Template Questions [PDF, 70 KB]

CM4 11 January 2018 Frederick Felman Personal Capacity

Cover Page [PDF, 70 KB]

Executive Summary [PDF, 70 KB]

Details of Proposal [PDF, 70 KB]

CM3 11 January 2018 Thomas Rickert Eco Internet Industry Association

Cover Page [PDF, 70 KB]

Companies / Groups Involved in the Development of the Proposal [PDF, 70 KB]

Executive Summary and Proposal [PDF, 70 KB]

Domain Industry Playbook [PDF, 70 KB]

CM2 21 December 2017 Dean Marks Coalition for Online Accountability (COA)

Cover Page [PDF, 25 KB]

Executive Summary [PDF, 26 KB]

Details of Proposal [PDF, 102 KB]

Working Draft GDPR Compliant WHOIS Model [PDF, 70 KB]

CM1 11 November 2017 Greg Aaron iThreat Cyber Group Strawman Proposal for WHOIS compliance with GDPR [PDF, 89 KB]

Comments/Questions Received on Models/Analyses

The following comments/questions have been received in response to proposed model submissions and legal analyses.

Date Submitted Submitter Submitter Organization Model/Analysis Commenting On Documents
17 January 2018 Steve Gobin Vanksen ICANN-Proposed Compliance Models Comments [PDF, 614 KB]
15 January 2018 Steve DelBianco ICANN Business Constituency (BC) Hamilton Legal Analysis Part 3 Comments [PDF, 51 KB]
10 January 2018 David Taylor Hogan Lovells Hamilton Legal Analysis Part 3 Comments [PDF, 43 KB]
10 January 2018 Sebastien Ducos GeoTLD Group Hamilton Legal Analysis Part 3 Comments [PDF, 25 KB]
10 January 2018 Stacey King Amazon Registry Services, Inc. Hamilton Legal Analysis Part 3 Comments [PDF, 228 KB]
10 January 2018 Thomas Rickert eco Internet Industry Association Hamilton Legal Analysis Part 3 Comments [PDF, 23 KB]
10 January 2018 Nick Wenban-Smith Nominet Hamilton Legal Analysis Part 3 Comments [PDF, 44 KB]
9 January 2018 Cathrin Bauer-Bulst Governmental Advisory Committee (GAC) Request for Extension for Feedback on Layered Approach

Questions [PDF, 19 KB]

Responses [PDF, 18 KB]

9 January 2018 Brian Winterfeldt Intellectual Property Constituency (IPC) Hamilton Legal Analysis Part 3 Comments [PDF, 73 KB]
9 January 2018 Amadeu Abril i Abril CORE Association Submitting Proposed Models

Questions [PDF, 14 KB]

Responses [PDF, 20 KB]

9 January 2018 Amadeu Abril i Abril CORE Association Hamilton Legal Analysis Part 3 Comments [PDF, 49 KB]
8 January 2018 Vittorio Bertola Personal Capacity Hamilton Legal Analysis Part 3 Comments [PDF, 22 KB]
Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."